Sunday, 13 April 2014

Virtual Defacement [Fake Root]


Hey everyone, it has been a while that i haven't update this blog because my laptop is broken. So, as for today i'm going to make a tutorial about Virtual Defacement, or well-known as Fake Root. So, for this we going to use our shell, if you still don't have them you can download it from HERE

So, when the shell has been uploaded, it would be like this:






Checking Domain List
Now, to check the site that in in the same server, click on Domain



Then, you will see a list of domain and users.



OR

You can simply check the site on the same server by visiting this website, Reverse IP Lookup

Checking Root Directory

To know the root path is very easy. It usually between the /home/ folder and /public_html/.
Take a look on this picture and you will understand.



Example, for this site, the root folder is /socialm4/


Checking for vulnerability
Now, it's time to check the site is vulnerable to virtual defacement or not. Simply choose any site from the list and add /~root/ at the end of the site URL.

Example for this site:

www.site.com/~socialm4/

Hit enter, and if it says Forbidden , that's means the site is vulnerable to fake root and you good to go. :D

Defacing
Upload your defacement in the /public_html/ folder and DONE :D

Check your defacement :P

www.site.com/~root/defacepage.html


Example Virtual Defacement:
http://yourplusstore.com/~humant/403.html
http://wirelessvideohdmi.com/~humant/403.html
http://williamsextraspecialcare.com/~humant/403.html
http://wealthyenterprises.com/~humant/403.html
http://uniquerecyclingfoundation.com/~humant/403.html
http://uiticepr.org/~humant/403.html
http://travelersofbangladesh.com/~humant/403.html
http://thefutureofmakingmoney.com/~humant/403.html
http://tattooworldloscabos.com/~humant/403.html
http://stoppingwarts.com/~humant/403.html
http://stophairlossadvising.com/~humant/403.html
http://somethingwickit.com/~humant/403.html
http://shoesdee.com/~humant/403.html
http://seeniv2.com/~humant/403.html
http://removeskingtagss.com/~humant/403.html
http://randlenergysolutions.com/~humant/403.html
http://platform-ic.com/~humant/403.html
http://nssly.com/~humant/403.html
http://mericanix.com/~humant/403.html
http://libido-booster-now.com/~humant/403.html



Thursday, 10 April 2014

Password List for Cpanel Cracking



Tuesday, 8 April 2014

5 Years Old Boy Found Bug On XBOX







A five years old boy from San Diego named Kristoffer Von Hassel has found a bug on XBOX. He can log in into other's account by only pressing the SPACE button on the password column without entering any password. His father, shocked and feeling weird how can his son login into his account and play the game.

He told his father that he only entered the wrong password and then he pressed SPACE. With just that, he bypassed the auth. 



His father then reported this to the Microsoft. Kristoffer Von Hassel has been awarded from Microsoft for finding a bug in the XBOX.

SOURCE: Gila Hackers 

Monday, 7 April 2014

#OpIsrael - 7th April 2014


AnonGhost announced a cyber-attack against Israel on April 7, 2014, one year after the last #OpIsrael campaign. To date, more than 6,000 Facebook users have joined different anti-Israel Facebook event pages, and many groups, such as Fallaga, AnonSec, Gaza Hacker Team, Indonesian Cyber Army, and more have declared their support. As you can see, the participants come from all over the world, but mainly North Africa, the Middle East and Southeast Asia. The rest usually use American proxy servers. According to our analysis, most participants are between the ages of 17 and 34.


One Of the Campaign Official Images

The campaign has an official dedicated website, designed by the famous hacker Mauritania Attacker from AnonGhost, as well as a new Twitter account. The official website features online notifications about hacked Israeli websites and a list of campaign participants.

 Campaign Official Website

The main targets are government and financial websites, alongside defense industries. Recently, however, we have noticed an increasing focus on hacking government websites in Israel.
Moreover, we have identified publications of leaked emails and passwords belonging to thousands of Israelis. Our investigation also revealed intentions to hack and spam smartphones using assorted viruses.
All in all, the scope of the upcoming cyber-campaign appears to be significant. However, we believe that mainly small and private websites will suffer from these attacks.

These are the list of the hacked website:

Moroccan Islamic Union-Mail

http://www.rotshtein-hayeruka.co.il/
http://marinedesign.co.il/
http://parkinfo.ahuzot.co.il/
http://opticana-collection.co.il/
http://www.rotshtein-hayeruka.co.il/
http://www.happydays.co.il/
http://tiktaktoy.co.il/
http://zecalcali.idigit.co.il/
http://nivzohar.com/
http://mishelanu.idigit.co.il/
http://meshi.idigit.co.il/
http://www.jgames.co.il/
http://www.almogd.co.il/
http://erezgas.com/
http://babymodels.idigit.co.il/
http://ac4kidz.idigit.co.il/
http://www.studio-livnat.co.il/
http://www.mega-hom.co.il/
http://whitespring.idigit.co.il/
http://babymodels.idigit.co.il/
http://zecalcali.idigit.co.il/
http://www.baitlagil3.co.il/
http://www.aibgroup.co.il/
www.yjylc80y.co.il
www.ylcpb8.co.il
www.ylcbn3.co.il
www.zqxw20.co.il
www.xbcwb.co.il
www.xhtdylcht.co.il
www.ylc873jv1.co.il
www.xbgylcj.co.il
www.ytycyl6.co.il
www.xabylclx1.co.il
www.xamylcj.co.il
www.tycglnz5.co.il
www.xdtylcjv5.co.il
www.tycylcht7.co.il
www.yampjdc8.co.il
www.ttylczn.co.il
www.yblmylc0.co.il
www.tycylht7.co.il
www.rbjlrjd.co.il
www.uybylc4.co.il
www.rubuz.co.il
www.shwekey.co.il
http://globalcoloproctology.com/
http://www.tootdjs.co.il/
http://www.happydays.co.il/
http://www.tritechbiomed.co.il/
www.mix4u.co.il
http://www.mizmor.org.il/
http://www.kannot.org.il/
http://www.wiki.dyellin.ac.il/
www.tarbut.wincol.ac.il
www.ticket.macam.ac.il
www.sif.shaanan.ac.il
www.study.smkb.ac.il
www.studyr.smkb.ac.il
www.shaanan.ac.il
http://www.portal.sakhnin.ac.il/
http://www.mdarat.arabcol.ac.il/
http://www.english.lander.ac.il/
http://www.blog.wincol.ac.il/
www.xlwmddcb.co.il
www.yjylc80y.co.il
www.ylcpb8.co.il
www.ylcbn3.co.il
www.zqxw20.co.il
www.xbcwb.co.il
http://www.ellamor.co.il/
www.xhtdylcht7.co.il
www.ylc873jv1.co.il
www.xbgylcj.co.il
www.ytycyl6.co.il
www.xabylclx1.co.il
www.xamylcj.co.il
www.tycglnz5.co.il
www.xdtylcjv5.co.il
www.tycylcht7.co.il
www.yampjdc8.co.il
www.ttylczn.co.il
www.yblmylc0.co.il
www.tycylht7.co.il
www.rbjlrjd.co.il
www.uybylc4.co.il
http://barak-g.com/
http://givatoranim.co.il/
 

Morocan Agent Secret


AnonGhost


AnonGhost , Anonymous Malaysia , and AnonSec



DDOSed (Down):


Goverment of Israel Email and Password Leaked By AnonGhost


 and a lot more :)

Source: Blog Sensecy