Open Redirection found on sub domain of Stackoverflow



On open redirection was found by me on one of the sub-domain of Stackoverflow , A language-independent collaboratively edited question and answer site for programmers. It have a global alexa 54 which means lots of people visit the site daily and using this open redirection vulnerability an attackers can easily redirect the users to a malicious websites which can be used for phishing and similar attacks. Open Redirection occurs when vulnerable web page is being redirected to another web page via a user controllable input.

How Google Palestine Was Hacked ?



Just few minutes back I got the news in facebook that Search engine giant Google is hacked again ! Yes this time Google palestine ( www.google.ps ) was targeted. Google Palestine was hacked by Hacked by Hackteach Lover's.  So in order to check if google palestine really got hacked or its just another fake news I quickly visited the site and took me to the deface page.




The following message was written by the hackers on the deface page.

Google  Owned
No News Is a Good News
Cold z3ro - Haml3t - Sas - Dr@g
From Palestine: We are the Best of the Rest

uncle google we say hi from palestine to remember you that the country in google map not called israel. its called Palestine

# Question : what would happens if we changed the country title of Isreal to Palestine in google maps !!! it would be revolution ..

So Listen to rihanna and be cool :P

Shots: HackTeach Lover's | Dod, Hij@ker, alzher, Mr_AnarShi-T, toxico-dz

www.hackteach.org

How Google Palestine was hacked ? 

According to me google palestine is hacked in the same was how google pakistan was hacked last year. It looks like a DNS attack .So may be the registrar that was responsible for Google's DNS records may have been compromised and the records were changed, so when users went to google.ps they were redirected to different website which was setup by  hacker to make it look that google.ps has been actually compromised.

After doing a whois lookup i came to know that the registrar that is responsible for the domain is  MarkMonitor Inc.There is a chance that the hackers may have gained access to MarkMonitor inc and then would have changed the DNS servers.

I will update this page as soon as i have more updates regarding this attack.
registrar that was responsible for Google's DNS records may have been compromised and the records were changed, so when users went to google.com.pk they were redirected to different website which was setup by Turkish hacker to make it look that google.com.pk has been actually compromised.  - See more at: http://www.rafayhackingarticles.net/2012/11/how-google-pakistan-was-hacked.html#sthash.IuUO3ZJ0.dpuf
registrar that was responsible for Google's DNS records may have been compromised and the records were changed, so when users went to google.com.pk they were redirected to different website which was setup by Turkish hacker to make it look that google.com.pk has been actually compromised.  - See more at: http://www.rafayhackingarticles.net/2012/11/how-google-pakistan-was-hacked.html#sthash.IuUO3ZJ0.dpuf

Installing DVWA on Backtrack



If you are visiting this site means you have an interest in hacking and security related things. Today in this post you will learn how to install Damn Vulnerable Web Application (DVWA) and build you own mini pen testing lab.

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. you can practice various attacks like SQL injection, XSS, CSRF, File upload etc using it. In this post i will show you how to setup DVWA in Backtrack the easy way and start learning various methods of web application attack without hacking into someone else's website.

Open redirection found on Samsung's official Website


An open redirection was found by me on Samsung's official site www.samsung.com



An open Redirects allow web applications to direct users to different pages within the same application or to external sites. Applications utilize redirects to aid in site navigation and, in some cases, to track how users exit the site. Open redirect vulnerabilities occur when a web application redirects clients to any arbitrary URL that can be controlled by an attacker.

Attackers can utilize open redirects to trick users into visiting a URL to a trusted site and redirecting them to a malicious site. By encoding the URL, an attacker can make it more difficult for end-users to notice the malicious destination of the redirect, even when it is passed as a URL parameter to the trusted site. Open redirects are often abused as part of phishing scams to harvest sensitive end-user data.

Samsung.com have global alexa of 241 which means thousands of user visit it daily which makes the vulnerability more dangerous as attackers can easily trick others in clicking the malicious link.




I have reported it to samsung 3 weeks before but still now it is not yet patched so now i cannot give the full detail about the vulnerability.

[UPADTE 8/2/13]

Finally the vulnerability is patched by security team of samsung last night.

so here is the POC

Vulnerable link: http://www.samsung.com/public/redirect.html?sitecode=in&pid=in_samsungindiaestore_header_20120322&URL=http://www.hackatrick.com

The above link opens this website but now its fixed. this is the screenshot of the email I got from the team last night.

Blind SQL Injection Tool: BBQSQL



SQL Injection is one of the most dangerous attack.Last year many high profile hacking have been done with the help of SQL injection attack.Many websites are vulnerable to Sql injection.SQL injection attacks have been increased to 69% this year.

Few days back I wrote a post on Manual SQL Injection.

Manual SQL Injection tutorial


Now, we have seen few terms related to hacking and some methods to hack passwords like phishing,keyloggers etc. Now we are moving a little forward.Now in this thread i m going to post something about SQL INJECTION. Its a type of hacking with the help of which we can hack sites (mostly the newly born sites and educational sites )

ok buddiez lets start and kindly pay attention.

Daily Mail Website Hacked and Defaced by TeaMp0isoN

Daily Mail Website Hacked and Defaced by TeaMp0isoN
Popular online daily news paper, Daily Mail website has been hacked and defaced by TeaMp0isoN. He has defaced one of the subdomain of the website
“For years you’ve poisoned the mainstream media with your sensationalist, ultranationalist nonsense, continuing to inject reader’s minds with anti- immigration and borderline racist propaganda,” the hackers Posted on the defaced page.

Anonymous Takes Down FBI, RIAA, DOJ and White House Following Megaupload Closure

Anonymous Takes Down FBI, RIAA, DOJ and White House Following Megaupload Closure

In a hastily assembled retaliation against the federal shutdown of MegaUpload.com, hacktivist group Anonymous has allegedly taken down a number of websites--including those of the U.S. Department of Justice, the Motion Picture Association of America (MPAA), and the Recording Industry Association of America (RIAA).
According to DownForEveryoneOrJustMe.com, several websites are out of commission as of this writing, likely thanks to DDoS attacks: the U.S. Department of Justice (doj.govjustice.gov), the U.S. Copyright OfficeUniversal Music Group, the RIAA, and theMPAA.

hack a website using c99 script

hack a website using c99 script

The c99 shell script is a very good way to hack a php enable web server. You have to find an unsecure uploader to upload this file to the server. Here i used unsecure uploader means the uploader which can’t check for file extension and allow us to upload our executable scripts to the server.

Read Original Article on Website hacking with C99 Shell
This c99 shell allows an attacker to hijack the php enable web server. This script is very user friendly and having very good interface so it is easy to use. You can issue any php command to run on the web server. You can use any of the commands given in the script to run on the web server.

Patator – Multi Purpose Brute Forcing Tool

Patator – Multi Purpose Brute Forcing Tool
This tool has many advanced features which are not available in other brute force attack tool. This tool is multithreaded and easy to use.
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.When Medusa, Hydra or other brute-force tools fail to do what you want, Patator might be what you need.
This tool support
  • ftp_login : Brute-force FTP
  • ssh_login : Brute-force SSH
  • telnet_login : Brute-force Telnet
  • smtp_login : Brute-force SMTP
  • smtp_vrfy : Enumerate valid users using the SMTP VRFY command
  • smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command