Search
Search titles only
By:
Search titles only
By:
Log in
Register
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Forums
New posts
All threads
Latest threads
New posts
Trending threads
Trending
Search forums
What's new
New posts
New ads
New profile posts
Latest activity
Free Ads
Latest reviews
Search ads
Members
Current visitors
New profile posts
Search profile posts
Contact us
Latest ads
NURSING , CAREGIVER , HOTEL & BEAUTY COURSES
IVA Para Medical Campus
Updated:
Today at 9:24 AM
Handmade Character Soft Toys Peppa Pig Family
anil1961
Updated:
Yesterday at 9:58 PM
Ad icon
Video Content Creator
pramukag
Updated:
Sunday at 6:10 AM
Ad icon
QA Engineer Intern
pramukag
Updated:
Sunday at 6:07 AM
Ad icon
Sell your Land, House on idamata.lk for FREE
sajith.xp.pk
Updated:
Jun 25, 2026
Electronics
Vehicles
Property
Search
Reply to thread
Forums
General
ElaKiri Jokes
2011 A/L result OMG :D
Get the App
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="help4u" data-source="post: 11373198" data-attributes="member: 326991"><p><span style="font-size: 18px"><span style="color: Red">ain kalooooooooo .......</span></span></p><p><span style="font-size: 18px"><span style="color: Red"></span></span></p><p><span style="font-size: 18px"><span style="color: Red"></span></span></p><p><span style="font-size: 18px"><span style="color: Red">joke ekakne ... mawa hire danna epa...</span></span></p><p><span style="font-size: 18px"><span style="color: Red"></span></span></p><p><span style="font-size: 18px"><span style="color: Red"></span></span></p><p><span style="font-size: 18px"><span style="color: Red">elakiri joke ne meka......</span></span></p><p></p><p><img src="/styles/default/xenforo/smilies/default/shocked.gif" class="smilie" loading="lazy" alt=":shocked:" title="Shocked :shocked:" data-shortname=":shocked:" /><img src="/styles/default/xenforo/smilies/default/shocked.gif" class="smilie" loading="lazy" alt=":shocked:" title="Shocked :shocked:" data-shortname=":shocked:" /><img src="/styles/default/xenforo/smilies/default/shocked.gif" class="smilie" loading="lazy" alt=":shocked:" title="Shocked :shocked:" data-shortname=":shocked:" /><img src="/styles/default/xenforo/smilies/default/shocked.gif" class="smilie" loading="lazy" alt=":shocked:" title="Shocked :shocked:" data-shortname=":shocked:" /></p><p></p><p></p><p>WebHacking Basics For All Starters By NPJ</p><p>By @P3X Pr34at0r</p><p>Hello, this is just a short article about webhacking and the basics (mostly tips).</p><p>There’s not much to say, so here I’ll start…</p><p></p><p>1. Check for robots.txt</p><p></p><p>Usually the directory is hxxp://www.targetsite.com/robots.txt</p><p>This can contain plenty of information. Even though not all sites have it.</p><p>robots.txt is used to restrict the Google bot’s access in certain parts of a forum or a website.</p><p>It looks like this:</p><p>User-agent: *</p><p>Disallow: /forum/admin.php</p><p>Disallow: /forum/moderator.php</p><p>Disallow: /forum/include.php</p><p>etc.</p><p></p><p>2. Check if site is vulnerable to SQL injections</p><p></p><p>This can be checked with a simple apostrophe at the end.</p><p>For example, hxxp://www.targetsite.com/news.php?id=1′</p><p>If the page displays an error, then the site is vulnerable.</p><p>You may now proceed on injecting more queries and drawing various information.</p><p></p><p>3. Check for common directories</p><p></p><p>Sometimes site administrators forget to rename the dirs and leave them as default.</p><p>It’s good to check for these directories as they can contain version info and other stuff that helps you determine if the site is vulnerable.</p><p>Common diretories are:</p><p>admin</p><p>admincp</p><p>mod</p><p>modcp</p><p>moderator</p><p>include</p><p>includes</p><p>logs</p><p>tmp</p><p>install</p><p></p><p>4. Port scanning</p><p></p><p>Gathering information about the server can also be useful.</p><p>Ping the site in cmd (you MUST know how to do this, if you don’t, then just leave) and scan the IP (and no, don’t limit the scan to 6000 as usual, f.ex 8080 is a common web port).</p><p>Don’t forget to check the site with nslookup, MaXe’s DNS guides cover this.</p><p>With this information you can figure out if the site has vulnerabilities and stuff.</p><p>Now you can connect with the open port threw telnet. The syntax is telnet IP(or hostname) port. For example, telnet google.com 25.</p><p>For example, if the site has port 25 open, which is the SMTP (Simple mail transfer protocol) we can send emails threw the server.</p><p>Or even better, imagine there’s port 3306 open. That’s the SQL port. Threw this you can access the site’s SQL database.</p><p>Download MySQL or something and try to clear your way in. You can try various combinations, like:</p><p>admin admin</p><p>admin root</p><p>root root</p><p>root admin</p><p>And so on. Though it’s quite possible that you won’t get anywhere guessing, so your best bet would be bruteforcing, dictionary attacks, rainbow tables or whatever can you afford.</p><p></p><p>5. Cookie poisoning</p><p></p><p>Even though most sites nowadays filter this, it wouldn’t hurt to try.</p><p>We will do this…with javascript.</p><p>It’s quite simple. Try this in the address bar.</p><p>javascript:alert(document.cookie);</p><p>In some cases this may spit out your username and password.</p><p>This is the part where you try the famous line…</p><p>javascript:void(document.cookie=”username=’OR’1′=’ 1″); void(document.cookie=”password=’OR’1′=’1″);</p><p>Similar to SQL injection, you guessed it.</p><p></p><p>6. Check if site is vulnerable to XSS</p><p></p><p>XSS and javascript together open up a huge horizon of possibilities and a whole lot of new places to discover.</p><p>Check if the site is vulnerable by typing this in a webform or something.</p><p><script>alert(“NPJ Vulnerable”)</script></p><p>If site is vulnerable, then you will get a popup box saying awdwdadwd (yes this was random).</p></blockquote><p></p>
[QUOTE="help4u, post: 11373198, member: 326991"] [SIZE="5"][COLOR="Red"]ain kalooooooooo ....... joke ekakne ... mawa hire danna epa... elakiri joke ne meka......[/COLOR][/SIZE] :shocked::shocked::shocked::shocked: WebHacking Basics For All Starters By NPJ By @P3X Pr34at0r Hello, this is just a short article about webhacking and the basics (mostly tips). There’s not much to say, so here I’ll start… 1. Check for robots.txt Usually the directory is hxxp://www.targetsite.com/robots.txt This can contain plenty of information. Even though not all sites have it. robots.txt is used to restrict the Google bot’s access in certain parts of a forum or a website. It looks like this: User-agent: * Disallow: /forum/admin.php Disallow: /forum/moderator.php Disallow: /forum/include.php etc. 2. Check if site is vulnerable to SQL injections This can be checked with a simple apostrophe at the end. For example, hxxp://www.targetsite.com/news.php?id=1′ If the page displays an error, then the site is vulnerable. You may now proceed on injecting more queries and drawing various information. 3. Check for common directories Sometimes site administrators forget to rename the dirs and leave them as default. It’s good to check for these directories as they can contain version info and other stuff that helps you determine if the site is vulnerable. Common diretories are: admin admincp mod modcp moderator include includes logs tmp install 4. Port scanning Gathering information about the server can also be useful. Ping the site in cmd (you MUST know how to do this, if you don’t, then just leave) and scan the IP (and no, don’t limit the scan to 6000 as usual, f.ex 8080 is a common web port). Don’t forget to check the site with nslookup, MaXe’s DNS guides cover this. With this information you can figure out if the site has vulnerabilities and stuff. Now you can connect with the open port threw telnet. The syntax is telnet IP(or hostname) port. For example, telnet google.com 25. For example, if the site has port 25 open, which is the SMTP (Simple mail transfer protocol) we can send emails threw the server. Or even better, imagine there’s port 3306 open. That’s the SQL port. Threw this you can access the site’s SQL database. Download MySQL or something and try to clear your way in. You can try various combinations, like: admin admin admin root root root root admin And so on. Though it’s quite possible that you won’t get anywhere guessing, so your best bet would be bruteforcing, dictionary attacks, rainbow tables or whatever can you afford. 5. Cookie poisoning Even though most sites nowadays filter this, it wouldn’t hurt to try. We will do this…with javascript. It’s quite simple. Try this in the address bar. javascript:alert(document.cookie); In some cases this may spit out your username and password. This is the part where you try the famous line… javascript:void(document.cookie=”username=’OR’1′=’ 1″); void(document.cookie=”password=’OR’1′=’1″); Similar to SQL injection, you guessed it. 6. Check if site is vulnerable to XSS XSS and javascript together open up a huge horizon of possibilities and a whole lot of new places to discover. Check if the site is vulnerable by typing this in a webform or something. <script>alert(“NPJ Vulnerable”)</script> If site is vulnerable, then you will get a popup box saying awdwdadwd (yes this was random). [/QUOTE]
Insert quotes…
Verification
Hath warak paha keeyada? (hatha wadikireema paha)
Post reply
Top
Bottom