Friday, 19 October 2012
Posts by : Admin
Posts by : Admin
Retrieve Windows admin password
Offline NT Password & Registry Editor
This is a utility to reset the password of any user that has a valid local account on your Windows system.
Supports all Windows from NT3.5 to Win7, also 64 bit and also the Server versions (like 2003 and 2008)
You do not need to know the old password to set a new one.
It works offline, that is, you have to shutdown your computer and boot off a CD or USB disk to do the password reset.
Will detect and offer to unlock locked or disabled out user accounts!
There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.
Bootable CD image: http://www.4shared.com/zip/ByD-7EPE/cd110511.html
Files for USB install: http://www.4shared.com/zip/jIC9QozA/usb110511.html
How to Use? Detailed Instructions found here http://pogostick.net/~pnh/ntpasswd/
This is a utility to reset the password of any user that has a valid local account on your Windows system.
Supports all Windows from NT3.5 to Win7, also 64 bit and also the Server versions (like 2003 and 2008)
You do not need to know the old password to set a new one.
It works offline, that is, you have to shutdown your computer and boot off a CD or USB disk to do the password reset.
Will detect and offer to unlock locked or disabled out user accounts!
There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.
Bootable CD image: http://www.4shared.com/zip/ByD-7EPE/cd110511.html
Files for USB install: http://www.4shared.com/zip/jIC9QozA/usb110511.html
How to Use? Detailed Instructions found here http://pogostick.net/~pnh/ntpasswd/
How to make an bootable USB drive
X:syslinux.exe -ma X:
Sunday, 14 October 2012
Posts by : Admin
md5 hashes cracking sites
* www.tmto.org
* md5.noisette.ch
* md5decryption.com
* www.c0llision.net
* www.netmd5crack.com
* www.md5decrypter.com
* md5hashcracker.appspot.com
* www.hashhack.com
* isc.sans.edu
* www.md5crack.com
* passcracking.com
* authsecu.com
* md5.rednoize.com
* md5.web-max.ca
* www.cmd5.com
* md5.thekaine.de
* www.shell-storm.org
* www.md5this.com
* www.hashchecker.com
* hashcrack.com
* md5pass.com
* md5pass.info
* cmd5.org
Posts by : Admin
Use Firefox as Hack tool - 2
Use Firefox as Hack tool - 2
Source & Credit
Enjoy reading and testing.
Tamper Data tutorial
- What cookies are being sent to the browser, and what is the browser returning?
- Are the Cookies marked "secure"?
- When a redirect happens, is it an HTTP 302?
- What kind of HTTP Authentication is happening?
CONTENTS |
GETTING STARTED
Since it's a Firefox extension, you'll first need to download and install Firefox (if you haven't already). Then visit the Tamper Data project page and click the link that reads "Install Now".Finally, restart Firefox and open Tools → Tamper Data. This will bring up the "Tamper Data - Ongoing Requests" window.
RECORDING TRANSACTIONS
As soon as the Ongoing Requests window is up, Tamper Data will start recording HTTP requests. Here's what the window looks like after requesting blogger.com's main page.The columns in the main window pane are:
- Time - When the request happened.
- Duration - How long it took to be retrieved.
- Total Duration - How long it took to render (includes response download time of item and all sub-items)
- Size - Size of received content (-1 indicates the item was loaded from the cache)
- Method - The HTTP method issued (GET or POST)
- Status - HTTP Status code received or "Loaded from cache"
- Content Type - Type of data received (aka Mime-Type)
- URL - Fully qualified URL of request.
- Load Flags - Additional HTTP information used in retrieving or rendering content.
This gives you a more detailed view into what the request is doing. If the request you selected happened to contain Cookie information, you'll see a Cookie line in the left-hand pane or a Set-Cooke line in the right hand pane or both.
Double-clicking an entry will bring up the "Tamper Details" window, which provides easy access to that request element's data. Here, I've opened the Tamper Details for the Cookie header of the initial blogger.com home page request.
Using the process outlined above, it's easy to inspect what's going on during a browsing session.
Though the data is pretty to look at inside the Tamper Data shell, it's often convenient to move that data into an external file for viewing. To do this, return to the Ongoing requests window, right-click and choose "Copy all".
This will place all the request information into your clipboard so you can paste it into your favorite text editor.
GRAPHING RESULTS
To graph the recorded results, in the Ongoing Requests window, select the desired results, right-click and choose "Graph selected" or "Graph all".The columns of the graph are:
- URL - Fully qualified URL for the Item
- Status - HTTP Stats Code
- Duration - How long it took to download
- Time - A Gantt chart of requests.
Mousing over a URL reveals more information about that component.
Clicking the URL link opens a tab with that item's contents.
TAMPERING
"Tampering" is the act of modifying request parameters before request submission. To begin Tampering, in the Ongoing Requests window, click the "Start Tamper" button in the upper-left corner.From here on out, whenever a top-level request is issued, you'll be prompted to tamper with the request. Selecting the Tamper button will launch the Tamper Popup.
Traditional HTTP header fields are to the left, while any POST data is to the right. If the request uses the GET method, then the right-hand side of the dialog will be empty.
After changing any request parameters, clicking OK will execute the request. In the Tamper Popup window, right-clicking a field reveals shortcut methods for a number of neat tricks such as URL encoding/decoding, Base64 encoding/decoding and HTML character removal.
SUMMARY
Tamper Data is an excellent Firefox extension that matches IBM Page Detailer in features and utility. When Firefox is a permissible browser, Tamper Data is the clear choice between the two. However, there are cases when a non-Mozilla based browser is required (read: IE). In those rare instances, IBM Page Detailer is the way to go.
Posts by : Admin
Find Admin Pages on website -- Perl Script( tool)
1) Download Active Perl and Install ( assuming C:\ drive).
2) Download Admin Finder
3)Copy Admin Finder to C:\Perl\bin( assuming that you have installed Acitve Perl on C:\drive)
4) open command prompt , Navigate to C:\perl\bin
5) Run C:\Perl\bin>admin_CP_finder.pl
Hit Enter.
6)Enter the website name. ( In example I used test website local website address)
7)Enter your option based on the website design ( In example , I know its PHP , so I used one)
8)Here is the result ;)
Posts by : Admin
Hack Websites Using Drupal IMCE mkdir Remote Exploit Easily
“Drupal IMCE Remote File Upload Vulnerability Mkdir”
Mkdir IMCE is a vulnerability that allows file uploads remotely (remote file upload) and is in the platform durpal.
generally you can upload files *. txt on websites, but some sites let you upload the files* . html . If you try to upload a shell try to upload files *. phtml .
generally you can upload files *. txt on websites, but some sites let you upload the files* . html . If you try to upload a shell try to upload files *. phtml .
Google Dork:
inurl: "/ IMCE? dir =" intitle: "File Browser"
-------------------- -------------------------------------------------- -------------
Domain : IMCE? dir =.
Mkdir IMCE is a vulnerability that allows file uploads remotely (remote file upload) and is in the platform durpal.
generally you can upload files *. txt on websites, but some sites let you upload the files* . html . If you try to upload a shell try to upload files *. phtml .
Google Dork:
inurl: "/ IMCE? dir =" intitle: "File Browser"
-------------------- -------------------------------------------------- -------------
Domain : IMCE? dir =.
STEPS
[+] The first thing to do is find a vulnerable site for uploading files using Google Dork
[V]> = http://www.anfaco.es/webs/Museo2.0/imce?dir.
[X]> = http://www.civic-forum.org/de/imce?dir.
[X]> = http://www.civic-forum.org/de/imce?dir.
————————————————————————————————————————————————————————–
[+] After finding the site with an upload, see if you can upload a file *. html or *. phtml
__ [+ +] First click on Upload ___ [+ +] then click on Select File ___ [+ +] select our file ___ [+ +] click to open then ___ [+ +] Upload And finally click again to file upload to our website.
[+] Once we got the file and we can go to him
————————————————————————————————————————————————————————–
Logically the file is uploaded in the folder that comes after the exploit. Example:
If you found a site that is vulnerable: www.ejemplo.com/hola/chau/ IMCE? dir =.
And in the lindex could see something like this: It means that your file will be uploaded from: www.ejemplo.com / hi / bye / sites / default / files / Here it is again: If you find yourself on page www.ejemplo.com/hola/chau/ IMCE? dir =. and upload a file called wasa.html , your file rise to www.ejemplo.com / hi / bye / sites / default / files / wasa.html But if you rather than upload it in “ / sites / default / files / ”you go and subis in the” languages ”, your file appear in www.ejemplo.com / hi / bye / sites / default / files / languages / wasa.html. , because languages / is inside the folder “ / sites / default / files / ”.
If you found a site that is vulnerable: www.ejemplo.com/hola/chau/ IMCE? dir =.
And in the lindex could see something like this: It means that your file will be uploaded from: www.ejemplo.com / hi / bye / sites / default / files / Here it is again: If you find yourself on page www.ejemplo.com/hola/chau/ IMCE? dir =. and upload a file called wasa.html , your file rise to www.ejemplo.com / hi / bye / sites / default / files / wasa.html But if you rather than upload it in “ / sites / default / files / ”you go and subis in the” languages ”, your file appear in www.ejemplo.com / hi / bye / sites / default / files / languages / wasa.html. , because languages / is inside the folder “ / sites / default / files / ”.
This can serve to:
[+] Save Image
[+] Save information
[+] Delete Data (Above all the delete option usually appears)
[+] Upload shell
[+] Get Data
[+] Save Image
[+] Save information
[+] Delete Data (Above all the delete option usually appears)
[+] Upload shell
[+] Get Data
Defacements made using this vulnerability:-
[1]= Domain
[2] = Domain + Exploit
[2] = Domain + Exploit
————————————————————–
http://www.climateinvestmentfunds.org
…/cifnet/imce?dir=fivestar
http://www.climateinvestmentfunds.org/cifnet/sites/default/files/fivestar/basic/THC.html
—————————————————————
http://cycleandwalking.org/
…/imce?dir=gallery_assist/1/gallery_assist293
http://cycleandwalking.org/sites/default/files/gallery_assist/1/gallery_assist293/THC.html
————————————————————–
http://www.la-gerbille.net
http://www.la-gerbille.net/imce?dir=artykul
http://www.la-gerbille.net/sites/default/files/artykul/THC.html
————————————————————–
http://www.arcireal.com
…/imce?dir=imagecache/604
http://www.arcireal.com/sites/real.sitetest.it/files/imagecache/604/THC.html
————————————————————–
http://www.anfaco.es
…/webs/Museo2.0/imce?dir=.
http://www.anfaco.es/webs/Museo2.0/sites/default/files/THC.html
————————————————————–
http://www.travelagentcentral.com
…/imce?dir=.
http://www.travelagentcentral.com/files/travelagent/THC.html
————————————————————–
https://stp.abes.fr
…/imce?dir=.
https://stp.abes.fr/sites/stp.abes.fr/files/THC.html
————————————————————–
http://priora-wtcc.ru
…/imce?dir=u3
http://priora-wtcc.ru/sites/default/files/upload/u3/THC.html
————————————————————–
http://labourlakesandfurness.co.uk
…/imce?dir=.
http://labourlakesandfurness.co.uk/sites/labourlakesandfurness.co.uk/files/THC.html
Subscribe to:
Posts (Atom)