File upload vulnerability

1). Go to Google.com and type given below dork..

 allinurl: /cgi-bin/filechucker.cgi

2). Choose a site having title like “Upload a file”,

3). Fill all the fields and upload your deface page or shell..! 

4). Its Uploded :D You just hacked a site !!
As said above now we just have to upload our Deface page here the file uploaded url is given in example if not given you can found your uploaded file at.

example.com/upload/files     or

example.com/upload/userfiles

Here we have uploded our deface page...

Only for Educational purposes..!!

Read more

Tutorial on Defacing with KindEditor Vulnerability

Note==>Tutorial is only for Educational purpose and Hackers Store claims no responsibility on how you use it...

Follow The Steps==>

STEP 1: Go to http://www.google.com/

STEP 2: Copy and Paste this dork

inurl:examples/uploadbutton.html

STEP 3: Choose any site target, then put this exploit behind the site url and enter

/kindeditor/examples/uploadbutton.html

Examples: www.sitetarget.com/kindeditor/examples/uploadbutton.html

STEP 4: After put the exploit, you will see 'upload button'. Click the 'upload button' and choose your Deface Page

STEP 5: If your Deface Page file successfully uploaded, copy the link given beside the 'uplaod button' and paste it behind the url site..

Examples: www.sitetarget.com/(url given)

its just for Educational purpose....!!!

Read more

Congo NIC and Official Domain Registry hacked by Leet

Once a popular hacker "Leet" from Pakistani hacker team "Madleet" have back into the cyber world with its hack. This time also hacker have hacked and deface the some of the high profiled site. Today hacker LEET have hacked the Domain Registry of Democratic Republic of the Congo (nic.cd).



Domain Registry of Democratic Republic of the Congo (nic.cd) is responsible for providing all the high profiles local countries domain for the firms as like Amazon, Microsoft, Godaddy and so on.

Hacker have hacked into the system of the domain registrar and able to change DNS of all the site hosted on the server to its own DNS. 

Earlier also hacker have hacked numerous high profiled site which includes, domains of Google, Microsoft, and many of NIC domains with the same method called DNS poisoning. 

At the time of writing all the sites are still showing the deface page. You all can check the list of the site deface and its mirror on the Zone-H. 

Read more

Cara Mencegah Client Mengganti DNS secara Manual

Bagaimana cara mencegah client mengganti DNS manual misal ke 8.8.8.8? Pertanyaan ini ada pada artikel sebelumnya yakni : Cara Mudah Memblokir Situs-situs Dewasa dengan DNS di Mikrotik. Nah pada artikel kali ini saya akan coba menjawab nya dan memberikan solusi mencegah client mengganti DNS secara manual menggunakan Mikrotik.

Sebenarnya lebih tepat kalau kita sebut "Memaksa" Client menggunakan DNS Mikrotik. Karena siapapun bisa saja merubah setingan DNS di PC nya masing-masing. Nah, hal yang akan kita lakukan ini adalah memaksa client tersebut untuk menggunakan DNS kita walaupun DNS di PC nya sudah dirubah misal ke 8.8.8.8. Gimana caranya? Simak tutorial berikut :

Tutorial Cara Mencegah Client Mengganti DNS secara Manual :

1. Login ke Mikrotik via Winbox 

2. Masuk ke menu IP --> Firewall --> NAT --> Add --> 

- Pada tab General : 

==> Chain : dstnat

==> Protocol : 17 (udp)

==> Dst. Port : 53

- Pada tab Action :

==> Action : Redirect

==> To Ports : 53

3. Coba anda cek di PC, ganti DNS ke manual misal 8.8.8.8 dan akses situs yang harusnya diblokir.

4. Jika masih bisa, coba flush dulu DNS Cache nya di Mikrotik dan PC nya

Oke, selamat mencoba tutorial Cara Mencegah Client Mengganti DNS secara Manual ini ya. Semoga sukses :)

Read more

Cara Mudah Memblokir Situs-situs Dewasa dengan DNS di Mikrotik

Memblokir Situs-situs Dewasa degan Mudah di Mikrotik

Menciptakan suasana internet yang sehat itu penting. Apalagi jika bayak client dari jaringan kita adalah anak-anak atau anak sekolah yang belum boleh mengakses konten dewasa. Masalahnya, banyak sekali situs-situs dewasa yang beredar di internet. Hal ini bakal bikin pusing jika kita harus memblokir situs nya satu per satu.

Untuk dapat memblokir situs atau konten terentu di internet pada Mikrotik dapat dilakukan dengan cara :

1. Web Proxy

2. DNS Static

3. Firewall

Memblokir situs tertentu menggunakan Web Proxy sudah pernah saya bahas disini :

Cara Memblokir Situs Menggunakan Web Proxy MikroTik

 

Begitu juga dengan memblokir situs dengan Firewall Mikrotik. 

Memblokir Facebook menggunakan Layer 7 Protocol Mikrotik

Keduanya harus memasukkan daftar situs yang akan diblokir secara manual satu per satu. Hal ini tentu akan sangat merepotkan jika jumlah situs yang akan diblokir sampai ratusan bahkan ribuan. Kendala lainnya adalah kita tidak tau situs apa saja yang harus diblokir.

Nah, oleh karena itu solusi yang cocok adalah menggunakan DNS Static. Dalam hal ini kita dapat menggunakan DNS Gratis dari Nawala atau OpenDNS yang sudah memfilter konten berbahaya. Jadi kita tidak perlu lagi repot-repot memfilter manual semua situs-situs berbahaya tersebut.

Caranya sangat mudah, silakan anda login ke Mikrotik via Winbox.

1. Jika anda menggunakan DHCP Client, misalnya menggunakan internet dari speedy atau modem GSM maka anda harus menonaktifkan fitur "Use Peer DNS"

Masuk ke menu IP --> DHCP Client --> Buka DHCP client nya -- > uncheck "Use Peer DNS"

2. Masuk ke menu IP --> DNS --> Masukkan DNS Server nya di kolom Servers --> centang Allow Remote Request

- DNS Nawala (gratis tanpa register) :

• 180.131.144.144
• 180.131.145.145

- DNS OpenDNS (gratis register dulu) --> opendns.com

Bedanya jika menggunakan DNS Nawala jika masuk ke situs yang terblokir muncul pesan tetapi tidak dpat diganti. Sedagkan kalo OpenDNS bisa kita masukkan pesan tertentu sesuai keinginan seperti pada gambar pertama diatas.

Selain itu, jika menggunakan DNS Nawala kita ga bisa menambahkan atau mengurangi situs yang diblokir, sedangkan kalo menggunakan DNS OpenDNS bisa diatur situs apa saja yang mau diblokir. Namun jika menggunakan OpenDNS harus register dulu.

3. Setelah diganti DNS nya, jangan lupa untuk Flush DNS Cache nya. Pada menu DNS Settings --> Cache --> Flush Cache

atau bisa menggunakan command :

ip dns cache flush

4. Lakukan flush DNS cache juga pada windows dengan command di CMD :

ipconfig /flushdns

Nah, sekarang siapapun yang mengakses konten dewasa akan diblokir oleh DNS server. Namun masalahnya, bagaimana jika client mengganti alamat DNS nya secara manual misal pake DNS google 8.8.8.8? Hal ini akan membuat pemblokiran ini menjadi sia-sia.

Sekarang pertanyaannya, bagaimana cara mencegah client mengganti DNS manual misal ke 8.8.8.8? Caranya dengan memaksa client untuk menggunkaan DNS dari Mikrotik kita. Tutorialnya silakan anda baca disini :
Cara Mencegah Client Mengganti DNS secara Manual

Oke, demikianlah Cara Mudah Memblokir Situs-situs Dewasa dengan DNS di Mikrotik. Silakan dicoba, dan semoga bermanfaat :)

Read more

Mengganti Tampilan Halaman Error Webproxy Mikrotik

Tampilan Halman error pada Webproxy Mikrotik dapat kita rubah sesuai keingininan. Tampilan asli halaman error web proxy Mikrotik adalah sebagai berikut :

 

Kita dapat merubah tampilan tersebut dengan mengganti/merubah script yang ada di file /webproxy/error.hrml pada mikrotik. 

Namun jika direktori dan file tersebut tidak muncul di Mikrotik, maka anda harus mereset file HTML nya.

1. Masuk ke menu IP --> Web Proxy --> Reset HTML

2. Copy file error.html via File List atau akses FTP Mikrotik

3. Silakan anda edit filenya atau ganti dengan error page anda sendiri.

4. Yang perlu diperhatikan adalah, tidak semua kode HTML dapat dieksekusi di halaman error ini. Misalnya : tidak dapat menampilkan gambar atau animasi lainnya.

5. Jika anda ingin menambahkan gambar pada halaman error nya, file gambar nya bisa dirubah dulu ke dalam base64 string di web ini

http://webcodertools.com/imagetobase64converter

6. Selanjutnya bisa masukkan code HTML hasil convert nya ke halaman error tadi. Contoh nya seperti ini :

7. Hasilnya seperti ini :

Oke sekian dulu Tutorial Mengganti Tampilan Halaman Error Webproxy Mikrotik ini. Silakan anda coba :)

Read more

Swipe Screen & Earn Money [ Android Trick ]

Hello Readers, Nowadays maximum users are using android device and it is one of the widely spread mobile operating system which is very easy and comfortable to use. Millions of android apps are available in Google play and lot of them are working like a earning way so here is another application which allows you to earn just by swiping your screen. Yes you heard it right, you can earn money by just swiping your android device screen.

Paisa Swipe is the newly launched android app which pays for clicking on advertisements just at the time of swiping your Android device screen. Many of you think that it’s fake but believe Us, we never post anything which is spam or scam, we always post those tricks which is totally genuine and working. You can redeem your earnings in form of Mobile recharge via freecharge.in OR via paypal.  Me personally using this application and earning superbly. Find below screenshot for earning proof.

Steps To Follow : 

• Join Paisa Swipe by clicking Here & download it after registration.

• Now your task is to clicking on ads at the time of unlocking your screen.

• It is on a concept that you get ads in your mobile on lock screen by swiping each time you earn.

• More you click ads, more you earn.

Points To Remember : 

• This App is only for Android users.

• Internet connection required.

• Per hour you can earn maximum Rs.1.50.

• There is a limit of 60 paise for per ads.

• Maximum you can earn Rs.11 daily.

• App payout in 2 ways : 1) Coupon of freecharge.in . 2) Paypal.

• Minimum limit to withdraw via freecharge is Rs.50 and via paypal is Rs.150.

You can easily earn Rs.50 in 4-5 days. This app is smooth also that means it doesn’t each so much of Ram.

They have their own customer support also and I really appreciate their service.

Thus, if you have android device then follow this awesome application and earn money by just swiping your screen.

Hope you loved this post, Do comment and share this post if you love our tricks. Thanks For Visiting Us !!

Read more

Get Free Domain name for 1Year

Hi guys once again I am back with the great new offer for you all. Today we have a exciting offer for all those who can't pay for a domain. Yeah.. that right I have an offer of a Domain for you all.

While surfing to the net I have got this exciting offer of free domain. This free registration of your domain will valid for 1 Year. Guys many of you blogger don't have domain right now, so this is a great chance to integrate your blog with a domain, and that also for 1 year.
United kingdom, based web hosting provider "OVH" (www.ovh.co.uk) who provides a premium hosting and various domain name,  which is also a fourth largest domain name registrar in the world (Netcraft, January 2012).

OVH is giving .EU (European Extension) domain name for free. Actually they are giving this offer only for residents of EU countries, but you all can grab this offer. While registration process fill the address details with the address of European countries. You all can find the address of the European countries with pincode  easily on google.

Visit this Link OVH Promo Link  and start registrating your domain. Please do read the below some steps that you need to follow while registration Process.


Important things to remember while registration...

Note:- 

• Give your own mobile number, with your own countries code, as like +91 for India.
• On second steps select Traditional DNS (free).
• On third steps select "I don't want a hosting package with the domain".
• On the Sixth steps check the "Activate DNSSEC on all supported extensions" box.
• You will get "Available methods of payment" Under this click on "Next".

That's its Now all you an do further things....

Thank you all guys, for reading this. I will only say that, do share this post with others also, so that this can help them also. 

Happy Blogging...!!!!

Read more