2

Wh at' s i t al l

ab o u t

W h a t' s i t a l l a b o u t?
(if you're wondering what the fuck is it)
So, what is it going to be about? Well, actually I dunno. That's where YOU can come in! If you have anything interesting to share, feel free to contact me and make this magazine a bit better :) Email to get in touch with us is on the bottom part of the cover. Anyway, what do we have in this issue? Right, first comes my introduction to SQL Injection. It's actually the most common vulnerability ever (excluding Cross-Site Scriptnig). I don't think that I need to say that it'd be good to learn a bit about it and double-check your web-apps aganist this one. The next thing on the list is WeedHead Hackers. They were a really good time and to be honest I'll miss them. CrackHead has left them, JointHead is .... uhm, nobody knows so far. D'you have any information about what's happenning with him? If so, feel free to call us. Up next: Avalanche Hackers! My new squad that has just been formed (this year), however it's rather inactive at the moment (school, work and so on). But, why not to write something about us ? :) Feel free to find and like us on Facebook if you want to:

Disclaimer
All content of this magazine is placed here for educational purposes. Don't try to play with things shown here on computer networks that you don't have written permission to pentest. Only you are responsible for effects of your missunderstanding of this disclaimer. You have been warned.

Contents
What's it all about .............................................................................. 2 SQL Injection - how to get started ............................................... 3 WeedHead Hackers - definitely down? ...................................... 5 Avalanche Hackers - new guys on the stage .......................... 7 Servers scanning - the manual way ............................................ 9

fb.com/AvalancheHackers
And, the last one: server scanning. The manual way, meaning we won't use those one-click vulnerability searchers like Acunetix or anything similar. We're going to keep it up with free and lightning fast tools :) ~ Xploit3R

Contact me
Head writer

Xploit3R / Avalanche Hackers - qrchackofficial@gmail.com

S Q L I n j e c ti o n - h o w to . . .

SQL INJECTION
Many web developers treat SQL as a hardshell barrier that blocks all the threats. Well, it's time to wake up since SQL Injection is one of the most common security flaws in web applications. Have a look into the article and check yourself have you prepared your webapp to fight aganist the injectors?

What actually happens here? Imagine we've got a login panel on some website. When an user logs in, we check if the login given matches the login stored in our database, the same goes for the password. Typically, either both things are equal and the process goes successfully, or we have a failed loin attempt. But, what happens if the user gives admin' as his login? He escapes our code and makes it diferrent! What do we have now? It gives a wrong (not SQL-valid) command cause of double apostrophes (one in login, one in our PHP / whatever code) Finally, we got a deathly error message:

SQL Injection usually comes from lack of user input verification

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line [line]
And there is also a second one just under it:

Definition
SQL injection is a code injection technique, used to attack data driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in [file location] on line [line]
Beautiful, isn't it? The same way as we added those apostrophes, we can add our own SQL commands, and they will execute on remote server, even without knowing any password. Sounds pretty fancy. We could type the SQL commands straight into the web browser, but hey, who cares? Turn to the next page to see how can you make your hands dirty in the quick way.