Filename | LFİ SCANNER - Hacking Tools 2012 |
Permission | rw-r--r-- |
Author | Admin |
Date and Time | 21.34 |
Label | Hacking| Tools |
Action |
Link Download:
http://www.multiupload.nl/ZKR72DB85C
Boebefa
Official Blog
|
Hack'n Roll Injection Tutorials
> / kaMtiEz / Hmei7 / Jundab / k4L0ng666 / Dr.Cruzz / s13doeL / Boebefa / |
|
name | author | perms | com | modified | label |
LFİ SCANNER - Hacking Tools 2012 | Admin | rwxr-xr-x | 0 | 21.34 | Hacking | Tools |
Filename | LFİ SCANNER - Hacking Tools 2012 |
Permission | rw-r--r-- |
Author | Admin |
Date and Time | 21.34 |
Label | Hacking| Tools |
Action |
[ joomla ] Sql Injection | Admin | rwxr-xr-x | 0 | 21.31 | Bugs | Hack | Hacking | Xploiter |
Filename | [ joomla ] Sql Injection |
Permission | rw-r--r-- |
Author | Admin |
Date and Time | 21.31 |
Label | Bugs| Hack| Hacking| Xploiter |
Action |
My Awesome Weapon - 404 ShellCode | Admin | rwxr-xr-x | 0 | 21.03 | Hacking | ShellCode | ShellScript | Tutorials |
Filename | My Awesome Weapon - 404 ShellCode |
Permission | rw-r--r-- |
Author | Admin |
Date and Time | 21.03 |
Label | Hacking| ShellCode| ShellScript| Tutorials |
Action |
HAcks WHMCS 5.2.8 Vulnerability | Admin | rwxr-xr-x | 0 | 20.30 | Bugs | Hack | WHMCS |
Filename | HAcks WHMCS 5.2.8 Vulnerability |
Permission | rw-r--r-- |
Author | Admin |
Date and Time | 20.30 |
Label | Bugs| Hack| WHMCS |
Action |
<?php function select_query($table, $fields, $where, $orderby = '', $orderbyorder = '', $limit = '', $innerjoin = '') { global $CONFIG; global $query_count; global $mysql_errors; global $whmcsmysql; if (!$fields) { $fields = '*'; } $query = 'SELECT ' . $fields . ' FROM ' . db_make_safe_field($table); if ($innerjoin) { $query .= ' INNER JOIN ' . db_escape_string($innerjoin); } if ($where) { if (is_array($where)) { $criteria = array(); foreach ($where as $origkey => $value) { $key = db_make_safe_field($origkey); if (is_array($value)) { if ($key == 'default') { $key = '`default`'; } if ($value['sqltype'] == 'LIKE') { $criteria[] = $key . ' LIKE \'%' . db_escape_string($value['value']) . '%\''; continue; } if ($value['sqltype'] == 'NEQ') { $criteria[] = $key . '!=\'' . db_escape_string($value['value']) . '\''; continue; } if ($value['sqltype'] == '>') { $criteria[] = $key . '>' . db_escape_string($value['value']); continue; } if ($value['sqltype'] == '<') { $criteria[] = $key . '<' . db_escape_string($value['value']); continue; } if ($value['sqltype'] == '<=') { $criteria[] = $origkey . '<=' . db_escape_string($value['value']); continue; } if ($value['sqltype'] == '>=') { $criteria[] = $origkey . '>=' . db_escape_string($value['value']); continue; } if ($value['sqltype'] == 'TABLEJOIN') { $criteria[] = $key . '=' . db_escape_string($value['value']); continue; } if ($value['sqltype'] == 'IN') { $criteria[] = $key . ' IN (\'' . implode('\',\'', db_escape_array($value['values'])) . '\')'; continue; } continue; } [...] ?>
This is their special select_query() function that gets used
whenever they need to do a MySQL SELECT. The funny thing is that we can
manipulate the GET/POST variables and end up with something like $key = array('sqltype' => 'TABLEJOIN', 'value' = '[SQLI]');
Jayalah Indonesiaku © 2010 Hack'n Roll Injection Tutorials
VB (Vio b374k) Template Redesign by s13doeL