35 lakh rupees waiting for you even a little knowledge of hacking is there

If you too have a fondness for hacking, you know about coding, then 35 lakh rupees are waiting for you. Sony, the leading electronic company, has announced the bug bounty program for the gaming console PlayStation. Under this program, gamers or any common man may be entitled to this award by removing bugs in the PlayStation 4 and PlayStation Network. Earlier, Sony's PlayStation bug bounty program used to be private, but this year for the first time the company has announced to make it public. hacker101




Announcing this bug bounty program, Sony wrote in its blog, 'It is a fundamental part of our product security that gives a great experience to our community. To strengthen the security, we attach great importance to the research community. We are excited to announce the new bug bounty program. hackerone



The company has partnered with HackerOne for this and under this program, work is going on to find flaws in PS4 system, operating system, accessories and PlayStation network. It must be mentioned here that PS3 and PS2 are not part of this program. Bug Bounty Program








Sony has divided the prize money of Bug Bounty into four parts, which include Critical, High Severity, Medium Severity and Low Severity. For finding Critical Bugs in PlayStation 4, you will get 50,000 dollars i.e. about 38 lakh rupees, while searching for High, Medium and Low Severity bugs will get 10,000 dollars i.e. about 7.5 lakh rupees, 2,500 dollars i.e. two lakh rupees and 500 dollars i.e. about 38,000 rupees respectively. Bug crowd





Talking about the PlayStation Network (PSN), if you find a critical bug in it, then you will get 3,000 dollars i.e. about 2.5 lakh rupees, while on searching for high, medium and low severity bugs, 1,000 dollars i.e. about 75,500 rupees, 400 dollars i.e. 30,000 rupees respectively. 100 dollars i.e. about 7,500 rupees.



I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

Background Concept About Cross Site Scripting ( XSS ) With Examples

Now we are going to talk about XSS cross site scripting. XSS Vulnerabilities are among the most wide spread wab application vulnerabilities on the internet. 


Cross-site-scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicous code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur antwhere a web application uses input from a user within the output  it generates without validating or encoding it. Background concept about cross site scripting with examples



An attacker can use XSS to send a malicious script to an unsuspecting user. The end user's browsers has no way to kmow that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens or, other sensitive information retined by the browser and used with that site. cross site scripting with examples



It's refer to client side injection attack where an attacker can execute malicious scripts into a legitimate website or web application.  By leavrging a cross site scipting, an attacker doesn't target the victim directly instead an attacker would exploit a vulnerability within a web applications or websites that the victim would visit essentially using the vulnerable website as a vehicle the deliver the malcious script to the victim's browser. basicallly we will use a website to deliver our payloads to the victime, when victim visit into that they paylaod are will executed and the payload will to our job, payload can be malicious, payload can be simple whatever. xss examples

Let's talk about impact of XSS

1) Cookie theft
2) Keylogging
3) Phishing
4) URL Redirection



cross site scripting can be used to a part of URL redirection. Cookies stealing, Keylogging, Phishing etc.


so, in order to run our javascript malicious script in a victim's browser, an attacker must first find a way to inject a payload into web page. That's the victim visit. 


for exploitation, attacker can used social engineering way such as email, click jacking to manipulate user for executation to our payload.

Let's talk about the Types of XSS...

Mainly cross site scriptings are parts of three types :-


1) Reflected XSS
2) Stored XSS
3) DOM-based XSS




Reflected XSS or  Stored XSS 

It's a most common types of Cross site scripting, attacker payload script has to be part of the request which is send to the website an reflect back in such as a way that the HTTP response includes that the payload.

so, basically reflected cross site scripting are required client site interaction, if user will visit that the vulnerable web page and server will deliver our paylaod to the users browse here, then user stored this but server want any payload,we will deliver our paylaod to the client browser and if client visiting that then there's a client side attacks. sql injection cheatsheet




DOM Based XSS :-

it's a advance type of cross site scripting attack, which be made possibly when the web application client site scripting writes user provides a data into a document objects model. The Most dangerous parts of this attack is client side attacks. how to prevent from sql injection


In the attacker's payload is never sent to the server, this makes it will more to detect web application firewall and security engineers.


so basically let's take example of Reflected, stored and DOM through practially,




This is a website testphp.vulnweb.com


So we will type something in the search box like Hello or HackingTruth.in and hit go button...









so it's a reflected but not stored, it's not storing..
so there may be reflected cross site scripting.



Now. let's click on the signup option and you can try withlogin based application and if i will give a any text like kumaratuljaiswal.in

DOM XSS

if i will give any parameter like hello

paramter=hello


<script></script>


and just executing to the user's context, nor the server side to the sever application, then there may be DOM based...

Example this

prompt.mI/O


this is not sending to the server there are executing to the our context, if i will give anypayload there and it will execute then this is called DOM based scripting. cross site scripting how to prevent


see this








so just only executing on the user's script, nor the server side  nor to the client side.

How to Hunt for XSS ?

• Find a Input parameter, Give any input there and not senitizer then If your input reflect or stored any where there may be XSS.

• Try to execute any javascript code there, if you succeed to execute any javascript then there is a XSS

• Exploitation of XSS.

you'll find a input parameter then give input there , if your input reflect or stored anywhere there may be cross site scripting. cross site scripting example



XSS Cheatsheet Here :- Click Here 



I hope its clear to about The Background concept of cross site scripting :-)

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

Video Tutorial :-  SooN

 

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

So today we will know about the open source tool that helps in finding XSS cross site scripting attack for any website. This tool is scripted in go language as you can tell -_- you can help us by subscribing to our youtube channel :. Kumar Atul Jaiswal .: before using the too.

XSS Vulnerability

Cross-site scripting ( XSS )is a type of computer security vulnerability typically found in web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.  XSS Vulnerability find in any website within minutes
XSS vulnerability search in any website within minutes

Dalfox

I talk about naming. Dal(달) is the Korean pronunciation of moon and fox was made into Fox(Find Of XSS). XSS Vulnerability find in any website within minutes

Key features

• Paramter Analysis (find reflected parameter, find free/bad characters, Identification of injection point)
• Static Analysis (Check Bad-header like CSP, X-Frame-optiopns, etc.. with base request/response base)
• Optimization query of payloads

•         Check the injection point through abstraction and generated the fit  payload.
•         Eliminate unnecessary payloads based on badchar

• XSS Scanning(Reflected + Stored) and DOM Base Verifying
• All test payloads(build-in, your custom/blind) are tested in parallel with the encoder.

•         Support to Double URL Encoder
•         Support to HTML Hex Encoder

• Friendly Pipeline (single url, from file, from IO)
• And the various options required for the testing :D

•         built-in / custom grepping for find other vulnerability
•         if you found, after action
•         etc..

How To Install ?

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

Video Tutorial :- 

 

 

         

SQL Injection

SQL injection attacks uses SQL websites or web applications. It relies on the strategic injection of malicious code or script into existing queries. This malicious code is drafted with the intention of revealing or manipulating data that is stored in the tables within the database. SQL injection

SQL Injection is a powerful and dangerous attack. It identifies the flaws and vulnerabilities in a website or application. The fundamental concept of SQL injection is to impact commands to reveal sensitive information from the database. Hence, it can result to a high profile attack. How SQL Query works in database and how to hack database

Attack Surface of SQL Injection

Bypassing the authentication
Revealing Sensitive Information
Compromised Data Integrity
Erasing The Database
Remote Code Execution

How SQL Query Works ?

Injection of SQL query will be executed on the server and replied by the response. For example, following SQL Query is requester to the server.

• SELECT  *  FROM  [ Orders ]
• SELECT column1, column2, ....  FROM table_name;

These commands will reveal all information stored in the databse "Oredrs" table. If an organization maintains records of their orders into a database, all information kept in this database table will be extracted by the command.







Try it :- It's a Free 





Otherwise let's understand with another Example



In the following example, an attacker with the username link inserts their name after the = sign following the WHERE owner, which used to include the string 'name'; DELETE FROM items; -- for itemName , into an existing SQL command, and the query becomes the following two queries:

• SELECT * FROM items WHERE owner = 'link' AND itemname = 'name'; DELETE FROM items;--

Many of the common database products such as Microsoft’s SQL Server and Oracle’s Siebel allow several SQL statements separated by semicolons to be executed at once. This technique, known as batch execution, allows an attacker to execute multiple arbitrary
commands against a database. In other databases, this technique will generate an error and fail, so knowing the database you are attacking is essential.



If an attacker enters the string 'name'; DELETE FROM items; SELECT * FROM items WHERE   'a' = 'a' ,   the following three valid statements will be created:

• SELECT * FROM items WHERE owner = 'link' AND itemname = 'name'; 

• DELETE FROM items; SELECT * FROM items WHERE 'a' = 'a';

A good way to prevent SQL injection attacks is to use input validation, which ensures that only approved characters are accepted. Use whitelists, which dictate safe characters, and blacklists, which dictate unsafe characters.

Database

SQL Delete Query

The DELETE statement is used to delete existing records in a table. To understand, consider a table "Customers" in a database. The following information is the table "Customers" is containing.






Execution of  "delete" command will eraase the record.

• DELETE FROM Customers WHERE CustomerName='Alfreds Futterkiste';

Now the database table will be like this :-






There are lots of SQL query commands that can be used. Above are some of the most common and effective commands that are being used for injection.
for example :-

• UPDATE Customers SET ContactName = 'KumarAtulJaiswal', city= 'Delhi' WHERE CustomerID = 56;
• INSERT INTO Customers (column1, column2, column3, ...)
  VALUES (value1, value2, value3, ...); 

• Customers is a Table Name.

SQL Injection Tools

There are several tools available for SQL injection such as :-

• BSQL Hacker
• Marathon Tool
• SQL Power Injecto
• Havij

 Server Side Technologies

Server-side technologies come in many varieties and types, each of which offers
something specific to the user. Generally, each of the technologies allows the creation of dynamic and data-driven web applications. You can use a wide range of server-side technologies to create these types of web applications; among them are the following:

• ASP
• ASP.NET
• Oracle
• PHP
• JSP
• SQL Server
• IBM DB2
• MySQL
• Ruby on Rails

All of these technologies are powerful and offer the ability to generate web applications that are extremely versatile. Each also has vulnerabilities that can lead to it being compromised, but this chapter is not about those.



I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

Find Leaked Email and Password via onion service

Leaked Email and Password

Billions of email addresses and plain text passwords have been leaked online by an unknown party, leaving countless Internet users at risk from credential stuffing and other attacks. Search for leaked email and password using the onion service

Security researcher Bob Diachenko discovered the unsafe elastics search database on 4 December, although it was first indexed by the BinaryAidz search engine and therefore has been publicly available since the beginning of the month.

Access to the database was disabled on 9 December when it reported to the US-based ISP hosting the IP address, giving potential hackers more than enough time to scrape the logged-in data.

In total, the database contained 2.7 billion email addresses and plain text passwords for more than a billion of them - providing a true starting point for a credential stuffing campaign.

How To Find Leaked Email and Passwords

We will use pwndb tool to find the password email leaked here...pwndb.py is a python command-line tool for searching leaked credentials using the Onion service with the same name. Search for leaked email and password using the onion service

Installation

git clone https://github.com/davidtavarez/pwndb




cd

ls





pip3 install -r requirements.txt  OR  pip install -r requirements.txt





Then, type "  virtualenv venv   " without quotes and hit enter...





source venv/bin/activate








Full Post :-  Click Here

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

Video Tutorial :- 

          

critical bug in VMware opens up corporate Treasure to hackers

A critical information-disclosure bug in VMware’s Directory Service (vmdir) could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers. critical bug in VMware opens up corporate Treasure to hackers
The vmdir is part of VMware’s vCenter Server product, which provides centralized management of virtualized hosts and virtual machines (VMs) from a single console. According to the product description, “a single administrator can manage hundreds of workloads.”



These workloads are governed by a single sign-on (SSO) mechanism to make things easier for administrators; rather than having to sign into each host or VM with separate credentials in order to gain visibility to it, one authentication mechanism works across the entire management console.

The vmdir in turn is a central component to the vCenter SSO (along with the Security Token Service, an administration server and vCenter Lookup Service). Also, vmdir is used for certificate management for the workloads governed by vCenter, according to VMware.






The critical flaw (CVE-2020-3952) was disclosed and patched on Thursday; it rates 10 out of 10 on the CVSS v.3 vulnerability severity scale. At issue is a poorly implemented access control, according to the bug advisory, which could allow a malicious actor to bypass authentication mechanisms.



“Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls,” the description explained.







As for the attack vector, “a malicious actor with network access to an affected vmdir deployment may be able to extract highly sensitive information,” VMware noted. In turn, this information could be used to compromise the vCenter Server itself “or other services which are dependent upon vmdir for authentication.”

There are no workarounds, but administrators are encouraged to apply the patches as soon as possible.

vCenter Server 6.7 (embedded or external PSC) prior to 6.7u3f is affected by CVE-2020-3952 if it was upgraded from a previous release line such as 6.0 or 6.5. Clean installations of vCenter Server 6.7 (embedded or external PSC) are not affected, according to the company. To help administrators find out if their vmdir deployments are affected by CVE-2020-3952, the vendor has published a how-to knowledge base document.






“VMware, one of, if not the most, popular virtualization software companies in the world, recently patched an extremely critical information disclosure vulnerability…one of the most severe vulnerabilities that has affected VMware software,” Chris Hass, director of information security and research at Automox, told Threatpost. “vCenter Server provides a centralized platform for controlling VMware vSphere environments, it helps manage virtual infrastructure in a tremendous number of hybrid clouds, so the scope and impact of this vulnerability is quite large. Organizations using vCenter need to check their vmdir logs for affected versions, ACL MODE: legacy, and patch immediately.”

No specific acknowledgments were given for the bug discovery – VMware noted only that it was “disclosed privately.”