| User | Post |
|
7:40 am
March 23, 2010
|
amiyabsb
| | | |
| Newbie | posts 10 |
|
|
i am a whitehat hacker just started my career. i am having few clients and i do website testing. recently i am trying to takeovet a site and have found many vulnerable points but i am failing continuosly as all my tricks on sql injection.
can somebody help me out on the below site details :;
http://www.naxatranews.com
vulnerable points are given below:
http://naxatranews.com/naxatra…..+1%3D1+–+
http://naxatranews.com/news.ph…..gory=2';
http://naxatranews.com/news_vi…..;%3D'0
http://naxatranews.com/news.ph…..F%27%22%28
can someone test on these injection points and help me out on extracting the tables and getting the site takeover. hope the members are quite experienced here….
|
|
|
7:58 am
March 23, 2010
|
Teddy
| | EU | |
| Elite Member | posts 267 |
|
|
|
|
With great power comes great responsibility. Have a look at this webpage: securityoverride.com
|
|
|
2:00 pm
March 23, 2010
|
slicer45
| | | |
| Elite Member | posts 270 |
|
|
Your a white-hat, but asking us to help deface a site?
|
Being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer.
|
|
|
4:22 pm
March 23, 2010
|
madf0x
| | | |
| Active Member | posts 229 |
|
|
Oh please we are NOT that stupid :/ you should know all the legal issues with that and you call yourself a whitehat? Liar.
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
|
4:31 pm
March 23, 2010
|
d4rkf0rm
| | | |
| Member | posts 74 |
|
|
Post edited 4:37 pm – March 23, 2010 by d4rkf0rm
if youre a whitehat and your "career" has just started your "clients" that want you to "test" their websites clearly are idiots … either that or youre a liar … no company that has any sort of cyber media is going to ask an inexperienced individual "test" their site
why dont you consult google, the oracle has a wealth of information and its FREE!
|
the quieter you become, the more you are able to hear
|
|
|
4:38 pm
March 23, 2010
|
d4rkf0rm
| | | |
| Member | posts 74 |
|
|
Post edited 4:47 pm – March 23, 2010 by d4rkf0rm
http://www.bestjobsindia.in/bt…..iyabsb.htm
Amiya Mishra
+(91)-(671)-2608838
Stoney Road, Cuttack, Cuttack – 753001
if i can find you then im sure you can find something to help you get access to the SQL database running on their servers
|
the quieter you become, the more you are able to hear
|
|
|
9:51 pm
March 23, 2010
|
madf0x
| | | |
| Active Member | posts 229 |
|
|
Somethings starting to smell fishy here  sounds like a 'legit' company where your screen name is listed at the contact and yet you are asking for help on something like this? Something in this equation aint right.
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
|
11:24 pm
March 24, 2010
|
amiyabsb
| | | |
| Newbie | posts 10 |
|
|
hey frndz its am a whitehat hacker just started my career as an information security professional. Its not like am a liar. if somebody here to give the service of pentesting then we can go legally by signing documents and can takeone the pentesting part bcoz i basicall in network hacking and very little experince in sql and web hacking.
and for your kind informtion hacking is just a poetry and poetry is magic. nobody is sure he or she can hack only thing is u need some hint or a way to take on..
so frndz there is nothing to worry if nobody here to help me out then surely i can help out myself but i think people here not more into brain storming as the videos in this site are really for noobs and starters they way they show in sql injection in wordpress forum i dont think wordpress is a fool when still opensource…….
extracting a information.schema shown in one post in infinity site is also for just starters but demos of really penetrating into some sites with different error examples and steps of hacking……
anyway no use arguing bcoz hacker should take on the challenge… i think nobody here to test their real skills….
|
|
|
11:37 pm
March 24, 2010
|
amiyabsb
| | | |
| Newbie | posts 10 |
|
|
bro its not the matter of experince… i am basically into network and system hacking and very less experince about sql…. i am not into hacking the site actually in have found the vulnerable injection points etc… only thing is to step ahead according to the infinity videos is of no use as the steps not work. so am little confused and trying to sought out the problem. ask me a help on system or networking hacking then am surely to help u and am confident but web hacking is new for me… anyway if u dont want to help me then its ok bro…. nothing personal here… may be i will find someother way….. and bro … hacking is just an accident used steps are filetered find someway different and may be u can enter but no gurantee….i hope am right…
d4rkf0rm said:
if youre a whitehat and your "career" has just started your "clients" that want you to "test" their websites clearly are idiots … either that or youre a liar … no company that has any sort of cyber media is going to ask an inexperienced individual "test" their site
why dont you consult google, the oracle has a wealth of information and its FREE!
|
|
|
12:20 pm
March 25, 2010
|
d4rkf0rm
| | | |
| Member | posts 74 |
|
|
well my mistake for calling you out like that then.
but the mindset behind hacking should spark curiosity and the urge to conquer the problem. Asking for help is certainly a good thing to do to figure out how to solve a problem but it should NOT be used as a first resort.
most of us cringe when a skiddie gets on here and asks how something works because we feel that the question is so broad that we have to include an explanation about how the protocols and encapsulation and the actual behavior of devices and data flow.
If you have done some research, im sure you have, start a new thread and ask a specific question and list what you have tried and im sure we can help you either troubleshoot or brainstorm a solution to your issue
GL
df
|
the quieter you become, the more you are able to hear
|
|
|
4:19 pm
March 25, 2010
|
madf0x
| | | |
| Active Member | posts 229 |
|
|
"i think nobody here to test their real skills…"
Okay, the people here who would and have tested their real skills dont need an illegal challenge brought here by you, they find it themselves. Sorry but this is literally the same thing Ive heard from skiddies time and time again(and even by friends, which is why I shake my head when they ask to use my home computer…like I havnt setup a keylogger on it or anything -_- shame shame on them lol)
Just everything about this is way too supicious. Honestly I wouldnt be surprised if I were to IM you or something and asking you questions about network hacking and have you totally have no real answer or taking forever to 'think about it' coughgooglecough.
Regardless of skill a whitehat would talk about the law frivourlously like you. You may be a 'professional' but no whitehat, thats for sure. Also if youve come far along enough to be skilled in network hacking you should have the skills to learn how to pull this breach off youreself, OR you should be able to hire someone legally who can. Afterall you ARE the contact of the IT company AND the person preforming the services for said client….right? Not to mention why would you agree to testing the website when you have no knowledge of doing so? On top of that NO company EVER makes defacement the proof of breach, its bad for business. Theyd like something quiter, just basic enough proof to show they are vulnerable and perhaps how to fix it.
Either you and this company are completely bogus or you are impersonating this person. Perhaps I should give em a call?
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
|
9:44 pm
March 25, 2010
|
ZCooL
| | Darjeeling, India | |
| Member | posts 52 |
|
|
amiyabsb said:
anyway no use arguing bcoz hacker should take on the challenge… i think nobody here to test their real skills….
okay so lets get this done, signup in http://securityoverride.com and lets see how far you go with the challenges, lets get this equation solved……
YOU A WHITEHAT HACKER!!!
LOL!
My silence says it all…………..
|
My site- http://tech707.co.ccnMy Blog- http://mhsrocks.co.cc/category/blog/
|
|
|
6:00 am
March 26, 2010
|
Teddy
| | EU | |
| Elite Member | posts 267 |
|
|
ZCooL said:
amiyabsb said:
anyway no use arguing bcoz hacker should take on the challenge… i think nobody here to test their real skills….
okay so lets get this done, signup in http://securityoverride.com and lets see how far you go with the challenges, lets get this equation solved……
YOU A WHITEHAT HACKER!!!
LOL!
My silence says it all…………..
http://www.enigmagroup.org/for…../index.php is also a good place to practise your skills 
|
With great power comes great responsibility. Have a look at this webpage: securityoverride.com
|
|
|
6:48 am
March 26, 2010
|
ZCooL
| | Darjeeling, India | |
| Member | posts 52 |
|
|
|
|
My site- http://tech707.co.ccnMy Blog- http://mhsrocks.co.cc/category/blog/
|
|
Login 
Register 
Search 
Forum
Print this Post 
Topic RSS 
