Sabtu, 12 April 2014

PhpmyAdmin Exploit with Google Dorks




Hello Reader! Today Im going to show you how to exploit PHPmyAdmin with google Dorks. You dont nedd to do any thing no login nothing just put the dork and open any site you will directly go to PHPmyAdmin :).. So let's Start...

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Follow the Instructions:-
1). Enter the following Dork in Google.
Dork: allinurl:index.php?db=information_schema
2). It will show you about 80,800 Results. So now you can guess how many Vuln  sites are there :D..Open any site you will redirect to PHPmyAdmin...:D

This dork bypasses the admin username and pass and takes You directly to information schema tables to get data and You can delete data

Learn To Deface VIA PhpmyAdmin:-
How to deface using PHPmyAdmin..

Hope you all are enjoying my blog posts...If you like our tutorials please leave valuable comments ...
Read more

Android Devices Are Vulnerable To Heartbleed Bug


Many Android Devices Are Vulnerable To Heartbleed Bug. Google recently reported that Android OS are vulnerable to Heartbleed Bug.

According to Google online security blog,
"We’ve assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine.  Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services. We regularly and proactively look for vulnerabilities like this -- and encourage others to report them -- so that that we can fix software flaws before they are exploited.

If you are a Google Cloud Platform or Google Search Appliance customer, or don’t use the latest version of Android, here is what you need to know.

Cloud SQL
We are currently patching Cloud SQL, with the patch rolling out to all instances today and tomorrow. In the meantime, users should use the IP whitelisting function to ensure that only known hosts can access their instances.

Android
All versions of Android are immune to CVE-2014-0160 (with the limited exception of Android 4.1.1; patching information for Android 4.1.1 is being distributed to Android partners.
"

What is Heartbleed Bug?
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.

The Heartbleed vulnerability exposed this week. Bug effected OpenSSL versions released in past two years. In vulnerable system, hackers can collect all encrypted data from a website's server before its deleted can say Zero day vulnerability.

According to report WSJ, Donations have picked up since Monday. This week, it had raised $841.70 as of Wednesday afternoon.

Check your server for Heartbleed Bug causing.
http://filippo.io/Heartbleed/
Enter a URL or a hostname to test the server for CVE-2014-0160

What is the CVE-2014-0160?
CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability. 


Security Notice:
Some are websites also affected by Heartbleed Bug. You should change the passwords of your Email and Social Network accounts now. Mashable noticed Heartbleed hit list website affected.

Read more

Hack Website using Android Phone - Droidsqli



Hello Guys, today we talk about how to hacked a website using your Android phone.We know that in the world 70% website hacked by using SQL injection. For automate SQL injection We need tool or OS - back track, havij or Kali, and etc..But now you can attack on site using your android mobile phone and Tables and hack website using a Android App called Droidsqli.

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Only you need 3 things:-
1). SQL Vulnerable site:- Learn to find Vuln sites
2). android mobile
3). Droidsqli tool:- Download Here

What is DroidSQLi?
DroidSQLi is the first automated MySQL Injection tool for Android. It allows you to test your MySQL-based web application against SQL injection attacks.


Download(MediaFire):-
Password:- hackers-store.blogspot.com


How to use it?
Itz pretty simple actually coz all the process are done automated here.
All you need to do is find a vulnerable url and put it on Target URL and touch Inject
You will be getting data base and all server info .

DroidSQLi supports the following injection techniques:

  • Time based injection
  • Blind injection
  • Error based injection
  • Normal injection
It automatically selects the best technique to use and employs some simple filter evasion methods..! :)


Know more about SqlInjection ..
I am sure you will enjoy using this tool have fun and thanks again.
Read more

PHP Dos/DDoS Script (Dos Attack Tool)


Hello Readers, Today Im going to share a amazing PHP tool with you. This is one of the advanced tool of website crashing known as PHP Dos Attack Script. Simply download the file, unzip and upload the files to your web host.

FUNCTIONS:-







ddos script,php dos,php ddos script,php dos script,ddos php script,ddos php script,mysql ddos
ddos script php,phpDos,ddos scripts,script DDOS,php ddos,ddos php,denial of service script
dos php,ddos attack script,php ddoser,script php ddos,dos php script,php script ddos
php DDos attack script,script ddos php,PHP DoS Script by Exe,ddos,php dos by exe,ddos script

DENIAL OF SERVICE :-

php script,php ddos attack,php ddos download,download script ddos,ddos online
denial of service scripts,PHP DoS/DDoS (Denial Of Service) Script,ddos php tool
php curl ddos,ddos php scripts,script ddos attack,dos script denial,
php Dos scripts,php denial of service

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Full PHP-DOS-ATTACKER script including:

1). index.php
2). functions.php
3). main.jpg

Information provided on this blog is for purposes only!The author should not be held responsible! Use content and tools on this blog/site is your own RISK!!  

Download(MediaFire):-






Password: hackers-store.blogspot.com
Read more

Jumat, 11 April 2014

0Day Smokybyte SQL Injection Vulnerability 2016



[~] Exploit Title: Smokybyte SQL Injection Vulnerability
[~] Google Dork: intext:"Site by Smokybyte"
[~] Date: 08/04/2014
[~] Exploit Author: Tw-Root [ RedKit ]
[~] Tested on: Windows 7 and 8

Updated! 2016

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.
[+] SQLi Exploit Http://WebSite.Com/[path]/***.php?id=[SQLi]
[+] Demohttp://www.gcircuit.com/gallery-de.php?id=[SQLi]

Read more

Rabu, 09 April 2014

AnonGhost Private DDoser 2.00 2014

Hello Readers, Today I got a wonderful tool. So I thought of sharing it with you all. Wanna know what is it?....Yeah! its AnonGhost Private DDoser 2.00 tool. They created it for Birthday #OPISRAIL 2014




Its a very powerful DDoser and also a private tool. Only available for AnonGhost Crew members. But I am Leaking this out :) :D. Its Free for all Exclusively by Hackers Store. Download this way ...

NOTE:-You will need Microsoft .NetFarmeWork v4 or higher to run this file. Download it from Here..
↓↓           ↓↓

Download(Mediafire):- 

Password:- hackers-store.blogspot.com

Hope you loved this amazing post, please like this post for our appreciation. Thanks for visiting Hackers Store
Read more

Kamis, 03 April 2014

All In One SEO Pack for Blogger 2016

All In One SEO Pack for Blogger 2016: Hey Guyz ... SEO is the very commom term and mostly searched on net called Search Engine Optimization .As you all know about SEO/Search Engine optimization and it is a must thing for bloggers. In fact without SEO a blog is not going to followed by google search or any search engine crawlers and the mean no visitors visits your blog.All In One SEO Pack for Blogger 2016


A blog without visitors is just like a fish without water and if you did not receive  any amount of visitor to your blog, there is lot more chances that your blogging career is over.All In One SEO Pack for Blogger 2016

Organic traffic is necessary for all blogs because it comes from search results and gives us a handsome earnings and decent rank to our blog. So today I came accross a great and popular post about All in One SEO Pack Plugin for blogger blogs. So lets start the tutorial on adding this widget.

Features:

-Add Meta Tags in Your Blogger Blog.
-Show Post Title First In Search Results
-SEO Optimize Blogger Comments
-SEO Optimize Blogger Labels
-SEO Optimize Blogger Archives
-Optimize Post Title Using H2 Tag
-Add an SEO Friendly Robots.txt File
-Convert Title Tags to Dynamic Title Tags.
-Allow Crawlers to crawl your site daily.
-Google + Author Profile Pciture Compatible.
-Helps you in Getting High USA Traffic.

How to Add This Plugin to Blogger?

-Login to your Blogger blog account
-Then Go to Dashboard
-After going to Dashboard Click on Template
-And in Template You'll See Edit Html Button click on them
-So after that Go to section in Template.
-You can easily search  by using Ctrl+F button
-After Searching for put  code just below or after your section.

Download(MediaFire):-

Password==>> hackers-store.blogspot.com


Hope you loved this amazing post, please like this post for our appreciation. Thanks for visiting Hackers Store

Read more

Selasa, 01 April 2014

HACK Website with RTE Webwiz Vulnerability | File Shell upload


HACK Website with RTE Webwiz Vulnerability | File Shell upload:Guyz again I'm here with new WEB VULNERABLITY called HACK Website with RTE Webwiz Vulnerability | File Shell upload.
Webwiz rich text editor HTML code is carried in the open after they are sent charCode due functioning of the page .So Lets start..

Follow The Instructions:-

1). Expolits:-
  • site.com/rte/RTE_popup_file_atch.asp 
  • site.com/admin/RTE_popup_file_atch.asp
2). Go to google and type one of the following dorks.

  • inurl:rte/my_documents/my_files
  • inurl:/my_documents/my_files/ 

3). Open any site ..say

site.com/rte/my_documents/my_files/

4). Now replace every thing after site.com with
 rte/RTE_popup_file_atch.asp 
so it will look like-
site.com/rte/RTE_popup_file_atch.asp 

5). Open it and upload you Shell or deface


6). Now click on upload button and after that you will get path to your uploded file in the FILE URL box



Happy hacking.. Only for Educational Purposes..!
Read more