Analyser_

Ah again the same mistake you don't <<Hack>> the remote you need the Id and the Password ;)

Ah great!

You mean a rat :)

Pikatchu Pikatchuuuuuuuuuuuuu fuck yeahhhhhhhhh!!!!!!!!!!!!!!!

I got 3 years on pokemon developing and I can guarantee you a good section by me :)

WE WANT POKEMON SECTION NOW!!!

I need one

How to Secure Apache Web Server guide added :)

In this tutorial we will see the principles on how to secure our Apache Web Server. The Apache HTTP Server has a good record for security but there are some basic things we can do to make Apache a more secure Web server. About Apache HTTP Server. The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, featureful, and freely-available source code implementation of an HTTP (Web) server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. This project is part of the Apache Software Foundation. In addition, hundreds of users have contributed ideas, code, and documentation to the project. (Note: For the Purpose of this tutorial we will use BackBox (Based on Ubuntu) as OS and Apache2. There are no guarantees or absolutes for Apache security things, so proceed at your own risk.) First let’s locate in which directory Apache running by typing the following command: ps -ef | grep apache root 1443 1 0 16:57 ? 00:00:00 /usr/sbin/apache2 -k start root 2741 2118 0 18:21 pts/0 00:00:00 grep apache www-data 5569 1443 0 17:06 ? 00:00:00 /usr/sbin/apache2 -k start As we can see typing the above command Apache appears to be running in the following directory /usr/sbin/apache2 (Note: Directory may differ from yours. Depends on the installation process if you change the destination folder during that and from the OS that is used.) Next let’s take some important information about Apache like version and which file we will modify (httpd.conf, apache2.conf, etc). We can use a lot of ways to get a couple of information about the web server. So, on terminal we type one of the following ways: curl -I [url=http://www.example.com]www.example.com[/url] or /usr/sbin/apache2 -V or apache -V (Note: With or without directory we take the same information. If we use -v instead of -V we get only the Server Version/built information.Change the directory with yours if differs) Server version: Apache/2.2.16 (Debian) Server built: Apr 1 2012 06:40:08 Server's Module Magic Number: 20051115:24 Server loaded: APR 1.4.2, APR-Util 1.3.9 Compiled using: APR 1.4.2, APR-Util 1.3.9 Architecture: 32-bit Server MPM: Prefork threaded: no forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/etc/apache2" -D SUEXEC_BIN="/usr/lib/apache2/suexec" -D DEFAULT_PIDLOG="/var/run/apache2.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="mime.types" -D SERVER_CONFIG_FILE="apache2.conf" As we can see current version of Apache is 2.2.17, if not install/update the latest one. Also the line -D HTTPD_ROOT=”/etc/apache2″ specifies the location of the httpd.conf file and on line -D SERVER_CONFIG_FILE=”apache2.conf” we can verify in which file we ‘ll make the changes. (Note: If the file on line -D SERVER_CONFIG_FILE= differs; you will make the changes to this one) (Note: The httpd.conf file may be empty if your try to open it) Set the right User:Group First we open the apache2.conf file and we make sure that the lines User Group are set to User apache Group apache Hiding and modifying Apache server information Next an important think is to disable a couple of information like (Apache Version, OS configurations, Php configurations) that appears on broken pages To hide this information we must add the following options. # ServerSignature Off means that Apache will not display the server version # on error pages, or in other pages that generates. ServerSignature Off # ServerTokens Prod tells apache to only return Apache in the Server header, # returned on every page request. ServerTokens Prod (Note: If you are using Debian or Ubuntu as OS you must do the above changes to the file /etc/apache2/conf.d/security otherwise or in apache2.conf or in httpd.comf file, it depends which OS are you using) Hide PHP Version Next we will modify the php.ini file. On terminal type: nano /etc/php5/apache2/php.ini and find and change the expose_php to off expose_php = Off Protecting System Settings and Server Files Stop users from setting up .htaccess files which can override security features you’ve configured adding the following lines to the server configuration: <Directory /> AllowOverride None </Directory> Next will disable access to the entire file system except for the directories that are explicitly allowed later. <Directory /> Order Deny,Allow Deny from all </Directory> Next will allow access to the specific directories prohibiting default access to the filesystem locations. <Directory "/webdirectory"> Order Deny,Allow Allow from all </Directory> <Directory "/var/www/*"> Order Allow,Deny Allow from all </Directory> (Note: <Directory /*/public_html> will not match /home/user/public_html, but <Directory /home/*/public_html> will match.) Restricting Access by IP To restrict access by ip add the following lines: Order Deny,Allow Deny from all Allow from 127.0.0.1 Turn off .htaccess You can do that by adding the following line inside a Directory blog. AllowOverride None

Should this be on request?

Not a hacking thread it should be moved to general guides.

You can give me a pm for more info :)

That's better ;) edit your tittle and text :)

Simple guide of how to hack and site with SQL. First change the tittle to : How to hack a website with Sql Injection. Second Sql is not a hacking tool is just a type of database so "This is an simple guide of how to hack an website with SQL." this don't make sense. We live in 2012 you need something better. :) Give me a pm if you want I can help you a bit .

You can't make a site vulreneable. ;) Scan what? With What?

Yeap that's how it's called doxing because it's a methode to get informations from common mistakes :)

Thanks I will update this guide when I got more free time :)

How are a smartass :D I am not asking you to tell me what a trojan or an injection is but why to share a trojan ;) and how to share an injection you mean tools and guides on how to do Injections ;)

What do you mean hacking cellphones how to do jail break etc? or?

Probelm with images fixed.

:) haha I will agree with you btw this methode is working to almost every single internet cafe.

Ok np but what is a trojan and an injection to share it? :S

Αυτόν τον ιό τον δημιούργησαν αρχικά 2 Ρώσοι μετέπειτα τον εξέλιξε μια ομάδα Ελλήνων Hacker οι οποίοι τον έβαλαν σε updates που κάνει το flash player κάποιον site πορνογραφίας.

Send me the name of the keylogger via pm and the way you deleted it.

Can I have a list on pm with general vurlns server got?