Difference between revisions of "Beberapa Tip Hacking"

• Metoda serangan jaringan komputer secara umum
• Menjalankan Exploit Source Code untuk Pemula dari LiveCD Backtrack
• Membuat Script Indonesia Jaya Tembus Password
• Wireless Hacking
• Mengenal Serangan Man-in-The-Middle MITM
• Buffer Overflow
• Copy Pentest Backtrack
• http://hendrasiahaan.wordpress.com/2010/03/24/11-kelemahan-yang-kerap-tidak-disadari-admin-jaringan/
• http://artikel.xcode.or.id/mengirim-ratusan-wall-facebook-dengan-cepat/
• TuxCut
• Mengirimkan e-mail menggunakan telnet, tanpa bantuan software apapun

Pengetahuan Umum

• Dunia Bawah Tanah di Internet
• Gerandongteam

Tools

• http://backtrack.offensive-security.com/index.php/Tools - daftar tool hacking
• http://exploit-id.com/ - Tempat Kumpulan Exploit Indonesia ..
• Instalasi Aplikasi Backtrack di Ubuntu

Serangan Ke Windows

• Remote Desktop Tanpa Menyentuh Komputer yg Di remote
• Keylogger canggih: Merekam ketukan keyboard target tanpa menyentuh komputernya
• Masuk ke DOS di Windows melalui Jaringan
• 3 Tahap Membuka Password Windows dengan Ubuntu
• http://www.ilmuhacking.com/web-security/menjaring-password-dengan-firefox-sniffer/
• http://blog.cyber4rt.com/software/download-keylogger-terkecil-di-dunia - MRHPx Key Logger v1.8 (PUBLIC VERSION)
• Meng-Hack Password Komputer XP/VISTA/WIN7

Scanner

• nmap
• Vega Vulnerability Scanner

XSS Scanner

• http://www.acunetix.com/cross-site-scripting/scanner.htm

Web Security

• Menangkal Serangan XSS
• TEKHNIK MENANGKAL SERANGAN XSS
• MITM Attack on Mandiri Internet Banking using SSLStrip
• http://www.ilmuhacking.com/web-security/memahami-cara-kerja-token-internet-banking/
• http://www.ilmuhacking.com/cryptography/memecahkan-kriptografi-dengan-chosen-plaintext-attack/
• http://www.ilmuhacking.com/web-security/membuat-web-dengan-otentikasi-berbasis-token/
• http://www.ilmuhacking.com/web-security/berburu-direktori-dan-file-sensitif-dengan-dirbuster/
• Sniffing SSL Traffic using oSpy
• Sniffing SSL Traffic using oSpy

• http://blog.cyber4rt.com/security/tekhnik-menangkal-serangan-sql-injection-pada-website-anda

DDOS Apache

• http://tanyarezaervani.wordpress.com/2011/09/02/artikel-khusus-menyerang-server-dengan-apache-killer/
• http://tanyarezaervani.wordpress.com/2011/09/02/berita-185-apache-http-server-2-2-20-perbaiki-dos-vulnerability/
• http://tanyarezaervani.wordpress.com/2011/09/02/koleksi-exploit-apache-killer/
• http://tanyarezaervani.wordpress.com/2011/09/02/koleksi-exploit-2-alternatif-apache-killer/

Web Attack

• sqlmap: intro

Sniffing

• Instalasi Wireshark
• http://awarmanf.wordpress.com/2010/04/29/tcpdump-dan-wireshark-untuk-sniffing-network/
• http://workaround.org/using-tcpdump-and-wireshark
• http://www.alexonlinux.com/tcpdump-for-dummies
• http://acs.lbl.gov/~jason/tcpdump_advanced_filters.txt
• http://blog.cyber4rt.com/video/facebook-sniffer-on-android/
• Script untuk sniffing password dan data di lan/wlan menggunakan ettercap, sslstrip, urlsnarf

Sniffing / Pentest VoIP

• http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP

Spoofing

• DNS Spoofing Dengan Scapy

SQL Injection

SQL Injection Tutorial

• http://www.stmik-im.ac.id/userfiles/TEHNIK%20SQL%20INJECTION.pdf
• http://www.sekuritionline.net/plugins/p2_news/printarticle.php?p2_articleid=7
• http://www.binushacker.net/simple-sql-injection-tutorial.html
• http://fairuz.web.id/kumpulan-google-dork-untuk-sql-injection-deface-website-lewat-google.html
• http://blog.cyber4rt.com/hacking/tutorial-sql-injection-step-by-step-for-dummies
• sqlmap: memperoleh password database sql
• sqlmap: tutorial
• sqlmap: contoh vurneable php code
• https://www.owasp.org/index.php/Code_Injection
• http://www.breakthesecurity.com/2010/12/hacking-website-using-sql-injection.html

SQL Injection Software

• http://www.itsecteam.com/en/projects/project1.htm - Havij
• http://www.itsecteam.com/en/projects/project1_page2.htm - Havij Download
• http://linuxpoison.blogspot.com/2008/04/sql-injection-tool-sqlninja.html
• http://sourceforge.net/projects/sqlninja/files/
• http://sourceforge.net/projects/wapiti/
• http://sourceforge.net/projects/spinj/
• http://sourceforge.net/projects/paros/
• http://sourceforge.net/projects/w3af/
• http://sourceforge.net/projects/sqlmap/
• http://sourceforge.net/projects/hexjector/
• http://sourceforge.net/projects/joomscan/

Belajar Menangani SQL Injection

• http://dasunhegoda.com/php-security-fail-vulnerable/466/
• http://dasunhegoda.com/php-security-fail-vulnerable-2/490/
• http://www.breakthesecurity.com/2011/12/set-up-your-own-lab-for-practacing-sql.html
• http://www.dvwa.co.uk/

Cellular / Mobile Hacking

• http://www.neopwn.com
• http://www.neopwn.com/software.php

Wordlist

• http://indobacktrack.or.id/content.php?302-Membuat-Wordlist-Dengan-TWOFI-di-Backtrack

SQLmap

• http://c-i-a-m-i-s.net/exploit/sql-map-os-shell.asp
• https://github.com/sqlmapproject/sqlmap/wiki/Presentations
• https://github.com/sqlmapproject/sqlmap/wiki/Introduction
• https://delicious.com/inquis/sqlinjection
• http://egodox.blogspot.com/2013/04/hack-website-using-sqlmap-sql-injection.html
• http://www.binarytides.com/sqlmap-hacking-tutorial/
• http://hackonadime.blogspot.com/2011/07/sqlmap-introduction-sql-injection.html

Forum

• http://indobacktrack.or.id/forum/
• http://forum.binushacker.net/
• http://forum.hacker-cisadane.org/

Buku & Tutorial

• Buku Jasakom
• http://www.offensive-security.com/backtrack-tutorials.php
• http://pustaka.xcode.or.id

Echo ezine

echo|zine issue #20 ( Pebruari 2009 )

1. Introduction .................................................. y3dips
2. Pseudo-random .............................................. anonymous
3. Interview with Onno W Purbo......................................az001
4. What`s goin on echo forum ............................anonymous-co-ed
5. Intercepting Library Call ............................ mulyadi santosa
6. Caesar Shift Cipher............................................... Rey
7. ARPWall; Konsep dan Pembuktian ............................... y3dips
8. Encryption: Algoritma Combo .................................... jackD
9. Prophile on Jck.mrshl ................-----................. echostaff
10. Enkripsi dan Dekripsi dengan Fungsi Mcrypt di PHP............ monqichi
11. Salty Py; Password Salt Bruteforcer .. sheran gunasekera & selwin ong
12. Anti-Forensic; Seek and Destroy .............................jck.mrshl
13. Hacker LogBook....................................lirva 32; x-diamond1

echo|zine issue #19 ( Agustus 2008 )

1. Introduction .................................................. y3dips
2. Pseudo-random .............................................. anonymous
3. idsecconf ................................................. echo|staff
4. Digital Signature secara gampangnya ......................... mamasexy
5. cryptography : Simple a-symetric algorithm................. x-diamond1
6. Prophile on CyberTank .................................... echo|staff
7. Prophile on lirva32 ...................................... echo|staff
8. Whats Goin On Echo Forum ....................................... az001
9. Bailiwicked DNS Attack (Cache Poisoning) .................... Cyberheb
10. Scapy: obrak-abrik paket data ................................. y3dips
11. Hacker LogBook ........................................ various artist

Referensi Menarik

• http://www.echo.or.id
• http://ezine.echo.or.id/ezine-index.html
• http://www.jasakom.com
• http://www.remote-exploit.org
• http://blog.cyber4rt.com - It's all about 4rt, not how smart you are
• http://www.xnuxer.or.id
• http://www.hacker-cisadane.org
• http://www.ilmuhacking.com
• http://indobacktrack.or.id/forum/ - forum backtrack
• http://www.backtrack-linux.org
• http://indobacktrack.or.id/
• http://id-backtrack.com/
• http://www.chinapage.com/sunzi-e.html - SunTsu the Art of War
• http://www.hackforums.net
• http://www.exploit-db.com
• http://devilzc0de.org/forum/
• http://sumatrahacker.or.id
• http://www.exploit-id.com/
• http://balicoder.org/

Repository

• http://www.hacktoolrepository.com/

Pentest LiveCD

• Backtrack
• GnackTrack
• Ubuntu Pentest Edition
• Samurai Pentest
• BackBox
• Kali Linux

Pranala Menarik

• Linux Howto
• Hacking: Komunitas Underground
• Hacking: Orek-Orekan Demo Hacking
• Hacking: Catatan Hack HP Android