Hacked Joomla! v. [1.6.x] [1.7.x] [2.5.0-2.5.2] - Escalation of Privileges

This vulnerability allows us to escalate privileges joomla for registering a new user, for 1.6.x/1.7.x versions have not been issued so far no patch versions and 1.0.x/1.5.x/2.5.3 + are not vulnerable. but for our comfort the v. 1.5.x (which is not patched) joomla has the well-known bug of the token, you can change the admin pass, well that's another topic.




Let us focus on our own and

DNS Changer ทำงานยังไงกันแน่

เป็นประเด็นค่อนข้างมากกับเรื่อง Malware ที่ชือว่า DNS Changer วันนี้ขอหยิบยกมาพูดหน่อยละกันครับ

ก่อนที่จะรู้ว่า DNS Changer ทำงานยังไง เรามาดูก่อนดีกว่าว่า DNS คืออะไรครับ

DNS คืออะไร
โดยปกติแล้วการเข้าไปใช้งานเว็บไซด์ต่างๆ จะไม่ได้ติดต่อกันด้วยชื่อของเว็บไซด์อย่าง www.facebook.com, www.google.com หรอกนะ เพราะการเชื่อมต่อเน็ตเวิร์คต่างๆทำด้วย IP Address ส่วนชื่อเว็บไซด์(domain name)

How to convert CHM files into PDF files in Ubuntu

In the Ubuntu, chm2pdf is a Python script that converts CHM files into PDF files.




 
1. Install chm2pdf in ubuntu and another required application$sudo aptitude install chm2pdf python-chm pdftk htmldoc

2. Use the command chm2pdf
$ chm2pdf --book file.chm

3. you will receive file.pdf.

If you like my blog, Please Donate Me




One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

Interesting exploit, Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service

If you want to see the exploit code, please go to the Source.


# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core

Using beef plugin with Metasploit

1. Run the beef service
$/pentest/web/beef/beef -x -v

2. In another console, Run the Metasploit Console
$msfconsole

3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git

4. Move file beef.rb to msf/plugins and lib/beef to msf/lib

5. Install hpricot gem
$gem install hpricot

6. In the Metasploit console,

Portsplit - Use multiple service in the same port.

Simple TCP port multiplexer (or "port splitter").

Just run "make" to compile. Binary will be in
"src" directory.

See example config file in examples directory.
 
 

Source: https://github.com/kheops2713/portsplit

If you like my blog, Please Donate Me




One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

Browsers Anti-XSS methods in ASP (classic) have been defeated!

If you want to see full article,please go to the Source.

Browsers Anti-XSS methods in ASP (classic) have been defeated!This time, I want to start with the summary section first to break the rules!SummaryThe intention of this paper is to prove the client-side XSS protection methods must have rules for different web application languages, otherwise they will be bypassed. This research is based on

ภัยที่เรียกว่าคนกลาง