Thursday, 30 January 2014

19 Extensions to Turn Google Chrome into Penetration Testing Tool




1- Web Developer

    

Web Developer is a Google Chrome extension that adds a tool bar with various web development tools in Chrome. With these tools, users can perform various web development tasks. This extension helps analyzing web application elements like HTML and JS.



2- Firebug Lite


Firebug Lite for Google Chrome, provides a rich visual environment to analyze HTML elements, DOM elements and other Box Model Shading. It also provides live CSS editing. It helps in analyzing how an application is working on the client’s side



3- d3coder



d3coder, is another nice Google Chrome extension that helps penetration testers. It enables us to encode and decode selected text via context menu. Thus it reduces the time to encode and decode strings by using separate tools. This extension can perform a wide range of functions. See the list below:


  • Timestamp decoding
    • rot13 en-/decoding
    • base64 encoding
    • base64 decoding
    • CRC32 hashing
    • MD5 hashing
    • SHA1 hashing
    • bin2hex
    • bin2txt
    • HTML entity encoding
    • HTML entity decoding
    • HTML special chars encoding
    • HTML special chars decoding
    • URI encoding
    • URI decoding
    • Quoted printable decoding
    • Quoted printable encoding
    • Escapeshellarg
    • Base64 decode
    • Base64 encode
    • Unserialize
    • L33T-en/decode
    • Reverse


    4- Site Spider



    Site Spider, is an extension that adds a crawler in Chrome. It crawls all pages and reports all broken links. One can also restrict the spider by adding restrictions and regular expressions, it works at the client’s side. It can also use your authentication to access all pages. This extension is opensource. So, you can easily modify it according to your needs.



    5- Form Fuzzer


    Form Fuzzer, is used to populate predefined characters into different form fields. It can also select checkboxes, radio buttons and select items in forms. It has a configuration menu where you can manage all settings of the extension. It is really helpful in testing forms. You can set payloads for forms and then populate payloads quickly with this nice tool. Really helpful in performing XSS and SQL injection attacks.



    6- Session Manager



    Session Manager, is a powerful Chrome extension that lets users save, update, restore, and remove sets of tabs. You can create a group of tabs of the same interest and then restore those pages in one click. If you open few specific pages daily, and create groups of those pages and then open with a single click.



    7- Request Maker



    Request Maker, is a core penetration testing tool. It’s used in creating and capturing requests, tampering the URL, and making new headers with post data. It can capture requests made via forms or XMLHttpRequests. You can see the function of this tool is similar to Burp. It’s also helpful in performing various kind of attacks in a web applications by modifying http requests.



    8- Proxy SwitchySharp


    Proxy SwitchySharp, is a proxy extension that helps in managing and switching between multiple proxies quickly. It also has an option to set auto proxy switching based on URL. You can also import or export data easily. With proxy switcher, we can hide IP addresses and perform penetration testing tasks to check how a person can attack with proxy servers.




    9- Cookie Editor



    Cookie Editor, is a nice Chrome extension that lets users edit cookies. This tool is really helpful while hijacking vulnerable test sessions. It lets users delete, edit, add/or search cookies. It also lets users protect, block or export cookies in json. You can play with cookies as you want. This extension is ad-supported and all revenue goes to Unicef to help children worldwide. But Ads are not necessary and you can disable anytime from the extension settings page.




    10- Cache Killer



    Cache Killer, is another nice extension that automatically cleans the browser cache before loading pages. It can be easily enabled or disabled with a single mouse click. It’s useful to bypass the browser cache and see the exact website in case it’s changing. This is much useful for web developers.




    11- XSS Rays



    XSS Rays, is a nice extension that helps in finding XSS vulnerability in a website. It finds how a website is filtering the code. It also checks for injections and inspects objects. You can also easily extract, view and edit forms non-destructively even if forms cannot be edited. So many penetration testers use this extension as a dedicated XSS testing tool. It’s pure JavaScript XSS scanner. You can read more about XSS Rays here.




    12- WebSecurity



    WebSecurify, is a powerful cross platform web security testing tool. It’s available for various desktop, mobile platforms and browsers. This is the first web security tool that runs directly from the browser. It’s capable of finding XSS, XSRF, CSRF, SQL Injection, File upload, URL redirection and various other security vulnerabilities. It has a built in crawler that scans and crawls pages. Then it will try to find vulnerability on pages. It’s not a fully automatic tool. It lists possible vulnerability on the URL. You will need to confirm the vulnerability manually. We have already covered the websecurify tool in detail. You can check older posts to read more on how this tool works and how to master websecurify for penetration testing. While scanning, it pulls all features from the WebSecurify server, so you do not need to worry about database updates. The vulnerability engine will be updated at all times. Penetration testing tools are just a click away. Use this either as a browser tool or desktop tool.



    13- Port Scanner



    Port Scanner, Google Chrome extension adds port scanning capabilities to the browser. With this extension, you will be able to scan which TCP ports are listening. Port Scanner analyzes any given IP or URL addresses, and then will scan for open ports to help you to secure them. It is also available for Opera and Mozilla Firefox.




    14- XSS Chef

    XSS chef, is the popular Chrome extension that works directly in the browser. It helps us in identifying XSS vulnerability in a web application. It’s similar to BeEF but for browsers. It performs following tasks:

    • Monitor open tabs of victims
    • Execute JS on every tab (global XSS)
    • Extract HTML, read/write cookies (also httpOnly), local Storage
    • Get and manipulate browser history
    • Stay persistent until whole browser is closed (or even further if you can persist in extensions’ local Storage)
    • Make screenshot of victims window
    • Further exploit e.g. via attaching BeEF hooks, keyloggers etc.
    • Explore filesystem through file:// protocol
    • Bypass Chrome extensions content script sandbox to interact directly with page JS
    This is not an extension but a framework. So, installation is not same as any other extension. Read the official link of XSS Chef given below and learn how to install it in Chrome.



    15- HPP Finder


    HPP Finder, is another nice extension. It is useful in finding HTTP Parameter Pollution (HPP) vulnerability and exploit it. This tool can easily detect and exploit the HTML Forms or URLs that might be susceptible of HTTP Parameter Pollution attacks. This tool can only find the vulnerability points but is not a solution against the vulnerability.




    16- The Exploit Database



    The Exploit Database, is not a penetration testing tool, but it keeps you updated with all latest exploits, shell code and white papers available on Exploit DB server. It’s an open source tool and source code can be found here: http://github.com/10n1z3d/EDBE



    17- GHDB



    GHDB, is a nice Google hack query search. This nice extension help you in searching for necessary Google hack querys for finding specific pages based on special Google search parameters. It allows you in understanding the basis of web security in a better way.




    18- iMacros



    iMacros for Chrome, while performing various web page testing processes, you may need to automate few repetitive tasks on the web. For this, you can use iMacros for Chrome extensions. So, next time when you need this kind of thing, Use the macro and then start it with a click button.




    19- IP Adress and Domain Information



    IP Address and Domain Information, is an information gathering extension that can help you in finding geolocation, DNS, whois, routing, search results, hosting, domain neighbors, DNSBL, BGP and ASN information of every IP address (IPv4 and IPv6).


    Wednesday, 29 January 2014

    SQL Injection [Dork + Demo]




    Dorks:

    inurl:"id=" & intext:"Warning: preg_match() " 

    inurl:"id=" & intext:"Warning: ilesize() " 

    inurl:"id=" & intext:"Warning: filesize() " 

    inurl:"id=" & intext:"Warning: require() " 

    inurl:"id=" & intext:"Warning: mysql_fetch_assoc() " 

    inurl:"id=" & intext:"Warning: mysql_fetch_assoc() " 

    inurl:"id=" & intext:"Warning: mysql_fetch_assoc() "

    inurl:"id=" & intext:"Warning: mysql_fetch_array() " 

    inurl:"id=" & intext:"Warning: mysql_num_rows() " 

    inurl:"id=" & intext:"Warning: session_start() " 

    inurl:"id=" & intext:"Warning: getimagesize() " 

    inurl:"id=" & intext:"Warning: is_writable() " 

    inurl:"id=" & intext:"Warning: getimagesize() " 

    inurl:"id=" & intext:"Warning: Unknown() " 

    inurl:"id=" & intext:"Warning: session_start() " 

    inurl:"id=" & intext:"Warning: mysql_result() " s

    inurl:"id=" & intext:"Warning: pg_exec() " 

    inurl:"id=" & intext:"Warning: mysql_result() " 


    inurl:"id=" & intext:"Warning: mysql_num_rows() " 

    Monday, 27 January 2014

    How to Add Facebook Reply Button on Facebook Profile





    1- Interesting right? To do this, you must have the latest version of Google Chrome

    2- Next, you need to install these extension on your Google Chrome

    1.     Manual Geolocation 
    2.     Ultimate User Agent Switcher



    3- After you had installed these 2 things, click on Manual Geolocation extension icon near the navigation bar.

    Click enable, and search for New Zealand



    4- Now, you have to activate Ultimate User Agent Switcher. Click on the icon and tick on Activate Now!


    5- Once you have activate, go to http://touch.facebook.com and click on Check In icon


    6- When you clicked check in, it will search for the locations near the New Zealand. Simply choose any place and change the post privacy to ONLY ME. Try to update a status.



    6- Now, in a new tab, go to your Facebook, change the post privacy to public and try to update a status and see the magic.





    Still can't understand? Watch this video now!


    How to Add Watermark on Video [Linux}




    Hello guys, this is the tutorial on how to add watermark on video using GIMP and KDENLIVE in LINUX. I hope you guys enjoy this video. :D



    Saturday, 25 January 2014

    How To Delete Dead Facebook User's Account



    Just now, my friend told me to write a tutorial on how to delete dead Facebook user's account. This is nothing to do about hacking. This is just based on Facebook terms and services. So, here's the tutorial.


    1- First of all, go to the dead person Facebook profile and click on the gear button and click Report/Block..



    2- Click on Submit a Report > Report (His/Her Name)'s account. Then click Confirm



    3- After that, you will see something like this, click on Get help with other issues




    3- Next, click on How do i report on deceased person or an account that needs to be memorialized?



    4- Click request for removal




    5- Now, you will see 3 things that you need before you can submit fhe removal request. Once you already have all of those 3 things, click contact us.



    6- Finally, you will see a form, fill all the information needed and click send.

    Friday, 24 January 2014

    HTML Codes : Table of ASCII Character and Symbols





    HTML codes of ASCII Character are very important sometimes, because it might make some changes to our HTML page. For example, you're making your own Facebook Phishing page, but there's some weird symbols comes up. You can change them into HTML codes of ASCII.





    BEFORE


    AFTER






     Standard ASCII set, HTML Entity names, ISO 10646, ISO 8879, ISO 8859-1 Latin alphabet No. 1
     Browser support: All browsers

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    2A
    2B
    2C
    2D
    2E
    2F

    !
    "
    #
    $
    %
    &
    '
    (
    )
    *
    +
    ,
    -
    .
    /
     
    !
    "
    #
    $
    %
    &
    '
    (
    )
    *
    +
    ,
    -
    .
    /


    "



    &








    space
    exclamation point
    double quotes
    number sign
    dollar sign
    percent sign
    ampersand
    single quote
    opening parenthesis
    closing parenthesis
    asterisk
    plus sign
    comma
    minus sign - hyphen
    period
    slash

    ASCIIHTML HTML
    Dec Hex Symbol Number Name

    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    3A
    3B
    3C
    3D
    3E
    3F
    0
    1
    2
    3
    4
    5
    6
    7
    8
    9
    :
    ;
    <
    =
    >
    ?
    &#48;
    &#49;
    &#50;
    &#51;
    &#52;
    &#53;
    &#54;
    &#55;
    &#56;
    &#57;
    &#58;
    &#59;
    &#60;
    &#61;
    &#62;
    &#63;












    &lt;

    &gt;
    zero
    one
    two
    three
    four
    five
    six
    seven
    eight
    nine
    colon
    semicolon
    less than sign
    equal sign
    greater than sign
    question mark

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    4A
    4B
    4C
    4D
    4E
    4F
    @
    A
    B
    C
    D
    E
    F
    G
    H
    I
    J
    K
    L
    M
    N
    O
    &#64;
    &#65;
    &#66;
    &#67;
    &#68;
    &#69;
    &#70;
    &#71;
    &#72;
    &#73;
    &#74;
    &#75;
    &#76;
    &#77;
    &#78;
    &#79;















    at symbol















    ASCIIHTMLHTML
    DecHexSymbolNumberName

    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    5A
    5B
    5C
    5D
    5E
    5F
    P
    Q
    R
    S
    T
    U
    V
    W
    X
    Y
    Z
    [
    \
    ]
    ^
    _
    &#80;
    &#81;
    &#82;
    &#83;
    &#84;
    &#85;
    &#86;
    &#87;
    &#88;
    &#89;
    &#90;
    &#91;
    &#92;
    &#93;
    &#94;
    &#95;


























    opening bracket
    backslash
    closing bracket
    caret - circumflex
    underscore

    ASCIIHTMLHTML
    DecHexSymbolNumberName

    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    6A
    6B
    6C
    6D
    6E
    6F
    `
    a
    b
    c
    d
    e
    f
    g
    h
    i
    j
    k
    l
    m
    n
    o
    &#96;
    &#97;
    &#98;
    &#99;
    &#100;
    &#101;
    &#102;
    &#103;
    &#104;
    &#105;
    &#106;
    &#107;
    &#108;
    &#109;
    &#110;
    &#111;















    grave accent















    ASCIIHTMLHTML
    DecHexSymbolNumberName

    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    7A
    7B
    7C
    7D
    7E
    7F
    p
    q
    r
    s
    t
    u
    v
    w
    x
    y
    z
    {
    |
    }
    ~
    &#112;
    &#113;
    &#114;
    &#115;
    &#116;
    &#117;
    &#118;
    &#119;
    &#120;
    &#121;
    &#122;
    &#123;
    &#124;
    &#125;
    &#126;


























    opening brace
    vertical bar
    closing brace
    equivalency sign - tilde
    (not defined in HTML 4 standard)

    ASCIIHTMLHTML
    DecHexSymbolNumberName

    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    8A
    8B
    8C
    8D
    8E
    8F













































    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    144
    145
    146
    147
    148
    149
    150
    151
    152
    153
    154
    155
    156
    157
    158
    159
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    9A
    9B
    9C
    9D
    9E
    9F













































    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)
    (not defined in HTML 4 standard)

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    160
    161
    162
    163
    164
    165
    166
    167
    168
    169
    170
    171
    172
    173
    174
    175
    A0
    A1
    A2
    A3
    A4
    A5
    A6
    A7
    A8
    A9
    AA
    AB
    AC
    AD
    AE
    AF

    ¡
    ¢
    £
    ¤
    ¥
    ¦
    §
    ¨
    ©
    ª
    «
    ¬

    ®
    ¯
    &#160;
    &#161;
    &#162;
    &#163;
    &#164;
    &#165;
    &#166;
    &#167;
    &#168;
    &#169;
    &#170;
    &#171;
    &#172;
    &#173;
    &#174;
    &#175;
    &nbsp;
    &iexcl;
    &cent;
    &pound;
    &curren;
    &yen;
    &brvbar;
    &sect;
    &uml;
    &copy;
    &ordf;
    &laquo;
    &not;
    &shy;
    &reg;
    &macr;
    non-breaking space
    inverted exclamation mark
    cent sign
    pound sign
    currency sign
    yen sign
    broken vertical bar
    section sign
    spacing diaeresis - umlaut
    copyright sign
    feminine ordinal indicator
    left double angle quotes
    not sign
    soft hyphen
    registered trade mark sign
    spacing macron - overline

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    176
    177
    178
    179
    180
    181
    182
    183
    184
    185
    186
    187
    188
    189
    190
    191
    B0
    B1
    B2
    B3
    B4
    B5
    B6
    B7
    B8
    B9
    BA
    BB
    BC
    BD
    BE
    BF
    °
    ±
    ²
    ³
    ´
    µ

    ·
    ¸
    ¹
    º
    »
    ¼
    ½
    ¾
    ¿
    &#176;
    &#177;
    &#178;
    &#179;
    &#180;
    &#181;
    &#182;
    &#183;
    &#184;
    &#185;
    &#186;
    &#187;
    &#188;
    &#189;
    &#190;
    &#191;
    &deg;
    &plusmn;
    &sup2;
    &sup3;
    &acute;
    &micro;
    &para;
    &middot;
    &cedil;
    &sup1;
    &ordm;
    &raquo;
    &frac14;
    &frac12;
    &frac34;
    &iquest;
    degree sign
    plus-or-minus sign
    superscript two - squared
    superscript three - cubed
    acute accent - spacing acute
    micro sign
    pilcrow sign - paragraph sign
    middle dot - Georgian comma
    spacing cedilla
    superscript one
    masculine ordinal indicator
    right double angle quotes
    fraction one quarter
    fraction one half
    fraction three quarters
    inverted question mark

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    192
    193
    194
    195
    196
    197
    198
    199
    200
    201
    202
    203
    204
    205
    206
    207
    C0
    C1
    C2
    C3
    C4
    C5
    C6
    C7
    C8
    C9
    CA
    CB
    CC
    CD
    CE
    CF
    À
    Á
    Â
    Ã
    Ä
    Å
    Æ
    Ç
    È
    É
    Ê
    Ë
    Ì
    Í
    Î
    Ï
    &#192;
    &#193;
    &#194;
    &#195;
    &#196;
    &#197;
    &#198;
    &#199;
    &#200;
    &#201;
    &#202;
    &#203;
    &#204;
    &#205;
    &#206;
    &#207;
    &Agrave;
    &Aacute;
    &Acirc;
    &Atilde;
    &Auml;
    &Aring;
    &AElig;
    &Ccedil;
    &Egrave;
    &Eacute;
    &Ecirc;
    &Euml;
    &Igrave;
    &Iacute;
    &Icirc;
    &Iuml;
    latin capital letter A with grave
    latin capital letter A with acute
    latin capital letter A with circumflex
    latin capital letter A with tilde
    latin capital letter A with diaeresis
    latin capital letter A with ring above
    latin capital letter AE
    latin capital letter C with cedilla
    latin capital letter E with grave
    latin capital letter E with acute
    latin capital letter E with circumflex
    latin capital letter E with diaeresis
    latin capital letter I with grave
    latin capital letter I with acute
    latin capital letter I with circumflex
    latin capital letter I with diaeresis

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    208
    209
    210
    211
    212
    213
    214
    215
    216
    217
    218
    219
    220
    221
    222
    223
    D0
    D1
    D2
    D3
    D4
    D5
    D6
    D7
    D8
    D9
    DA
    DB
    DC
    DD
    DE
    DF
    Ð
    Ñ
    Ò
    Ó
    Ô
    Õ
    Ö
    ×
    Ø
    Ù
    Ú
    Û
    Ü
    Ý
    Þ
    ß
    &#208;
    &#209;
    &#210;
    &#211;
    &#212;
    &#213;
    &#214;
    &#215;
    &#216;
    &#217;
    &#218;
    &#219;
    &#220;
    &#221;
    &#222;
    &#223;
    &ETH;
    &Ntilde;
    &Ograve;
    &Oacute;
    &Ocirc;
    &Otilde;
    &Ouml;
    &times;
    &Oslash;
    &Ugrave;
    &Uacute;
    &Ucirc;
    &Uuml;
    &Yacute;
    &THORN;
    &szlig;
    latin capital letter ETH
    latin capital letter N with tilde
    latin capital letter O with grave
    latin capital letter O with acute
    latin capital letter O with circumflex
    latin capital letter O with tilde
    latin capital letter O with diaeresis
    multiplication sign
    latin capital letter O with slash
    latin capital letter U with grave
    latin capital letter U with acute
    latin capital letter U with circumflex
    latin capital letter U with diaeresis
    latin capital letter Y with acute
    latin capital letter THORN
    latin small letter sharp s - ess-zed

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    224
    225
    226
    227
    228
    229
    230
    231
    232
    233
    234
    235
    236
    237
    238
    239
    E0
    E1
    E2
    E3
    E4
    E5
    E6
    E7
    E8
    E9
    EA
    EB
    EC
    ED
    EE
    EF
    à
    á
    â
    ã
    ä
    å
    æ
    ç
    è
    é
    ê
    ë
    ì
    í
    î
    ï
    &#224;
    &#225;
    &#226;
    &#227;
    &#228;
    &#229;
    &#230;
    &#231;
    &#232;
    &#233;
    &#234;
    &#235;
    &#236;
    &#237;
    &#238;
    &#239;
    &agrave;
    &aacute;
    &acirc;
    &atilde;
    &auml;
    &aring;
    &aelig;
    &ccedil;
    &egrave;
    &eacute;
    &ecirc;
    &euml;
    &igrave;
    &iacute;
    &icirc;
    &iuml;
    latin small letter a with grave
    latin small letter a with acute
    latin small letter a with circumflex
    latin small letter a with tilde
    latin small letter a with diaeresis
    latin small letter a with ring above
    latin small letter ae
    latin small letter c with cedilla
    latin small letter e with grave
    latin small letter e with acute
    latin small letter e with circumflex
    latin small letter e with diaeresis
    latin small letter i with grave
    latin small letter i with acute
    latin small letter i with circumflex
    latin small letter i with diaeresis

    ASCIIHTMLHTML
    Dec Hex Symbol Number Name

    240
    241
    242
    243
    244
    245
    246
    247
    248
    249
    250
    251
    252
    253
    254
    255
    F0
    F1
    F2
    F3
    F4
    F5
    F6
    F7
    F8
    F9
    FA
    FB
    FC
    FD
    FE
    FF
    ð
    ñ
    ò
    ó
    ô
    õ
    ö
    ÷
    ø
    ù
    ú
    û
    ü
    ý
    þ
    ÿ
    &#240;
    &#241;
    &#242;
    &#243;
    &#244;
    &#245;
    &#246;
    &#247;
    &#248;
    &#249;
    &#250;
    &#251;
    &#252;
    &#253;
    &#254;
    &#255;
    &eth;
    &ntilde;
    &ograve;
    &oacute;
    &ocirc;
    &otilde;
    &ouml;
    &divide;
    &oslash;
    &ugrave;
    &uacute;
    &ucirc;
    &uuml;
    &yacute;
    &thorn;
    &yuml;
    latin small letter eth
    latin small letter n with tilde
    latin small letter o with grave
    latin small letter o with acute
    latin small letter o with circumflex
    latin small letter o with tilde
    latin small letter o with diaeresis
    division sign
    latin small letter o with slash
    latin small letter u with grave
    latin small letter u with acute
    latin small letter u with circumflex
    latin small letter u with diaeresis
    latin small letter y with acute
    latin small letter thorn
    latin small letter y with diaeresis

     HTML 4.01, ISO 10646, ISO 8879, Latin extended A and B,
     Browser support: Internet Explorer > 4, Netscape > 4

    HTMLHTML
    DecHexSymbolNumberName

    338
    339
    352
    353
    376
    402
    152
    153
    160
    161
    178
    192
    Œ
    œ
    Š
    š
    Ÿ
    ƒ
    &#338;
    &#339;
    &#352;
    &#353;
    &#376;
    &#402;





    latin capital letter OE
    latin small letter oe
    latin capital letter S with caron
    latin small letter s with caron
    latin capital letter Y with diaeresis
    latin small f with hook - function

    HTMLHTML
    DecHexSymbolNumberName

    8211
    8212
    8216
    8217
    8218
    8220
    8221
    8222
    8224
    8225
    8226
    8230
    8240
    8364
    8482
    2013
    2014
    2018
    2019
    201A
    201C
    201D
    201E
    2020
    2021
    2022
    2026
    2030
    20AC
    2122














    &#8211;
    &#8212;
    &#8216;
    &#8217;
    &#8218;
    &#8220;
    &#8221;
    &#8222;
    &#8224;
    &#8225;
    &#8226;
    &#8230;
    &#8240;
    &#8364;
    &#8482;













    &euro;
    en dash
    em dash
    left single quotation mark
    right single quotation mark
    single low-9 quotation mark
    left double quotation mark
    right double quotation mark
    double low-9 quotation mark
    dagger
    double dagger
    bullet
    horizontal ellipsis
    per thousand sign
    euro sign
    trade mark sign


    I hope this table can help you to make a perfect page. :D

    phUploader : File Upload Vulnerability




    POC

    Dork : Powered By phUploader

    Exploit : phUploader.php

    Allowed Type :  jpg, gif, png, zip, rar, txt, doc

    Live Demo : http://www.clubir.hj.cx/uploads/1390616668.txt
                        http://www.dfreload.com/file_host/uploads/1390659297.png
                        http://www.bizarremart.com/pix/uploads/1390606674.png



    Thursday, 23 January 2014

    Facebook Auto-Follower



    Hello guys! Today i'm just going to share with you about Facebook AutoFollower :D
    I might sound silly, but trust me, it worth it!



    Click On The Link To See Their Profile




    Interested?

    Want to get many follower on your Facebook profile? Just click on the link and follow these simple step and you will get thousand of followers!





    What is Desktop.ini ?



    Have you seen this before? Some of you might have seen this when you configure your Windows setting to show hidden files.


    Desktop.ini is a hidden file that used to customize and adjust setting for Windows folder that contain desktop.ini


    Can it be deleted?

    This file can be safely deleted from any directory.  However, because this file may have settings associated with the folder that it contains and deleting this file will change these settings back to default. For example, if the folder containing this file has a different icon and you delete this file the default folder icon will be re-enabled.


    Is this file a virus?

    No. By default this file is not a virus. However, there have been a few known viruses that exploit the capabilities of the desktop.ini file. So it can be infected or if created by another program may have attributes that may compromise your computer. If you're concerned about this file being a virus, scan the file with an antivirus program.