Saturday, August 28, 2010

SQL Commands (usefull for injection)

SQL Commands (usefull for injection) - Submitted By: angle_boy1826 2008-10-05 00:56:01

NOTE: I am not responsible for this do this at your own risk .

ABORT -- abort the current transaction
ALTER DATABASE -- change a database
ALTER GROUP -- add users to a group or remove users from a group
ALTER TABLE -- change the definition of a table
ALTER TRIGGER -- change the definition of a trigger
ALTER USER -- change a database user account
ANALYZE -- collect statistics about a database
BEGIN -- start a transaction block
CHECKPOINT -- force a transaction log checkpoint
CLOSE -- close a cursor
CLUSTER -- cluster a table according to an index
COMMENT -- define or change the comment of an object
COMMIT -- commit the current transaction
COPY -- copy data between files and tables
CREATE AGGREGATE -- define a new aggregate function
CREATE CAST -- define a user-defined cast
CREATE CONSTRAINT TRIGGER -- define a new constraint trigger
CREATE CONVERSION -- define a user-defined conversion
CREATE DATABASE -- create a new database
CREATE DOMAIN -- define a new domain
CREATE FUNCTION -- define a new function
CREATE GROUP -- define a new user group
CREATE INDEX -- define a new index
CREATE LANGUAGE -- define a new procedural language
CREATE OPERATOR -- define a new operator
CREATE OPERATOR CLASS -- define a new operator class for indexes
CREATE RULE -- define a new rewrite rule
CREATE SCHEMA -- define a new schema
CREATE SEQUENCE -- define a new sequence generator
CREATE TABLE -- define a new table
CREATE TABLE AS -- create a new table from the results of a query
CREATE TRIGGER -- define a new trigger
CREATE TYPE -- define a new data type
CREATE USER -- define a new database user account
CREATE VIEW -- define a new view
DEALLOCATE -- remove a prepared query
DECLARE -- define a cursor
DELETE -- delete rows of a table
DROP AGGREGATE -- remove a user-defined aggregate function
DROP CAST -- remove a user-defined cast
DROP CONVERSION -- remove a user-defined conversion
DROP DATABASE -- remove a database
DROP DOMAIN -- remove a user-defined domain
DROP FUNCTION -- remove a user-defined function
DROP GROUP -- remove a user group
DROP INDEX -- remove an index
DROP LANGUAGE -- remove a user-defined procedural language
DROP OPERATOR -- remove a user-defined operator
DROP OPERATOR CLASS -- remove a user-defined operator class
DROP RULE -- remove a rewrite rule
DROP SCHEMA -- remove a schema
DROP SEQUENCE -- remove a sequence
DROP TABLE -- remove a table
DROP TRIGGER -- remove a trigger
DROP TYPE -- remove a user-defined data type
DROP USER -- remove a database user account
DROP VIEW -- remove a view
END -- commit the current transaction
EXECUTE -- execute a prepared query
EXPLAIN -- show the execution plan of a statement
FETCH -- retrieve rows from a table using a cursor
GRANT -- define access privileges
INSERT -- create new rows in a table
LISTEN -- listen for a notification
LOAD -- load or reload a shared library file
LOCK -- explicitly lock a table
MOVE -- position a cursor on a specified row of a table
NOTIFY -- generate a notification
PREPARE -- create a prepared query
REINDEX -- rebuild corrupted indexes
RESET -- restore the value of a run-time parameter to a default value
REVOKE -- remove access privileges
ROLLBACK -- abort the current transaction
SELECT -- retrieve rows from a table or view
SELECT INTO -- create a new table from the results of a query
SET -- change a run-time parameter
SET CONSTRAINTS -- set the constraint mode of the current transaction
SET SESSION AUTHORIZATION -- set the session user identifier and the current user identifier of the current session
SET TRANSACTION -- set the characteristics of the current transaction
SHOW -- show the value of a run-time parameter
START TRANSACTION -- start a transaction block
TRUNCATE -- empty a table
UNLISTEN -- stop listening for a notification
UPDATE -- update rows of a table
VACUUM -- garbage-collect and optionally analyze a database

Google Hacking

GGoogle Hacking - Submitted By: Ausome1 2008-08-19 10:54:53



Google hacking sounds interesting is'nt... well most of us are fascinated in hacking, cracking and freaking.. 

Google hacking is not just hacking google (well you need to be smart ) .. these are codes which narrows down your search . 

hope these codes will help you out in one way or the other.

[code]

inurl:index.of.password
Directory listing contains password file(s)?

intitle:"Index of" service.pwd
Directory listing contains service.pwd file(s)

intitle:"Index of" view-source
Directory listing contains view-source file(s)

intitle:"Index of" admin
Direcory listing contains administrative files or directories

intitle:"Index of" .htpasswd
Directory listing contains .htpasswd file!

intitle:"Index of" log.txt
Directory listing contians log text files

intitle:"Index of" stats.html
Directory listing contains stats.html which may contain useful web server statistics

"access denied for user" "using password"
Web page contains error message which might provide useful application information

"A syntax error has occurred" filetype:ihtml
Web page contains error message which might provide useful application information

"ORA-00921: unexpected end of SQL command"
Web page contains error message which might provide useful application information

inurl:passlist.txt
The passlist.txt file may contain user passwords

"Index of /backup"
Directory may contain sensitive backup files

intitle:"Index of" .bash_history
Directory listing contains bash history information

intitle:"Index of" index.html.bak
Directory listing contains backup index file (index.html.bak)

intitle:"Index of" index.php.bak
Directory listing contains backup index file (index.html.bak)

intitle:"Index of" guestbook.cgi
Directory listing contains backup index file (index.html.bak)

intitle"Test Page for Apache"
Default test page for Apache

intitle:index.of.etc
Directory listing of /etc ?

filetype:xls username password
XLS spreadseet containing usernames and passwords?

"This file was generated by Nessus"
Nessus report!

intitle:"Index of" secring.bak
Secret key file

intitle:"Terminal Services Web Connection"
Access terminal services!

intitle:"Remote Desktop Web Connection"
Access Remote Desktop!

intitle:"Index of" access_log
Directory listing contains access_log file which may store sensitive information

intitle:"Index of" finance.xls
Directory listing contains finance.xls which may contain sensitive information

intitle:"Usage Statistics for"
Statistical information may contain sensitive data

intitle:"Index of" WSFTP.LOG
WSFTP.LOG file contains information about FTP transactions

intitle:"Index of" ws_ftp.ini
The ws_ftp.ini file may contain usernames and passwords of FTP users

"not for distribution" confidential
URL may contain confidential or sensitive information

"phpMyAdmin" "running on" inurl:"main.php"
phpMyAdmin allows remote mysql database administration

"#mysql dump" filetype:sql
mysql database dumps

"This summary was generated by wwwstat"
Database statistics

"Host Vulnerability Summary Report"
Vulnerability report!

"Network Vulnerability Assessment Report"
Vulnerability report!

inurl:php.ini filetype:ini
The php.ini file may contain sensitive PHP environment details.

BEGIN (CERTIFICATE|DSA|RSA) filetype:key
Private key(s)!

BEGIN (CERTIFICATE|DSA|RSA) filetype:csr
Private key(s)!

BEGIN (CERTIFICATE|DSA|RSA) filetype:crt
Private key(s)!

intitle:"Index of" passwd passwd.bak
passwd file!

intitle:"Index of" master.passwd
master.passwd file!

intitle:"Index of" pwd.db
pwd.db file may contain password information

intitle:"Index of..etc" passwd
passwd file!

filetype:cfg ks intext:rootpw -sample -test -howto
This file may contain the root password (encrypted)

intitle:"index.of.personal"
Directory may contain sensitive information

intitle:"Index of" login.jsp
The login.jsp file may contain database username or password information

intitle:"Index of" logfile
Directory may contain sensitive log files

filetype:php inurl:"viewfile" -"index.php" -"idfil
File may contain PHP source code

allinurl:intranet admin
Page may contain sensitive information

"supplied argument is not a valid MySQL result resource"
mysql error message may reveal sensitive information

"Error Diagnostic Information" intitle:"Error Occurred While"
Error message may reveal sensitive information

HTTP_USER_AGENT=Googlebot
Page may contain sensitive environment details

[/code]

Sunday, August 22, 2010

Go

You must be wondering why have i used the title "Go".

For starters Go is a programming Language developed by google fairly easy to understand and to implement.

The best part of this is it is open source , that is the beauty of it.

So with out further due.. lets proceed and give you a taste of Go

_

Go! is an agent-based programming language in the tradition of logic-based programming languages like Prolog. It was introduced in a 2003 paper by Francis McCabe and Keith Clark.




Upon the November 2009 release of Google's Go programming language (note lack of exclamation point), McCabe asked Google to change the name of their language and accused the company of "steam-rolling over us". The issue received attention among technology news websites, with some of them characterizing Go! as "obscure".

Design

The authors of Go! describe it as "a multi-paradigm programming language that is oriented to the needs of programming secure, production quality, agent based applications. It is multi-threaded, strongly typed and higher order (in the functional programming sense). It has relation, function and action procedure definitions. Threads execute action procedures, calling functions and querying relations as need be. Threads in different agents communicate and coordinate using asynchronous messages. Threads within the same agent can also use shared dynamic relations acting as Linda-style tuple stores."


The authors also propose that the language is suitable for representing ontologies due to its integration of logic, functional, object-oriented and imperative styles of programming.

If you want references please let me know..

Books : Lets Go! textbook by Francis McCabe

D Prg

Lets talk about D-programming

Note: I have taken most of the document from other sources and dumped it here for easy reading

The D programming language, also known simply as D, is an object-oriented, imperative, multi-paradigm system programming language designed by Walter Bright of Digital Mars. It originated as a re-engineering of C++, but even though it is predominantly influenced by that language, it is not a variant of C++. D has redesigned some C++ features and has been influenced by concepts used in other programming languages, such as Java, C#, and Eiffel.

Features

D is being designed with lessons learned from practical C++ usage rather than from a theoretical perspective. Even though it uses many C/C++ concepts it also discards some, and as such is not compatible with C/C++ source code. It adds to the functionality of C++ by also implementing design by contract, unit testing, true modules, garbage collection, first class arrays, associative arrays, dynamic arrays, array slicing, nested functions, inner classes, closures, anonymous functions, compile time function execution, lazy evaluation and has a reengineered template syntax. D retains C++'s ability to do low-level coding, and adds to it with support for an integrated inline assembler. C++ multiple inheritance is replaced by Java style single inheritance with interfaces and mixins. D's declaration, statement and expression syntax closely matches that of C++.




The inline assembler typifies the differences between D and application languages like Java and C#. An inline assembler lets programmers enter machine-specific assembly code within standard D code—a technique often used by system programmers to access the low-level features of the processor needed to run programs that interface directly with the underlying hardware, such as operating systems and device drivers.



D has built-in support for documentation comments, allowing automatic documentation generation.

Programming paradigms


D supports three main programming paradigms—imperative, object-oriented, and metaprogramming.

Imperative


Imperative programming in D is almost identical to C. Functions, data, statements, declarations and expressions work just as in C, and the C runtime library can be accessed directly. Some notable differences between D and C in the area of imperative programming include D's foreach loop construct, which allows looping over a collection, and nested functions, which are functions that are declared inside of another and may access the enclosing function's local variables.

Object oriented


Object oriented programming in D is based on a single inheritance hierarchy, with all classes derived from class Object. D does not support multiple inheritance; instead, it uses Java-style interfaces, which are comparable to C++ pure abstract classes, and mixins, which allow separating common functionality out of the inheritance hierarchy. Additionally, D 2.0 allows declaring static and final (non-virtual) methods in interfaces

Versions

The D programming language exists in two versions: 1.0 and 2.0. D 1.0 became stable with the release of D 2.0, on June 17, 2007, and further additions to the language have since been added to 2.0. The release of Andrei Alexandrescu's book The D Programming Language on June 12, 2010 marked the stabilization of D 2.0.

Note: The Author for D is Andrei .. ...

He has written various books on C++ also

If you would like to learn D programming please check the following website..

If you ask me I would say basic understanding of C/C++ is very important..

site : D-programming

Happy Reading.

Intro

This blog is soley to the ones who are invited.....

here you would find out opensource, linux , windows arch and other things..

you also find tools and other goodies..

and if you are looking out for softwares..

then you would have to log onto my site..

Sudlo

or If you have enough of time and patience.. please use torrents sensibly ...... or if you know how to tweak .. nothing like that..

I guarrantee that which ever softwares you find on my site.. it works and if you find any virus.. please let me know..

Note: This is very important.. wht ever information you get here are either from underground blogs, sites .which i have got invitation and this is just to know only .. If you wanna try it please be my guest but try it at your own risk ..

Regards

Sudeep