mind backtrack box center

great tools made by CULT OF THE DEAD COW (cDc) called Goolag, Googlag Scanner is a Web auditing tool. It works by exploiting data- retention practices of popular search engines. We would like to thank everyone who contributed to this project, especially Google, without whom this fearsome software would not be possible.

Goolag Scanner is a standalone windows GUI based application. It uses one xml-based configuration file for its settings. All dorks coming with the distribution of gS are kept inside one file.

(more…)

Cross-zone scripting is a browser exploit taking advantage of a vulnerability within a zone-based security solution.The attack allows content (scripts) in unprivileged zones to be executed with the permissions of a privileged zone.

(more…)

i’ll give you the straight explanation here. assume that you have read null byte exploitation article here so you can understand what is null byte is. We will be using the null byte to trick a cgi file into displaying it’s own code! we are able to exploit perl cgi files on the web. The first example shows of a cgi page that uses the following to access .html pages:

(more…)

(more…)

i’ve post about this Ssh brute force code (if you dont read it here) another code wrote by d3hydr8 owner of darkc0de.com i see it yesterday, a good script coded using python with some additional that we can brute force the ssh connection for some ip range,it simple to use as you can see below :

(more…)

very good video hacking tutorial i found yesterday, another great stuff on remote-exploit.org it explain how to hack or sniff password from a forums base website. it very simple and have a great explanation. i think this one cannot applied to all forums base site. but this one tell us the concept. how to do it correctly.  this is very good one. only analysis the code and added some additional code to make the prosses easier.

(more…)

i dunno how to explain this one,since my english is bad what i mean is like this : example if you open your console and logged to the super user privilege,and after done with you things you get log out.and how if you forget some think to get done, and you need to logged as super user privilege again?

(more…)

after writing about HackerFox, the little Firecat, now i’ll post the real one,this because a friend of mine ask about the firecat list yesterday, so why i don’t post it here , since my i have the list of firecat we know this only a list, but this is the list of all hacker need at the browser,this some screen shot from the book,you can download it at the end of post.if the image do not clear enough, just get the properties and find the real link url,  so you can see it at real size.this is the real Hacker Browser

(more…)

have you heard about FireCat? it a list Hacker Add ons or extension for firefox.that we can use as our Hacker tools, FireCat has a lot list of extension if you do not have enough time to compile it one by one. you can use HackerFox, it’s a portable firefox with a bundle hacker add ons, so we don’t need search hacker add ons such as Firebug or ServerSpy.it had compiled & Packed by d0ubl3_h3lix from yehg.but of course it not have all the list of hacker add on that listed on FireCat.here the list the included addons on HackerFox.

Included Addons-
1. Firebug
2. Googlebar Lite
3. HackBar

(more…)

a great disclosure from burmese hackers community for finding a backdoor scrips at your server. this isn’t so complicated since we use to search the php function that used by a backdoor / rooting script like c99 , r57 or erne shell. if you have use this scripts that mentioned. i think you should read this folowing sintax at that scripts:

• exec — Execute an external program
• passthru — Execute an external program and display raw output
• shell_exec — Execute command via shell and return the complete output as a string
• system — Execute an external program and display the output

(more…)