👽 Shubham khadgi blog 👽

  Embedthis has patched a null byte injection vulnerability in GoAhead, the embedded web server deployed in hundreds of millions of devices. “A specially crafted URL with a %00 character embedded before the extension can cause an incorrect file with a truncated filename to be served,” reads a security advisory on GitHub documenting the bug. Citing hypothetical URL https://example.com/example%00.html, the advisory says “the %00 is decoded to be a NULL”, resulting in the file handler serving ‘example’ instead of ‘example.html’. As a result, “remote attackers could gain access to documents with names that are strict subsets of longer valid URLs.” The advisory nevertheless describes the bug’s severity as ‘low’ since “an exploit requires [either] an additional vulnerability via uploaded malicious files” or a device that has misconfigured file uploads to be permitted “to a directory that also serves content”. CSP bypass leading to XSS The flaw was discovered by Luke Rindels, an inf...

SQL injection  is a  code injection  technique, used to  attack  data-driven applications, in which malicious  SQL  statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).  SQL injection must exploit a  security vulnerability  in an application's software, for example, when user input is either incorrectly filtered for  string literal   escape characters  embedded in SQL statements or user input is not  strongly typed  and unexpectedly executed. SQL injection is mostly known as an attack  vector  for websites but can be used to attack any type of SQL database. List of SQL Infected sites:  http://www.genhound.co.uk/source.php?id=477 http://www.lcoastpress.com/journal.php?id=8 http://www.travellers-tales.co.uk/travelJournal.php?id=42 http://www.arrowvalves.co.uk/content.php?id=8 http://www.reaplasrack.co.uk/content.php?id=129 http://www.arrowval...

  To do this you have Two options the first is manual and secondary is automatic. We will choose second method because by using this method we can obtain the email address in just few steps. Now we will install the Email Extractor Extension in our chrome browsers and you can download this extension from it here . 1. google setting  If you want to extract 100 email at single result then follow this step  copy this link to your search engine click here to go google setting   press Enter  Increase your search result( Request per page ) as per single page  2. Email Extractor Extension Downloads email extractor tool from chrome store  click here  3. Final Step using google Dork   After successfully installed the extension we will use google dork to find some email addresses, resulting in a bulk email address. and try to search  ex :-  intext:"gmail.com" site:linkedin.com/in shubham ex :- intext:"gmail.com" site:indee...

  How To Install CamPhish Tool CamPhish is a camera phishing toolkit inspired from saycheese, it is a upgraded version of saycheese. We can get camera clicks from victim's mobile's front cam or PC's webcam. We can use this on our Kali Linux and we also can use it on our Android mobile phone using Termux.  1.    first you need to install termux (available on playstore) after installing here we give same command follow the step for installation CamPhish.

10 Amazing Internet fact             1.  Tech hack   Want to watch age-restricted video without logging in? Just add " nsfw " before " youtube " in the URL link in your address bar.       2. Tech hack  If you buy a product on amazon, and there is a price drop within 7 day, you can get a refund on the price difference .                 3.Tech hack  Just type the name of the website in the address bar on a browser and press Ctrl+Enter to add the ' www ' and ' .com ', prefix and suffix automatically.       4.Tech hack  Accidentally close a word File without saying? No autosave either? Search .asd in the File explorer under " my/this pc " The document will be there. Windows has your back.       5. Tech hack  If ever you need a program you want for free ( for Example a video and photo editor ) search for "free", replace with search f...

  HOW TO GET HACKED CREDENTIAL DATA  A data leak differs from a data breach in that the former usually happens through omission or faulty practices rather than overt action, and may be so slight that it is never detected. While a data breach usually means that sensitive data has been harvested by someone who should not have accessed it, a data leak is a situation where such sensitive information might have been inadvertently exposed. pwndb is an onion service where leaked accounts are searchable using a simple form. After a breach occurs the data obtained is often put on sale. Sometimes, people try to blackmail the affected company, asking for money in exchange of not posting the data online. The second option is selling the data to a competitor, a rival or even an enemy. This data is used in so many different ways by companies and countries… but when the people responsible for obtaining the data fail on selling it, the bundle becomes worthless and they end up being placed in ...

  HOW TO INSTALL RECONSPIDER STEP BY STEP 1. git clone https://github.com/bhavsec/reconspider.git 2. sudo apt install python3 python3-pip 3. apt-get install wget 4. cd reconspider 5. sudo python3 setup.py install 6. python3 reconspider.py Usage 1. IP This option gathers all the information of given IP Address from public resources. ReconSpider >> 1 IP >> 8.8.8.8 2. DOMAIN This option gathers all the information of given URL Address and check for vulneribility. Reconspider >> 2 HOST (URL / IP) >> vulnweb.com PORT >> 443 3. PHONENUMBER This option allows you to gather information of given phonenumber. Reconspider >> 3 PHONE NUMBER (919485247632) >> 4. DNS MAP This option allows you to map an organizations attack surface with a virtual DNS Map of the DNS records associated with the target organization. ReconSpider >> 4 DNS MAP (URL) >> vulnweb.com 5. METADATA This option allows you to extract all metadat of the file. Reconspider ...