Posts

Showing posts from May, 2018

POC On Boolean-Based Blind SQLi

Image
POC On Boolean-Based Blind SQLi Introduction:- In this POC i will see you the small demonstration of Boolean-Based SQLi vulnerability by using basic SQl queries in vulnerable web application i.e DVWA.You will get the idea How boolean based vulnerable website get affected,how you can get, steal and manipulate the data of the database by this vulnerability.here i will see you how to get database name, with the same method and using different query according to your need help you to get juicy data that you want. About Boolean-Based Blind SQLi:- If you see the name there are two words that is “Boolean” and “Blind” which helps you to easily understand the attack.By “boolean” means it is based on the boolean values i.e. true or false,true and false. And by “blind” mean that injection is blind and will not show you any type of error.The only way to extract the data,would be using brute force or you can say that by guessing the queries.That is why this attack is very time consum...

POC On Sam Decryption

Image
POC On Sam Decryption Introduction In this report we will decrypt the SAM file by using the Cain & Abel tool. About SAM SAM stands for “Security account manager”.It is a database file in Windows XP,Windows Vista,Windows 7,Windows 8.1,Windows 10 that stores user’ password.It stores password in the hash value which is not a readable form Location:-  C:\Windows\System32\config About Cain & Abel Cain & Abel(GUI base) is a password recovery tool for microsoft operating Systems.It allows recovery of several kind of passwords by sniffing the networks,cracking encrypted passwords using Dictionary, Brute-force and cryptanalysis, Recording VoIP conversations, Decoding scrambled passwords, Recovering wireless network keys and all stuffs. Download link:-   http://cain_abel.en.downloadastro.com/ Lab Environment Operating system:- Windows 7 Tool:- Cain & Abel v4.9.35 Proof Of Concept Step 1:- Before opening the Cain & Abel first...

Documentation on keylogger

Image
Documentation on keylogger Introduction:- Keylogger is a type of software that once installed on a system, has capability to record every keystroke made by the system. All the recorded keystroke is saved in a log file. A keylogger can record message,email,and capture any type of information you type at any time using your keyboard. Who uses keylogger?:- Keylogger is a surveillance tool,used by employers to ensure employee use work computers for business purposes only. There’s also a growing market of parents who want to use this tools to stay informed about a child’s online activities. But now a days this tools is use by hacker for hacking email id’s and confidential information of the user like password and id of the bank account,this is one of the easiest way of hacking the ID’s,because keylogger is a device or a software while gives all the information that which key is typed by the user and through this software hackers hack the ID’s easily.    About keyl...