LDAP Injection Vulnerabilities

LDAP Injection Overview LDAP Injection attacks are not as common as the other types of injection attacks, but if your product uses an LDAP server this must be tested. An LDAP Injection could occur anywhere that the underlying code could use some type of input for any ldap searches, queries, or any other ldap function.Example […]

Basic MS-DOS commands

ADDUSERS – Add or list users to/from a CSV file ARP Address – Resolution Protocol ASSOC – Change file extension associations ASSOCIAT – One step file association AT – Schedule a command to run at a later time ATTRIB – Change file attributes BOOTCFG – Edit Windows boot settings BROWSTAT – Get domain, browser and […]

Winsock tutorial

Just a little something I have been writing on and off. It was originally meant to be a collaboration of two of my prior tutorials, however, I’m starting to find it a bit ludicrous to post a tutorial on “Making Trojans in C++” so I guess I won’t really update it so it fits the […]

Log Poisoning

Log poisoning is a technique that not many know about. this technique works only if you can make an LFI of the page. if we say that you call index.php, which is vulnerable to LFI and writes index.php? inc =../../../ var / www / logs / access.log So you see that it will produce a […]

XSS Injection Vulnerabilities

Cross Site Scripting Overview Cross Site Scripting vulnerabilities are sometimes referred to XSS or CSS vulnerabilities. Typically XSS is preferred over the use of CSS. CSS typically refers to the Cascading Style Sheet commonly used in website design. XSS vulnerabilities are a dangerous type of attack. Especially since the sudden infusion of the Internet and […]