Tag: data

Footprinting, Hacking, Penetration Testing

Data Exfiltration using single or multiple channels

DET (is provided AS IS), is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service. Features So far, DET supports multiple protocols, listed here: > HTTP(S) > ICMP > DNS > SMTP/IMAP …


Sanitize data coming out of the database in cakephp 3

A security measure that most programmers forget to take when building database oriented applications is to sanitize-validate data coming out of the database. Let’s see how can we sanitize our data in cakePHP 3. cakePHP 3 book – Entities Create your Entity for ex. Country: namespace AppModelEntity;   use CakeORMEntity;   class Country extends Entity …


Validating and Sanitizing data in CakePHP 3

CakePHP 3 book – Validators CakePHP 3 book – Table Objects CakePHP 3 book – Saving data Countries Table SQL schema: CREATE TABLE IF NOT EXISTS `countries` ( `id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT, `name` VARCHAR(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT ‘Uknown’, `code` VARCHAR(2) COLLATE utf8_unicode_ci NOT NULL DEFAULT ‘UN’, `modified` DATETIME NULL, `created` DATETIME …


How to execute thousand of sql commands using mysql cli

1> Open windows cmd 2> Type: .mysql.exe –user=root –password -e "source C:pathtomysqlfile.sql".mysql.exe –user=root –password -e "source C:pathtomysqlfile.sql" 3> Hit Enter SQL file example: USE `databasename`;   INSERT INTO blah blah; INSERT INTO blah blah; INSERT INTO blah blah;use `databasename`; insert into blah blah; insert into blah blah; insert into blah blah;

General, Protection, Security

Memory Protection Feature

Data Execution Prevention (DEP) is a memory protection feature available in modern operating systems, Linux, Mac OS X, iOS, Microsoft Windows and Android. DEP allows memory pages to be designated as non-executable. Its duty is to prevent the content of a region of memory to be executed as instructions by a program, service, device driver, …

Add-ons, Browsers, Firefox, Monitor, Proxy

Monitor the data you send to the remote server

TamperData is a Firefox addon to view and modify HTTP/HTTPS headers and post parameters, trace and time http response/requests and security test web applications by modifying POST parameters. TamperData allows you to see and/or modify the requests as they are sent to the website you navigate. It is a useful tool to discover the structure …


Loading SQL Server data into DataTable

DataTable represents one table of in-memory data. SqlConnection Connection = null; String sql_server_ip_or_hostname ".."; String database_name = ".."; String username = ".."; String password = "..";   try { Connection = new SqlConnection( "Data Source=" + sql_server_ip_or_hostname + ";" + "Initial Catalog=" + database_name + ";" + "User Id=" + username + ";" + "Password=" …


Parse JSON data in PHP

json_decode $data='{"id":1,"firstname":"george","lastname":"karpouzas","emails":["abcd@gmail.com","abcd@yahoo.com"]}’; $obj=json_decode($data); echo ‘ID: <b>’.$obj->id.'</b><br>’; echo ‘First name: <b>’.$obj->firstname.'</b><br>’; echo ‘Last name: <b>’.$obj->lastname.'</b><br>’; echo ‘Email 1: <b>’.$obj->emails[0].'</b><br>’; echo ‘Email 2: <b>’.$obj->emails[1].'</b><br>’;$data='{"id":1,"firstname":"george","lastname":"karpouzas","emails":["abcd@gmail.com","abcd@yahoo.com"]}’; $obj=json_decode($data); echo ‘ID: <b>’.$obj->id.'</b><br>’; echo ‘First name: <b>’.$obj->firstname.'</b><br>’; echo ‘Last name: <b>’.$obj->lastname.'</b><br>’; echo ‘Email 1: <b>’.$obj->emails[0].'</b><br>’; echo ‘Email 2: <b>’.$obj->emails[1].'</b><br>’; Output: ID: 1 First name: george Last name: karpouzas Email 1: abcd@gmail.com Email …


Create JSON data in PHP

json_encode Code: $data = array (’id’=>1, ‘firstname’=>’george’, ‘lastname’=>’karpouzas’, ’emails’=>array(’abcd@gmail.com’,’abcd@yahoo.com’));   echo json_encode($data);$data = array (‘id’=>1, ‘firstname’=>’george’, ‘lastname’=>’karpouzas’, ’emails’=>array(‘abcd@gmail.com’,’abcd@yahoo.com’)); echo json_encode($data); Output: {“id”:1,”firstname”:”george”,”lastname”:”karpouzas”,”emails”:[“abcd@gmail.com”,”abcd@yahoo.com”]}


Create JSON data in Java

1. Download json-simple library (.jar file) from here. 2. Add a reference to the json-simple jar file. 3. Import package org.json.simple.JSONObject 4. Write your code: JSONObject jsonobj = new JSONObject(); jsonobj.put("city", "Athens"); jsonobj.put("country", "Greece"); System.out.println(jsonobj.toString());JSONObject jsonobj = new JSONObject(); jsonobj.put("city", "Athens"); jsonobj.put("country", "Greece"); System.out.println(jsonobj.toString());