Wednesday, March 21, 2012
List of Webs Hacking Techniques
Published :
9:22 PM
Author :
shwekoyantaw
This list below fits in category Parameter manipulation
အဒီထဲကတေကာင္ေကာင္ကို Googling လိုက္ေနာ္
Arbitary File Deletion
Code Execution
Cookie Manipulation ( meta http-equiv & crlf injection )
CRLF Injection ( HTTP response splitting )
Cross Frame Scripting ( XFS )
Cross-Site Scripting ( XSS )
Directory traversal
Email Injection
File inclusion
Full path disclosure
LDAP Injection
PHP code injection
PHP curl_exec() url is controlled by user
PHP invalid data type error message
PHP preg_replace used on user input
PHP unserialize() used on user input
Remote XSL inclusion
Script source code disclosure
Server-Side Includes (SSI) Injection
SQL injection
URL redirection
XPath Injection vulnerability
EXIF
This list below fits in category MultiRequest parameter manipulation
Blind SQL injection (timing)
Blind SQL/XPath injection (many types)
This list below fits in category File checks
8.3 DOS filename source code disclosure
Search for Backup files
Cross Site Scripting in URI
PHP super-globals-overwrite
Script errors ( such as the Microsoft IIS Cookie Variable Information Disclosure )
This list below fits in category Directory checks
Cross Site Scripting in path
Cross Site Scripting in Referer
Directory permissions ( mostly for IIS )
HTTP Verb Tampering ( HTTP Verb POST & HTTP Verb WVS )
Possible sensitive files
Possible sensitive files
Session fixation ( jsessionid & PHPSESSID session fixation )
Vulnerabilities ( e.g. Apache Tomcat Directory Traversal, ASP.NET error message etc )
WebDAV ( very vulnerable component of IIS servers )
This list below fits in category Text Search Disclosure
Application error message
Check for common files
Directory Listing
Email address found
Local path disclosure
Possible sensitive files
Microsoft Office possible sensitive information
Possible internal IP address disclosure
Possible server path disclosure ( Unix and Windows )
Possible username or password disclosure
Sensitive data not encrypted
Source code disclosure
Trojan shell ( r57,c99,crystal shell etc )
( IF ANY )Wordpress database credentials disclosure
This list below fits in category File Uploads
Unrestricted File Upload
This list below fits in category Authentication
Microsoft IIS WebDAV Authentication Bypass
SQL injection in the authentication header
Weak Password
GHDB - Google hacking database ( using dorks to find what google crawlers have found like passwords etc )
This list below fits in category Web Services - Parameter manipulation & with multirequest
Application Error Message ( testing with empty, NULL, negative, big hex etc )
Code Execution
SQL Injection
XPath Injection
Blind SQL/XPath injection ( test for numeric,string,number inputs etc )
Stored Cross-Site Scripting ( XSS )
Cross-Site Request Forgery ( CSRF )
က်ေနာ္သိသေလာက္ေလးပါခင္ဗ်..တျခားရွိေသးရင္မွ်က်ပါဦး...က်ေနာ့္ အရင္က Webs hacking Technique ေယာင္လည္လည္ျဖစ္ခဲ့လို႔..ေနာင္လာေနာက္သားေတြမျဖစ္ေအာင္ဆိုပီး ဟီးးးးးးးးးးးးး(နာေတာင္န္ည္းနည္းလဲပဲသိေသးတယ္..ခိခိ)
post By dr.c0mpl3x
copy from mmhackforums.noonhost.com
Pageviewers
CBOX
Manutd-Results
LINK
Label
Android
(3)
autorun
(3)
Backtrack
(8)
batch file
(19)
blogger
(10)
Botnet
(2)
browser
(5)
Brute Force
(6)
cafezee
(2)
cmd
(5)
Cookies
(2)
crack
(12)
Cracking
(2)
crypter
(7)
DDos
(20)
deepfreeze
(4)
defacing
(1)
defence
(16)
domain
(4)
Dos
(9)
downloader
(4)
ebomb
(2)
ebook
(48)
Exploit
(26)
firewall
(3)
game
(2)
gmail
(11)
google hack
(16)
Hacking Show
(3)
Hash
(4)
hosting
(1)
icon changer
(1)
ip adress
(6)
Keygen
(1)
keylogger
(8)
knowledge
(67)
locker
(1)
maintainence
(8)
network
(17)
news
(31)
other
(35)
passwoard viewer
(7)
password
(12)
Philosophy
(6)
Phishing
(8)
premium account
(2)
proxy
(7)
RAT
(10)
run commands
(4)
script
(27)
Shell code
(10)
shortcut Key
(2)
SMTP ports
(1)
social engineering
(7)
spammer
(1)
SQL Injection
(30)
Stealer.crack
(5)
tools
(125)
Tools Pack
(4)
tutorial
(107)
USB
(3)
virus
(32)
website
(84)
WiFi
(4)
word list
(2)
HOW IS MY SITE?
Powered by Blogger.
Blog Archive
-
▼
2012
(210)
-
▼
March
(20)
- Dominican Republic Police arrested 6 Anonymous hac...
- .::How to Make Batch Yourself & Some Batch Code::.
- www.nanuindia.com H@cK By ME
- Sql injection Tutorials::..
- sql injection with tool(havij) tutorial
- List of Webs Hacking Techniques
- "Tmedit Popuop" Deface and Shell upload vulnerability
- ..::Sql poizon v1.1 tutorial::..
- <---Manual Sql Tutorial[Bypassing Admin Login]--->...
- Windows xp Hidden Application
- How to work Facebook Wall Flooder
- @utorun virus making
- ..::Facebook Wall Flooder::..
- ★How to run JPG as an EXE [Shortcut Executing Meth...
- Top Free Online Virus Scan Services
- This is what we called “Hacking
- Hacking Using Google
- daily use 10 of Linux Commands
- ..::Hacking Facebook Accounts Passwords Tutorial::..
- IIS Hacking Tutorials
-
▼
March
(20)
Followers
About Me
Popular Posts
-
SQL Dorks အသစ္ေလးေတြလို႔ထင္ပါတယ္..ဒီက ဟက္ကာေတြအတြက္ေတာ့ ေဟာင္းခ်င္ေဟာင္းေနမွာေပါ့..ကၽြန္ေတာ့္ဆီရွိတာေလးေတြပါ..မၾကိဳက္လဲ ေနေပါ့. :P inurl...
-
--- မိတ္ဆက္--- Injection နဲ႔ပက္သက္တဲ႔အပုိင္းကုိ အေတြ႔အၾကံဳ မရင့္က်က္ေသးတဲ႔သူေတြ၊ အေတြ႔အၾကံဳရွိၿပီးတဲ႔သူေတြပါ နားလည္ႏုိင္ေအာင္ ကၽြန္ေတာ့္...
-
အေကာင္းစားမွန္ဘီလူး (မ်တ္ခ်က္။ ။ရွားေလာ့ဟုန္းဆီကမဟုတ္ပါ) ကၽြန္ေတာ္မွန္ဘီလူးေလးတစ္လက္ရထားတယ္။ ဘယ္ႏွယ္ဗ်ာ ကၽြန္ေတာ့္မွန္ဘီလူးကိုမ်ာ...
-
အဓိက က ေတာ့ forums ေတြပဲ. Register လုပ္မွ ၀င္ေရာက္ၾကည့္ရွဳ ႏိုင္မယ္.. bypass လုပ္ဖုိ႔ ကေတာ့ SQL injection ကေတာ့ အေကာင္းဆံုးေပါ့.. အခုေတာ့ ...
-
အသိပညာ ဗဟုသုတသည္ ဟက္ကာတုိ႔ရန္မွ ကာကြယ္ရန္ စြမ္းအားတစ္ခုၿဖစ္ေပသည္။ ယေန႔ေခတ္ အုိင္တီနယ္ပယ္ဆုိင္ရာ စီမံခန္႔ခြဲမႈတြင္ တာ၀န္ရွိသူမ်ားသည္ ၄င္းတ...
-
ဘာရယ္လို႕မဟုတ္ပါဘူး ဒီေန႕ဘာတင္ရ မလဲစဥ္းစားရင္း အေျခခံကစၾကတာေပါ့။ ပထမဆံုး notepad ကိုေခၚပါ။batch file ေရးနည္းက programmingအာလံုး .bat...
-
ကဲဆိုက္တစ္ခုကရတာျပန္ျပီးေတာ့ေ၀မွ်လိုက္ပါတယ္။စမ္းသပ္ခ်င္သူေတြအတြက္ပါ။ သံုးခ်င္ရင္ သံုးပါ။စည္ကမ္းေတာ့ရိွပါေစ။ code: http://13campaign.org...
-
LFI Local File Inclusion ေလး အေၾကာင္းေျပာခ်င္ပါတယ္ ညီကိုတို႔.... Online မွာ LFI ေပါက္ေနတဲ့ဆိုက္ေတြ သန္းခ်ီပီးရွိေနပါတယ္.... Web Hacking ေ...
-
ဒီပိုစ့္ေလးဟာ LFI ေပၚမွာဆင့္ကဲေျပာင္းလဲထားတာျဖစ္ျပီးေတာ့ BASE 64 php filter ကိုအသံုးျပဳမွာျဖစ္ပါတယ္....။ဆာဗာမွာရိွတဲ့ connect.php / conf...
-
၀ိကိလိခ္၏ အတြင္းေရးမ်ား ဆိုတဲ႔ စာအုပ္ကို MCM မွ ကို Giacomo က ဘာသာၿပန္ၿပီး တင္ေပးထားတာၿဖစ္ပါတယ္ ။ ဒီလိုစာအုပ္မ်ိဳးကို ဘာသာၿပန္ၿပီး တ...
Labels
- Android (3)
- autorun (3)
- Backtrack (8)
- batch file (19)
- blogger (10)
- Botnet (2)
- browser (5)
- Brute Force (6)
- cafezee (2)
- cmd (5)
- Cookies (2)
- crack (12)
- Cracking (2)
- crypter (7)
- DDos (20)
- deepfreeze (4)
- defacing (1)
- defence (16)
- domain (4)
- Dos (9)
- downloader (4)
- ebomb (2)
- ebook (48)
- Exploit (26)
- firewall (3)
- game (2)
- gmail (11)
- google hack (16)
- Hacking Show (3)
- Hash (4)
- hosting (1)
- icon changer (1)
- ip adress (6)
- Keygen (1)
- keylogger (8)
- knowledge (67)
- locker (1)
- maintainence (8)
- network (17)
- news (31)
- other (35)
- passwoard viewer (7)
- password (12)
- Philosophy (6)
- Phishing (8)
- premium account (2)
- proxy (7)
- RAT (10)
- run commands (4)
- script (27)
- Shell code (10)
- shortcut Key (2)
- SMTP ports (1)
- social engineering (7)
- spammer (1)
- SQL Injection (30)
- Stealer.crack (5)
- tools (125)
- Tools Pack (4)
- tutorial (107)
- USB (3)
- virus (32)
- website (84)
- WiFi (4)
- word list (2)
Labels
- Android (3)
- autorun (3)
- Backtrack (8)
- batch file (19)
- blogger (10)
- Botnet (2)
- browser (5)
- Brute Force (6)
- cafezee (2)
- cmd (5)
- Cookies (2)
- crack (12)
- Cracking (2)
- crypter (7)
- DDos (20)
- deepfreeze (4)
- defacing (1)
- defence (16)
- domain (4)
- Dos (9)
- downloader (4)
- ebomb (2)
- ebook (48)
- Exploit (26)
- firewall (3)
- game (2)
- gmail (11)
- google hack (16)
- Hacking Show (3)
- Hash (4)
- hosting (1)
- icon changer (1)
- ip adress (6)
- Keygen (1)
- keylogger (8)
- knowledge (67)
- locker (1)
- maintainence (8)
- network (17)
- news (31)
- other (35)
- passwoard viewer (7)
- password (12)
- Philosophy (6)
- Phishing (8)
- premium account (2)
- proxy (7)
- RAT (10)
- run commands (4)
- script (27)
- Shell code (10)
- shortcut Key (2)
- SMTP ports (1)
- social engineering (7)
- spammer (1)
- SQL Injection (30)
- Stealer.crack (5)
- tools (125)
- Tools Pack (4)
- tutorial (107)
- USB (3)
- virus (32)
- website (84)
- WiFi (4)
- word list (2)
Archive
-
▼
2012
(210)
-
▼
March
(20)
- Dominican Republic Police arrested 6 Anonymous hac...
- .::How to Make Batch Yourself & Some Batch Code::.
- www.nanuindia.com H@cK By ME
- Sql injection Tutorials::..
- sql injection with tool(havij) tutorial
- List of Webs Hacking Techniques
- "Tmedit Popuop" Deface and Shell upload vulnerability
- ..::Sql poizon v1.1 tutorial::..
- <---Manual Sql Tutorial[Bypassing Admin Login]--->...
- Windows xp Hidden Application
- How to work Facebook Wall Flooder
- @utorun virus making
- ..::Facebook Wall Flooder::..
- ★How to run JPG as an EXE [Shortcut Executing Meth...
- Top Free Online Virus Scan Services
- This is what we called “Hacking
- Hacking Using Google
- daily use 10 of Linux Commands
- ..::Hacking Facebook Accounts Passwords Tutorial::..
- IIS Hacking Tutorials
-
▼
March
(20)