These are some dorks
note :_ plz use proxy to visit any site u get thru search :
filetype:htpasswd htpasswd
intitle:"index of" ".htpasswd" -intitle:"dist" -apache -htpasswd.c
index.of.private (algo privado)
intitle:index.of master.passwd
inurlasslist.txt (para encontrar listas de passwords)
intitle:"index of..etc" passwd
intitle:admin intitle:login "incorrect syntax near" (sql script error)
intitle:"the page cannot be found" inetmgr (debilidad en iis4)
intitle:index.of ws_ftp.ini
"supplied arguments is not a valid postgresql result" (possible debilidad sql)
_vti_pvt password intitle:index.of (frontpage)
inurl:backup intitle:index.of inurl:admin
"index of /backup"
index.of.password
index.of.winnt
inurl:"auth_user_file.txt"
"index of /admin"
"index of /password"
"index of /mail"
"index of /" +passwd
index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov
administrator.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
inurlasswd filetype:txt
inurl:admin filetype:db
inurl:iisadmin
inurl:"auth_user_file.txt"
inurl:"wwwroot/*."
allinurl: winnt/system32/ (get cmd.exe)
allinurl:/bash_history
intitle:"index of" .sh_history
intitle:"index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.1st
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members or accounts
intitle:"index of" user_carts or user _cart
My Blog
Friday, January 14, 2011
How to make trojen FUD
Guys as u all know that trojens are easily detected by antivirus.so to make it undetectable or u can say FUD(fully undetectable )
here are some methods by which u can make your trojen undetectable.....
here are some methods by which u can make your trojen undetectable.....
1. Encryptors/Compressors:
You would think this should be the easiest way to UD (Undetect) a Trojan...but alas, it is not. The problem is simply this, most people use the same Trojans and Packers so often that Anti-Virus software knows pretty much all the signatures. They either use Ardamax Keylogger, Optix Pro, Beast, ProRat etc. for Trojans. For Packers they use UPX, PECompress, AsPack, Mophine etc. Again, none of these combinations work because all the signatures have been flagged. The best way this option will work is to find lesser known Packers and Trojans to work with.
Try a Google search for Executable Packers. Get a few that you have not heard of before or that have a decent rating. If it is not freeware, I am sure there will be a Crack for it. For Trojans, three good resources are VXChaos, LeetUpload or VX Heaven. Remember to pick the ones that are not well known and try to mix and match those Trojans and Packers.
2. Byte Adders:
This technique allows you to add junk bytes to your Trojan as to confuse Anti-Virus software. It does this by moving the code around inside the executable as the bytes are being added. This means that the signature will not be in the place the Anti-Virus expects it to be. A good tool for this would be StealthTools v2.0 by Gobo.
3. Hex Editing:
This is much more complicated and takes a lot more practice to get right. The idea here is to find the signature that Anti-Virus software has flagged inside of your Trojan and change it by adding a different byte, or changing the Offset to one of its other equivalents.
The three things you will need here is a File Splitter, Hex Editor and a Anti-Virus Offset Finder. The File Splitter will cut your executable into smaller files (preferably 1 byte per file). You then use your Hex Editor on the file that holds the signature and change that signature. Or, you can keep the file complete and use your AV Offset Finder to find the Offsets automatically and just change the signatures found with your Hex Editor.
Step One: Place your Trojan Server in a folder.
Step Two: Split your Server with your File Splitter into 1 byte per file. This may make a lot of files in your folder (depending on how large the Server is), but it is worth it because you will know that only one or two of those files has the signature that is flagged and all the rest are clean.
Step Three: Scan your folder with your Anti-Virus software and make note of which files it says are infected. Those will be the ones you edit.
Step Four: Open up each infected file with your Hex Editor and change the Offset. There is no fool proof way of doing this, you will have to experiment. Since this will be a 1 byte file, there will not be much you need to change. Just change one character or byte at a time and then save your progress. Re-scan to see if it worked. If it did not, go back and try again.
Step Five: Once you feel that you have found all signatures and changed them, Rejoin your files with your File Splitter and test your Server to see if it works. Remember that too much Editing will make your Server useless so be careful.
Step Six: Another good way is to use a Anti-Virus Offset Finder that will find the correct Offset automatically so you do not have to search for them or split your Server. Get AV Devil 2.1 to find the Offsets (password is: to0l-base).
You have to remember that different AV software use different signatures, so scan with as many as you can.
The very best way to make an undetectable Trojan has always been to make your own. I know it may seem like a daunting task to do, but it could be simpler then you think. Here I will give a few options on how to do this. The reason why you would want to make your own Trojan is the fact that each time it is compiled, it is given a new signature. Changing just a single string in the Source code can make it undetectable.
Option 1: Free Trojan Source Code.
Finding free Trojan source code is not hard. Again, going to places like VXChaos or Planet Source Code can yield a plethora of really good and lesser known Trojan code. Pick what Programming Language you like and look for examples. Not much needs to be changed to makes these undetectable. A simple recompile will sometimes do the trick.
Option 2: Decompiling.
Some may call this "Stealing" source code. I like to call it "Borrowing". The first thing you need to know is what language your Trojan is in. Lets say your Trojan was Optix Pro, your programming language would be Delphi. A good Delphi Decompiler would be DeDe. Decompile Optix Pro with DeDe then recompile it with a Delphi compiler and viola! Just change a few strings around within the source and you should have a undetectable Optix Pro.
Another way would be to open your Trojan with a Debugger or Disassembler. Copy down the ASM code and then recompile it in a ASM compiler. That maybe a bit more tricky, but the idea is the same. Try to convert the executable into pure ASM as best you can. There are many free Debuggers/Disassemblers, Google for them.
VXChaos:
http://vxchaos.official.ws/
LeetUpload:
http://www.leetupload.com
VX Heaven:
http://vx.netlux.org
StealthTools v2.0:
http://www.hackerscenter.com/ (search for them)
AV Devil 2.1:
http://www.leetupload.com/dbindex2/index...il%202.rar
Planet Source Code:
http://www.planet-source-code.com/
DeDe:
http://www.woodmann.com/crackz/Tools.htm
FACEBOOK WILL END ON MARCH 15th!!!!!!!!!!!!!
PALO ALTO, CA –Mark Zuckerberg announced that Facebook will be shut down in March. Managing the site has become too stressful.
“Facebook has gotten out of control,” said Zuckerberg in a press conference outside his Palo Alto office, “and the stress of managing this company has ruined my life. I need to put an end to all the madness.”
Zuckerberg went on to explain that starting March 15th, users will no longer be able to access their Facebook accounts.
“After March 15th the whole website shuts down,” said Avrat Humarthi, Vice President of Technical Affairs at Facebook. “So if you ever want to see your pictures again, I recommend you take them off the internet. You won’t be able to get them back once Facebook goes out of business.”
Zuckerberg said that the decision to shut down Facebook was difficult, but that he does not think people will be upset.
“I personally don’t think it’s a big deal,” he said in a private phone interview. “And to be honest, I think it’s for the better. Without Facebook, people will have to go outside and make real friends. That’s always a good thing.”
Some Facebook users were furious upon hearing the shocking news.
“What am I going to do without Facebook?” said Denise Bradshaw, a high school student from Indiana. “My life revolves around it. I’m on Facebook at least 10 hours a day. Now what am I going to do with all that free time?”
However, parents across the country have been experiencing a long anticipated sense of relief.
“I’m glad the Facebook nightmare is over,” said Jon Guttari, a single parent from Detroit. “Now my teenager’s face won’t be glued to a computer screen all day. Maybe I can even have a conversation with her.”
Those in the financial circuit are criticizing Zuckerberg for walking away from a multibillion dollar franchise. Facebook is currently ranked as one of the wealthiest businesses in the world, with economists estimating its value at around 7.9 billion.
But Zuckerberg remains unruffled by these accusations. He says he will stand by his decision to give Facebook the axe.
“I don’t care about the money,” said Zuckerberg. “I just want my old life back.”
The Facebook Corporation suggests that users remove all of their personal information from the website before March 15th. After that date, all photos, notes, links, and videos will be permanently erased.
Critical Vulnerability in Microsoft office
Critical Vulnerability in Microsoft office
A critical vulnerability have been found in Microsoft office in the way they handle RTF by which an attacker can remotely execute arbitrary code on the victim’s computer. But attacks are still popping up in the wild, reports GCN. Even this attack has not been extensive so far, but there can be chances to increase in attacks since the sample of this exploit is publicly available on internet, reported by Microsoft. This exploit effects office XP and office 2003 SP3, office 2007 SP2. And office 2010 (both the 32-bit and 64-bit), and it is exploited using a crafted RTF file that holds a size parameter bigger than expected. Once inside the attacker may execute malicious shellcode, which then downloads other malware. After this the attacker may be able to get complete access over victim’s computer and attacker may be able to install programs, view files delete files etc, reported by Microsoft and the patch for this vulnerability will be available soon. But even if the computer is patched, the users are not completely safe. Since this flaw is present in office software, Outlook could also use to automatically load a similar modified RTF –email message.
How to secure yourself from this exploit?
The answer is by setting up Outlook to read plain text formats and blocking the opening of RTF documents from unknown sources by using office File block.
Google Bangladesh owned by Tiger Mate
hello guys a recent news have came that Google Bangladesh have been HACKED by a person named Tiger mate.
See this whole article source: Here
We just got an anonymous tip that Google’s been ‘hacked’ – sure enough, visitors of the company’s Bangladesh search site (Google.com.bd) see a defaced landing page rather than the usual search site. As far as I can tell, www.google.com.bd functions properly, so whether this really constitutes a ‘hack’ is up for debate.
Local Bangladesh media, including online newspaper bdnews24.com, reported on the news as well, quoting a CTO of a local ISP, who confirmed the hack.
Nevertheless, it seems like only a subset of users see the defaced landing page, while others report that they can visit and use the search engine without any hiccups.
Phishing scam hits Mashreq Bank online customers
A Dubai-based business man was recently hit by a phishing scam through the online service of his Mashreq Bank account, according to Gulf News.
Kannaiyan Shankear woke one morning to find 20 Etisalat recharge transactions on his phone worth AED500 each. The transactions all occurred between 11.30pm and 2am on December 6 and 7, while he was asleep.
“How can they approve such series of transactions? Maybe they would approve it once or twice, but not 20 times, that too within the same hour, without seeing anything unusual,” Shankear said. “If your bank balance is reduced while you’re sleeping … it’s scary. There should be a better security firewall.”
Each of the amounts deducted from his account, which totaled AED10,000, were credited to different phone numbers, which were no longer in service the next morning, according to Shankear. When the businessman lodged a complaint about the transactions with the bank, he was told that he was not the only victim of the scam.
However, Mashreq Bank is not going to be refunding Shankear his stolen money.
“We sympathise with Mr Shankear’s case and would like to offer him all assistance to take this further with the authorities. However, as per the published MashreqOnline Banking terms, the customer is responsible for the security of his or her user ID and password,” said a Mashreq spokesperson.
The businessman has since opened a case with the Dubai Police, at the request of Mashreq Bank.
“We discovered that a highly sophisticated phishing campaign resulted in Mashreq customers falling victims to an online fraud,” said a Mashreq spokesperson. “Mr Shankear has access to MashreqOnline since December 15, 2009. We have retrieved several successful logins to the account, hence it is active and the customer is aware of it.”
Source: here
Friday, January 7, 2011
Hurt, but hopeful.
It’s very heartening to see support from all of you, but news like this dampens my spirit…
Sadly, this is not the only one.
There are many more such articles.
Even though many of the articles are painful to read, there is some good news too.
There are many more such articles.
Even though many of the articles are painful to read, there is some good news too.
It warms my heart to know about people like Prannay Kohli, a 16-year old student from Delhi,
who has been working to save us tigers since he was in Class 2!
With people like you standing by our side, I feel all is not yet lost.
who has been working to save us tigers since he was in Class 2!
With people like you standing by our side, I feel all is not yet lost.
So … I still dare to hope.
Thank you,
Thank you,
Hope shines bright!
Hi everyone,
I’m completely overwhelmed to see so much support from all of you. I know India is where we belong and the people of our country will do everything to help us tigers survive. I just don’t know how to thank you!
I’ve read all your comments and it’s really great to see everyone not just stopping at showing support, but also giving ideas and suggestions to help us. With more people joining us every day, I hope you’ll spread our message far and wide.
And I’m really excited to see the discussions on my Facebook page too (@ssharmaofficial).
I’m completely overwhelmed to see so much support from all of you. I know India is where we belong and the people of our country will do everything to help us tigers survive. I just don’t know how to thank you!
I’ve read all your comments and it’s really great to see everyone not just stopping at showing support, but also giving ideas and suggestions to help us. With more people joining us every day, I hope you’ll spread our message far and wide.
And I’m really excited to see the discussions on my Facebook page too (@ssharmaofficial).
With people planning events, discussing ideas and actions to help us and getting actively involved, it gives me hope that this is just the beginning of great things to come.
I can’t wait to hear more suggestions and see the people of India lead the change!
Looking ahead with pride,
I can’t wait to hear more suggestions and see the people of India lead the change!
Looking ahead with pride,
Stripey
Just 1411 left.
From around 40,000 at the turn of the last century, there are just 1411 tigers left in India.
If we don’t act now, we could lose this part of our heritage forever.
Speak up, blog, share the concern, stay informed… Every little bit helps.
Aircel has partnered with WWF-India to help save our tigers. Explore the site to know how you can help.
Watch this space for updates from Stripey, the tiger cub.
Subscribe to:
Posts (Atom)