LFI/RFI testing and exploiting with fimap

fimap is currently under development but still usable. Feel free to test it! This document and tool is not recommend for people who doesn’t know what LFI/RFI is. If you know what it is, it might be a handy tool for you. Table of Contents 0. Introduction [a] What is fimap? [b] Let’s go. 1. […]

Rooting webhost

r00ting a webhost Introduction: Well taking over a host isnt as easy as you may think. There is a fairly big process involved and a lot of fidiling around. Below I will show you how to execute a Local Root Exploit successfully to gain r00t-acesss 😛 Step 1. In this step we will need to […]

Physical Access is total Access

Hacking Your Computer – Physical Access is Total Access Table of Contents -Disclaimer -Introduction Part 1: Gaining Access -LiveCDs -Windows Option 1: Cracking the Password -Windows Option 2: Circumventing the Password -Windows Option 3: Utilman privilege escalation exploit -MacOSX: Single User Mode -Linux: /etc/passwd and /etc/shadow Part 2: Exploiting the System -Harvesting Information -Backdoors and […]

SQL Commandos (usefull for injections)

Here is a list of SQL commands and what they do, these would be used in some injection methods and of course legitimate sql functions. On thier own they wont exploit anything but eventually youl find an exploit that needs these and they are good to know for injection or just to better understand how […]

Methods of Making Your Trojans/Bots F/Undetecable

1. Crypters/Binders. This is By far the most Common Way to Make Your Trojan Undetectable. Almost everyone Who Makes There Trojans Undetectable Uses a Public Crypter, My First Public Crypter, was “Deamon Crypt” I’m sure almost everyone has used that, at least once. As Most of you know, Public Crypters are useless, Unless there Released […]