b374k
v10
today : | at : | safemode : ON
> / home / facebook / twitter / exit /
name author perms com modified label
Filename
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 12:07
Label
Action



BLOG BARU SIAP ! 
KEKEKEKE XD





Jumping Server WhySoSeriousssssssssssss rwxr-xr-x 0 10:37

Filename Jumping Server
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 10:37
Label
Action
Jumping Server - Its a method to  get access to all readable directories & possible databases on the particular server .

Requirements -
Shelled Website
Download Jumping.zip -
http://adf.ly/6EYbJ


Step By Step Guide -

Download & Upload you Jumping.zip file to your shell .




After uploading your jumping.zip file , now you have to extract it . so to extract it we will go to execute option & write the following command - " unzip Jumping.zip"  (without quotes ) .




Once we have unzipped our files in the public_html dir ,then we can access them by going to www.hackedsite.com/jumping  .







So after once you have opened it , now you have to open barc0de mini.php file . The barcode mini.php shell is a 404 Private shell . when you open it it will show like 404 not found , but actually there is a place to enter password . After you enter your password you will be prompted inside . So the password for this shell is Hackers .








Now you after to open jump.php . It will scan for all readable directories on the server & after the scanning is done , you can see the readable directories there as shown in the image below .




So once you have got the list of the readable directories , then you have to run the scan.php it will scan scan for config & other files in that directory . 




So finally you got the list of all the readable directories & files . so accordingly you can deface the site by going to the particular directory & changing the index page .



Hope you all Liked the Tutorial !

Jom Upload Shell In Joomla ! WhySoSeriousssssssssssss rwxr-xr-x 0 05:20

Filename Jom Upload Shell In Joomla !
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 05:20
Label
Action
Okay , today we gonna upload some shell in Wordpress . It so so so so so simple !

Let kick some ass !

1- You suppose  to have wordpress accout . Whether hack it or your own website( that would the idiot only ) .

Login into the account !


2.  Once you Login you see the below screen.



3. Then look for Extensions and in that Template Manager.



4. Once you click on that you will see all the templates installed on that site.



 5. See the marking in red it has the star. It means its the default template used by the sites currently. Select any of the template like it did beez in green.



6. Once you click on beez you will see the following screen. now just click on edit html




8. Once you click on edit html you will see the following screen




see the red part /templates/beez/index.php that is the path of your shell


9. Now just paste your shell code over their and save it



10. Once you click on save. it will take you to page were it will show you Template source saved. you work is done



Once that is done you can access your shell. Path of the shell would be
www.site.com/templates/beez/index.php

Get it ? 

BackTrack - Penetration Testing Distribution Setting Part III WhySoSeriousssssssssssss rwxr-xr-x 0 02:03

Filename BackTrack - Penetration Testing Distribution Setting Part III
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 02:03
Label
Action
Wireless Cards

Tested and working cards

We were able to test the following cards. Note that "passed" means "passed an aireplay -9" injection test. We will be expanding on this list as more feedback domes form the community. From our testing we found that most major chipsets were supported, as well as the most common cards.

- AWUS036H (rtl8187, r8187) - both mac80211 and IEEE drivers - passed

- AWUS036NH (Ralink RT2870/3070) - using the mac80211 rt2x00usb drivers - passed

- BCM4312 802.11b/g LP-PHY (rev 01) - using the mac80211 b43, works well - passed

- Rockland N3 - (Ralink RT2870/3070) - using the mac80211 rt2x00usb drivers - passed

- Edimax EW-7318USG USB - (Ralink RT2501/RT2573) - using the mac80211 rt2500usb/rt73usb drivers -   passed

- ASUSTek Computer, Inc. RT2573 - using the mac80211 rt2500usb/rt73usb drivers- passed

- Linksys WUSB54GC ver 3 - using the mac80211 rt2800usb drivers - passed

- Ubiquiti SRC - using the mac80211 ath9k drivers- passed

- Internal Intel Corporation PRO/Wireless 3945ABG - using the mac80211 iwl3945 drivers- passed

- Dlink WNA-2330 PCMCIA - using the mac80211 ath5k drivers- passed

- Atheros Communications Inc. AR9285 Wireless Network Adapter (PCI-Express) (rev 01) - using the   mac80211 ath9k drivers- passed

- Netgear wg111v2 - using the mac80211 rtl8187 drivers- passed

- ZyXEL AG-225H v2 - using the mac80211 zd1211 drivers - passed

- Intel 4956/5xxx - using the iwlagn drivers - passed


Working, without injection

- Broadcom Corporation BCM4321 802.11a/b/g/n (rev 03)

- Broadcom Corporation BCM4322 802.11a/b/g/n Wireless LAN Controller (rev 01)


NON working cards

- D-Link DWL-122 - using the mac80211 prism2_usb drivers - fail

- Linksys WUSB600N v2 - using the mac80211 rt2800usb drivers - fail

- AWUS051NH - fail


Advanced Corner

Getting Cuda working on Backtrack 4

BackTrack includes many tools which utilize the power of graphics cards to greatly improve perfor- mance. This section will help you get your environment set up to use these tools and also to set up a development environment to make your own tools.

Check http://en.wikipedia.org/wiki/CUDA to see if your video card is capable of running CUDA applications


Installing the Nvidia Drivers

Installing the driver is now easier than ever. We use the installer from the nvidia web site and do not alter the install in any way. This means no matter which kernel version you are running on backtrack the nvidia-driver package should work. Note: Be sure to log out of X before installing the driver or it will fail

root@bt:~# apt-get install nvidia-driver

Simply follow the prompts and choose the defaults and you should be fine. Since every system is different there are 2 ways to get your xorg.conf working on backtrack.


Method 1: The installer attempts to do this method but in some cases its needed to do it manually. Log out of the X server.

root@bt:~# Xorg -configure
root@bt:~# cp /root/xorg.conf.new /etc/X11/xorg.conf
root@bt:~# startx


Method 2: Nvidia bundles a config tool with their install which may work better for you that the Xorg tools. Log out of the X server

root@bt:~# nvidia-xconfig
root@bt:~# startx


Installing the CUDA Toolkit

The toolkit contains the nvcc compiler and all the libraries needed to build any GPU based app- lications from source. The toolkit is also needed if you are planning on developing any of your own applications.

root@bt:~# apt-get install cuda-toolkit

The default install is /opt/cuda. Note: The toolkit is designed to be installed as root. If you want to install it as another user you will need to add the following lines to the users .bashrc file.

PATH=$PATH:/usr/local/cuda/bin
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/cuda/lib
export PATH
export LD_LIBRARY_PATH


Installing the Nvidia SDK

You no longer package the cuda code samples in our repositories due to the size the package has become. The code samples are extremely useful though if you are interested in cuda development. Getting it installed on backtrack is fairly simple.

root@bt:~# wget http://developer.download.nvidia.com/compute/cuda/3_1/sdk/gpu-computingsdk_3.1_linux.run
root@bt:~# chmod 755 gpucomputingsdk_3.1_linux.run
root@bt:~# ./gpucomputingsdk_3.1_linux.run

The only thing I change aside from the default choices is the place where the NVIDIA_SDK is installed. On backtrack you install to /opt. you have to instruct the installer to install to /opt/cuda/ so that my code samples are inside my cuda directory.


Getting up and running with Pyrit

Pyrit is included in the backtrack iso but in order to use it with cuda you will need to install the cuda kernel module. This is part of the cpyrit package. Installation is fairly straight forward:

root@bt:~# apt-get install cpyrit-cuda


You can check if your GPU is being recognized with the following command:

root@bt:~# pyrit list_cores

Pyrit 0.3.1-dev (svn r279) (C) 2008-2010 Lukas Lueg http://pyrit.googlecode.com. This code is distributed under the GNU General Public License v3+.

The following cores seem available...

#1: 'CUDA-Device #1 'GeForce GTX 295

#2: 'CUDA-Device #2 'GeForce GTX 295

#3: 'CUDA-Device #3 'GeForce GTX 295

#4: 'CUDA-Device #4 'GeForce GTX 295

#5: 'CUDA-Device #5 'GeForce GTX 295

#6: 'CUDA-Device #6 'GeForce GTX 295

#8: 'CUDA-Device #8 'GeForce GTX 295


You can then run a benchmark to see how many keys per second your system in capable of:

root@bt:~# pyrit benchmark

Pyrit 0.3.1-dev (svn r279) (C) 2008-2010 Lukas Lueg http://pyrit.googlecode.com. This code is distributed under the GNU General Public License v3+. Running benchmark (97384.8 PMKs/s)... |

Computed 97384.83 PMKs/s total.

#1: 'CUDA-Device #1 'GeForce GTX 295: 11520.5 PMKs/s (RTT 2.9)

#2: 'CUDA-Device #2 'GeForce GTX 295: 11274.3 PMKs/s (RTT 2.9)

#3: 'CUDA-Device #3 'GeForce GTX 295: 10439.3 PMKs/s (RTT 2.9)

#4: 'CUDA-Device #4 'GeForce GTX 295: 11095.7 PMKs/s (RTT 2.9)

#5: 'CUDA-Device #5 'GeForce GTX 295: 10564.8 PMKs/s (RTT 2.6)

#6: 'CUDA-Device #6 'GeForce GTX 295: 10533.7 PMKs/s (RTT 2.9)

#7: 'CUDA-Device #7 'GeForce GTX 295: 10414.8 PMKs/s (RTT 2.6)

#8: 'CUDA-Device #8 'GeForce GTX 295: 11333.7 PMKs/s (RTT 2.9)


Add CUDA syntax highlighting to Vim

Here is how to add CUDA syntax highlighting to Backtrack. First you need to install vim-full:

root@bt:~# apt-get install vim-full

Then grab the syntax file:

root@bt:~# cd /usr/share/vim/vim71/syntax/
root@bt:/usr/share/vim/vim71/syntax# wget http://www.backtrack-linux.org/patches/cu.vim.txt
root@bt:/usr/share/vim/vim71/syntax# mv cu.vim.txt cu.vim

Next change into your root directory (or whichever user you are using):

root@bt:~# touch .vimrc
root@bt:~# vi .vimrc

Add the following lines:

au BufNewFile,BufRead *.cu set ft=cu
syntax on

Now your vi should be set up for CUDA syntax highlighting.

BackTrack - Penetration Testing Distribution Setting Part II WhySoSeriousssssssssssss rwxr-xr-x 0 02:01

Filename BackTrack - Penetration Testing Distribution Setting Part II
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 02:01
Label
Action
Wicd wireless GUI usage

There is a script to start the wicd-daemon in the /etc/init.d directory. To start it issue the following command:

root@bt:~# /etc/init.d/wicd start

This should be started before attempting to open the client. Once you have started the daemon you can open the GUI interface for the client from the KDE menu:

KDE > Internet > Wicd Network Manager

If you would like to have the Wic Daemon start at boot time:

root@bt:~# update-rc.d wicd defaults


Changing the root password

It is vital you change your root password before you open up any services, such as SSH. Make sure to change your default toor password!

root@bt:~# passwd
Enter new UNIX password: {enter your new password here }
Retype new UNIX password: {enter your new password again}
passwd: password updated successfully
root@bt:~#


Starting services

BackTrack has various services such as Apache, SSH, MySQL, VNC, etc. They are all disabled by default. To start a service such as SSH, you can use the service init scripts. For example, to start the SSH service:

root@bt:~# sshd-generate # Specific to the SSH service - needed to generate SSH keys
root@bt:~# /etc/init.d/ssh start
Starting OpenBSD Secure Shell server: sshd.
root@bt:~# /etc/init.d/ssh stop
Stopping OpenBSD Secure Shell server: sshd.
root@bt:~#

When using a ssh server for the first time on Backtrack you will need to generate keys:

root@bt:~# sshd-generate

To enable a service at boot time, you can use the update-rc.d command, for example, having SSH start at boot time:

root@bt:~# update-rc.d -f ssh defaults
Adding system startup for /etc/init.d/ssh ...
/etc/rc0.d/K20ssh -> ../init.d/ssh
/etc/rc1.d/K20ssh -> ../init.d/ssh
/etc/rc6.d/K20ssh -> ../init.d/ssh
/etc/rc2.d/S20ssh -> ../init.d/ssh
/etc/rc3.d/S20ssh -> ../init.d/ssh
/etc/rc4.d/S20ssh -> ../init.d/ssh
/etc/rc5.d/S20ssh -> ../init.d/ssh
root@bt:~#


Common apt commands

apt-get install (package) Downloads (package) and all of its dependencies, and installs or upgra- des them.

apt-get remove [--purge] (package) Removes (package) and any packages that depend on it.

apt-get update Updates packages listings from the repo, should be run at least once a week.

apt-get upgrade Upgrades all currently installed packages with those updates available from the repo.

apt-get dist-upgrade [-u] Similar to apt-get upgrade, except that dist-upgrade will install or remove packages to satisfy dependencies.

apt-cache search (pattern) Searches packages and descriptions for (pattern).

apt-cache show (package) Shows the full description of (package).

apt-cache showpkg(package) Shows a lot more detail about (package), and its relationships to other packages.

man apt Will give you more info on these commands as well as many that are in less common usage.


Common dpkg commands

dpkg -i (package.deb) Installs a package file; one that you downloaded manually, for example.

dpkg -c (package.deb) Lists the contents of (package.deb) a .deb file.

dpkg -I (package.deb) Extracts package information from (package.deb) a .deb file.

dpkg -r (package) Removes an installed package named (package)

dpkg -P (package) Purges an installed package named (package). The difference between remove and purge is that while remove only deletes data and executables, purge also deletes all configuration files in addition.

dpkg -L (package) Gives a listing of all the files installed by (package). See also dpkg -c for checking the contents of a .deb file.

dpkg -s (package) Shows information on the installed package (package). See also apt-cache show for viewing package information in the Debian archive and dpkg -I for viewing package information extracted from a .deb file.

dpkg-reconfigure (package) Reconfigures an installed package.

man dpkg Will give you more info on these commands as well as many that are in less common usage.


How do I find more information on a particular command or programs usage ?

Most commands will have what is called a man page (manual page) which can be viewed by typing:

root@bt:~# man (command you want more info on)

Another very good resource on linux command usage can be found at linuxcommand.org Some programs do not have a man page, but you can usually get more information on it's usage by typing:

root@bt:~# (program name) Just the program name without any arguements.

or

root@bt:~# (program name) -help

or

root@bt:~# (program name) --help

or

root@bt:~# (program name) -h


Wireless Drivers

With the ever changing arena of the wireless driver world and the mac80211 stack, we wanted to dedicate a page that would sort out some tricky wireless driver setups. Before you start your journey into BackTrack wireless world, you should first identify your wireless card chipset with 100% cer- tainty. If in doubt, you can always try plugging in the card into a Linux box, and see what dmesg has to say.

BackTrack contains patched stock kernel 2.6.35.8 wireless drivers, as well as several "external" drivers. Some of these drivers overlap, to provide maximum flexibility with various wireless attacks. The /etc/modprobe.d/blacklist dictates which preferred drivers are loaded at boot-time. Generally speaking, all the older IEEE drivers are blacklisted and need to be loaded manually if you want to use them.


Wireless Drivers
rtl8187 vs r8187

This is a confusing one. The rtl8187 is the mac80211 stack driver, while the r8187 is the old IEEE driver. Both support injection.

b43 vs wl

This is a nasty one. b43 supports only *some* broadcom cards. Make sure you know what card version you have before you get frustrated. Check the b43 compatibility list. Some Broadcom chipsets which are NOT covered by b43, *are* covered by the broadcom-STA driver(wl). Note that the wl driver does not support injection! People with macs, or unsupprted b43 broadcom cards such as the BCM4322 802.11a/b/g/n Wireless LAN, check out the broadcom wl page.

ath5k vs ath_pci

These drivers are for certain atheros cards - they should be interchangeable, and both support wireless injection.


compat wireless

As Linux wireless drivers mature, more chipsets get added to the compatibility list. If none of the native BackTrack kernel drivers work for you, you might want to consider using a more recent version of compat-wireless. Check out the compat-wireless page for information on how to get those drivers up and running.

Continue Part III here

BackTrack - Penetration Testing Distribution Setting Part I WhySoSeriousssssssssssss rwxr-xr-x 0 01:59

Filename BackTrack - Penetration Testing Distribution Setting Part I
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 01:59
Label
Action
BackTrack is the highest rated and acclaimed linux security distribution to date. BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessements in a purely native enviroment dedicated to hacking. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Feed- back from all industriesand skill levels allows BackTrack to truly develop a solution that is tailor- ed towards everyone and far exceeds anything ever developed both commercially and freely available. The BackTrack Project is funded by Offensive Security.

Whether you're hacking wireless, exploiting servers, performing a web application assessment, learning, social-engeneering a client BackTrack is the one-stop-shop for all your security needs.

-----------------------------------------------------------------------------------------------------------


BackTrack Live USB Install

This method of getting a live install to a USB drive is the simplest available using Unetbootin. NOTE: that we will format the USB drive and erase its contents.

- Plug in your USB Drive (Minimum USB Drive capacity 2 GB)

- Format the USB drive to FAT32


- Download Unetbootin from http://unetbootin.sourceforge.net/

- Start Unetbootin and select diskimage (use the backtrack-final ISO)

- Select your USB drive and click "OK" for creating a bootable BackTrack USB drive

- Log into BackTrack with the default username and password root / toor.




BackTrack 4 arranges tools in 11 categories

Information Gathering

Network Mapping

Vulnerability Identification

Web Application Analyses

Radio Network Analyses

Penetration

Privilege Escalation

Maintaining Access

Digital Forensics

Reverse Engeneering

Voice Over IP

Download it here

----------------------------------------------------------------------------------------------------------


Logging in to BackTrack

Once the installation of BackTrack is done, the default username and password for the console are root / toor. You will not be able to see the password as you type it.


Starting a GUI Environment

To start a KDE GUI environment, type at the console

startx

In rare occasions (such as after a VMware tools install, or when using unsupported Video cards), X will refuse to start. You have several options you can try:

Using the default VESA configuration:

root@bt:~# fix-vesa
[*] Backing up xorg.conf to xorg.conf.orig
cp: cannot stat `/etc/X11/xorg.conf': No such file or directory
[*] Copying over xorg.conf-vesa to xorg.conf
[*] Please restart X
root@bt:~#

Reconfiguring the X server package

You can reset (and often fix) Xorg configurations with the following command:

root@bt:~# dpkg-reconfigure xserver-xorg

You can safely accept all the defaults if unsure of questions you are asked. If in a Vmware image, you can run:

root@bt:~# fix-vesa-vmware
[*] Backing up xorg.conf to xorg.conf.orig
[*] Copying over xorg.conf-vmware to xorg.conf
[*] Please restart X
root@bt:~#

Switching Between KDE and Fluxbox

You can use the dragon utility to switch between KDE and Fluxbox desktops.

root@bt:~# dragon
2010 (C) Dragon v 0.1 - Back|Track Command Line Control Panel
upgrade Upgrade your Back|Track box
follow Install and Follow all Back|Track tools by Category
...
dragon >> desktop fluxbox
Selecting Fluxbox as default Desktop Manager
dragon >> quit
Good Bye
root@bt:~#

Restart your X session by logging out, and then typing startx. To switch back from Flux to KDE, the command inside dragon would be desktop kde.


Getting Networking to work

BackTrack does not boot with networking by default (you don't always want to announce yourself with a DHCP request on a local network).


Setting your IP manually

To set your IP address manually, use the following commands. In this example, we will be assuming an address of 192.168.1.112/24, with a default gateway and DNS server - 192.168.1.1.

root@bt:~# ifconfig eth0 192.168.1.112/24
root@bt:~# route add default gw 192.168.1.
root@bt:~# echo nameserver 192.168.1.1 > /etc/resolv.conf


Getting a static IP to stick between reboots

To get your IP to stick between reboots, you can edit your /etc/network/interfaces file. For example:

# This file describes the network interfaces available on your system and how to activate them.

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.112
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1

Edit the file as appropriate, then have the network come up automatically at boot time:

root@bt:~# update-rc.d networking defaults
root@bt:~# /etc/init.d/networking restart


Getting an IP from DHCP

You can use the dhclient command to automatically get an IP address from a DHCP server:

root@bt:~# dhclient eth0
Internet Systems Consortium DHCP Client V3.1.1
Copyright 2004-2008 Internet Systems Consortium
All rights reserved
For info, please visit http://www.isc.org/sw/dhcp/

Listening on LPF/eth0/00:0c:29:81:74:21
Sending on LPF/eth0/00:0c:29:81:74:21
Sending on Socket/fallback
DHCPREQUEST of 192.168.1.112 on eth0 to 255.255.255.255 port 67
DHCPACK of 192.168.1.112 from 192.168.1.1
bound to 192.168.1.112 -- renewal in 37595 seconds
root@bt:~#


Using the script to start networking

There is a script to start networking in the /etc/init.d directory. To start it issue the following command:

root@bt:~# /etc/init.d/networking start

The script attempts to start all the interfaces listed in the interfaces file. You can remove the ones you do not need by editing the following file:

root@bt:~# nano /etc/network/interfaces

Continue Part II here

Deface Maker WhySoSeriousssssssssssss rwxr-xr-x 0 00:48

Filename Deface Maker
Permission rw-r--r--
Author WhySoSeriousssssssssssss
Date and Time 00:48
Label
Action
This tool use to create HTML code . So simple !

Example :-


It look something like this -->


No problem get it form here
 

Jayalah Indonesiaku © 2010 Guest Who !
VB (Vio b374k) Template design by p4r46hcyb3rn3t