Developer Tips & Hints

Code :  http://pastebin.com/PKdbyT0A Database for mysql : http://downloads.mysql.com/docs/world_innodb.sql.zip

Apache Apache is the web server that is typically utilized by cPanel.  On cPanel servers Apache does write to a rather high number of logs as each site has its own traffic log. The access_log is used to log all http requests to ether the hostname of the server, requests directed at the servers IPs, or sites that resolve to the server but are no longer hosted on it. On cPanel servers all Apache errors, regardless of site, are logged in the error_log.

Method 1 -  Through FTP There is also an easy way to reset your password via FTP, if you're using the admin user. 1. Login to your site via FTP and download your active theme's functions.php file. 2. Edit the file and add this code to it, right at the beginning, after the first wp_set_password('password',1); Put in your own new password for the main admin user. The "1" is the user ID number in the wp_users table. 3. Upload the modified file back to your site. 4. After you then are able to login, make sure to go back and remove that code. It will reset your password on every page load until you do. Wordpress MD5 Genarator : http://www.insidepro.com/hashes.php Method 2 -Run This PHP Script :)

1. Use a strong password Minimum password recommendations: - At least 8 characters total - Mixture of upper and lower-case letters - Numbers, punctuation or other non-alphanumeric characters Example weak password: secret1 Improved strong password: Z#hupsZ2M4!Z 2. Change default WordPress admin username When installing WordPress by default the administrator user has the username of admin. The botnet attack is currently only targeting this default username, so even having an administrator username of admin123 could signifiantly reduce the likilhood of your site being succesfully logged into by a malicious user. 3. Lock down WordPress admin access with .htaccess Utilizing a WordPress brute force plugin for this type of attack is not very efficient, and in some cases can actually lead to your site becoming unavailable due to the large amount of processing power used to attempt to challenge each and every malicious login attempt. Instead you should rely on the informat

The information is to be used for educational purposes only. I’m not responsible for any misuse of this information. The following is meant to help you develop a cracking defensive attitude to prevent such attacks. In no way should you use this information to cause any kind of damage directly or indirectly. I started writing a Python script for brute forcing WordPress’ login page. Then I found this script by PuRiCeL .

This is nice tutorial to make laser flashlight from Youtube :) 

HACKING TUTORIAL PDF'S arp_spoofing_intro.pdf 30-May-2005 19:08 29K arp_spoofing_slides.pdf 30-May-2005 19:08 124K buffer_overruns.pdf 30-May-2005 19:09 663K cheating_chap.pdf 30-May-2005 19:09 477K cross-site_tracing.pdf 30-May-2005 19:10 774K crt_optical_tempest.pdf 30-May-2005 19:10 400K ddos_attacks_info.pdf 30-May-2005 19:10 98K etherleak_report.pdf 30-May-2005 19:11 282K fingerprint_scanners.pdf 30-May-2005 19:13 1.2M optical_tempest.pdf 30-May-2005 19:12 346K session_fixation.pdf 30-May-2005 19:12 356K ssh-timing.pdf 30-May-2005 19:13 362K wep_analysis.pdf 30-May-2005 19:13 148K wireless-ids.pdf 30-May-2005 19:13 38K wireless_auditing.pdf 30-May-2005 19:13 113K wlan_macspooof_detection.pdf 30-May-2005 19:13 79K

Security Tags How it works http://www.youtube.com/watch?v=mVfz3hLx4Tk