| Author |
Reference Manual |
onejerlo
Member
Posts: 145
Location:
Joined: 02.11.08
Rank: Elite |
|
I recently made a Reference manual and thought it would be a good idea to share it with others.Here it is:
SQL:
Basic Injections(for passwords or usernames):
' OR 1=1--
(Note: -- is used to delete all commands after it)
' OR 'a'='a
Direct query in URL:
?SQL Query
***********************************************************************************************
Javascblockedript:
Format: Javascblockedript:Injection (in the location(URL) Bar)
always use alert to confirm sucessful execution
form changer:"document.forms[0].elements[0].options[0].value"
cookie changer:"alert(document.cookie='name=value')"
NOTE:
Variables declared in scblockedripts but not inside functions have GLOBAL SCOPE and can be modified by an injection
***********************************************************************************************
HTML Comment:
<!--This is a comment-->
(Comments are used to hide several important points and to place reminders by Admins)
***********************************************************************************************
SSI(Server Side Include):
format:<!--#command-->
Execute CMD or CGI:
<!--#exec cmd="command"-->
<!--#exec cgi="command"-->
***********************************************************************************************
Common UNIX Commands:
CD - change directory
ls - List files in directory(ls .. lists files in directory above current one)
CAT - View a file
rm - Delete a file
***********************************************************************************************
RFI(Remote File Include):
URL Format:
Original:
www.example.com/wazzup.php/page=something.php
Changed:
www.example.com/wazzup.php/page=www.google.com
***********************************************************************************************
OLLYDBG(OLLY Debugger):
Steps:
1.)Right click:Search For:All Referenced strings
2.)Search for and find the good boy or bad boy string
3.)Right click on string location and click follow to disassembler
4.)Search the code above the string call to search for the conditional operation and change it acc. to your needs
5.)Run It and check if goal has been accomplished.If it is...Congrats else,Return to step 1
Note:
Good boy string is something that congratulates you when you get the correct password
(example:"Press OK to View password")
Bad boy String is the opposite of Good Boy string
(example:"Wrong Password,Only 3 turns left")
***********************************************************************************************
Websites:
Search Engines:
www.google.com (A Beginner's best friend)
www.clutsy.com (Nice and orderly result display format)
www.altavista.com (Nice,But not as good as google)
Note:Using Certain techniques like the r*b*ts.txt file,Crawlers can be prevented from indexing certain private web pages
Information:
1.)Search Engines
2.)www.wikipedia.com(Nice intros and links to some useful sites)
3.)Forums and Articles on HBH
-------------------------------------------------It Never Ends---------------------------------------------------------------------
(please PM me if you have any doubts,I will try my best to help you)
If you can,Please comment or rate this article
Edited by onejerlo on 07-11-08 16:16 |
|
| Author |
RE: Reference Manual |
Mizzle
Member
Posts: 46
Location: 127.0.0.1
Joined: 02.10.08
Rank: God |
|
Cool 
Good to see people sharing.
Click Me?
Learn from yesterday
Live for today
Hope for tomorrow
 |
|
|
| Author |
RE: Reference Manual |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
Lol.
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
| Author |
RE: Reference Manual |
skathgh420
Member
Posts: 418
Location: 127.0.0.1
Joined: 03.03.08
Rank: God |
|
Ummm. Thanks?
 |
  
|
| Author |
RE: Reference Manual |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
I lol'd.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: Reference Manual |
whitecell
Member
Posts: 124
Location: In a white cell.
Joined: 24.07.08
Rank: Newbie |
|
|
moshbat wrote:
Nowadays, "lol" means fuck all, really. It's simply a three character word to fill what would otherwise (yeah fucking right) be constructive text.
Lol, to my understanding, means laugh[ed] out loud.
How many times do you say "lol" after you've actually laughed out loud?
Furthermore, it's often used when one is uninterested in what another is saying, and uses lol to avoid reading/answering. I myself am guilty of this when I am busy, but too polite to say I am busy.
It also used as a subliminal way of saying "Shut the fuck up"
Bearing the above line in mind: lol.
LOL
|
|
|
| Author |
RE: Reference Manual |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
|
whitecell wrote:
LOL
Don't talk to moshbat like that, prick.
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Reference Manual |
Mizzle
Member
Posts: 46
Location: 127.0.0.1
Joined: 02.10.08
Rank: God |
|
spyware wrote:
whitecell wrote:
LOL
Don't talk to moshbat like that, prick.
LOL
Click Me?
Learn from yesterday
Live for today
Hope for tomorrow
Edited by Mizzle on 08-11-08 00:16 |
|
|
Main:
