We are closing registration and public forum view to Paid & Private in 16 days! CLICK HERE to register FREE.
 
Create an account  

For users privacy, our last domains: CarderHack.com and OmertaHack.net are moved to CardingTeam.ws

Deposit & Withdraw | About Verified Sellers and Escrow | Advertise | Scam Report | Tracking Number Details | ICQ: 717039384

carding forums carding forums
carding forums carding forums
carding forums Paid adv expire in 48 days
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 
Learn to build before you destroy (experiment with PHP WAF)

#1
well all know what is WAF (web application firewall) which is used to help block out certian attack queries,
we spend days and days hacking websites mostly with SQLI and sometimes we get across some nasty filters.

so im asking you, wouldnt be more fun to try to make your OWN WAF and try to chellange yourself (and hopefully learn how to master the art of making better filters or also learn how to evade them?)

so i have with me PHP script that i made at work to experiment with WAF on my local server

so this is what the script looks like
Posted Image

what happen when we add single quote?
Posted Image

now lets try some SQL Injection Smile
Posted Image

this is the part where you have to experiment using preg_match (this is the real shit that act as WAF)
Posted Image

you might wana have :-

- local server (with apache, PHP, any SQL server but MySQL is preferred) - just download XAMP if you're on windows

- something to experiment your SQLI attacks on (which why i made the script)

- some simple database (i got a dummy countries sql file that you can import to your local server and get records from)


Code:
<?php

  $endl = "\r\n<br/>";

  // Settings
  $host     = 'localhost';
  $user     = 'root';
  $pass     = '';
  $db       = 'world';

  $connect = mysqli_connect($host,$user,$pass);

  if(!$connect) {
    die('Couldnt connect to mysql');
  }
  if( !mysqli_select_db($connect,$db) ){
    die('Couldnt select DB .. ');
  }

  $q = (@$_GET['q'] && isset($_GET['q'])) ? $_GET['q'] : die('No Query...') ;

  // experiment with this
  $match = '/(order)+/i';

  if( preg_match($match, $_GET['q']) ){
    die('Hacking attempt, You\'re a nigger.');
  }

  $q = "SELECT * FROM city WHERE ID='{$_GET['q']}'";

  echo $endl . "Query: <b>".$q ."</b>". $endl;
  $query = mysqli_query($connect,$q) or die(mysqli_error($connect));
  $numFields = mysqli_num_fields($query);
  $fieldIndex = 0 ;

  echo "$endl";
  echo '<table>';
  echo "<head >";
  while($fieldIndex < $numFields) {
    $field = mysqli_fetch_field_direct($query,$fieldIndex);
    printf("<td style='text-align:center; background: #A63A00; color: #FFA473'> %s </td>",$field->name);

    $fieldIndex++;
  }
  echo '</head>';

  // Data
  $rowIndex = 0;
  while($row = mysqli_fetch_row($query)) {
    echo "<tr style='text-align:center'>";
    foreach($row as $r) {
    
      $style = "";
      if($rowIndex % 2 ==0)
        $style = "background: #BF6230; color: #A63A00";
      else
        $style = "background: #FF8240; color: #BF6230";
      
      printf("<td style='$style'> %s </td>",$r);
    }
    $rowIndex++;
    echo '</tr>';
  }
  echo '</table>';

  mysqli_close($connect);
?>
Reply
Paid adv. expire in 47 days
CLICK to buy Advertisement !

    Verified & Trusted HACKED Payza, PayPal, Ukash, Ucard, EgoPay, Skrill - TRANSFER [Escrow accepted]




Forum Jump: