What you’ll need:
Firefox,
The Modify Headers extension for firefox.

What you can do:
Many sites allow google to look into their forums, in order to get more traffic by getting more google search results. By pretending to be the google search indexer (aka spider, bot) we can access parts of these sites off limits to guests.

Example URL:

Code:
http://www.tuts4you.com/forum/index.php?showtopic=9959

I found this address today doing a google search, and noticed that although I didn’t have access, google had a cached version. Head over to this url, and you should get the same error as me.

First, head over to google and type in ‘browser headers’. The first link should take you to a page which gives you all the information your browser sends to web servers. This information, specifically the User-Agent field, is how the google bot tells web servers what it is. Go back to the google search, and click on the ‘cached’ link.

Notice in the ‘User-Agent’ field, where it once showed your browser info, now it says:

Code:
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Download the Modify Headers extension.

Code:
http://modifyheaders.mozdev.org/

And open it up. Next you need to make a rule, modifying the ‘User-Agent’ header to say :

Code:
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Once you’re done, make sure it’s enabled, and browse over to the example url. Even though you’re not logged in, you should be able to browse their forums.

Credit to digitalchameleon, rewriten by Magishen

you can also use:

Explore More

Critical persistent xss vulnerabilities at IPAY : Myanmar Online payment Official Site

This evening, I found a fascinated  big bill board “IPAY” http://www.ipay.com.mm at Thamine Junction, Yangon, Myanmar. Then, I said my friend “googl3group” about it, and said  “NO XSS, NO SQL

critical SQL injection (vulnerability) on Myanmar Online Advertisement

PlanetCreator.Net’s Security Team member $@T0R! reported another critical SQL injection (vulnerability) on Myanmar Online Advertisement URL : http://www.myanmaradv.com/ SQL injection is a code injection technique that exploits a security vulnerability

SQL Commandos (usefull for injections)

Here is a list of SQL commands and what they do, these would be used in some injection methods and of course legitimate sql functions. On thier own they wont