Friday, 2. September 2011
Step by Step guide for LFI (Local File Inclusion)
This tutorial will guide you into the process of exploiting a website thru the LFI (Local File Inclusion).

Source
http://pastebin.com/ssSAVmcR

by
Amarjit Singh

Permalink

 


eBuddy Web Messenger - XSS
eBuddy Web Messenger suffers from an encoded-Persistent XSS vulnerability in the messaging function. (while sendingA message with embedded code to another authorized user in eBuddy WebMessenger).

Exploit example
Plain XSS (Not going to store, nor execute)
alert('eBuddy Persistent XSS');
Encoded
text=%3Cscript%3Ealert%28'eBuddy%20Persistent%20XSS'%29%3C/script%3E
[*] The attacker sends the encoded embedded code in an IM message.

[*] The victim receives the message with the encoded embedded code and it executes on the victims browser.

by
Warv0x

Permalink

 


The Hacker News Magazine September Issue
1. Access to computers should be unlimited and total.
2. All information should be free.
3. Authority should be mistrusted and decentralization promoted.
4. Hackers should be judged solely by their skills at hacking, rather than by race, class, age, gender, or position.
5. Computers can be used to create art and beauty.
6. Computers can change your life for the better.
The understanding of “Hacker Ethics” has three main functions:
1. It promotes the belief of individual activity over any form of corporate authority or system of ideals.
2. It supports a completely free-market approach to the exchange of and access to information.
3. It promotes the belief that computers can have a beneficial and life-changing effect.


Download
http://theevilhackerz.com/THN-Sep2011.rar

Permalink