Understanding This Technique Called MySQL Injection


ABSTRACT

It is known that computers and software are developed and designed by humans, human error is a reflection of a mental response to a particular activity.
Did you know that numerous inventions and discoveries are due to misconceptions?
There are levels of human performance based on the behavior of mental response , explaining in a more comprehensive, we humans tend to err , and due to this reason we are the largest tool to find these errors , even pros software's for analysis and farredura vulnerabilities were unimproved by us.
Tags: 0 Comments

7 Qualities of Highly Effective Hackers




When asked to write on this topic, I admit that it made me fringe just a bit. Because I don't consider myself to be a highly effective hacker. I find myself as a noob everywhere that I'm trying to learn new things, or I am frustrated with the most ridiculous "hacker" material on the web, written by school-taught programmers that follow step by step instructions out of a manual that everyone has already read. Then I thought to myself.. "That's it!" That is Number One!
4 Comments

An Overview of Real World Account Hacking Strategies



I often get sick and tired of reading comments underneath a white-hat hacking tutorial, asking “how do I hack a Gmail”, “How to hack Facebook account”, etc by people that don't really understand the fundamentals of what they are asking. Then there are the RATters, bot masters, and others spreading Trojans with their back-doored, fake Facebook-Hacking programs, that prey on the ignorant people who downloads them.

While the “Master Hack” would be to find some insane Zero Day in the web application front end of the website's own servers, attacking them directly and pwning their massive database. That's just not going to happen. Surely not by anyone who has to ask “how to”. I'll tell you why. Google, Yahoo, Facebook (ANY of the big wheels in the cyber world) have entire teams of security specialists, constantly upgrading, monitoring, and researching their entire internal network infrastructure. Nothing connected to a network is ever 100% Secure, though, so I guess if you're a noob you may still have something like a 0.00000001% chance of accidentally finding a way in, before it is found and patched. They also have all the money in the world to ensure they are not running outdated or unsafe SQL versions or rules. Then we come to brute-forcing.. A semi direct attack. Anyone who has (in the last SEVERAL Years) tried guessing a password to an account on any of the big sites more than a few times and locked down the account after so many wrong guesses can quickly ascertain why it wouldn't be wise to throw 50 wrong guesses per second at one.
0 Comments

phpThumb Server Side Request Forgery



Recently me along with my friend "Deepankar Arora" discovered a server side request forgery vulnerability inside of the phpThumb's latest version. The vulnerability is not inside the script itself, bit it occurs due to the fact that the webmasters do not configure phpThumb properly and also due to the fact that the high security settings were not turned on by default until now, before we talk about the details, let us briefly introduce the readers to SSRF vulnerability.
2 Comments

eLearnSecurity Web Application Penetration Testing (WAPT) - Course Review


As years passed by, we have seen an upward progression in the layer of insecurity starting from the physical layer attacks (Layer 1)  towards Application layer attacks (Layer 7) inside of the OSI model. Application layer attacks are where we are at right now, and frankly speaking from my experience i find application layer attacks more easy to learn and exploit as compared with network layer attacks. The defenses are more easy to break and there are lots of attack vectors involved. All you need is right tools to be able to automatically scan and exploit application layer vulnerabilities, talking about bug bounty programs for an instance this is exactly the same what's happening, i have literally seen people with absolutely zero security knowledge finding/reporting bugs and getting listed in hall of fames and making money. The question arises, If it's that easy to exploit applications, what if they could use the knowledge for a negative cause. However, That's a different story which we are not gonna talk about today.

It's super easy to download a vulnerability scanner such as netsparker, acunetix, netstalker and start scanning websites and reporting vulnerabilities, however what separates an actual penetration tester from some one who takes on bug bounty program as a hobby is the ability to understand the underlying technologies, and frankly speaking, it's what is the fundamental of all the penetration testing, the more better you understand the application and it's underlying technology, the more chances are that you would find critical bugs within it. With that being said there are certain restrictions to what a scanner can do and cannot, for example A scanner cannot find logical bugs, second order sql injections etc since it doesn't knows the context, therefore i only use for them  for quality assurance or for pointing out an interesting part of the webapplication, which i could look furthur.
Tags: 0 Comments

Memory Forensics, Analysis And Techniques PART 2


INTRODUCTION

Volatility is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of samples of digital artifacts from volatile memory (RAM).
Tags: 0 Comments
Subscribe to: Posts ( Atom )

Blog Archive

 

Recent Comments

About

Rafay Baloch is an Independent security researcher, Internet marketer, Entrepreneur and a SEO consultant, He is the founder of RHA blog and multiple other blogs. Rafay got famous after finding a Remote Code Execution bug inside PayPal for which PayPal awarded him a sum of 10,000$ Read More..

Join In!

RHA © 2013. All Rights Reserved.

Design By My Blogger Tricks / Home / Back To Top ▲