Pages

Thursday, 24 October 2013


inurl:index.of.password
Directory listing contains password file(s)?

intitle:"Index of" service.pwd
Directory listing contains service.pwd file(s)

intitle:"Index of" view-source
Directory listing contains view-source file(s)

intitle:"Index of" admin
Direcory listing contains administrative files or directories

intitle:"Index of" .htpasswd
Directory listing contains .htpasswd file!

intitle:"Index of" log.txt
Directory listing contians log text files

intitle:"Index of" stats.html
Directory listing contains stats.html which may contain useful web server statistics

"access denied for user" "using password"
Web page contains error message which might provide useful application information

"A syntax error has occurred" filetype:ihtml
Web page contains error message which might provide useful application information

"ORA-00921: unexpected end of SQL command"
Web page contains error message which might provide useful application information

inurl:passlist.txt
The passlist.txt file may contain user passwords

"Index of /backup"
Directory may contain sensitive backup files

intitle:"Index of" .bash_history
Directory listing contains bash history information

intitle:"Index of" index.html.bak
Directory listing contains backup index file (index.html.bak)

intitle:"Index of" index.php.bak
Directory listing contains backup index file (index.html.bak)

intitle:"Index of" guestbook.cgi
Directory listing contains backup index file (index.html.bak)

intitle"Test Page for Apache"
Default test page for Apache

intitle:index.of.etc
Directory listing of /etc ?

filetype:xls username password
XLS spreadseet containing usernames and passwords?

"This file was generated by Nessus"
Nessus report!

intitle:"Index of" secring.bak
Secret key file

intitle:"Terminal Services Web Connection"
Access terminal services!

intitle:"Remote Desktop Web Connection"
Access Remote Desktop!

intitle:"Index of" access_log
Directory listing contains access_log file which may store sensitive information

intitle:"Index of" finance.xls
Directory listing contains finance.xls which may contain sensitive information

intitle:"Usage Statistics for"
Statistical information may contain sensitive data

intitle:"Index of" WSFTP.LOG
WSFTP.LOG file contains information about FTP transactions

intitle:"Index of" ws_ftp.ini
The ws_ftp.ini file may contain usernames and passwords of FTP users

"not for distribution" confidential
URL may contain confidential or sensitive information

"phpMyAdmin" "running on" inurl:"main.php"
phpMyAdmin allows remote mysql database administration

"#mysql dump" filetype:sql
mysql database dumps

"This summary was generated by wwwstat"
Database statistics

"Host Vulnerability Summary Report"
Vulnerability report!

"Network Vulnerability Assessment Report"
Vulnerability report!

inurl:php.ini filetype:ini
The php.ini file may contain sensitive PHP environment details.

BEGIN (CERTIFICATE|DSA|RSA) filetype:key
Private key(s)!

BEGIN (CERTIFICATE|DSA|RSA) filetype:csr
Private key(s)!

BEGIN (CERTIFICATE|DSA|RSA) filetype:crt
Private key(s)!

intitle:"Index of" passwd passwd.bak
passwd file!

intitle:"Index of" master.passwd
master.passwd file!

intitle:"Index of" pwd.db
pwd.db file may contain password information

intitle:"Index of..etc" passwd
passwd file!

filetype:cfg ks intext:rootpw -sample -test -howto
This file may contain the root password (encrypted)

intitle:"index.of.personal"
Directory may contain sensitive information

intitle:"Index of" login.jsp
The login.jsp file may contain database username or password information

intitle:"Index of" logfile
Directory may contain sensitive log files

filetype:php inurl:"viewfile" -"index.php" -"idfil
File may contain PHP source code

allinurl:intranet admin
Page may contain sensitive information

"supplied argument is not a valid MySQL result resource"
mysql error message may reveal sensitive information

"Error Diagnostic Information" intitle:"Error Occurred While"
Error message may reveal sensitive information

HTTP_USER_AGENT=Googlebot
Posted by at 1 comment:

Collection Of Shortcut Keys For Windows 8 !!!

Collection Of Shortcut Keys For Windows 8 !!!
1) Windows key : Access the Start screen
2) Windows+D : Access the Desktop.
3) Windows+C : Show the Charms.
4) Windows+Q (or just start typing when you are
on the Start menu) : Search
5) Windows+H : Share
6) Windows+K : Start Windows Devices
7) Windows+I : Settings
Tip: When you’re ready to shut down your
computer, use Windows+I and then click or tap the
Power button, found on the bottom right.
Windows+Z : Show the App Bar while in any app.
9) Windows+Tab or Alt+Tab : Cycle through open
apps.
10) Zoom in and out : Ctrl+- to zoom out and Ctrl+
+ to zoom in
11) Windows+period : Snap an app to one side of
the screen : .
Tip: You’ll find that many of the traditional
shortcuts you’ve always used still exist, such as
Windows+L to lock and Windows+P to project to
another display.
12) Start Screen : Windows Key
13) Right Shift key : If you press it for eight
seconds, it turns on Filter Keys. If you press it five
times in a row, it turns on Sticky Keys.
14) Ctrl+mouse wheel : When used on the desktop,
it changes the size of your desktop icons. When
used on the Start screen, it zooms in and out.
15) Ctrl+A : Select all.
16) Win+C : Open the charms.
17) Ctrl+C : Copy.
18) Win+D : Show the desktop.
19) Alt +D : Select the address bar in Internet
Explorer.
20) Ctrl+Alt +D : Enable the Docked mode in the
Magnifier tool.
21) Win+E : Open File Explorer.
22) Ctrl+E : Select the search box in File Explorer.
23) Win+F : Show Files in the Search charm.
24) Win+Ctrl+F : Open the Find Computers window,
which can find computers on a network (used
mostly in business networks).
25) Win+G : Cycle through desktop gadgets.
26) Win+H : Open the Share charm.
27) Win+I : Open the Settings charm.
28) Ctrl+Alt +I : Invert colors in the Magnifier tool.
29) Win+J : Switch the focus between snapped
apps and larger apps.
30) Win+K : Open the Devices charm.
31) Win+L : Lock the computer and display the
Lock screen.
32) Ctrl+Alt +L : Enable Lens mode in the Magnifier
tool.
33) Win+M : Minimize all the windows on the
desktop.
34) Ctrl+N : Open a new File Explorer window.
35) Ctrl+Shift +N : Create a new folder in File
Explorer.
36) Win+O : Change the Lock screen orientation.
37) Win+P : Open the project options for a second
screen.
38) Win+Q : Open the Search charm.
39) Win+R : Open the Run window.
40) Ctrl+R : Refresh.
41) Win+T : Set the focus on the taskbar and cycle
through the running desktop apps.
42) Win+U : Launch the Ease of Access Center.
43) Win+V : Cycle through notifications.
44) Win+Shift +V : Cycle through notifications in
backward order.
45) Ctrl+V : Paste.
46) Win+W : Open Settings in the search charm.
47) Ctrl+W : Close the current window. It works
only in desktop apps.
48) Win+X : Open the hidden system menu.
49) Ctrl+X : Cut.
50) Ctrl+Y : Redo.
Posted by at 1 comment:

Wednesday, 23 October 2013

Error Codes

100 Continue
101 Switching Protocols
200 OK Action completed successfully
201 Created Success following a POST command
202 Accepted The request has been accepted for processing, but the processing has not been completed.
203 Partial Information Response to a GET command, indicates that the returned meta information is from a private overlaid web.
204 No Content Server has received the request but there is no information to send back.
205 Reset Content
206 Partial Content The requested file was partially sent. Usually caused by stopping or refreshing a web page.
300 Multiple Choices
301 Moved Permanently Requested a directory instead of a specific file. The web server added the filename index.html, index.htm, home.html, or home.htm to the URL.
302 Moved Temporarily
303 See Other
304 Not Modified The cached version of the requested file is the same as the file to be sent.
305 Use Proxy
400 Bad Request The request had bad syntax or was impossible to be satisified.
401 Unauthorized User failed to provide a valid user name / password required for access to file / directory.
402 Payment Required
403 Forbidden The request does not specify the file name. Or the directory or the file does not have the permission that allows the pages to be viewed from the web.
404 Not Found The requested file was not found.
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Time-Out
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URL Too Large
415 Unsupported Media Type
500 Server Error In most cases, this error is a result of a problem with the code or program you are calling rather than with the web server itself.
501 Not Implemented The server does not support the facility required.
502 Bad Gateway
503 Out of Resources The server cannot process the request due to a system overload. This should be a temporary condition.
504 Gateway Time-Out The service did not respond within the time frame that the gateway was willing to wait.
505 HTTP Version not supported
Posted by at No comments:
Links to this post
Reactions: 

HOW TO PROTECT UR SITE FROM SQLi

This is simple tutorial for beginners on

how to protect your site against SQL Injection and this

tutorial will also help you check if your site is vulnerable

to SQLi and how to make it resistant to SQLi.

What is SQL Injection?

SQL stands for Structured Query Language, and it is the language used by most website databases. SQL Injection is a technique used by hackers to add their own SQL to your site’s SQL to gain access to confidential information or to change or delete the data that keeps your website running. I’m going to talk about just one form of SQL Injection attack that allows a hacker to log in as an administrator – even if he doesn’t know the password.

Is your site vulnerable?

If your website has a login form for an administrator to log in, go to your site now, in the username field type the administrator user name.

In the password field, type or paste this:

x’ or ‘a’ = ‘a

If the website didn’t let you log in using this string you can relax a bit; this article probably doesn’t apply to you. However you might like to try this alternative:

x’ or 1=1–

Or you could try pasting either or both of the above strings into both the login and password field. Or if you are familiar with SQL you could try a few other variations. A hacker who really wants to get access to your site will try many variations before he gives up.

If you were able to log in using any of these methods then get your web tech to read this article, and to read up all the other methods of SQL Injection. The hackers and “skript kiddies” know all this stuff; your web techs need to know it too.

If you were able to log in, then the code which generates the SQL for the login looks something like this:

$sql =

“SELECT * FROM users

“WHERE username = ‘” . $username .

“‘ AND password = ‘” . $password . “‘”;

When you log in normally, let’s say using userid admin and password secret, what happens is the admin is put in place of $username and secret is put in place of $password. The SQL that is generated then looks like this:

SELECT * FROM users WHERE username = ‘admin’ and PASSWORD = ‘secret’

But when you enter x’ or ‘a’ = ‘a as the password, the SQL which is generated looks like this:

SELECT * FROM users WHERE username = ‘admin’ and PASSWORD = ‘x’ or ‘a’ = ‘a’

Notice that the string: x’ or ‘a’ = ‘a has injected an extra phrase into the WHERE clause: or ‘a’ = ‘a’ . This means that the WHERE is always true, and so this query will return a row contain the user’s details.

If there is only a single user defined in the database, then that user’s details will always be returned and the system will allow you to log in. If you have multiple users, then one of those users will be returned at random.

How to resist against SQLi

Fixing this security loophole is not so difficult. There are several ways to do it. If you are using MySQL,, the simplest method is to escape the username and password, using the mysql_escape_string() or mysql_real_escape_string() functions, e.g.:

$userid = mysql_real_escape_string($userid);

$password = mysql_real_escape_string($password);

$sql =

“SELECT * FROM users

“WHERE username = ‘” . $username .

“‘ AND password = ‘” . $password . “‘”;

Now when the SQL is built, it will come out as:

SELECT * FROM users WHERE username = ‘admin’ and PASSWORD = ‘x\’ or \’a\’ = \’a’

Those backslashes ( \ ) make the database treat the quote as a normal character

rather than as a delimiter, so the database no longer interprets the SQL as having an OR in the WHERE clause.

This is just a simplistic example. In practice you will do a bit more than this as there are many variations on this attack. For example, you might structure the SQL differently, fetch the user using the user name only and then check manually that the password matches or make sure you always use bind variables (the best defence against SQL injection and strongly recommended!). And you should always escape all incoming data using the appropriate functions from whatever language your website is written in – not just data that is being used for login
Posted by at No comments:

Sunday, 11 August 2013

Proxies for free surfing on some Ugandan Networks

11TH AUGUST 2013
 
Hello Ugandans and the entire world,
In this post, i am giving  you  tricks to surf for free on some Ugandan network s e.g. orange. what you need is not much but a modem with zero shillings or less credit  and a web browser more preferably Mozilla Firefox or flock.
proxies
antitrace.com
interrobangpath.org
unblock-fb.info
66.135.50.150
home page = orange.ug
port 80
try to  enjoy unlimited downloads and amazing speed.
Posted by at No comments:
HOW TO UNLOCK A DOUBLE LINE

Unlock the Daboline / ZTE G S213 Line in two minutes

11TH AUGUST 2013 Dear fellow Ugandans, let me first say hallo to everyone in the might name of Jesus Christ. I am making this posting because we are really enslaved by our money. Always Networks in Uganda bring phones on promotion and lock the on their network(s), this makes people to be on those networks not because they like the network but because they like the phone.
The solution is here for ZTE G S213/-G S308. Follow these simple steps
 
1. Get the phones’ IMEI by typing *#06# or open the phone and look under the battery the IMEI is that 15 character code you see written.
 
2. Go to http://www.wintechmobiles.com/tools/zte-unlock-code-calculator/ and enter your IMEI and u will get 2 other codes a NCK Code and a SPCK/SP Code .
 
3. Remove both SIM cards and start your phone then enter the following code *983*8284#
 
4. The phone will ask you for the password; enter the NCK code u obtained. After all it will display a message code accepted and then the phone will be unlocked.
NB don’t learn to be malicious users.

such phones


ANYTHING SIMILAR TO THAT

such phones



Posted by at No comments:

How to Fix egatecoins.dll error manually

Generally speaking, if you are not a computer professional who knows a lot about the computer system, manually fixing the error problem on your computer will be a long way to go, for that you should consider all of possible causes for this error problem and try all of the possible solutions one by one.


One - update your Windows system
Outdated Windows system is often the case to affect the effective performance of those applications and files, and make some functions and services cannot be used smoothly on the computer. So you should go to check whether there has been a newer update version of the Windows system available online, and install it on your computer if there is.

Two - Uninstall the newly installed program on your computer system
The egatecoins.dll error problem often occurs when you newly install a program on your computer, the common reason for your computer encountering this error issue after the installation is there are some component of the program are incompatible with the file on your computer system, so it may delete or modify the file with other features, when you try to activate the associated program, the computer system will not be able to detect and read the file successfully. To solve this problem, you should uninstall the program from your computer and reinstall the one which is more compatible with your computer system.
Guides to uninstall a program:
  • Step one - click on "Start", and "Programs", "Control Panel", and then "Add/Remove programs"
  • Step two - it will display a program list, find and locate the program you want to uninstall
  • Step three - click on the uninstall button
  • Step four - delete its install folder if it is still on your computer
  • Step five - check and remove all of its associated registry entries on the Registry Editor
  • Step six - reboot your computer system
Three - Delete or reinstall the file on your computer
Delete the file on your computer system
If the file is not indispensable on for your computer, you can disable or delete the file on your computer.
  • Start Registry Editor by clicking the Start button, typing regedit in the Search box, and pressing Enter.
  • Open the HKEY_LOCAL_MACHINE folder ==> "Software" folder ==> "Microsoft" folder==> "Windows" folder ==> "Currentversion" folder.
  • Click on the Run folder ==> Click on the egatecoins.dll file.
  • Delete the file by pressing Delete egatecoins.dll key
Reinstall the file on your PC
If the file is very necessary on your computer system, you should replace the file with a new one on the original location, and please remember the new file should be compatible with your computer system and locate on the default location, otherwise the problem would not be fixed.


Download: egatecoins.dll File Repair Tool

Tested Adware & Spyware Free by McAfee

How to do if the error still persists

In a normal way, the Windows registry is a weak link in the operating system' s stability and robustness. It's extremely easy to damage, but very difficult to repair. And unless you are skillful and professional enough to make your own backup copy, and easily to replace it if it is damaged unexpectedly, it is not necessary to manually fix egatecoins.dll error on your own
To easily and safely fix egatecoins.dll errors, a good registry error cleaner such as MAX Optimizer will automatically fix the root cause this error.
  • Step1: Free Download egatecoins.dll Repair Tool.
  • Step2: Follow the on-screen instructions to install the program with ease.
  • Step3: Click Scan button to diagnose the error on your computer.
  • Step4: Click Repair button to fix egatecoins.dll error and other detected errors in seconds.

Download: egatecoins.dll File Repair Tool

Tested Adware & Spyware Free by McAfee

How to prevent this error

Many egatecoins.dll errors can be avoided if you take some necessary steps to prevent the annoying egatecoins.dll error messages or serious computer problems on computer daily using. It saves time and it is easy to accomplish. To prevent egatecoins.dll problems, you'd better regularly perform a registry scan to identify ambiguous entries and repair them.

Moreover, it also generates a customized check to look only at egatecoins.dll-related errors and delete them. Whenever the error appears, keep the file or program that states the file is having issues up-to-date will take effective measures to minimize the damage of the problems.

Notice: Frequent egatecoins.dll errors take your PC toward lots of PC hassles. To stay away from these troublesome egatecoins.dll errors, you must be very careful while installing and uninstalling applications. If any leftovers and unnecessary entries are left behind and stop a program from running, you must first check if the egatecoins.dll file is being used by the wrong applications and directly delete it. Finally, use a reliable and professional registry optimizer to perform regular registry scans is the best way to remove any egatecoins.dll errors out of your computer.
To sum up, system error is a common problem for many computers, in order to maintain the good performance of computer system, developing a good habit of computer use and installing a registry error fix tool are both indispensable measures you should conduct, otherwise, you will occasionally be avoid by those errors as troublesome as egatecoins.dll error, the efficiency of using the computer for work, the stability of computer system performance, and computer security are all serious affected by these errors.

Download: egatecoins.dll File Repair Tool

Posted by at 2 comments:
Subscribe to: Posts (Atom)
Blogger Tricks