[Tutorial] How To Discover & Exploit Blind SQL Injections

This video will show you the right way to discover SQL injection vulnerabilities, this method can be used to discover both normal and blind SQL injections.



Resources:

Advertisements

3 ways to fix the fixed channel: -1 issue

fixed-channel:-1
fixed-channel:-1

Yesterday while I was working on the new version of Wi-fEye , I found out that every time I try to use airodump-ng I get the ‘mon0: fixed channel -1’ error message , now this is a very popular one , and there are a few ways to get around it , in the past to get around this I usually set the channel when I enable monitor mode , so instead of running

airmon-ng start [interface]

execute

airmon-ng start [interface] [target-AP-channel]

For example if your network interface is wlan0 and the target AP is running on channel 6 then the command would be

airmon-ng start wlan0 6

This unfortunately didn’t work on ubuntu 12.04 , so I decided to set the channel and enable monitor mode manually without airmon-ng.

iwconfig [interface] channel [target-channel]
 ifconfig [interface] down
 iwconfig [interface] mode monitor
 ifconfig [interface] up

This – sort of – did the trick , when I say sort of i mean the error message is gone , I can run airodump-ng successfully on any AP with no problems , I can assotiate with APs successfully as well , even the injection test (airmon-ng -9 wlan0) tells my that injection is working , but when I actually try to inject packets it doesn’t work :S.

At this stage I was out of ideas and had to ask google , after some googlig I decided to patch my kernel but before that I thought it could be a good idea to search for compat wireless , so I did and it was a good idea indeed.

first check you kernel version:

uname -r

then install the relevant compat wireless package from the software center or using apt-get.

Then I restarted my system and BOOM , injection is working perfectly.


Now all of these ways have worked for me at some stage (depending on the kernel , the linux distro and the wifi card) , so if you are stuck with the same problem try them all and see what works for you.

Wi-fEye – Automated Network penetration testing tool

Wi-fEye is the first PROPER project that i’ve finished recently … it took me a while to finish programming it as i only worked on it at my free time. Writing this tool improved my programming abilities a lot and made me love python.

Wi-fEye is designed to help with network penetration testing, Wi-fEye will allow you to perform a number of powerful attacks Automatically, all you have to do is to lunch  Wi-fEye, choose which attack to perform,  select your target and let Wi-fEye do the magic !!.

Wi-fEye is divided to the following menus:

1.Cracking menu: This menu will allow you to:

  • Enable monitor mode
  • View avalale Wireless Networks
  • Launch Airodump-ng on a specific AP
  • WEP cracking: this will allow you to perform the following attacks automatically:
    • Interactive packet replay.
    • Fake Authentication Attack.
    • Korek Chopchop Attack.
    • Fragmentation Attack.
    • Hirte Attack (cfrag attack).
    • Wesside-ng.
  • WPA Cracking: This contains the following attacks:
    • Wordlist Attack
    • Rouge AP Attack.

2.  Mapping: this menu will allow you to do the following:

  • Scan the network and view the connected hosts.
  • Use Nmap Automatically.

3.  MITM:  this menu will allow you to do the following Automatically:

  • Enable IP forwarding.
  • ARP Spoof.
  • Launch ettercap (Text mode).
  • Sniff SSL/HTTPS traffic.
  • Sniff URLs and send them to browser.
  • Sniff messengers from instant messengers.
  • Sniff images.
  • DNS Spoof.
  • HTTP Session Hijacking (using Hamster).

4. Others: this menu will allow you to o the following automatically:

  • Change MAC Address.
  • Hijack software updates (using Evilgrade)