Tuesday, July 26, 2011

Infotrex Solutions Web Design Vulnerable to Multiple SQL Injections


Title : Infotrex Solutions Web Design Vulnerable to Multiple SQL Injections
Vendor: http://www.infotrex.net
Dork : intext:"Web Development by Infotrex Solutions"


+++++++++++++++++++++++++++++++
Microsoft Access Injection +
+++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 - http://www.site.com/details.asp?catid=[]&subcatid=[]&pid=[SQL] +
2 - http://www.site.com/news.asp?action=read&nID=[SQL] +
3 - http://www.site.com/product.asp?catid=[SQL] +
4 - http://www.site.com/contents.asp?id=[SQL] +
5 - http://www.site.com/details.asp?pid=[SQL] +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Thanks,
p0pc0rn

Tuesday, July 5, 2011

4shared Downloader

How to use?

1 - Make sure you have an account in 4shared.com..just a free account :)
2 - Login into your account

3 - Open command prompt and just run this python script :)

Usage : 4shared.py Url


4 - It will open the download link from your browser and just click save


Here's the script
http://pastebin.com/2eDsyjm9

Friday, July 1, 2011

Adf.ly Bypass

Hate to waiting even 5 secs?
Want to bypass the waiting time?
Its easy
As example you want to download this
http://adf.ly/1wuNc
Go to the link,and at the url bar type this
javascript:showSkip();
The countdown will be skipped and you can download directly get the real link :)

4shared Download Tricks

4shared Download Tricks
So there are two tricks you can do to download file from 4shared.com
Let say we want to download this thing.
http://www.4shared.com/file/fTg3hpDR/a_byte_of_python__persian_tran.html
We can
1 - bypassing waiting time.
Go to download page.
http://www.4shared.com/get/fTg3hpDR/a_byte_of_python__persian_tran.html
and at the url type this
javascript:alert(c=0)
this will bypass the waiting time from 59secs to 0sec :)

another way is

2 - Get the download url directly
at the file page
http://www.4shared.com/file/fTg3hpDR/a_byte_of_python__persian_tran.html
you just need to type this at the url bar
javascript:alert(startDownload)

the download link will popup and just copy and paste at the url to download :)

Unix Command in Windows???

Unix Command in Windows???

Yeah,there's a little secret that might you dont know about Windows 7.We can use Unix command in Windows without using cygwin! believe it?
Let's look it together.

The name of this technology? It used to be called Interix, then became Services for UNIX (SFU) as they added more bits on top of Interix, and is now known as Subsystem for UNIX-based Applications (SUA). The current name is more of a mouthful, but is a more accurate name.


So, to run SUA, you need one of the following versions of Windows:
Windows Server 2008
Windows Server 2003 R2
Windows 7 - Enterprise or Ultimate Edition
Windows Vista - Enterprise or Ultimate Edition

Other than that? Dont work :(

How to enable this SUA? [I'm using Windows 7 Ultimate in this case as example]

1 - Go to the Control Panel.
2 - Browse to Programs and Features.
3 - Click Turn Windows features on or off.
4 - Select the check box for Subsystem for UNIX-based Applications.
5 - Click OK
6 - In the start menu, click All Programs > Subsystem for UNIX-based Applications > Download Utilities for Subsystem for UNIX-based Applications
7 - Download the SUA installer from the Microsoft website. Which in my case,I download this-->Utilities and SDK for UNIX-based Applications_X86.exe. Choose which one suit your pc.
8 - Once downloaded, double-click Utilities and SDK for UNIX-based Applications_X86.exe in your downloads folder.
9 - Go trough the auto-installer.
10 - I'd recommend you choose the custom setup and enable the GNU Utilities and then, in the following step, select all three check boxes to allow su to root, enable setuid and enable case sensitivity.
11 - Finished! And now you can run UNIX commands.