Here's some cheat sheet of SQL Injection, for those who declare them self as a hacker wannabe....
Normal SQL Injection:
Normal SQL Injection using encapsulated data:
Blind SQL Injection to throw an error to validate that encapsulation isn't working. The goal here is to throw an error to cause the application to show us that it is not encapsulating quotes correctly:
Blind SQL Injection creating an error using EXEC:
Blind SQL Injection detection (this shouldn't give us the same result if filtering is in place as we would get if we excluded the AND 1 = 1 part. If it does give us the same result it shows that the application is vulnerable):
Blind SQL Injection to attempt to locate tablenames by brute force iteration through potential names (you'll have to rename tablenames until you find a match):
Using the USER_NAME() function in SQL Server to tell us if the user is running as the administrator:
Evading escapes with backslashes (this assumes the application comments out a single quote with another single quote and by introducing a backslash before it, it comments out the singlequote that is added by the filter). This type of filter is applied by mySQL's mysql_real_escape_string() and PERL's DBD method $dbh->quote():
More blind SQL Injection by attempting to create an error using the backslash method seen above:
Creating errors by calling fake tables. This can help expose vulnerable applications by attempting to create an error by calling tables that are nonexistant (try this with and without the quotes):
Dumping usernames (assuming there is a username table and quotes are not escaped):
Enumerating through database table names. By changing the 116 to different numbers you can use logrithmic reduction to find the first char of the database table name. Then iterating through the first 1 in 1, 1 you can eventually get the whole table name. Originally found by Kevin Spett:
Finding user supplied tables using the sysObjects table in SQL Server:
Bypassing filter evasion using comment tags:
Note: This tutorial for educaional purpose only. go head scripter, get your self injecting.
Originaly post By: http://ha.ckers.org/sqlinjection/
Thursday, May 14, 2009
SQL Injection Cheat Sheet
Tuesday, May 12, 2009
Sky Voice
Dual Phone Mode:
Handphone merk skyvoice S282 SPEC :WIFI+VOIP, Touchscreen, kamera 2 MP, colour 65k, MP3,slim just 1.5cm, LINUX OS
Key Features
• GSM Quad band: 850/900/1800/1900MHz
• WLAN 802.11b auto roaming support
• Integrated VoIP over WLAN using SIP protocol on IMS system
• Supporting active call handover between GSM and WLAN network
• Form factor – Candy Bar : 112mm x 50mm x 12.5mm
• Talk time – 3 hours (either VoIP or GSM); Standby – 120 hours
• 2.2” QVGA 262K color TFT LCD 256K
• Touch screen support
• Camera 2.0M CMOS sensor
• SMS & MMS (SMIL 2.0)
• Video Playback (QVA 320x240) at 15fps
• Video Recording (QCIF 176 x 144) at 8fps
• Camera preview at 10 fps, capture and editor support
• Audio recording
• Audio playback
• MP3 player
• Picture address book
• PIM functions – calendar, memo, dictionary, calculator…
• Micros Card external memory slot
• Opera Browser (HTML, WAP2.0)
• OTA content download support (HTTP, WTP)
• J2ME – MIDP2.0, CLDC1.1
• email – POP3, SMTP, eSMTP
• PC Sync
Hardware Specification
• GSM Frequency Band: Quad Band:
1. GSM 850: 824MHz – 894MHz
2. EGSM900: 880MHz – 960MHz
3. DCS1800: 1710MHz – 1880MHz
4. PCS1900: 1850MHz – 1990MHz
• Size: 112mm x 50mm x 12.5mm
• GPRS: Class B terminal, Multi-slot Class 10, support 2 up 3 down
• GSM Voice Codec: HR, FR, EFR and AMRC
• SIM Card: Phase 2 small SIM Card, Support 3V, 16x Speed 64K size SIM
• Processor: OMAP TI 730 (Tri-core processor - ARM926EJ-S running at 200MHz)
• Memory: 64MByte NAND Flash; 64MByte
• 2.2” LCD: TFT QVGA LCD – 240 x 320pixels; 262K color
• Touch Screen Support with key pad
• Camera: CMOS 2.0M sensor; Preview rate: 10fps; Digital Zoom: x4
• Audio Hardware: Mono speaker at back; ear-piece; stereo headset
• LEDs: Multi-color LEDs to indicate status
• Ring tone: Midi 40 Chords Polyphonic; MP3, AMR
• Connector: USB Client 1.1; Use Mini-USB Connector both for data and earphone
• Bluetooth: 1.2, HSP Profile, OPP Profile
• External memory: MicroSD – supporting to 2GByte size
Basic Phone Feature
• Language: English (American), Simplified Chinese, Complex Chinese
• Optional: European Languages (French, German, Italian, Spanish, Portuguese)
• QWERTY soft keyboard on touch screen
• Handwriting: Simplified Chinese, Complex Chinese
• Auto-complete: Dial pad auto-complete function
• Operation Mode:
1. PDA only (Aero plane mode)
2. Phone + PDA mode (Normal Mode
• Phone Dialing
1. LCD based soft key dial pad
2. Photo dialing
3. Dial from address book
4. Speed dial from keypad
• Personal Ring tone: Associate with address entries
• STK:
1. SIM Tool Kit class 3
2. TS 11.14 Release 97 fully support, support part of TS 11.14 Release 98
• USSD: Phase 2
• Modem: CSD or GPRS
Messaging
• SMS:
1. Mixed Languages
2. Concatenated SMS (up to 256 messages)
3. Group sending (100 names)
• MMS
1. SMIL 2.0 compliant
2. Multi-frame support
3. Group sending (100 names)
4. MMS graphical composer
5. Content: text, image (JPEG, GIF/GIFa, PNG), MP3, AMR, H.263 video, MP4
• Instant Message
1. Subset as per OMA IMPS
2. UTF-8 text
3. Presence
4. Buddy list
• Cell Broadcast: Multi-channel support
GSM/WLAN Convergence Feature
• WLAN Support: 802.11b/g – up to 11Mbps
• WEP 64/128/256 bits
• WPA/WPA2
• VoIP support:
1. Seamless switching between GSM & 802.11 WLAN
2. Protocol: SIP and RTP
3. Voice Codec: G.711u, G.711a, G.729ab
• Related RFC
1. SIP RFC 3261
2. IMS SIP 3GPP TS 24.229
3. SIP extension RFC 3581 (NAT)
4. Supplementary services : 3 way conference call, call hold/unhold, call waiting
5. DTMF RFC 2833
6. Presence & IM over SIP RFC 3428, RFC 3862
7. RFC 3262 (183 PRACK)
8. Authentication using AKA RFC 3310
9. Authentication using EAP RFC 4017
Multi-media Features
• Audio playback: Play from external or internal memory: MAV, MP3, MIDI, AMR, AAC
• Audio Recorder: Record to external or internal memory: AMR
• Video playback: Play from external or internal memory: H.263 Profile 0, Level 0; Up to 15 frames per second; Up to 512 Kbps video data rate; No limit on playback time
• Video File Format:
1. 3GP (H.263 + AMR)
2. 3GP (H.263 + AAC)
3. MP4 (MPEG4 + AAC)
4. MP4 (MPEG4 + AMR)
• Video Recorder: Record to Memory Card or Internal Memory; H.263 Profile 0, Level 10; Data rate up to 256 Kbps; resolution: 176x144, up to 8 frames per second; Recording time is up to 30 min
• Photo Editing: Free hand drawing; Line, box, cycle, ellipse support; Edit photo or clean canvas; Photo Mask; 64 color palette
Productivity Features
• eMail: POP3, SMTP, eSMTP
• WWW Internet Browser:
1. Opera Internet Browser
2. HTTP 1.1
3. HTML 4.01
4. TLS 1.0 and SSL 3
5. WTLS Class II
6. JPEG, wBMP, GIF, GIFa, PNG, BMP
7. JavaScript
8. Cookie
• WAP Browser
1. Esmertec WAP browser
2. WAP 2.0
3. WML
4. HTML MP (Mobile Profile)
5. HTTP 1.1
6. WAP Push
7. TLS 1.0 and SSL 3
8. WTLS Class II
9. JPEG, wBMP, GIF, GIFa, PNG, BMP
10. Cookie
• J2ME: MIDP 2.0, CLDC 1.1
• JAM support
• OTA SMS Provisioning
• OAT Content download: image, MIDI, Video
• DRM: Forward Lock as per OMA 1.1