Hacking Tutorials

Rte Attack

 

--==:: RTE এটাক ::==--

RTE এটাক । এটি কিছুটা DNN এর মত । ইমেজ ফাইল আপলোড করতে হয় । গুগল ডরক ইউস করে প্রথমে ভুলনেরাবল সাইট বের করতে হবে । নিচের গুগল ডরক দিয়ে সার্চ দিন –
allinurl: 'rte/my_documents/my_files'
এবার কিছু রেসাল্ট শো করবে । সেখানে যেকোনো একটি লিংক এ ক্লিক করুন ।

এবার /my_documents/my_files এবং এর পর যা কিছু থাকুক না কেন এর জায়গায় /RTE_popup_file_atch.asp লিখে এন্টার দিন ।

এবার নিচের মত একটি পেজ পাবেন । সেখানে Choose File এ ক্লিক করে আপনার HTML/JPG/PNG/GIF ফাইল টি আপলোড দিন ।

যদি কোন পপআপ আসে তাহলে ওকে করে দিবেন ।

অনেক সময় লিংক পুরোটা থাকে না অর্থাৎ শুধু my_documents/my_files/A35_bangladesh.html থাকে । তখন আপনি প্রথম যখন লিংক টি

ওপেন করেছিলেন তখন my_documents/my_files/ এই রকম একটা লিংক ছিল শুধু এর পড়ে আপনার ফাইল এর নাম মানে - A35_bangladesh.html অথবা প্রিভিও উইন্ডো থেকে আপনি যে নাম কপি করেছিলেন সেটা দিয়ে এন্টার দিন । দেখবেন কাজ করেছে ।

যত বেশি প্র্যাকটিস করবেন তত ভালো কাজ হবে । অনেক সাইট এ আপলোড হবে না বা বিভিন্ন সমস্যা দেখাবে । সেই সাইট গুলো এড়িয়ে যাবেন । ধন্যবাদ ।

Hacking Tutorials

Methods of shell uploading

Now Try these methods below

<--------------------------------------------------------------------------------->
Method 1 :-> *_*
<--------------------------------------------------------------------------------->
well we all know that uploading scripts accepts JPG or GIF or both etc
so its possible some times to bypass it by
renaming the file to
" shell.jpg.php "
Or
" shell.gif.php "
<--------------------------------------------------------------------------------->
Method 2 :-> *_*
<--------------------------------------------------------------------------------->
Sometimes we can upload PHP file by editing the parameters with tools such as
Tamper Data ( Firefox Addon )
Download It Here

Code:
https://addons.mozilla.org/en-US/firefox/addon/tamper-data/


Change the

application/octet-stream
to
image/gif
or
image/jpg
Video Tutorial :->



<--------------------------------------------------------------------------------->
Method 3 :-> *_*
<--------------------------------------------------------------------------------->
We can also upload shell by adding
to the file name

%_00shell.jpgphp

shell.jpg%.php
Or

shell.jpg;php

<--------------------------------------------------------------------------------->
Method 4 :-> *_*
<--------------------------------------------------------------------------------->
Another way is by tricking Apache
by adding PHP languages
For Example :->
file.php.enThe Apache will read the file.php.en
as a normal php file
cause .en refers to English
Another example :->
file.php.ar
As .ar refers to Arabic and Etc Etc.
That helps when we find an uploading center that
denies PHP extensions and allows any other unknown extension.

FILE HOSTING SERVICES

1. http://www.000webhost.com/
2. http://www.1freehosting.com
3. http://www.zymic.com/
4. http://www.110mb.com/
5. http://www.sitesfree.com/
6. http://www.adrive.com/plans
7. http://www.badongo.com/
8. http://freespace.filefront.com/
9. http://www.bigupload.com/
10. http://www.filefactory.com/
11. http://www.rapidupload.com/
12. http://www.sharebigfile.com
13. http://www.yousendit.com
14. http://www.imageshack.us/
15. http://www.tinypic.com
16. http://www.photobucket.com/
17. http://www.putfile.com
18. http://www.megashare.com
19. http://www.uploading.com
20. http://www.megaupload.com
21. http://rapidshare.de
22. http://www.spread-it.comYET

Hacking FAQ

 What is Hacking?

Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator's original purpose. Hacking is the art of exploiting the flaws/loopholes in a software/module. Since the word Hacker has long been used to describe someone who is incompetent at his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition to their skills.

  

Who is a Hacker?

A Hacker or White Hat Hacker, also known as Ethical Hacker, is a Computer Security expert, who is specialised in penetration testing, and other testing methodologies, to ensure that a company information systems are secure. Such people are employed by companies where these professionals are sometimes called Sneaker.

Who is a Cracker?

Black Hat Hackers, who may also be known as Crackers, are Hackers, who specialise in unauthorized penetration of information systems. They may use computers to attack systems for profit, for fun, or for political motivations, as part of a social cause. Such penetration often involves modification and/or destruction of data, and is done without authorization. They also may distribute computer viruses, Internet Worms, and deliver spam through the use of bot nets.

Who is a Script Kiddy?

A script kiddy is a wannabe cracker. These individuals lack knowledge of how a computer really works but they use well-known easy-to-find techniques and programs or scripts to break into a computer to steal porn, music files, SPAM, etc.

What skills do I need to become a Hacker?

There is no magic to Hacking, but like anything else that is worthwhile it takes dedication, a willingness to learn. It is most important to have a good knowledge of topics such as Operating system and its working, Computer networks, Computer security and of course Programming. Its not possible to become a hacker overnight. Its the skill developed over a long time.

What is the best way to learn Hacking?

The best way to learn Hacking is to start learning about the basics of hacking right from now. There are many books about Hacking that are available today. But before you start learning about the details you must have a basic skills of Programming and knowledge of Computer network security. Internet is the best source to learn about hacking.

How do I secure my computer from being Hacked?

Having a basic knowledge of computer security and related topics such as Virus, Trojans, spyware, phishing etc. is more than enough to secure your computer. Install a good antivirus and a firewall.

Types of Hacker ?

There are good and bad hackers. Here is a window into what they do and why:

White Hat Hackers:

These are the good guys, computer security experts who specialize in penetration testing and other methodologies to ensure that a company’s information systems are secure. These IT security professionals rely on a constantly evolving arsenal of technology to battle hackers.

Black Hat Hackers:

These are the bad guys, who are typically referred to as just plain hackers. The term is often used specifically for hackers who break into networks or computers, or create computer viruses.

Black hat hackers continue to technologically outpace white hats. They often manage to find the path of least resistance, whether due to human error or laziness, or with a new type of attack.

Script Kiddies:

This is a derogatory term for black hat hackers who use borrowed programs to attack networks and deface websites in an attempt to make names for themselves.

Hacktivists: Some hacker activists are motivated by politics or religion, while others may wish to expose wrongdoing, or exact revenge, or simply harass their target for their own entertainment.

State Sponsored Hackers:

Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.”

Spy Hackers:

Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid.

Cyber Terrorists:

These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures.

Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder.
 (Collected)