While browsing the packet storm security, I found a simple Bash script
to block the Information disclosing nmap scans. This script is based
upon IPTables. so for using this you should have IP tables installed on
your server.
Code:
21 Mei 2012
0 Facebook Strengthen's It's Security By Launching Antivirus MarketPlace
From last few months Facebook users are facing lots of trouble due to
dramatic growth of malware and spams on facebook .We here at RHA have
covered lots of facebook related spams like Facebook Scammers Exploit Steve Jobs Death , DAD CATCHES DAUGHTERS ON WEBCAM -Beware Facebook Viral Scam , Hijacking Facebook Users With Clickjacking Attack etc.
Seeing these repetitive attacks , Facebook yesterday launched Antivirus Marketplace to increase the protection of Facebook users. McAfee, TrendMicro, Sophos,Microsoft and Symantec will will augment Facebook's URL blacklist system with their own URL blacklist databases.
The Antivirus Marketplace will also let facebook users to download full
version antiviruses with no charge for 6 months ! This service for free
download is available to Mac as well as Pc users and a user can download
any one antivirus of his choice from his account.
16 Mei 2012
0 Ratting and Make 100% Working Server with DarkComet RAT
RAT or Remote Administration Tool is a tool which helps to
administers the system of a person without physical access to the
system.This tool is highly used by a hacker and is very efficient.If a
hacker is able to get installed a server (which can easily be done) in
victims system then entire system of the victim is with the hacker! He
can check logs,take screenshots,browse your folders,disable your
anti-virus and much more !
RAT is basically a Trojan which has two parts :
Client : It can be considered as King which plays with or manipulates with the server(slave) which he has made.
Server: It can be considered as a Slave which is installed on the host (remote).
So now I'll talk about how to create a successful Server with one of
the Best RAT's available, that is DarkComet (v5.1) which is coded in
Delphi XE and Delphi 2007.
So here it goes :
1. Download DarkComet (v5.1 is what I'll use here,but the basic process is same for all version so don't worry)
2.Now we will start building up the server.exe file.
Click on the Blue Icon saying "DarkComet", go to "Server module" and choose ''Full editor" option.
You'll get something like this -
Keep a security password if you want to.
Click on Random 4-5 times to generate new Mutex and see to it that Active FWB is checked.
2.Now proceed to Network Settings.Here you need need to sign up in https://www.no-ip.com/.
Sign up here and make your own new host and you will get a new ip.Like this-
The ip (which i have made blurred) which you get from no-ip has to pe
pasted in IP column in Network Settings of the Server module.And also
download NO-IP DUC and install it in your system and sign in there with
you no-ip account followed by logging in it.
Another column which you will see there is of PORT . DarkComet uses port
1604 so make sure it is open and forwarded.To know how to forward your
port,visit http://portforward.com/ -here you will get all the information about how to forward your port for your type of Modem.
3.Keep the following setting in module startup -
You can also check ''persistence installation'' if you want to(i recommend it).
4.Following setting are ideal for Module Shield -
5.After this all the options may vary from person to person as per your requirement but i recommend to Activate the Offline Keylogger .
6.Compress the server if you want and you are done,click on ''Build the Stub"
and a process will take place in which you will be able to see the
algorithms and your server.exe is made (name it as per your requirement
but keep .EXE intact)
Your server is Built now ! :)
But now problem arises that how will you send
the server to the victim over internet as .EXE files cannot be
transferred via facebook,yahoo,gmail or other sites.
So here come crypters and binders into play !
Crypters - It is software which is used to crypt your server to make it FUD (Fully Undetectable )
Binders - A binder is software which pumps up the size of your RAT which is usually in Kb's to some Mb's!
You can do this by binding your RAT with some song ,image etc..
There are a number of crypters and binders available and you can download any of them and use :)
P.S. - I'll soon post a detailed tutorial on Binders and Crypters and How to Send an .EXE file via internet !
0 Hacking Software - oclHashcat-plus v0.08
What is oclHashcat-plus v0.08 ? oclHashcat-plus v0.08 worlds first ''GPU" based rule engine.It is also the worlds fastest phpass, mscash2,md5crypt and WPA/WPA2 cracker.
Description - oclHashcat-plus v0.08 ius an advanced password hacking software which is highly efficient and works faster than any other software of it's genre.There are a number of algorithms implemented in it and it has many features which make it the best software available for password cracker.
Some of it's Features
1.Multi-GPU (up to 16 gpus)
2.Multi-Hash (up to 24 million hashes)
3.Multi-OS (Linux & Windows native binaries)
4.Multi-Platform (OpenCL & CUDA support)
5.Supports reading words from file.
6.Supports reading words from stdin
7.Integrated thermal watchdog And many more..
Algorithms implemented -
1.Joomla.
2.MD5.
3.Oracle 11g.
4.MSSQL - 2000.
5.MSSQl -2005.
6.MySQl.
7.Phpass.
8.Oracle 7-10g.
9.SHA256.
10.NTLM.
11.MD4.
12.OSX10.7.
13.CISCO-PIX MD5.
14.Double MD5.
15.SSHA.
16.SHA-1(Base64), nsldap, Netscape LDAP SHA.
17.SSHA-1(Base64), nsldaps, Netscape LDAP.
18.DCC,mscash.
19.OSX v10.4, v10.5, v10.6.
20.SHA1.
Modes of Attack-
1.Straight
2.Combination
3.Brute-force
4.Permutation
5.Hybrid dict + mask
6.Hybrid mask + dict
Cracking a WPA handshake with OclHashcat-Plus(Video)
4 Mei 2012
0 How To Hack - /cgi-sys/suspendedpage.cgi ~ Video Tutoria
How To Hack - /cgi-sys/suspendedpage.cgi ~ Video Tutorial by J|nX
After Defacing :
Many times you found that hacker posts the deface index with "/cgi-sys/suspendedpage.cgi" link
e.g. www.site.com/cgi-sys/suspendedpage.cgi
So, today we will learn how to do this...
So, lets start
page before Hacking
After Defacing :
Download Link : http://www.mediafire.com/?cu4v0h21jqzc6ih
(password : www.alboraaq.com)
(c)opyright J|nX
hmmmm banyak orang yang nanya gimana sih cara deface suspendedpage.cgi ????
ok dech kita langsung saja
yukk kawan kawan ku yang mau lihat video deface suspendedpage.cgi
monggo di coba gan semoga kalian bisa dengan melihat video ini
VIDEO suspendedpage.cgi
nah sekarang kita ke conver html nya gan : KLIK DI SINI
heheheheh gimana semoga bermanfaat ya gan saya juga newbie yang hanya ingin berbagi selamat belajar 
(c)opyright J|nX
Video Toturial Deface suspendedpage.cgi
hmmmm banyak orang yang nanya gimana sih cara deface suspendedpage.cgi ????
ok dech kita langsung saja
yukk kawan kawan ku yang mau lihat video deface suspendedpage.cgimonggo di coba gan
semoga kalian bisa dengan melihat video ini VIDEO suspendedpage.cgi
nah sekarang kita ke conver html nya gan : KLIK DI SINI
heheheheh gimana semoga bermanfaat ya gan saya juga newbie yang hanya ingin berbagi
selamat belajar
0 Home About Me Contact Us Privacy Policy Disclaimer DMCA Policy Link Partners Ethical Hacking || The Virus That Really Will Kill Your PC ||
- Analysis by Rob Pegoraro
It sounds like one of those annoying chain emails that show up from technically challenged acquaintances: "The FBI Will Take Your Computer Offline July 9 If It Has A Virus! Visit This Site Immediately To Check!! Forward This To Everyone You Know!!!"
But the Federal Bureau of Investigation really has posted a warning on its site about the risk of "DNSChanger" malware, which really will result in your computer getting disconnected from the Web on July 9 if you don't clean it up.
BLOG: First Human Infected With a Computer Virus
The story began last November when the bureau announced it had busted a 4-year-old Estonia-based conspiracy. The suspects had infected about 4 million computers -- some 500,000 in the United States -- with malware called DNSChanger (also referred to as Alureon) that diverted victims to scam sites.
This "rootkit" malware was usually delivered as a fake download for Windows or Mac OS X that then silently altered the Domain Name System settings on computers and even some wireless routers. That's about the most serious compromise an Internet-connected machine can suffer; when DNS stops correctly translating domain names like discovery.com to machine-readable Internet Protocol addresses like 63.240.215.85, you no longer know what sites you're dealing with.
But once an infected machine has been cuffed to DNSChanger's rogue servers, shutting it off would effectively unplug it from the Internet. To give unaware victims time to clean up their systems, the FBI secured a court order requiring the Internet Systems Consortium, a nonprofit Net-architecture firm, to take over and sanitize those servers.
But all bad things must end; after one stay of execution, ISC is now set to turn off the DNSChanger servers on July 9. At that point, any infected machine will only be able to connect to numerical IP addresses, essentially, a rotary-dial version of the Internet.
Early advice on checking for a DNSChanger infection required a fair degree of technical skill, but now you just need to be able to read one line of text or know the difference between green and red. Visit www.dns-ok.us; if you see a green background to the image on that page and the words "DNS Resolution = GREEN," you're safe. (Your Internet provider may also offer a similar service. Comcast subscribers, for example, can check their computers at amibotted.comcast.net.)
NEWS: Japan Reportedly Building Vigilante Virus
If you see otherwise, you have a month and change to fix the problem. Since DNSChanger can disable security programs, you may not be able to do this the easy way, by clicking a "scan" button in your anti-virus app. You can try specialized DNSChanger-removal tools from such firms as SecureMac, or run general-purpose anti-rootkit software like MalwareBytes' Anti-Malware or Kaspersky Labs' TDSSKiller.
The DNS Changer Working Group, created by Internet-security experts to help clean up the problem, has also set up a page with links to manual malware-cleanup instructions from Microsoft and others. In a worst-case scenario, you may need to reinstall your computer's operating system and software from scratch, using either the disks that came with the computer or the recovery partition on its hard drive.
But that still beats having a computer that can only navigate the Internet by numbers.
So if you have friends or family members online who might not know to check for this problem, please forward this post to them. But hold the exclamation points.
This post is given by Ashutosh Rajput,Bhopal,India.
0 Ratting and Make 100% Working Server with DarkComet RAT
RAT or Remote Administration Tool is a tool which helps to
administers the system of a person without physical access to the
system.This tool is highly used by a hacker and is very efficient.If a
hacker is able to get installed a server (which can easily be done) in
victims system then entire system of the victim is with the hacker! He
can check logs,take screenshots,browse your folders,disable your
anti-virus and much more !
RAT is basically a Trojan which has two parts :
Client : It can be considered as King which plays with or manipulates with the server(slave) which he has made.
Server: It can be considered as a Slave which is installed on the host (remote).
So now I'll talk about how to create a successful Server with one of
the Best RAT's available, that is DarkComet (v5.1) which is coded in
Delphi XE and Delphi 2007.
So here it goes :
1. Download DarkComet (v5.1 is what I'll use here,but the basic process is same for all version so don't worry)
2.Now we will start building up the server.exe file.
Click on the Blue Icon saying "DarkComet", go to "Server module" and choose ''Full editor" option.
You'll get something like this -
Keep a security password if you want to.
Click on Random 4-5 times to generate new Mutex and see to it that Active FWB is checked.
2.Now proceed to Network Settings.Here you need need to sign up in https://www.no-ip.com/.
Sign up here and make your own new host and you will get a new ip.Like this-
The ip (which i have made blurred) which you get from no-ip has to pe
pasted in IP column in Network Settings of the Server module.And also
download NO-IP DUC and install it in your system and sign in there with
you no-ip account followed by logging in it.
0 Stuxnet Virus believed to be Loaded by Iran DoubleAgents!
Stuxnet Virus believed to be Loaded by Iran DoubleAgents!
"Iranian Double Agents” had most probably helped to target
most vulnerable spots of the system. In October 2010 intelligence minister of Iran said that "Nuclear
spies” had been arrested in connection with stuxnet.33.virus.
Since
it's discovery in 2010 it is being considered as the most sophisticated
computer virus ever created , It's programming was so complex that it
took months for researches to unravel it !
Infected computers in various countries :
Country Infected computers
Iran 58.85%
Indonesia 18.22%
India 8.31%
Azerbaijan 2.57%
United States
1.56%
Pakistan 9.2%
What is Stuxnet after ?
The Stuxnet does not steal your money ,identity nor the passwords,It has specified targets ! It Targets centrifuges in a top secret Iranian facility ! This virus has started a future concern for more attacks on power plants, water systems or nuclear plants !
Langganan:
Komentar (Atom)
