LFI/RFI testing and exploiting with fimap
fimap is currently under development but still usable. Feel free to test it! This document and tool is not recommend for people who doesn’t know what LFI/RFI is. If you know what it is, it might be a handy tool for you. Table of Contents 0. Introduction [a] What is fimap? [b] Let’s go. 1. [...]
Rooting webhost
r00ting a webhost Introduction: Well taking over a host isnt as easy as you may think. There is a fairly big process involved and a lot of fidiling around. Below I will show you how to execute a Local Root Exploit successfully to gain r00t-acesss Step 1. In this step we will need to backdoor [...]
Physical Access is total Access
Hacking Your Computer – Physical Access is Total Access Table of Contents -Disclaimer -Introduction Part 1: Gaining Access -LiveCDs -Windows Option 1: Cracking the Password -Windows Option 2: Circumventing the Password -Windows Option 3: Utilman privilege escalation exploit -MacOSX: Single User Mode -Linux: /etc/passwd and /etc/shadow Part 2: Exploiting the System -Harvesting Information -Backdoors and [...]
SQL Commandos (usefull for injections)
Here is a list of SQL commands and what they do, these would be used in some injection methods and of course legitimate sql functions. On thier own they wont exploit anything but eventually youl find an exploit that needs these and they are good to know for injection or just to better understand how [...]
Methods of Making Your Trojans/Bots F/Undetecable
1. Crypters/Binders. This is By far the most Common Way to Make Your Trojan Undetectable. Almost everyone Who Makes There Trojans Undetectable Uses a Public Crypter, My First Public Crypter, was “Deamon Crypt” I’m sure almost everyone has used that, at least once. As Most of you know, Public Crypters are useless, Unless there Released [...]
Cracking WPA FAST with video cards!
By now, pretty much everyone has heard that it is easy to hack into WEP protected networks. As we have seen in our Cracking WEP article, it is terribly easy. (There have been advances in cracking WEP since that article was published, it is even easier now) Yeah, WiFi is inherently insecure, but we need [...]
Hacking Your Computer – Physical Access is Total Access
Hacking Your Computer – Physical Access is Total Access Table of Contents -Disclaimer -Introduction Part 1: Gaining Access -LiveCDs -Windows Option 1: Cracking the Password -Windows Option 2: Circumventing the Password -Windows Option 3: Utilman privilege escalation exploit -MacOSX: Single User Mode -Linux: /etc/passwd and /etc/shadow Part 2: Exploiting the System -Harvesting Information -Backdoors and [...]
Exploit-DB Updates
- [webapps] - MOAUB #3 - Visinia 1.3 Multiple Vulnerabilities September 3, 2010
- [remote] - Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution September 3, 2010
- [webapps] - Shop a la Cart Multiple Vulnerabilities September 2, 2010
- [remote] - Backdoor password in Accton-based switches (3com, Dell, SMC, Foundry and EdgeCore) September 2, 2010
- [shellcode] - Shellcode Checksum Routine September 2, 2010
