1ND14N H4X0R5 T34M (IHT) JAI HIND JAI BHARAT

We are :- DeadManINDIA,Null_Port_Govind,Haxor Rahul,EagleShadow,Karate-Katrina,Spy-Hunter,Grey-Noob,Mr.R@66!T.

A big Slute to Our Indian Armies

Freedom is not free Our Soldiers Donates theirs lifes for us

We are Indians and We are Proud to be Indians

India is great.Because their is one place in the world where Peoples Recpect all Religious.

Kali is good OS for Hacking

Peoples Says this OS is best This OS is best but no one OS like Kali Linux .

MOM and DAD

I can't saw God but When i see my MOM and DAD then i think God in there they are My Gods Love You MOM DAD.

Sunday, 16 June 2013

Easiest Symlink Tutorial Ever::.. :D

08:40    No comments

Easiest Symlink Tutorial Ever::.. :D 

 



First of all download the symlink shells needed from here:--http://www.mediafire.com/download/odrap83gpoxdno2/symlink.rar


Now there you will get 2 shells named dbman.php (Database Manager n00b!) and sym.php (the main tool auto symlinker ;) ) 


Now you should have a shelld site of course :P


Now upload both shells in any writeable directory 


Next step is to open both shells (Open in different tabs)


Now goto sym.php and click on user and domains it'll list you all sites on dat server also after opening you'll get to see symlink option now choose any site and click symlink :D


(If you select the domains and script option it'll list you all wp, joomla, vbulletin etc sites on d server)


Find the config file on d site you symlinked and read it you'll see sumthing like this:----


/** MySQL database username */

define('DB_USER', 'csseguid_nauqri');

/** MySQL database password */

define('DB_PASSWORD', 'qwe0345**');

/** MySQL hostname */

define('DB_HOST', 'localhost');



Now after reading config.php file u got the sites database username and pass

next we will login using dat credentials into our database manager shell

after logging in just find the admin table and change d pass to your own md5 hash

nw u have reset d admins pass to your own ;0 go and login into the site admin panel :D

Database config files locations:

vBulletin -- /includes/config.php

IPB -- /conf_global.php

MyBB -- /inc/config.php Phpbb -- /config.php

Php Nuke -- /config.php Php-Fusion -- config.php

SMF -- /Settings.php

Joomla -- configuration.php , configuration.php-dist

WordPress -- /wp-config.php

Drupal -- /sites/default/settings.php

Oscommerce -- /includes/configure.php

e107 -- /e107_config.php
Seditio -- /datas/config.php


Easy huh symlinking? ;)

Read More

Anti ddos Linux

04:41    No comments

Anti ddos Linux
DDoS protection is a big part of a sysadmins job these days, especially on big forums/hosts.
Obviously, the best plan would be to buy another server, set up a CISCO firewall on it and reroute all traffic to main server. Unfortunately, this would require funds for another dedicated server.

So, the only solution that would work right now is using the box itself as a firewall,this tutorial is for cpanel.

First things first, we make sure that everything is up to date.

Code:
yum update && yum upgrade

Ok, time to install a decent firewall. Because this server is running cPanel, we may as well use a firewall that integrates into cPanel. This is just to allow for easy configuration, CSF is great so we shall be installing that.
Code:
wget http://www.configserver.com/free/csf.tgz
tar -xzvf csf.tgz
cd csf
sh install.sh

Simple as that! Now we need to configure the firewall. Log into http://IP:2086 in an internet browser using your root username and password. Click ConfigServer Security&Firewall under Plugins. Click Firewall configuration.
Code:
Change testing to 0
SYN_FLOOD = 1
PORTFLOOD = 80
DENY_TEMP_IP_LIMIT  = 100000

And click 'change'. Restart csf+lfd then return. Next go to firewall security level. Click High then restart csf+lfd.

Next, we need some extra firewall rules to filter the common packets found in DDoS attacks. We will also limit the number of connections allowed to the server.

Code:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
iptables -A INPUT -p tcp --syn --dport 80 -d ! 127.0.0.1 -m connlimit --connlimit-above 100 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A OUTPUT -m state --state INVALID -j DROP
iptables -A FORWARD -m state --state INVALID -j DROP

iptables -N syn-flood
iptables -A syn-flood -m limit --limit 1/second --limit-burst 4 -j RETURN
iptables -A syn-flood -j DROP

iptables -N udp-flood
iptables -A udp-flood -m limit --limit 4/second --limit-burst 4 -j RETURN
iptables -A udp-flood -j DROP

iptables -A INPUT -i eth0 -p tcp --tcp-flags  SYN,RST,ACK,FIN SYN,ACK -j syn-flood # SYN flood
iptables -A INPUT -i eth0 -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -i eth0 -p udp -j udp-flood
iptables -A INPUT -i eth0 -f -j DROP
service iptables save

next, we will install some connection based IP banning. There is some software called ddos_deflate that we are going to use.
Download ddos_deflate.
Code:
wget http://www.inetbase.com/scripts/ddos/install.sh
sh install.sh

Great, that's installed. Now we need to change some settings.

Code:
nano /usr/local/ddos/ddos.conf

And set these vars:
Code:
* NO_OF_CONNECTIONS=100
    * EMAIL_TO="herp@derp.com"
    * BAN_PERIOD=12000
    * APF_BAN=0

Save the file and exit. Next we need to modify ddos_deflate to work with CSF.
Code:
nano /usr/local/ddos/ddos.sh

On line 138 there should be this text
Code:
$IPT -I INPUT -s $CURR_LINE_IP -j DROP

Change that line to
Code:
csf -d $CURR_LINE_IP
Save the file and exit. Next we need to modify ddos_deflate to work with CSF.


Code:
cp -s /usr/local/ddos/ddos.sh /usr/local/sbin/ddos

I have also a mod of ddos_deflate to work with SYN packets. There was once a program called syn_deflate that was exactly this, however the script was stopped being made avaliable and was lost forever!
Code:
mkdir /usr/local/synd
nano /usr/local/synd/synd.conf

The contents of synd.conf:
Code:
##### Paths of the script and other files
PROGDIR="/usr/local/synd"
PROG="/usr/local/synd/synd.sh"
IGNORE_IP_LIST="/usr/local/synd/ignore.ip.list"
CRON="/etc/cron.d/synd.cron"
APF="/etc/apf/apf"
IPT="/sbin/iptables"
##### frequency in minutes for running the script
##### Caution: Every time this setting is changed, run the script with --cron
#####          option so that the new frequency takes effect
FREQ=1

##### How many connections define a bad IP? Indicate that below.
NO_OF_CONNECTIONS=10

##### APF_BAN=1 (Make sure your APF version is atleast 0.96)
##### APF_BAN=0 (Uses iptables for banning ips instead of APF)
APF_BAN=0

##### KILL=0 (Bad IPs are'nt banned, good for interactive execution of script)
##### KILL=1 (Recommended setting)
KILL=1

##### An email is sent to the following address when an IP is banned.
##### Blank would suppress sending of mails
EMAIL_TO="herp@derp.com"

##### Number of seconds the banned ip should remain in blacklist.
BAN_PERIOD=12000

Next

Code:
nano /usr/local/synd/ignore.ip.list

Code:
127.0.0.1
external.ip.address
Code:
nano /usr/local/synd/synd.sh

Code:
#!/bin/sh
load_conf()
{
    CONF="/usr/local/synd/synd.conf"
    if [ -f "$CONF" ] && [ ! "$CONF" ==    "" ]; then
        source $CONF
    else
        head
        echo "\$CONF not found."
        exit 1
    fi
}

head()
{
    echo "Syn-Deflate"
    echo "Based on DoS-Deflate"
    echo
}

showhelp()
{
    head
    echo 'Usage: synd.sh [OPTIONS] [N]'
    echo 'N : number of SYN_RECV connections (default 10)'
    echo 'OPTIONS:'
    echo '-h | --help: Show    this help screen'
    echo '-c | --cron: Create cron job to run this script regularly (default 1 mins)'
    echo '-k | --kill: Block the offending ip making more than N SYN_RECV connections'
}

unbanip()

Next:

Code:
chmod 0755 /usr/local/synd/synd.sh
cp -s /usr/local/synd/synd.sh /usr/local/sbin/synd
/usr/local/synd/synd.sh --cron > /dev/null 2>&1

And we are all done! The server now has some pretty intense DDoS protection now!

Read More

Attacking WebServers - Different Vectors - Tutorial

04:08    No comments

Attacking WebServers - Different Vectors - Tutorial

Before i talk about this post you should read my other 2 guides i wrote about
just click my profile then go to threads and you will see those 2

This Guide is to teach you how to do Information Gathering and attacking your targets


Today hackers mainly only target web hosting servers this guide is different this guide teaches you how to attack targeted servers



Lets say you have a Medical Hospital that you are wanting to target.

Now lets face it 9 * out of 10 all of you hackers would only target the website because thats what your used to

Well today im teaching you how to do more then just that

Tools:

1.nmap
2.Maltego
3.DirBuster
4.smbclient
5.Cain and abel
+ More

Lets say a medical company has a subnet ip range of

224.231.12-224.231.12.255


Your First targeted ip address is 224.231.12.234

First thing you need to do is run a Nmap Scan on the Targeted IP address

example


Code:
Discovered open port 443/tcp on 74.125.227.37
Discovered open port 80/tcp on 74.125.227.37
Now lets just say assume there are more ports open what do you do first.

Allow the nmap scan to finish and lets say it finds ports

7717

Which is a service controller for a Software that allows Remote connections to it via a Terminal service

Lets say you logged into it and you dont know the passwords - Google the service provide and check the default username passwords for the service

okay so lets say that doesnt work this ip address only has 2 ports open

What do you do now

So now its time to move onto the next ip address


open up maltego input the ip address and click run all transformations

you will then see the subnets and then you can right click on the subnets to spread out all the ip addresses

Or if your on windows use angry ip scanner to get the IP subnets


Now you have a list of over 100+ ip addresses and you dont know what to do



First thing is run nmap - http Print Scan ( Google it )

What that does is it connects to every ip address does a nmap scan on it and connects to all ports and displays to you the Fingerprint of it such as

nmap --->scan ip 127.0.0.1 --> open ports 21,80,53
http print scan -> Port 80 "Welcome to Service Station"

So now you know what all services are running on the whole entire network

now You go to random ip addresses and start issuing off exploits based off the knowledge you got


Lets say one ip address has a Folder that is not viewabled to the public but you know the user rights on it allows you to view other folders such as

127.0.0.1/ ( not viewable)
127.0.0.1/FolderName/File.txt (Viewable)
127.0.0.1/FolderName/Folder/(viewable)


What that means is that the admin didnt set the policy correctly for the Can View cant View folder directories

What you would do with this situation is run a bruteforce attack

By using DirBuster which uses Parallel Asynnorization (however you spell it )

Which means it can scan multiple things at every second instead of just scanning 1 thread it will scan lets say 10 at the same time for faster stuff

By running DirBuster you can now get a list of the viewable folders (hopefully) depending on your DirList

Sometimes you can get the Full Directory and sometimes there can be usernames passwords or basic info to help you in your further attacks.
----------------------------------------------------------------------------------------------

Now Lets say your targeting a Windows Server that has SMB running on it with Anonymous Login

Code:
Anonymous login successful

Sharename Type Comment
--------- ---- -------
Error returning browse list: NT_STATUS_ACCESS_DENIED
session request to 173.254.196.118 failed (Called name not present)
session request to 173 failed (Called name not present)
Anonymous login successful

Server Comment
--------- -------
AIM-BCRTR-6930
AIM-CAYSH
AIM-GLB
AIM-USPRAUVE7
AIMCHANEXCH
AIMCHANMBX1



By using SMBCLIENT



Code:
# open (host,port)
Code:
 open {host,port} - opens a SMB connection against the target host/port
 login {username,passwd} - logs into the current SMB connection
 login_hash {username,lmhash,nthash} - logs into the current SMB connection using the password hashes
 logoff - logs off
 shares - list available shares
 use {sharename} - connect to an specific share
 cd {path} - changes the current directory to {path}
 pwd - shows current remote directory
 ls {wildcard} - lists all the files in the current directory
 rm {file} - removes the selected file
 mkdir {dirname} - creates the directory under the current path
 rmdir {dirname} - removes the directory under the current path
 put {filename} - uploads the filename into the current path
 get {filename} - downloads the filename from the current path
 close - closes the current SMB Session
 exit - terminates the server process (and this session)


You can connect to its service and do the avaiable options up above

Not only that with the SMB service it displays multiple usernames and Names of the Staff - You can use that to help further your attack for Bruteforcing

If your on the local network you can run cain and able to do a ARP Poisoning attack Which will sniff the whole entire network and giving you hash codes - usernames - passwords etc etc

Which is also good for getting access to private company INTRANET ip address port 80 websites

Thanks

Read More

Best 40 Exploits WEBSITES

00:43    No comments

Read More
Subscribe to: Posts (Atom)