Blog
October 15, 2015
[Without Quotes] String Based SQL Injection
Today, I'm going to discuss a special case of string based SQL injection where you can perform the injection without the use of quotes. You heard it right, absolutely no quotes at all in string based injections. This may come in handy if the quotes are blocked.
ReadSeptember 29, 2015
[PHP][C++] Root Exploiter (Part 2) – No Back-Connect
This post has the same goals as of the previous one i.e. to get root access on the target machine with just a PHP interface and no back-connect or reverse connection. So, if you haven't already, read the part 1 of this post here [PHP][Python] Root Exploiter – No Back-Connect.
ReadSeptember 23, 2015
[PHP][Python] Root Exploiter – No Back-Connect
Have you ever had any of the following issues? Shell access to a vulnerable (Rootable) server with a known root exploit but no reverse or back connection. Shell access to a server and you know the root login credentials but no SSH or any other means
ReadAugust 26, 2015
[Python] Making Your Own Google Scraper & Mass Exploiter
In this Step by Step Tutorial, I'll show you how to make your own Google Scraper (Dork Scanner) and Mass Vulnerability Scanner / Exploiter in Python. Why Python? .. Because Why not ? Simplicity Efficiency Extensibility Cross-Platform Runability Best Community.
ReadAugust 19, 2015
Acid Server 1 – Solution Walk-through
I love to solve CTF challenges. Even though, most of the time these challenges are far from the actual real world scenarios but still I really enjoy them. These are like Games & Scavenger Hunts where at the end, You get to see a (very cool) Flag.
Read