Menu
You might have seen hackers hacking and defaceing websites, editing it with their own stuff, makeing post on websites etc. There are many methods of doing this, In this tutorial I will be showing you a very basic and simply SQLi (Structured Query Language Injection). I will show you how to find the websites admin panel using a simple google dork and a SQL query to bypass the admin user name and password and enter into the panel. When you are in the panel just find a upload option and upload your shell, then deface it. Dorks: inurl:adminlogin.aspx inurl:admin/index.php inurl:administrator.php inurl:administrator.asp inurl:login.asp inurl:login.aspx inurl:login.php inurl:admin/index.php inurl:adminlogin.aspx Get Top 100 Google Dorks for finding Admin Panels # Try to make your own dorks also to get more success rate. Hundreds of sites will open up having /adminlogin.aspx in their URL.
Select any website, you will get the area from where the admins login. Fill the details as: User: 1'or'1'='1 Password: 1'or'1'='1 Use the above mentioned login details and you will be into the admin panel of a website.
![]()
I will not work for all the websites you will find, but will work on most of the website. Some websites which I got: Other InjecTion Queries: ‘ or 1=1 – 1'or’1'=’1 admin’– ” or 0=0 – or 0=0 – ‘ or 0=0 # ” or 0=0 # or 0=0 # ‘ or ‘x’='x ” or “x”=”x ‘) or (‘x’='x ‘ or 1=1– ” or 1=1– or 1=1– ‘ or a=a– ” or “a”=”a ‘) or (‘a’='a “) or (“a”=”a hi” or “a”=”a hi” or 1=1 – hi’ or 1=1 – hi’ or ‘a’='a hi’) or (‘a’='a hi”) or (“a”=”).
Hi guys,i where searching for somthing new and i found that people dnt have much info about this kind of stuff so i tought to write about hacking Credit cards Following Information is only for education purpose any kind of misuse blog will not responsible Info: What is credit card? Credit cards are of two types:. Debit Card. Credit Card 1. Debit means u have a sum of amount in it and u can use them. Credit means u have a credit line limit like of $10000 and u can use them and by the end of month pay it to bank.
To use a credit card on internet u just not need cc number and expiry but u need many info like:. First name. Last name. Address. City. State.
Zip. Country.
Hacking Tools
Phone. CC number. Expiry. CVV2 ( this is 3digit security code on backside after signature panel ) If you get that info you can use that to buy any thing on internet, like software license, porn site membership, proxy membership, or any thing (online services usually, like webhosting, domains).
First study some simple terms. BINS = first 6 digit of every credit card is called ' BIN ' (for example cc number is: 101157 then its bin is ' 412163 '), i hope this is easy to understand. Now the question is how to make money through credit cards. Its strange., well you cant do that, but there is specific persons in world who can do that. They call them selves ' cashiers '. You can take some time to find a reliable cashiers. Now the question is every bank credit cards are cashable and every bin is cashable?
Like citibank, bank of america, mbna. Are all banks are cashables? Well answer is ' NO '. If u know some thing, a little thing about banking system, have u ever heard what is ATM machines?
Where u withdraw ur cash by putting ur card in. Every bank don't have ATM, every bank don't support ATM machines cashout. Only few banks support with their few bins (as u know bin is first 6 digit of any credit / debit card number), for suppose bank of america. That bank not have only 1 bin, that bank is assigned like, 470 are ur bins u can make credit cards on them.
So bank divide the country citi location wise, like from 412345 - 412360 is for americans, after that for outsiders and like this. I hope u understand. So all bins of the same bank are even not cashable, like for suppose they support ATM in New York and not in California, so like the bins of California of same bank will be uncashable. So always make sure that the bins and banks are 100% cashable in market by many cashiers.
Well, check the website where u have list of bins and banks mostly 101% cashable. If u get the credit card of the same bank with same bin, then u can cashout otherwise not. Remember for using credit card on internet u don't need PIN ( 4 words password which u enter in ATM Machine ), but for cashout u need. You can get pins only by 2nd method of hacking which i still not post but i will. First method of sql injection and shopadmin hacking don't provide with pins, it only give cc numb cvv2 and other info which usually need for shopping not for cashing. Credit card Hacking. Shopadmin Hacking This method is used for testing the knowledge or for getting the credit card for shopping on internet, or for fun, or any way but not for cashing ( because this method don't give PIN - 4 digit passcode ) only gives cc numb, cvv2 and other basic info.
Shopadmins are of different companies, like: VP-ASP, X CART, etc. This tutorial is for hacking VP-ASP SHOP. I hope u seen whenever u try to buy some thing on internet with cc, they show u a well programmed form, very secure. They are carts, like vp-asp xcarts. Specific sites are not hacked, but carts are hacked.
Below I'm posting tutorial to hack VP ASP cart. Now every site which use that cart can be hacked, and through their.mdb file u can get their clients 'credit card details', and also login name and password of their admin area, and all other info of clients and comapny secrets. Lets start: Type: VP-ASP Shopping Cart Version: 5.00 How to find VP-ASP 5.00 sites? Finding VP-ASP 5.00 sites is so simple. Go to google.com and type: VP-ASP Shopping Cart 5.00 2.
You will find many websites with VP-ASP 5.00 cart software installed Now let's go to the exploit. OR Username: vpasp password: vpasp 2. Hacking Through Scams This method is usually used to hack for earning money. What happens in this method is you create a clone page.
Target: its basically eBay.com or paypal.com for general credit cards, or if u want to target any specific cashable bank like regionbank.com then u have to create a clone page for that bank. What is eBay.com? Its a shopping site world wide which is used by many of billion people which use their credit cards on ebay. What you do make a similar page same as eBay and upload it on some hosting which don't have any law restrictions, try to find hosting in Europe they will make your scam up for long time, and email the users of eBay. How to get the emails of their users? Go to google.com and type 'Email Harvestor' or any Email Spider and search for eBay Buyers and eBay Sellers and u will get long list. That list is not accurate but out of 1000 atleast 1 email would be valid.
![]()
Atleast you will get some time. Well u create a clone page of ebay, and mail the list u create from spider with message, like 'Your account has been hacked' or any reason that looks professional, and ask them to visit the link below and enter your info billing, and the scam page have programming when they enter their info it comes directly to your email. In the form page u have PIN required so u also get the PIN number through which u can cash through ATM. Now if u run ebay scam or paypal scam, its up to your luck who's your victim. A client of bank of america or of citibank or of region, its about luck, maybe u get cashable, may be u don't its just luck, nothing else. Search on google to download a scam site and study it!
After you create your scam site, just find some email harvestor or spider from internet (download good one at Bulk Email Software Superstore - Email Marketing Internet Advertising) and create a good email list. And you need to find a mailer (mass sending mailer) which send mass - emails to all emails with the message of updating their account on ur scam page ). In from to, use email [email protected] and in subject use: eBay - Update Your eBay Account and in Name use eBay Some Instructions: 1. Make sure your hosting remains up or the link in the email u will send, and when your victim emails visit it, it will show page cannot be displayed, and your plan will be failed. Hardest point is to find hosting which remains up in scam. Even i don't find it easily, its very very hard part.
Maybe u have contacts with someone who own hosting company and co locations or dedicated he can hide your scam in some of dedicated without restrictions. Finding a good email list (good means = actually users) 5. Your mass mailing software land the emails in inbox of users. Thats All dude.
Cybrary
Introduction: Hello every one. I am going to share with one of the best of my tutorials here. Now Let's begin!!
Hacking Tutorials Pdf
Sql injection (aka Sql Injection or Structured Query Language Injection) is the first step in the entry to exploiting or hacking websites. It is easily done and it is a great starting off point.
Unfortunately most sqli tutorials suck, so that is why I am writing this one. Sqli is just basically injecting queries into a database or using queries to get authorization bypass as an admin. Things you should know: Data is in the columns and the columns are in tables and the tables are in the database. Just remember that so you understand the rest. PART1:BY PASS LOGIN Gaining auth bypass on an admin account. Most sites vulnerable to this are.asp First we need 2 find a site, start by opening google.
Now we type our dork: 'defenition of dork' 'a search entry for a certain type of site/exploit.ect' There is a large number of google dork for basic sql injection. Here is the best.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |