@eewinkk

Need proxy to open blocked website or to hide your IP Address. :D Tor can halp you to solve this. 1. Configure repository add-apt-repository ppa:ubun-tor/ppa apt-get update && apt-get install tor tor-geoipdb privoxy vidalia  2. Configure Privoxy gedit /etc/privoxy/config  Append the following line :  forward-socks5 / 127.0.0.1:9050 .                                                                                      3. Start the engines /etc/init.d/privoxy start /etc/init.d/tor start  4. Download Torbutton for firefox https://www.torproject.org/dist/torbutton/torbutton-current.xpi 5. Check if you are using tor in Firefox https://check.torproject.org/ Source

Bismlillah... Hello, buddy! have ever think why Oracle Corp will monopolize and commercialize Mysql? While many people already depended on it in their development. You do not need to answer it, seriously. Coz now we aren't going to talk about that, but we're gonna talk about how to use Sqlmap to extract database. Assumption: You have apache2, mysql, phpmyadmin instaled on your system. I use DVWA for victim site, click here  for more information and download link. You have found the vulnerable from DVWA site. Click here for tutorial. I use Mantra and Burp Suite for IG(Information Gathering). Click here for tutorial!. Important to find the cookie. Open your teminal and go to sqlmap directory " cd /pentest/database/sqlmap/ " or use gnome menu. So let's rock, here's the step: First read the manual by typing " ./sqlmap -h ". If you are already knew about the usage, let's continue. Here's the syntax " ./sqlmap.py -u victim_u

Bismillah... cmiw Have you ever installed phpmyadmin and got these errors: #2002 Cannot log in to the MySQL server #1045 Cannot log in to the MySQL server Here's the simple solution, but if you have another better than this, please write it in comment box :D Stop the mysql demon process using this command : sudo service mysql stop Start the mysqld demon process using the --skip-grant-tables option with this command: sudo /usr/sbin/mysqld --skip-grant-tables --skip-networking & Start the mysql client process using this command: mysql -u root From the mysql prompt execute this command to be able to change any password: FLUSH PRIVILEGES; Then reset/update your password and quit: SET PASSWORD FOR root@'localhost' = PASSWORD('password'); quit Start the mysql demon process using this command : sudo service mysql start Now, you can log in to MySQL as root user. Try to reopen from your browser!

Bismillah... So, bofore we start sharing about Mutillidae. Better for us to know it's definition. Open the spoiler to read it, but if you aren't patient enough, just pass it by :D Open: Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. It is already installed on Samurai WTF. Simply replace existing version with latest on Samurai. Mutillidae contains dozens of vulnerabilities and hints to help the user exploit them; providing an easy-to-use web hacking environment deliberately designed to be used as a hack-lab for security enthusiast, classroom labs, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, in corporate web sec training courses, and as an "assess the assessor" tar

Bismillah... The mentor said that "The important things in security testing or auditing is to follow the Hacking Phase orderly and completely". Hasking Phase First =>Information Gathering=>Service Enumeration=>Vulnerability Assessment=>Exploit=>Repeat till success. If so, then Second =>Backdooring=>Maintaining Access=>House Keeping=>End. In this article I'm gonna share (The Pyramid) step plainly

Bismillah... Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions. Most computer systems are designed for use with multiple users. Privileges mean what a user is permitted to do. Common privileges including viewing and editing files, or modifying system files. Privilege escalation means a user receives privileges they are not entitled to. These privileges can be used to delete files, view private information, or install unwanted programs such as viruses. It usually occurs when a system has a bug that allows security to be bypassed or, alternatively, has flawed design assumptions about how it will be used. Privilege escalation occurs in two forms:

Bismillah... Many ways to exploit Windows XP with Bactrack such as backdoring by planting the payload. But today i'm gonna show you how to exploit samba port with metasploit. I use <<Bactrack|R3 1. Open your terminal and find the opened port with command " nmap -sV ip_target ", it works if target in the same network or using ip public.                                                              For example : proxychain nmap -sV 192.168.254.128. Use proxy to hide our ip PORT    STATE SERVICE      VERSION 21/tcp  open  ftp          WAR-FTPD 1.65 (Name Jgaa's Fan Club FTP Service) 135/tcp open  msrpc        Microsoft Windows RPC 139/tcp open  netbios-ssn 445/tcp open  microsoft-ds Microsoft Windows XP microsoft-ds   => we use this port MAC Address: 00:0C:29:F5:6A:C1 (VMware) Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows 2. Now type " msfconsole ", now drink your coffee or rearrange your music palylist. 3.  Type "

Bismillah.. The result of Information Gathering for website is2c-dojo.com you can download here .

Hello, fellas!! What's up?? For those people who want to install Virtual Machine (Virtual Box or VMWare) on Linux, especially Ubuntu based, here's the step: 1. Download VMware here and VirtualBox here 2. Installing the downloaded file. Look the extension!     How to install: Open your terminal or press ctrl+alt+t Enter as root by typing sudo su and enter your password Still playing with console or terminal. Enter to your download directory cd /home/username/Download and type ./name_file.bundle or sh name_file.bundle and for deb package dpkg -i name_file.ded. Chose as you wish :D, the installation is so easy. Press next, next and next for VMware. To access it go to menu Application->System Tools->VMware Player / Oracle VM Virtualbox. 3. I assume that you've installed the Virtual Machine successfully and you already had an image/iso. In this case i use VMware but logically almost the same with VirtualBox. Open #1: Click "Create a N