Description about mkFIFO

mkfifo makes a FIFO special file with name pathname. mode specifies the FIFO's permissions. It is modified by the process's umask in the usual way: the permissions of the created file are (mode & ~umask).
A FIFO special file is similar to a pipe, except that it is created in a different way. Instead of being an anonymous communications channel, a FIFO special file is entered into the file system by calling mkfifo.

Once you have created a FIFO special file in this way, any process can open it for reading or writing, in the same way as an ordinary file. However, it has to be open at both ends simultaneously before you can proceed to do any input or output operations on it. Opening a FIFO for reading normally blocks the file until some other process opens the same FIFO for writing, and vice versa. See fifo(4) for non-blocking handling of FIFO special files.

mkfifo() is vulnerable to classic TOCTOU attacks.

A call to mkfifo() should be flagged if the first argument (the file name) is used previously in a check.

Exploit DVWA using sql injection

first steep
running your apache & mysql
so type localhost/dwva ant it will open new web page about dwva

and now
login
user : admin
pass : password

Definition abuot Google Hacking

          google hacking is one technique used in the hacking world by utilizing the ability of Google to search for an information ranging from the mundane to the information is very important information contained in the database search engine. because search engines like google is using a software called spiders or crawlers that have the task to trace any existing web pages and information on the worldwide web is stored on the internal server google itself. Then do the indexing, so for those who need information on something just enter any keywords (keywords) so that the information seeking process becomes easier. This is what the life of the hackers to get his victims. In fact, not infrequently of information such as passwords, credit card numbers, account numbers, and confidential information that should be the owner can be determined through search engines like google it. 
    

Defintion about SHODAN

Shodan is a search engine that lets you find specific computers (routers, servers, etc.) using various filters. Some also describe it as a container scanner banners directory or search engine. (Banners)Web search engines, like Google and Bing, which is great for finding your website. But what if you are interested in finding a computer to run certain parts of the software (like Apache)? Or if you want to know the version of Microsoft's IIS is the most popular? Or you want to see how many anonymous FTP server there? Maybe new vulnerabilities emerge and you want to see how many hosts it can infect?So, what's Shodan index?Most of the data taken from the 'banner', which is the meta-data server sends back to the client. This can be information about the server software, support service options, a welcome message or whatever the client wants to know before interacting with the server.

What is Tor and The Proxy Chain

Tor Definition

 
Tor is a virtual tunnel that allows it to hide our identity for surfing the internet.

and also i get definition from  http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29

Tor (short for The onion router) is a system intended to enable online anonymity. Tor client software routes Internet traffic through a worldwide volunteer network of servers in order to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages and other communication forms", back to the user^[5] and is intended to protect users' personal freedom, privacy, and ability to conduct confidential business by keeping their internet activities from being monitored.

Bypass localhost/fbip

first steep

runnig service apache & mysql
open your browser and write on url localhost/fbip

second steep
now we try make an error of this site type ' or '1'='1'#