Jones Guide

Sabtu, 15 Maret 2014

Vulnerability website hack

Testing Image Shell and Deface Upload Vulnerability

Unknown 23.30

In this tutorial we are talking about Testing Image Shell and Deface Upload Vulnerability. So lets start..

Follow the Instructions:

1). Search the following dorks.

Dorks:
inurl:"modules/filemanagermodule/actions/?picker.php??id=0"
intitle:"Testing Image Collections"

2). Use both Google and Bing to search the above dork to find more vulnerable websites.

3). Select any Website from the search result.Find the upload option. in the bottom left corner..

4). Now, Select your deface or Shell and Upload it.

To view your Uploaded shell or deface visit:
http://website.com/files/yourfilehere

http://websites.com/path/yourfilehere

Happy Hacking!! Only for Educational purposes..!!

Cyber News

Madleets Got Hacked and Data Leaked

Unknown 05.00

The one of famous Pakistan hacking group Team Madleets hacked and their users leaked .The hacker with the handle name “Dukhi Nawab” hacked and leaked the Madleets Admin and Moderator details before few minutes. Their team know as “PakBug” . PakBugs / Xploiter Crew hacked madleets 2nd time . Two months ago the owner of Xploiter Crew also Defaced the Madleets subdomains . The Hacker did not defaced the Website he just leaked the data.

Dukhi Nawab says:-
MadLeets HaCked And Data Leaked By DuKhi NawaB (PAKbugs jr)
Too long db, got bored to leak all.. anyways remember that maddies we are ur daddies..
And neXt time secure your ass..
greetz ; ZombiE_KsA, stoKer, Xploiter & Dr.Freak

Leaked Database :-

1 1337 1733bab470835253a22231dab3fe3dca

2 h4x0rl1ƒ3 ac39d4fe6fdb8ce21c72e4efaefd6e73

3 Tor Demon 8d685488c51f1497beb2863f7503b224

4 MindCracker f4f7d36949cad89ff77379598069109b

More Database :- Click here

Jumat, 14 Maret 2014

Vulnerability website hack

File Thingie Shell Upload Exploit Vulnerablity

Unknown 04.07

This is a vulnerability which allows a remote attacker to upload his/her deface or shell on the website.

Follow the Steps=>

1). Go to google and search this dork. :)

Google Dork : inurl:ft2.php intext:upload

2). After the searching the above dork, you will get websites vulnerable to this.

3). Select any website, upload your deface or shell there.

4). To view your deface or shell, just click on your file name after its uploaded.

Happy Hacking .ONly for Educational Purposes ..!!!!!

File Thingie Shell Upload Exploit Vulnerablity
File Thingie Shell Upload
File Thingie Exploit

Rabu, 12 Maret 2014

Backup Mikrotik Mikrotik Lanjut Tutorial Mikrotik

Cara Export & Import Konfigurasi/Setingan Mikrotik

Unknown 19.22

Export & Import Konfigurasi/Setingan Mikrotik hampir sama dengan melakukan backup & restore seperti yang sudah pernah saya bahas disini :

Cara Backup dan Restore Konfigurasi Router Mikrotik

Bedanya Export - Import dengan Backup - Restore :

1. File hasil backup tidak bisa dibuka di notepad PC, sedangkan file hasil export bisa.

2. File hasil export berisi script konfigurasi/setingan Mikrotik yang dapat langsung di copy-paste dan dieksekusi di terminal Mikrotik.

Jadi, fitur Export ini dapat digunakan untuk melihat konfigurasi Mikrotik dalam bentuk script (command line). File ini juga bisa digunakan untuk import konfigurasi Mikrotik, sama halnya dengan fungsi Backup - Restore Mikrotik.

Cara Export & Import Konfigurasi/Setingan Mikrotik sebagai berikut :

1. Buka terminal masukkan command berikut :

export file=namafile

Ganti namafile sesuai keinginan anda.

Selain itu kita juga bisa melakukan export untuk konfigurasi spesifik, misal mau export konfigurasi firewall saja jadi command nya gini :

ip firewall export file=namafile

2. Hasil file export nya tersimpan di file, coba lihat dengan command

file print

3. Untuk meng-copy file konfigurasi tersebut, buka menu file --> pilih file konfigurasi mana saja yang mau di-copy --> klik tombol copy di toolbar --> masuk ke folder Windows Explorer --> Paste di folder mana terserah anda.

4. Extensi file export ini adalah .rsc. Kita bisa membuka file ini dengan notepad.

5. Jika ingin meng-import file konfigurasi ini buka terminal --> ketikkan command :

import file-name=namafile

Oke, demikianlah tutorial mikrotik tentang Cara Export & Import Konfigurasi/Setingan Mikrotik.
Semoga bermanfaat :)

Blokir Website Firewall Mikrotik Mikrotik Mikrotik Lanjut Proxy Setting Mikrotik Tutorial Mikrotik

Cara Memblokir Penggunaan Web Proxy External di Mikrotik

Unknown 17.57

Web Proxy external dapat digunakan untuk mem-bypass firewall dan membuka situs yang tadinya diblokir. Hal ini tentunya bisa bikin kita gigit jari, ketika sudah susah payah bikin sistem dengan firewall untuk memblokir situs macam-macam, ternyata client menggunakan proxy untuk mem-bypass firewall nya. Cape deh..

Nah, supaya client tidak bisa menggunakan proxy external untuk mem-bypass firewall, kita perlu memblokir penggunaan web proxy external dengan menggunakan Mikrotik. Caranya dengan membuat rule firewall mikrotik yang memblokir penggunaan port proxy. Hal ini dapat mencegah user/client untuk menggunakan proxy.

Ok, langsung saja ya ikuti Cara Memblokir Penggunaan Web Proxy External di Mikrotik berikut ini :

1. Jika anda menggunakan web proxy internal di Mikrotik, pastikan port nya diganti ke port yang tidak biasa dipake proxy, misalnya port 88

2. Jika anda menggunakan mode transparent proxy, pastikan port redirect nya juga sudah diganti ke port baru, misalnya port 88

3. Buat rule firewall baru dengan melakukan "drop" semua port yang digunakan oleh proxy. Anda bisa copy - paste script berikut ini di terminal :

/ip firewall filter
add action=drop chain=forward comment="Blokir Proxy Port #1" dst-port=\
    3128,54321,6515,6666,8000,8001,8008,808,8080,8081,8088 protocol=tcp \
    src-address=0.0.0.0/0
add action=drop chain=forward comment="Blokir Proxy Port #2" dst-port=\
    8090,81,8118,8181,82,83,84,85,86,8888,8909,9000,9090 protocol=tcp \
    src-address=0.0.0.0/0

4. Jika anda menemukan port lain yang digunakan proxy, silakan ditambahkan sendiri ya.

5. Berikut contoh penggunaannya ketika saya mencoba membuka sebuah web yang diblokir :

=> Sebelum menggunakan proxy

=> Menggunakan proxy

=> Setelah port proxy di "drop"

Nah, jadi dengan trik ini kita bisa mencegah user/client untuk menggunakan proxy selama port proxy yang mereka gunakan sudah masuk ke daftar blokir.

Oke, demikianlah tutorial mikrotik tentang Cara Memblokir Penggunaan Web Proxy External di Mikrotik. Silakan dicoba dan semoga bermanfaat :)

Selasa, 11 Maret 2014

Facebook

How To Tag All Friends In A Click In Facebook 2014

Unknown 22.52

Facebook is one of the great platform to promote your business and if you have lot of friends in your account then you can promote it very fastly. Facebook tagging process is forced other friends to visit our status or pictures that's why most of friends are disliking this feature but here we are going to show you a magic of amazing script which will tag your all friends in a single click within a minute.

Facebook tagging is one of the main weapon to increase visitor in our status or pictures, but tagging one by one manually is not a easy deal so here in this tutorial I am going to show you one simple script which will tag all friends in a single click.

Steps To Follow For tagging All Friends In A single Click :

Post Your Status.

Now click on time of your status so that it will open in new tab along with your status link.

Now press CTRL+SHIFT+J , now you can see a new window, just move onto CONSOLE tab.

Now copy below given script and paste it in CONSOLE tab .

Click here to get Code

Password

After pasting script, now finally press ENTER and enjoy.

You're Done !! Now just wait and watch the magic of this script. It will automatically Tag your all friends in a click.

Hope you loved this amazing script, please like this post for our appreciation. Thanks for visiting Hackers Store

Senin, 10 Maret 2014

Cyber News

Justin Beiber Twitter account hacked, Targeted 50 Million users

Unknown 22.29

Popular Pop Singer Justin Bieber official twitter account got hacked today. The twitter account have the 50.3 million of the followers, which is the second most twitter follower account. Hacker have hacked into the accounts and tweeted with a link which directed to the malicious app named as "ShotingStarPro".

Hacker tweeted in Indonesian language reading “Justin Bieber Cemberut?”, means - "Justin Bieber sullen?". It can also be says that twitter account was hacked by any Indonesian hacker. Spammed tweet contains the link that was redirected to the website rumahfollowers[dot]tk , that host "ShotingStarPro" app.

Soon after the hack Justin team have recovered the accounts. Team had deleted the spam tweets and made respons tweet, saying "All good now. We handled it.". He also warned his followers, "That link from earlier. Don’t click it. Virus. Going to erase this now. Spread the word. Thanks."

As account have been recovered after 15 minutes of the hack, but the spam link that have posted by hacker should have compromised thousand of Justin's followers accounts.

We like to tell all you people that , if you are one among them then immediately change your password and set new, unique and strong password. We also recommend that do review all the apps that you have associated with your accounts. and revoke all the malicious apps from your account, specially this recent one.

how to Vulnerability website hack

File upload vulnerability

Unknown 09.25

1). Go to Google.com and type given below dork..

allinurl: /cgi-bin/filechucker.cgi

2). Choose a site having title like “Upload a file”,

3). Fill all the fields and upload your deface page or shell..!

4). Its Uploded :D You just hacked a site !!
As said above now we just have to upload our Deface page here the file uploaded url is given in example if not given you can found your uploaded file at.