This is a good tutorial video about SQL Injection. Although in this video, it works with mysql, you can learn the concept of SQL Injection and also some useful techniques.
Creator: killerguppy101
Part1 (http://aria-security.persiangig.com/video/sqltut-Part1.rar)
——-
Part2.1 (http://aria-security.persiangig.com/video/sqltut-Part2.1.rar)
Part2.2 (http://aria-security.persiangig.com/video/sqltut-Part2.2.rar)
——-
Part3 (http://aria-security.persiangig.com/video/sqltut-Part3.rar)
Thanks from aria-security.com, Secr00t3r, ali_aria
Copy/Paste these links in your browser if they don’t work by clicking.
There are some good hacking videos in this link:
March 2009 Updated:
Facebook changed some forms and modules in its website in March 2009, so I updated my previous code to the new one:
At last I wrote the universal friend adder for the Facebook.com!
So, you can use this code to add your friends from your arbitrary wall such as Mobwars, Mafia Wars, Eleven Blood, Knighthood, and so on.
There are some important notes:
0- You must download and setup the iMacros first from here (http://www.iopus.com/download/).
1- You must bypass the CAPTCHA by adding more than 30 friends (maybe a bit less or more than this) manually.
2- You must find your application ID number by going to your application page and check the URL. There is always something like this:
http://www.facebook.com/apps/application.php?id=XXXXXXXXX
Which “XXXXXXXXX” is the application number which you must set it as “applicationIDNumber” in this code.
3- Please configure your settings in this code before usage if you want to get the best result.
Note: Unfortunately in this fast revision, you must choose a “friend list” name for the new friends which stands before all the friend list names. For ex. this name can be look like: “000000myfriendlist”
You can copy/paste it as Facebook_Wall_Add.js to your iMacros.
/********* FaceBook Automatic Friends Adder from Apllications' Walls (After Passing the CAPTCHA manually)*********/
/********* You can bypass the CAPTCHA by adding more than 30 friends manually at the first *********/
/********* By Soroush Dalili March-2009 Soroush.SecProject.Com *********/
/********* Begin Configuration - You can change these settings *********/
var startPage = 2; // You can change this value to your page number!
var mobInviteMessage = "Please invite me to your Mafia Wars!"; // You can add your message here
var mobFriendList = "000000myfriendlist"; // You can add your special friend list (you must made it before)
var showImages = "1"; // You can change it to "0" (for disabling) and to "1" (for enabling)
// Wall ID Number: Mobwars = 8743457343 / Mafia Wars = 56556324950 / Eleven Blood = 29886835263 / Knighthood = 5541055185
// Just goto your application page which is something like "http://www.facebook.com/apps/application.php?id=XXXXXXXXX". This "XXXXXXXXX" is your application number
var applicationIDNumber = "56556324950"; // Default = MobWars Wall = 8743457343
/********* End Configuration - You can change these settings *********/
/********* Begin Code *********/
// Replace <SP> instead of space character
mobInviteMessage = addImacrosSpace(mobInviteMessage);
mobFriendList = addImacrosSpace(mobFriendList);
var jsNewLine="\n";
/********* Begin Openning Mobwars Wall's Pages *********/
var FaceBook_AddFromWall_Pages_Code;
FaceBook_AddFromWall_Pages_Code = "CODE:";
FaceBook_AddFromWall_Pages_Code = FaceBook_AddFromWall_Pages_Code+"SET !ERRORIGNORE YES" + jsNewLine;
if(showImages == "0"){
// Disable images to have more speed
FaceBook_AddFromWall_Pages_Code = FaceBook_AddFromWall_Pages_Code+"FILTER TYPE=IMAGES STATUS=ON" + jsNewLine;
}
// Open mobwars wall
FaceBook_AddFromWall_Pages_Code = FaceBook_AddFromWall_Pages_Code+"URL GOTO=http://www.facebook.com/wall.php?id=" + applicationIDNumber + "&page={{PageNumber}}" + jsNewLine;
FaceBook_AddFromWall_Pages_Code = FaceBook_AddFromWall_Pages_Code+"FILTER TYPE=IMAGES STATUS=OFF" + jsNewLine;
FaceBook_AddFromWall_Pages_Code = FaceBook_AddFromWall_Pages_Code+"WAIT SECONDS=1";
/********* End Openning Mobwars Wall's Pages *********/
/********* Begin Openning Mobwars Wall's Links *********/
var FaceBook_AddFromWall_Links_Code;
FaceBook_AddFromWall_Links_Code = "CODE:";
FaceBook_AddFromWall_Links_Code = FaceBook_AddFromWall_Links_Code+"SET !ERRORIGNORE NO" + jsNewLine;
FaceBook_AddFromWall_Links_Code = FaceBook_AddFromWall_Links_Code+"SET !TIMEOUT 15" + jsNewLine;
if(showImages == "0"){
// Disable images to have more speed
FaceBook_AddFromWall_Links_Code = FaceBook_AddFromWall_Links_Code+"FILTER TYPE=IMAGES STATUS=ON" + jsNewLine;
}
FaceBook_AddFromWall_Links_Code = FaceBook_AddFromWall_Links_Code+"TAG POS={{LinkNumber}} TYPE=A ATTR=HREF:http://www.facebook.com/s.php?k=100000080*&&CLASS:profile_link" + jsNewLine;
FaceBook_AddFromWall_Links_Code = FaceBook_AddFromWall_Links_Code+"WAIT SECONDS=1";
/********* End Openning Mobwars Wall's Links *********/
/********* Begin Add - Step1: Press "Add As Friend" *********/
var FaceBook_AddFromWall_Add_Step1_Code;
FaceBook_AddFromWall_Add_Step1_Code = "CODE:";
FaceBook_AddFromWall_Add_Step1_Code = FaceBook_AddFromWall_Add_Step1_Code+"SET !ERRORIGNORE NO" + jsNewLine;
FaceBook_AddFromWall_Add_Step1_Code = FaceBook_AddFromWall_Add_Step1_Code+"SET !TIMEOUT 15" + jsNewLine;
FaceBook_AddFromWall_Add_Step1_Code = FaceBook_AddFromWall_Add_Step1_Code+"TAG POS=1 TYPE=A ATTR=TXT:Add<SP>as<SP>Friend" + jsNewLine;
FaceBook_AddFromWall_Add_Step1_Code = FaceBook_AddFromWall_Add_Step1_Code+"FILTER TYPE=IMAGES STATUS=OFF" + jsNewLine;
FaceBook_AddFromWall_Add_Step1_Code = FaceBook_AddFromWall_Add_Step1_Code+"WAIT SECONDS=1";
/********* End Add - Step1: Press "Add As Friend" *********/
/********* Begin Add - Step2: Fill the forms *********/
var FaceBook_AddFromWall_Add_Step2_Code;
FaceBook_AddFromWall_Add_Step2_Code = "CODE:";
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"SET !ERRORIGNORE YES" + jsNewLine;
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"SET !TIMEOUT 15" + jsNewLine;
// Insert Message
if(mobInviteMessage!=""){
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=A ATTR=TXT:Add<SP>a<SP>personal<SP>message*" + jsNewLine;
//FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"WAIT SECONDS=1"+ jsNewLine;
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=TEXTAREA ATTR=ID:message CONTENT=" + mobInviteMessage + jsNewLine;
}
// Select Friendlist
if(mobFriendList!=""){
//FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=SELECT FORM=NAME:NoFormName ATTR=ID:add_to_friend_list_widget_select_* CONTENT=$" + mobFriendList + jsNewLine;
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=SPAN ATTR=BINDPOINT:main&&CLASS:UIActionMenu_Main" + jsNewLine;
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=A ATTR=CLASS:UICheckList_Label CONTENT=" + mobFriendList + jsNewLine;
//FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=INPUT:TEXT ATTR=CLASS:inputtext FriendAddingTool_CreateNewList CONTENT=" + mobFriendList + jsNewLine;
}
// Press Add Button
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"TAG POS=1 TYPE=INPUT:BUTTON ATTR=ID:dialog_button1" + jsNewLine;
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"FILTER TYPE=IMAGES STATUS=OFF" + jsNewLine;
FaceBook_AddFromWall_Add_Step2_Code = FaceBook_AddFromWall_Add_Step2_Code+"WAIT SECONDS=2";
/********* End Add - Step2: Fill the forms *********/
/********* Begin Close Box *********/
var FaceBook_AddFromWall_Close_Code;
FaceBook_AddFromWall_Close_Code = "CODE:";
FaceBook_AddFromWall_Close_Code = FaceBook_AddFromWall_Close_Code+"SET !ERRORIGNORE YES" + jsNewLine;
FaceBook_AddFromWall_Close_Code = FaceBook_AddFromWall_Close_Code+"SET !TIMEOUT 15" + jsNewLine;
FaceBook_AddFromWall_Close_Code = FaceBook_AddFromWall_Close_Code+"TAG POS=1 TYPE=INPUT:BUTTON ATTR=NAME:close&&VALUE:Close" + jsNewLine;
FaceBook_AddFromWall_Close_Code = FaceBook_AddFromWall_Close_Code+"FILTER TYPE=IMAGES STATUS=OFF" + jsNewLine;
FaceBook_AddFromWall_Close_Code = FaceBook_AddFromWall_Close_Code+"WAIT SECONDS=2";
/********* End Close Box *********/
/********* Begin Internal JavaScript Code *********/
var i1=0;
var i2=0;
var i3=0;
var i4=0;
var j=0;
var p=0;
for(p=startPage;p>=0;p--){
iimSet ("-var_PageNumber", p);
i1 = iimPlay(FaceBook_AddFromWall_Pages_Code);
for(j=0;j<20;j++){
iimSet ("-var_LinkNumber", j*2+1);
i2 = iimPlay(FaceBook_AddFromWall_Links_Code);
if (i2 >= 0) {
iimSet ("-var_LinkNumber", j);
i3 = iimPlay(FaceBook_AddFromWall_Add_Step1_Code);
if(i3 >= 0)
i4 = iimPlay(FaceBook_AddFromWall_Add_Step2_Code);
}else{
break;
}
}
}
function addImacrosSpace(str){
str = str.replace(/ /g, "<SP>");
return str;
}
/********* End Internal JavaScript Code *********/
/********* End Code*********/
/********* By Soroush Dalili March-2009 Soroush.SecProject.Com *********/
I found some XSS vulnerabilities in my blog’s template, so I reported them to its creator (Inanis).
Thanks from Inanis because of fast fix and also for this beautiful template.
You can see these in this link:
http://www.inanis.net/blog/index.php/downloads/inanis-glass-wordpress-theme/inanis-glass-readme/
I had submitted some XSS vulnerabilities in xssed.com by these names:
BugReport.ir (before soroush.secproject.com website)
And
Soroush.SecProject.Com (nowadays)
Now, because of using some tricks in these XSSes, they can be interesting. I want to describe some of these tricks here:
1- Insert JavaScript code inside of available script. In order to insert proper arbitrary JavaScript, we must insert something to close left side of JavaScript, then insert our own JavaScript, and finally close the right side of JavaScript to prevent errors.
As you can see in “http://www.xssed.com/mirror/39834/”, the XSS query is this:
?sx=”});};document.write(‘This is XSS test – BugReport.ir’);alert(‘Safe XSS BugReport.ir’);function startVideoPlayer(){getFailQS({destURL:”",show:”
In this query, first I closed the defined function by ["});};] , and then I inserted my arbitrary script there. After that, I used [function startVideoPlayer(){getFailQS({destURL:"",show:"] to open a function to complete the right side of the code to prevent a JavaScript error.
You can see some other example of this group:
http://www.xssed.com/mirror/41138/
http://www.xssed.com/mirror/41800/
http://www.xssed.com/mirror/55622/
2- Insert JavaScript code in another format. Sometimes we can insert our JavaScript code via the some other forms of input such as Base64. In this way, we must look for algorithms of inputs.
As you can see in “http://www.xssed.com/mirror/55624/”, I inserted a Base64 string in order to perform XSS attack.
3- Using http://ha.ckers.org/xss.html techniques. There are always something new and fantastic in this XSS cheat sheet! I learned many things from it.
Example to bypass filters: “http://www.xssed.com/mirror/56197/”
4- Use your own idea to insert your codes. We must be creative in performing XSS. For example in “http://www.xssed.com/mirror/56651/”, I could not insert any string for my alert() function, so I insert something in title of the page, and then read them in my alert() function. It is obvious that I could use eval() function to execute some codes by this method.
?wrd=Tested in Mozilla (Onmouseover) — IRSDL is HERE — Soroush.SecProject.Com — Another XSS Trick in Yahoo&prn=[irsdl]&pth=test&opt=onmouseover%3dalert(window.document.title.substring(15)) onmouseout%3dalert(/SeeYou/)
Another example is “http://www.xssed.com/mirror/40384/” which is based on the “http://www.bugreport.ir/index_38.htm”:
[DNN URL] /Default.aspx/”onmouseover=”x=’al’;x=x+’ert(/WWW.BugReport.IR/)’;eval(x);alert().aspx
In this XSS, I used a feature of .Net which is “Slash after .aspx” in order to change PATH_INFO parameter in Server Variable. As “Dot Net Nuke (DNN)” used PATH_INFO instead of URL parameter, path was inserted into the default.aspx page without any checking. So I inserted “onmouseover” event there. But, there was a problem with alert() function which DNN could recognize it and omit it plus all of the string after it! So, I inserted alert() function as a string into the “x” variable, and then evaluate it by using eval() function. Another problem was that DNN needed “.aspx” at the end of the request (before Get parameters)! So, I inserted an “alert().aspx” at the end of the query which I knew that DNN will omit it plus all the string after that.
Moreover, you can see in “http://www.bugreport.ir/index_38.htm” that I used another query which is:
http://[DNN URL]/Default.aspx/bugreport/”onmouseover=”var a=’.aspx?’;document.location=’http://www.bugreport.ir/?archive’;
In this example, I must use a “:” for the “http://www.bugreport.ir/?archive”, but I could not insert it before the “?” because of getting error by the IIS (“:” is used to indicate a port). So, I inserted a “.aspx?” in a temp “a” variable in order to have: 1- a “.aspx” at the end of the query (before Get parameters) 2- insert “:” into the “http://”.
Note: I could not use “onmoueover” after the “?” because it replaced the double quotation in Get parameter by %22.
Good Luck.
Twitter
LinkedIn