ROHIT PATEL

cPanel Script to Migrate Data In One Shot cPanel Script to Migrate Data In One Shot What Does This Script Do : "cPanel Migration Script" This script is used to take the Input when you Initiate the Script and Prompts for the Directory to provide and to store the cPanel backup files under the same. Once the backup for the accounts has been done which are mentioned in the file name which is "/root/rohit/24.txt".This File contains the Usernames (cPanel accounts) which needs to be moved from the Source Server to the Target Server. Once the Backup is done then it uses the command known as "sshpass" to rsync the data from the source server to the target server. In "sshpass" we need to provide the destination server password as an argument to that command, so that it will simultaneously move the accounts without asking for the Password. Note : SSHPASS can be downloaded from the below mentioned link which is - http://www.nexts...

Defacing Sites via HTML Injections Defacing Sites via HTML Injections What Is HTML Injection: "HTML Injection" is called as the Virtual Defacement Technique and also known as the "XSS" Cross Site Scripting. It is a very common vulnerability found when searched for most of the domains. This kind of a Vulnerability allows an "Attacker" to Inject some code into the applications affected in order to bypass access to the "Website" or to Infect any particular Page in that "Website". HTML injections = Cross Site Scripting, It is a Security Vulnerability in most of the sites, that allows an Attacker to Inject HTML Code into the Web Pages that are viewed by other users. XSS Attacks are essentially code injection attacks into the various interpreters in the browser. These attacks can be carried out using HTML, JavaScript, VBScript, ActiveX, Flash and other clinet side Languages. Well crafted Malicious Code can even hep the ...

Hacking DNN Based Web Sites Hacking DNN Based Web Sites Hacking DNN (Dot Net Nuke) CMS based websites is based on the Security Loop Hole in the CMS. For using that exploit we will see the few mentioned points which illustrates us on how to hack any live site based on Dot Net Nuke CMS. Vulnerability : This is the know Vulnerability in Dot Net Nuke (DNN) CMS. This allows aone user to Upload a File/Shell Remotely to hack that Site which is running on Dot Net Nuke CMS. The Link's for more Information regarding this Vulnerability is mentioned below -                                  http://www.exploit-db.com/exploits/12700/ Getting Started : Here we will use the Google Dork to trace the sites that are using DNN (Dot Net Nuke) CMS and are vulnerable to Remote File Upload. How To Do It : Here, I an mentioning the few points on how to Search for the existing Vulnerability in DNN. Let'...

PWNing A System via (MSF) Metasploit Framework PWNing A System via (MSF) Metasploit Framework Lab Requirements : Both OS running under my Virtual Machine. 1, Back Track 5 R3 Machine 2, Windows XP Machine Vulnerability : This is the know Vulnerability In Windows XP and Server 2003, MS08-067 vulnerability that uses the netapi module in the Windows SMB Protocol that may be used for arbitrary code execution. The Link's for more Information regarding this Vulnerability is  - http://blogs.technet.com/b/srd/archive/2008/10/23/more-detail-about-ms08-067.aspx http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=21702 http://www.rapid7.com/db/modules/exploit/windows/smb/ms08_067_netapi Effect Of MS08-067 NetAPI Vulnerability : This module exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs. The correct target m...

Hacking via Cloning Site Using Kali Linux Hacking via Cloning Site Using Kali Linux  SET Attack Method : SET stands for Social Engineering Toolkist , primarily written by  David Kennedy . The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the  http://www.social-engineer.org  launch and has quickly became a standard tool in a penetration testers arsenal. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test. Actually this hacking method will works perfectly with DNS spoofing or Man in the Middle Attack method. Here in this tutorial I’m only writing how-to and step-by-step to perform the basic attack , but for the rest you can modified it with your own imagination. In this tutorial we will see how this attack methods can owned your com...

Hacking via BackTrack using SET Attack Method Hacking via BackTrack using SET Attack  1. Click on Applications, BackTrack, Exploit Tools, Social Engineering Tools, Social Engineering Toolkit then select set.

MySQL server has gone away for query MySQL server has gone away for query  Solution for “WordPress database error MySQL server has gone away for query …” If you have a WordPress blog and it is hosted on a shared server then you may want to continue reading.. For the past six months or so, my blog has been doing  weird  things.. like timing out, taking ages to load pages, sometimes the login page wouldn’t appear for me, etc.. Just random events occurring now and then.. or so I thought. Also my CPU utilisation was going through the roof, resulting in warnings from my  web host  to reduce it, or else risk my site going offline. So I decided to dig a bit deeper to try to find out the root cause of these issues. Error Log After logging into my website one day I noticed an  error_log  in the  /public/html  directory, So I opened it up to see what it contained, I was quite shocked when I discovered th...