Saturday, 16 November 2013

Consulate General Of India,New York USA Website Hacked

No comments :

Well Another Down it looks like Pakistani Hacker's are on there peak they have started some sort of Op against higher authorities of India whom aren't Innocent "THEY" think,
This time Consulate general of India In New York, USA official website boxed by Pak Cyber Experts Muhammad Bilal who is very active in hacking .in domains and another hacker going with the hack handle Ch3rn0by1 from Pak Mad Hunters.

The reason behind the hack is to support Kashmir,hackers in there deface page wrote 
"Free Kashmir Freedom is our Goal"

Screenshot of the page injected by Hackers


The link of the hacked site : http://www.indiacgny.org/index.html
The hacker made mirror of the hacked site on : zone-hc
Read More

Indian Embassy Austria To Montenegro Website Hacked

No comments :

Recently a "Hacker" going with the hack handle "Connecting Friend" defaced the Official Website of "India Embassy Austria To Montenegro"
The Reason behind the hack "Is" to record a protest Against Indian Governement for what they are doing in Kashimir and according to the deface page the hacker injected also mentioned that "PAKISTAN ZINDABAD AND STOP KILLING OF INNOCENT KASHMIRIS" the hacker also mentioned following lines in his deface code. 

"We condemn presence of RAW in Balochistan. And Condemn Indian firing in the Sialkot sector on October 21. "

Below is a screenshot of the hacked website :




The hacker made mirror of hacked site http://www.indianembassy.at/ on Zone-hc
The same hacker have been successfully defaced the Official Websites Of Suzuki Brunei And Laxmi Hyundai in past.


Read More

Friday, 15 November 2013

SQL Injecting In A Website Using Sqlmap In Post Parameter's

3 comments :

Hello Friends :D

Its been a long time since I post :P so here come's a new tut :D
Well We have seen many Injectors whom are hacking websites/servers using a Technique Called SQLi ( Structured Query Language Injection ) manually or by the help of some tools :D
so I thought to make a TUT on How to Inject A Website with Sqlmap Onto A "POST" Parameter :P
Yup not in GET parameter :D
so Let's Start :D

Requirements :

1) FIREFOX
3) BASIC KNOWLEDGE OF SQLi

First of all Find a target which is using a VULNERABLE form so that we can Inject it with the help of SQL map :D so in my Case I have my one :P


Now let's check whether our web based form is vulnerable to SQLi or not? Open your firefox Browser and press F9 key to enable the hackbar and also enable post data like this :



After doing that post something in the Roll Number field to get the POST Parameters well I have a Valid Roll Number (111111) Of A Student xD so lets post it and check what we got and afte clicking the submit Button load the url Again with the help of Hackbar so that It will show you the POST parameters like this :D


Good Going Now lets add a Single Quote ( ' ) in post parameter field which is "rollno=111111" lets seee what we get :?


So its Vulnerable :D now let's do some SQLmap Kung FU :D open up your Sqlmap and use this command :D

python sqlmap.py -u "http://delhiboard.org/10thresult.do" --data "rollno=111111&s_result=Submit" --dbs

SQLmap will directly start to Inject the post parameter which you have provided :D


Voila We have the DB's :D so now inject the website with the default commands ;) hopes you like my simple tut if you are facing any problem or want any sorf of help regarding TUT just drop a comment below hopes you like it :)

WELLLL WAIIT 1 MORE THING "YOU CAN INJECT THE WEBSITE MANUALLY ASWELL xD" 

Babye

Read More