SOLDIERX.COM Nobody Can Stop Information Insemination

Ok everyone, I do not post questions often as I have the ability to find what I am looking for normally and know how to use google . Anyway, here is my dilema slash question. I need to run nmap and some other scanners against a .onion site. I have everything set up to go through the tor network, but when I specify a .onion extension in nmap it does not resolve. I guess what I want to know is 1) is this possible? 2) if so, does anyone know of a good tutorial or have any suggestions on why it would not be resolving or how to do it properly. 3) would i2p be a better solution?

What I have going now:
I am using tor, privoxy, tortunnel and proxy chains. I have also tried to connect to the network with a backtrack machine and then redirect all traffic on a certain port through the socks tunnel provided by tor.

I've been trying to use pyloris 3.2, is it worth it? I've been getting this error

I've been attempting to attack my old highscool's website. I know for a fact that this is a simple error and chances are has a really simple solution and I just cant figure it out for some reason,
Also what are some better programs then Pyloris?

[ERROR]: Could not connect. [Errno 10061] No connection could be made because the target machine actively refused it.

meant as an personal mssg. found out it was open to forums today

Assignment for people who knows how to do a good job.
There are four types of tasks:
1.Make a program or script to enter data virtual amount in a locked database.
2.Find the username and password from administrator or a mod.
3.Creating scripts for dmg ... and ammo.
4.Creating a script for the game shop ... or buying injection.

If you are the right person for us .. please contact us and we shall forward you any other information.
You can choose one of four options offered.
Its not banks,institutions and things like that,it is a simple game server.

Why are we involved in this project:
1.Because the owner and the entire team have become greedy, and players are no longer relevant.
2.Because they do not respect the law on trade and consumer protection.
3.Because of language discrimination.

The award for successful task completion:
1.A payment from 7.000 $ at once,and the payment amount each month of 1.500$ following two years.

I am a proponent to learning as much as possible about something that interests me. I am a student in the CIS program at a University in Florida, specializing in Penetration Testing and Network Security. I have been reading over and over books, like steal this Computer Book 4.0., TCPIP guide, SQL Injection Attacks and Defense along with some others, along with my classroom books. To graduate we have to penetrate a network in a controlled environment, along with setting up a network using Boson Software. I have a friend at the Beach, who is in charge of the IT department at one of the largest banks in the world. He is telling not to waste my time on SQL injections or learning the language, that you only use only a small percentage of the language. My professor is a DOD penetration tester, he is telling me SQL is still a good language to learn for penetration testing. Who is right?

The problem lays here, I found many many Sql Vulns.. I just don't know how to execute the injection.. any help?

I have recently found info about a new xss vulnerability in phpinfo(). Figured I'd share it here as well:

The google search:

inurl:phpinfo.php

or

inurl:test.php + intitle:phpinfo()

The xss code:

?a[]=alert(/XSS/);

This can be leveraged to plant a web shell...

I found new brute forcer utility. It is a clone of Brutus AET/WWWHack/AccessDiver.
FormHack is specialized to organize attacks on sites with form-based authetication via method POST and GET

Site of utility: http://pass.efmsoft.com

examples of usage:
http://www.youtube.com/watch?v=7VZX-3uejoE&noredirect=1
http://www.youtube.com/watch?v=lTeR2yaPgYY
http://www.youtube.com/watch?v=pzFItOQPA7Q
http://www.youtube.com/watch?v=USi7ERR6akQ

I haven't been around much lately because I've been very busy. I thought I'd post the following for anyone who might have missed it. I am sure many of you have seen this recently, and some of you undoubtedly already knew about it since /proc/pid/mem has been a source of abuse for ages. The reason I'm posting this particular exploit is that many very recent kernels seem to be vulnerable, and the exploit seems to be quite reliable.

Check the following link for the original post by zx2c4: http://blog.zx2c4.com/749
Read it if you want to know how the exploit works.

The following is a quote from his post:

I need help
A friend of mine was scammed out of some big money by someone on steam, I decided to help him out, so I befriended the hacker in hopes that i could capture a screenshot of him in the act, it has been weeks since that, and today I initiated a trade with him, having forgotten who he was, I am now out $120 in promised goods.
i need to find out his personal contact information and or IP so that can track his ass down, I will not "steal" anything from him, but I have high hopes that I can scare him into giving me what he owes me.
Here is his profile on steamrep,
http://steamrep.com/index.php?id=76561198056005850
I would prefer to do this myself, but i have little to no knowledge in hacking, and I need help, I am willing to give out 1/3 of the owed payment as a steam game to whoever helps me do this, if he gives it back.