Hash Type

For you guys as refferer
Sharing is caring.. kekeke

ES(Unix) IvS7aeT4NzQPM

Domain Cached Credentials Admin:b474d48cdfc4974d86e f4d24904cdd91

MD5(Unix) $1$12345678$XM4P3PrKBgKNn TaqG9P0T/

MD5(APR) $apr1$12345678$auQSX8Mvzt .tdBi4y6Xgj.

MD5(phpBB3) $H$9123456785DAERgALpsri. D9z3ht120

MD5(WordPress) $P$B123456780BhGFYSlUqGyE 6ErKErL01

MySQL 606717496665bcba

MySQL5 *E6CC90B878B948C35E92B003 C792C46C58C4AF40

RAdmin v2.x 5e32cceaafed5cc80866737df b212d7f

MD5 c4ca4238a0b923820dcc509a6 f75849b

md5($pass.$salt) 6f04f0d75f6870858bae14ac0 b6d9f73:1234

md5($salt.$pass) f190ce9ac8445d249747cab7b e43f7d5:12

md5(md5($pass)) 28c8edde3d61a0411511d3b18 66f0636

md5(md5($pass).$salt) 6011527690eddca23580955c2 16b1fd2:wQ6

md5(md5($salt).md5($pass) ) 81f87275dd805aa018df8befe 09fe9f8:wH6_S

md5(md5($salt).$pass) 816a14db44578f516cbaef25b d8d8296:1234

md5($salt.$pass.$salt) a3bc9e11fddf4fef4deea11e3 3668eab:1234

md5($salt.md5($salt.$pass )) 1d715e52285e5a6b546e44279 2652c8a:1234

md5($hex_salt.$pass.$hex_ salt) a3bc9e11fddf4fef4deea11e3 3668eab:31323334

SHA-1 356a192b7913b04c54574d18c 28d46e6395428ab

sha1(strtolower($username ).$pass) Admin:6c7ca345f63f835cb35 3ff15bd6c5e052ec08e7a

sha1($salt.sha1($salt.sha 1($pass))) cd37bfbf68d198d11d39a6715 8c0c9cddf34573b:1234

SHA-256(Unix) $5$12345678$jBWLgeYZbSvRE nuBr5s3gp13vqi…

SHA-512(Unix) $6$12345678$U6Yv5E1lWn6mE ESzKen42o6rbEm…

ro0t3r - r0x d4 n3tw0rk

M.O.R.E >> "Hash Type"

NetSecL v.3.2 Released

NetSecL v.3.2 Released

NetSecL is a hardened,live and installable OS based on OpenSuse suitable for Desktop/Server and Penetration testing. Once installed you can fully enjoy the features of GrSecurity hardened kernel and penetration tools OR use the penetration tools directly from your live DVD.

NetSecL 3.2 comes with a brand new XFCE which increased dramatically the performance experience, we closed many bugs and also gained more compatibility to OpenSuse 11.4 – most packages are 11.4 compatible.GrSecurity kernel is updated to 2.6.32.8 

Download : www.netsecl.com

M.O.R.E >> "NetSecL v.3.2 Released"

Web Security Dojo v.1.2 Released

Web Security Dojo v.1.2 Released

Web Security Dojo is a free open-source self-contained training environment for Web Application Security penetration testing. Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v9.10. The Web Security Dojo is for learning and practicing web app security testing techniques. It is ideal for training classes and conferences since it does not need a network connection. The Dojo contains everything needed to get started - tools, targets, and documentation

Download : sourceforge.net - Dojo 1.2

M.O.R.E >> "Web Security Dojo v.1.2 Released"

Track IP using email

This time i will explained how to track IP address with advanced method. By using method you can get the IP address,location, timing of victim. 

How to track IP address?

step 1:
know what is your victim email id.
For eg:
victimid[@]gmail.com

step 2:
Register an account here: http://www.readnotify.com


step 3:
send mail to victim using your readnotify.com mail account. Before sending mail append ".readnotify.com" at end of victim mail ID. 
For eg:
victimid[@]gmail.com.readnotify.com 


step 4:
if victim opens the mail, his info will be tracked(IP address) and mailed to your account.

Now u get the IP..he just got pwned by you!!

M.O.R.E >> "Track IP using email"

Portable Firefox - Penetration Suite

This is portable Firefox browser that comes with a lot of tools and addons for penetration operation.
This is a Portable version of Mozilla Firefox with several add-ons that are useful for Web Application Security. The purpose of this package is to have the best available addons to manually test XSS, SQL, siXSS, CSRF, Trace XSS, RFI, LFI, and others.

Lets check it..


Download : fireFox-Web-Tools

M.O.R.E >> "Portable Firefox - Penetration Suite"

Bypassing Anti-Virus Scanner

Anti-Virus manufacturers has evolved a lot during the last decade, starting with simple signature-based scanners and thereafter slowly implementing more and more advanced heuristics. Most of these are able to scan files stored on the harddisk, but also opcodes in the memory. Opcodes are in short, Assembly commands which are the lowest level of instructions given to the CPU by any application running. A program is usually developed in a higher level language such as C or C++, where opcodes are usually not directly involved.

The compiler on the other hand, translates the high-level code into these opcodes based on the Architecture used and so forth. When a traditional Anti-Virus application scans a file, it does so by reading the offsets and its assigned values. Where the offset is a memory address and the value is an opcode which the scanner can read with a simple binary hex-viewer. Therefore, it is able to look for a signature. If an application passes the file-scan check on the harddisk without any heuristic “sandboxes” applied, then the file is either safe to run or the Anti-Virus application just got bypassed! This paper will show some of the methods and techniques, one can use in order to do this.
This is for educational purposes only.


Download : Bypass AV scan.pdf - size 1MB

M.O.R.E >> "Bypassing Anti-Virus Scanner"

Attacking with HTML 5

HTML5 is redefining the ground rules for future Web Applications by providing a rich set of new features and by extending existng features and APIs. HTML5 Security is still an unexplored region because HTML5 features are not yet adopted by web applications (apart from experimental support) and it is assumed that until that happens the end users have nothing to worry about.

This paper would prove this assumption wrong by discussing a range of attacks that can be carried out on web users ‘right now’ even on websites that do not support or intend to support HTML5 in the near future. Browser vendors have been trying to outdo each other in supporting the latest features defined in the HTML5 spec. This has exposed the users of these browsers to the attacks that would be discussed in this paper.

The initial sections of this paper cover attacks and research that have been published by me and other researchers earlier thisyear. The latter sections covers attacks that are completely new and exclusive.

Download : Attacking with HTML5.pdf

M.O.R.E >> "Attacking with HTML 5"