Friday, August 10, 2012

Difference between integer based and string based SQL injection

Hi friends  this one i had posted a question on hackforums about difference between string based and integer based SQL injection it can be explained as follows
SELECT * FROM pages WHERE page_id=10 [inject] order by title limit 1,
so the injection would be
?id=10 union select 1,2,3--
finallly you get
SELECT * FROM pages WHERE page_id=10 union select 1,2,3-- order by title limit 1,1


SELECT FROM pages WHERE page_id="10" [injectorder by title limit 1,
so the injection would be
?id=10' union select 1,2,3--+
select * from pages where page_id="10"' union select 1,2,3--+ order by title limit 1,1

so in integer based SQL injection you dont have to put a ' and in string based SQL injection you have to put a ' and a + sign at the end
the original post here

Monday, August 6, 2012

Will ultrabooks eliminate DVDs and Blue ray dics

Hi guys wassup how are you doing? yesterday my brother bought a lenovo ultrabook it was almost copy of a macbook with the hardware but the its slim, keyboard is easy to type and fast. but the fact that it had SSD and no DVD drive only some USB ports, HDMI ports and ethernet port etc and some touch pad changes. so the question is due to new emerging race of ultrabooks will CDs and DVDs will become outdated. maybe not coz still most of the games, blue-ray movies,etc come in DVDs. they are cheap but still they can't just get outdated and what i expect to be that new ultrabooks will have a dvd drive or they wont get apropriate market in india. i am still happy with my old laptop. and i am going to college this month for studies of computer engineering the thing i had loved to do the most.

Saturday, August 4, 2012

Call For Papers for the first edition of Hzine(Hacking Magazine)

Hcon has decided to release hacking magazine for you guys. it will be an online magazine free for all but for now it needs contributions. Contributions in the sense, Articles. For releasing anything you need good fleshy information which is not possible for one man. So here by i ask you all to contribute to this great effort made by Ashish Mistry and also if you cannot for any reasons atleast share it on your blog like me or on your facebook homepage.
Hcon, Information security Training and Tools provider, launched their own PenTesting Magazine ‘Hzine’. We are inviting unique and interesting articles for our First Edition of Hzine.

Theme for the articles : Operating Systems (OS)
Articles can be on Topics :
1. Penetration testing / Hacking
2. Forensics
3. Malware
4. Exploit Development
5. Embedded, Mobile OS
6. OS Configs and Defenses
7. Offensive or Defensive Programming
8. About OS Tools, any specific OS articles
9. Troubleshooting any security issue
10. Any other OS related quality articles are also welcome
Things to consider for article submission :
1. It will be a free Magazine
2. It has to be your own work, research
3. It has to be in ENGLISH only
4. As we are not gaining any money from it, so don’t expect from us to give you
5. Send articles in document format only (doc, docx, odt)
6. articles has to be with if any needed reference
More info:
if you feel you have it in you !!

Twitter Delicious Facebook Digg Stumbleupon Favorites More