Pages

Tuesday, October 29, 2019

SInjector v2.3 Python Script with Payload support and how to use it with SSH Tunnel for Free Internet

Hello everyone.Now,I would like to share SInjector Python Script which supports SSH and VPN  with Payload feature(like HTTP Injector,eProxy,KPN Tunnel). SInjector Python Script can be used for free internet tricks with SSH or VPN Tunneling.Free Internet with Online privacy.I would like to thank it’s developer RedFox who developed this script.Many have been searching Python script which works similar to apps like  HTTP Injector ,eProxy ,KPN Tunnel  the search finally ends with SInjector .
I will share how to configure/set SInjector Python Script to use SSH & for free internet.
Developer: Red Fox
Tools Required: 
1. SInjector_v2.3.zip  SInjector _v2.3.zip
2.Terminal application : Terminal.apk
Note: Python should be already installed.To know about that,see my other posts.
Script Screenshot:
Steps:
1.Download SInjector v2.3.zip file and extract to si folder of internal sdcard (/sdcard/si).
2.Open payload.ini file and set Payload which works for free internet on your simcard as shown in screenshot and Save the file.Use your imagination to fill working payload.For my simcard , payload working for free internet is shown here in screenshot.(My simcard has free homepage which I can open at 0 balance and I use that in payload bug.You use your free homepage in payload and use your simcard Proxy in this file)
3.You should have a SSH account that we will use with SSH Tunnel application.To know how to do this, see my another post: Using SSH Tunnel on Android Phones to Hide your real IP details and to Access Blocked Websites
I created SSH account on fastssh.com as shown in screenshot.
4.Now,open SSH Tunnel application and fill your user details and SSH account Host correctly as shown in screenshot.You can tick/enable “SOCKS Proxy” if you want to use it for forwarding Request from all ports.If your phone is rooted you can also enable/tick “Global Proxy” to proxify all apps.
5.Do not change other remaining settings of SSH Tunnel application.Leave other settings as it is.Minimise or close this app.
6.Now,use your simcard  on which you want to use free internet.My simcard have 0(zero) balance which I will use for free internet.Now,I will connect internet using this sim .
7.Open Terminal application and change your directory to si folder where you have extracted those files in step 1.My si folder is located at /sdcard/si .So,i will type this on terminal to run the si.py file.Type these commands carefully and correctly:
su
cd /sdcard/si 
8.Now run the si.py script using python command.If everything is correct,SInjector script will be running on your Terminal.It will ask for payload file location(default payload file is payload.ini which we will use),so type n and press enter key.See screenshot.
9.Now,script will ask you “Do you want to disable debug?”, you can enter either y for YES or n for NO.It is your wish.See Screenshot
10.Now,script will ask “Auto Replace 200 OK”, enter y and press Enter key.The Script will show local port  on which the script is accepting connections(in my Screenshot it is listening on port  9000 ).Notice this port carefully as we will use this port in next step.
11.Now,open SSH Tunnel application again and Tick/Enable “Upstream Proxy ” and Put this  in “Proxy “: 127.0.0.1:9000 as SInjector script is listening on port 9000(shown in screenshot).you use your port on which SInjector script is listening.
12.Everything is finally done now.Now,Click on “Tunnel Switch ” in SSH Tunnel app and minimize it(send it to background).
13.Now,open the Terminal app which is already running.If everything is correct and your payload is working for free internet,you will get 200 Connection Established Response  from SSH server as shown in my screenshot.
All steps are completed successfully.Now,you can open any application and use free internet.Your real IP address is hidden as you are using SSH.You can also try to use this SInjector Python script directly and VPN also in the same way.
Happy Free Internet phreaking .
Thanks for reading this long post.I hope my post will be useful for them who are new to Free Internet tricks and who do not know how to use the  SInjector Python script with SSH .

Friday, May 22, 2015

PHP Security Training Video


Topics Of the Course !!!

what is the threat ? 
  • How can you Analyze the threat ?
  • what Types of threats Are out there?
  • How bad is it ?
  • what Threats Are Specific to PHP?
  • what are some resources to find out more ??


what are the Consequences when a website is not protected Against Attack?
  • Financial loss
  • Loss of Service
  • identity Theft
  • website infection


what are most common forms of aTTack?


  • Cross site Scripting(xss)
  • Remote Code injection 
  • session hijacking, fixaion, and request forgery Sql injection

what Are the  Most  Common  Vulnerabilities aTTackers can Exploit?


  • unplanned information disclosure
  • predictable resource location
  • insufficient authorization
  • improper accesss controls
  • PHP misconfiguration
  • Mishandling file uploads

Download: Medaiafire

Wednesday, May 20, 2015

SQLi Dumper - Advanced SQL Injection\Scanner Tool v7.0 Private Version

 
Designed to be automated to find and exploit web security vulnerabilities in mass from worldwide!
It is robust, works in the background threads and is super faster.
Uses an advanced search engine with 10 different online search services.

Last release: 06/23/2014 v.7.0

SQLi Dumper Features:

-Suports 20 methods of SQL Injection;
-Suports Multi. Online search engine (to find the trajects);
-Automated search for data in a bulk URL list;
-Automated analizer and dumper with custom injections points (URL, POST, Cookies, UserLogin or UserPassword);
-Dumper suports dumping data with multi-threading (databases/tables/columns/fetching data);
-Exploiter, Analizer and Dumper suports up to 50x separeted threads;
-Advanced WAF bypass methods;
-Advanced custom query box;
-Dumper can dump large amounts of data, with greats control of delay each request;
-Easy switch vulnerabilities to vulnerabilities (internal database);
-Suports proxies list;
-GeoIP database;
-Advanced Trash System works with millions of urls;
-Admin login finder;
-Standalone .exe (no install).
 
 
Download: Sqli Dumper
 

Wednesday, May 6, 2015

SQL Injection Bypassing handbook


Content writers :-

Chapter I:::


  • SQL Injection: What is it?
  • SQL Injection: An In-depth Explanation
  • Why is it possible to pass SQL queries directly to a database that is hidden behind a firewall and any other security mechanism?
  • Is my database at risk to SQL Injection?
  • What is the impact of SQL Injection?
  • Example of a SQLInjection Attack

WebApplication Firewalls::


  • Detecting A WAF
  • Prompt Message
  • Dotdefender
  • Observing HTTP Response

Chapter II

Advanced evasion techniques for defeating SQL injection Input validation mechanisms
Web applications are becoming more and more technically complex. Web applications, their

  • Whitespace
  • Null Bytes
  • SQL Comments
  • URL Encoding
  • Changing Cases
  • Encode to Hex Forbidden
  • Replacing keywords technique
  • WAF Bypassing – using characters
  • HTTP Parameter Pollution (HPP)
  • CRLF WAF Bypass technique
  • Buffer Overflow bypassing
Chapter III

Let's see the matter in an orderly fashion from the beginning
  • See If Site vulnerability Or Not
  • Get Column Number
  • Bypassing union select
  • Get Version
  • Group & Concat
  • Bypass with Information_schema.tables
  • Requested Baypassing
Chapter IV

Other issues related to the subject
  • Null Parameter
  • FIND VULNERABLE COLUMNS
  • Count(*)
  • unhex()
  • Get database
Download : MediaFire

source: HF

Sunday, May 3, 2015

Best Deface pages Collection

Don't Have Time for designing A Deface page .. ?? 
dont worry here you can download Best Deface Pages, 
Just replace the Name and messgae with your own name and message !!
[Click on Download And Copy The Code, Then Use it, for demo you can paste the code on Pastehtml.com

How to edit and save it... ??
All html codes are shared on pastebin, copy it and paste in notepad
then edit it and save as index.html or anyname.html


1- Tiger M@te's Deface Page, 
This Deface page was uploaded on google bangladesh'd domain Google.com.bd
 : Download


2- Happy Birhthday Deface Page 
for making someone's Birthday special =)
 : Download

3- Deface Page For Long Messages + Video 
Designed By Ffessxt Prince indishell
: Download 


4- #opFreedom Plestine, 
Deface page with free palestine message, Designed by The Hackers army
 : Download


5- Lovely deface Page for Your Girlfried or loved one 
This Deface Page was designed by me =)
 : Download


6-Deface Page with dancing firefox script
 : Download


7-Multi colour deface page
 : Download  


8- Simple Black Deface Page 
Designed by Hax root
 : Download


9-Matrix Style Deface Page
Designed by ShOrTy420
 : Download


10-Pro Style Deface Page 
 : Download


9- Awesome  #opFreedom Plestine Page with New Fuctions
this page desgned by Syakila Daniel
 : Download


10- Awesme Matrix style Deface Page 
Designed by coded32 
: Download


11- Romantic deface Page with Roses
designed by Deepak  Carpenter
: Download


12- Deface Page with Jquery 
Designed by Privatex
 : Download


13- #opmegaupload Deface Page
 : Download

14- A Progammer's Deface Page with Love Letter
Designed by Me .. =)
 : Download

Thursday, April 2, 2015

sshDoor (good ssh backdoor)



Usage:
./install passwrod port
./install jancok 33

 
open putty
ssh port : 33 login : root password : jancok

[root@serv ~]# uname -a;id
Linux serv.test.com 2.6.18-53.1.13.el5 #1 SMP Tue Feb 12 13:01:45 EST 20010 i686 i686 i386 GNU/Linux
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@serv ~]# 

Download:  Here