Jumat, 11 Mei 2012

SQL Injection With Havij

What is Havij?

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injecting vulnerable targets using Havij.

The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

What is SQL Injection?
SQL Injection is common web application vulnerability due to insufficient validation on user inputs. An attacker can inject some SQL commands into the original query written by the developer to change the result to what he/she wants and execute his/her commands. This work (injecting SQL commands) is called Exploitation that can cause sensitive data disclosure, changing data, deleting data or even whole system compromise!



Who should use Havij?

All security professionals, Web administrators, web application developers, penetration testers, everyone who wants to test his/her sites security and all hack and security researchers can use Havij.

Download Havij: http://www.mediafire.com/?n0f9fr965k8ce49
Havij Tutorial: http://www.mediafire.com/?tk33n29effhtq0j

Selasa, 08 Mei 2012

Creating a Virus Using a terabit

Software Information:
This software is made by the Iranians. The news is also not certain the truth, but I tried to search on google.com and I got a tip that says that the software is genuine Terabit Virus Maker made in Iran, and it was in version 3.1. In version 3.1 to the previous ones, this software is not support for Windows 7, only support the operating system before Windows 7, such as: Windows XP, Vista. Here I have a Terabit Virus Maker Software version 3.2 which has support with Windows 7.


Software functions:
This software serves to create a virus in an instant with the ability that we can choose by our self. So the user can use it easily and quickly. In the software have provided the features we can use in the manufacture of virus, there are 54 features that we can use, I will just mention the course and 15 features for other features that can be seen in the picture. 15 features are:
  • Avoid Opening Calculator
  • Avoid Opening Copy, Move Window
  • Avoid Opening gpedit
  • Avoid Opening Media Player
  • Avoid Opening Mozilla Firefox
  • Avoid Opening Msconfig
  • Avoid Opening Notepad
  • Avoid Opening Wordpad
  • Avoid Opening Yahoo Messenger
  • Add to Windows 30 User Accounts
  • Always Clean Clipboard
  • Always Log Off
  • Close Internet Explorer Every 10 sec
  • Delete All Files in Desktop
  • Delete All Files in My Documents

This virus has file extension *. Exe. So, when this virus file is executed, the features have been added, and it will run and change the settings for your computer system in accordance with the features you choose.

And there are items that can be used to complete the perfection of the virus that you created, such as:

Binder serves to execute / run a file that we associate with the virus that you created; a file can be linked in any format, just as image files, word files, Excel, PowerPoint, music, notepad, and others.

Fake Error Message function to display a false message of our own making, and the sub-item consist of title, message, and type. Title content is title of the message, Message content consists of your own message, and type you can select the type you want.

  • “Run Custom Command” (I have not tried before)
  • “Add [] fake MB (s) to the virus” works to add capacity to the fake virus files.
  • “File name after install” is a file that actually runs, while the fake file is executed, there should type / extension *.Exe that can be used.
  • “File Icon” is a item that is used to select the icon file virus.
  • “File Name” is the item that is used to name the file.
  • “Run Virus with Windows“ is the item that serves to run the file on the windows.
  • “[R]” Is a reset button, to reset the settings you've chosen to default settings
  • “Virus Create function” is to create a virus which we have previously designed.

How to Use the Software:
  • Install deepfreeze to keep your computer safe.
  • Disable your Antivirus, because the software is considered as a virus by the antivirus.
  • Run Software tVirusMaker.exe
  • Select / check the features provided and select the items that will be used.
  • Last click Create Virus and save it to your directory.
  • File virus is ready to run. 
Download

Your Ad Here
Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Best Web Host