How to make your own software installer.......

Today i will show you how to make your own software as a installer so watch this and feel free to comment........

Software Installer by Pak Defender from Anonymous Ghost on Vimeo.

Read more...

How to Install Wordpress On Xammp....

Today I will show you how to install wordpress on xampp watch this and feel free to comment.......

Install Wordpress on Xammp from Anonymous Ghost on Vimeo.

Read more...

How to Find Injection Point FOR SQL Injection......

 

Hello Guys .....Today i will tell you how to find injection point for sqli in a simple trick and you can easily inject ....

Please every Injectors must comments there methods here which i will ask now
Please every injectors mention there methods to find out
Injection Point in the website[SQLI]

MY methods --->
1. inurl:.php?id= site:www.sitename.com
2.site:www.sitename.com "php?"

Sometimes i use this =>

site:www.target.com php
site:www.sitename.com .php? / .php?id=

Inurl.php?whatever= site:in
ip:127.0.0.7 "php?id"
site:example.com id

site:"*.site.com" inurl:"php?"
site:target.com ".php?id="
site.com/robots.txt

sometimes search fields

This is purely for Educational purpose only. Don’t use it for illegal.if you do,  you will be in jail.

 

Read more...

BASIC CSRF (CROSS SITE REQUEST FORGERY) TUTORIAL

This tutorial will explain how to perform A Basic Cross Site Request Forgery Attack (CSRF).

So let's start the tutorial,

What is CSRF Attack?

CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.
source: owasp​
...
Requirements to practice.

1. Brain
2. Browser
3. Burp Suite (Regular or Professional, both will work)
​...
If you don't have Burp Suite, Download it from
http://portswigger.net/burp/

I won't cover How to set up Burp Suite,
the following is the link to an awesome tut to setup Burp.

http://portswigger.net/burp/tutorials/

...
Let's Start!
...
You have now configured Burp Suite,
Just Start it,
Turn off the Intercept for now.
...
Open Firefox or any other browser,
go to Router Default Gateway:
in mine case it is
http://192.168.1.1/
you will be asked for username and password,
generally most of the routers have default user : password combination as
Code:admin:admin user:user admin:pass admin:password user:password
if you can't open your Router Gateway,
....
...

now we have successfully opened the Router Gateway,​

...

Find Password Change page,
for my case it was
>Maintainance>Administration​

...

Now we can see the options to change password,

go to Burp Suite Window and Click on
Proxy Tab>Intercept

turn intercept ON.​

...



...

and now,
in the input of New Password and Confirm password we will enter:

pass : pass
​

...



...

Note:Old password was 'admin'.​

...

Make sure you have turned intercept ON.
Click on Save in Router Gateway.​

...

Now Burp Window will appear with some sort of HTTP HEADERS and POST details.
you will see at the end,
that, it's displaying what we just entered in the Password form.

uiViewTools_Password=pass&ui.....all that!​

...

....

in this http request we can see that there is no ANTI-CSRF protection Token!​

..

Code:Anti-CSRF tokens are some sort of hash or random combinations of letters, numbers, which gets validated on the server to make sure that request is from a authenticated user, with his own permission, not forged!


...

now right click on Burp window,
go to
>Engagement tools>Generate CSRF PoC​

...


...

a new window/dialog box will appear with some html codes,
copy that,​

...



...

save that code as a html document. / or Test in browser​

...


...

Drop the Http Request by clicking on Drop button in the interception tab,​

...



...

>This is not change the password!
>Just Stop the request of password change.
>Your Router Gateway still is on old password!​

...



...

>For confirmation,
i logged in using old password 'admin'.​

...


...

i used the old pass, and logged it,
it means just because i dropped request, password didn't changed to 'pass', and was still the old one, 'admin'. ​

...

Now Open the .html file you saved in your Drive,
you'll see a submit button,
>Make sure your intercept is ON!​

...


...

After Clicking on that,
Again Burp Window will appear,
and show the same HTTP and POST Request which we got after password change page on Router Gateway Before,​

...


...

Now Click on Forward, to allow the page to perform requests,​

...


...

Voila, You just changed the password using CSRF,
without opening the router page,
without entering details,
password is changed, with POST request,​

...


...

Trying new password 'pass', opens the router gateway password change page!​

...

...
here is a proof that password changed,​ 




the Authorization header with some base64 is actually the user : pass,​

...






....

which is the base64 encode of 'admin : pass', the old one was for 'admin:admin'​

...
...

The whole idea behind CSRF is to change user details, without actually letting the victim know, enter, and interact on the target page.
this is done by POST request on sites withno X-Csrf/Anti-Csrf protections.​

...

Some times the site will have Anti Csrf token,
but still an attacker can bypass the Anti-CSRF protections, just by checking if the tokens are validated on server or it's an easily guess-able combination.
>I will post on CSRF protection bypassing, soon.​
....

Thank You!​

This is purely for Educational purpose only. Don’t use it for illegal.if you do,  you will be in jail.

Read more...