Jump to content

Kwelwild

Active Members
  • Posts

    638
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by Kwelwild

  1. Acum depinde ?i de calitatea membrilor. Mul?i i?i fac cont, nu respect? regulamentul ?i ne p?r?sesc. Mai bine 10 buni, decât 50 de inactivi.
  2. Description: In this video i will show you how to use Nikto for Web Application Vulnerability Scanning. Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated. Nikto2 | CIRT.net Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Sursa: Web App Scan Using Nikto
  3. Description: In this video i will show you how to exploit PHP-CGI Vulnerability (CVE-2012-1823 ) using Metasploit Framework. Vulnerable ISO : - https://www.pentesterlab.com/cve-2012-1823/cve-2012-1823.iso This exercise explains how you can exploit CVE-2012-1823 to retrieve the source code of an application and gain code execution. PDF : - https://www.pentesterlab.com/cve-2012-1823/cve-2012-1823.pdf The bug The bug is due to an error on how the URI is used and provided to PHP CGI when a URL lacks = sign (typically used to separate parameter's name and value. Basically, the URI is passed to the php-cgi binary without enough filtering or encoding allowing an attacker to pass extra-argument to php-cgi command line. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Metasploit Exploiting Cve-2012-1823
  4. Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any harmful attacks. http://www.youtube.com/watch?feature=player_embedded&v=P8W2lERiPh4#at=471 Link for download: Downloads - web-sorrow - a versatile security scanner for the information disclosure and fingerprinting phases of pentesting. written in perl - Google Project Hosting Surs?: YouTube
  5. Kwelwild

    Intrebare

    Este un nologin. Folose?te un program de conectare (un Client SSH) ca s? vezi dac? func?ioneaz?.
  6. De la Samsung i?i recomand S1. ?i Iphone se aude frumos dar e problem? cu bateria, cel pu?in eu vreau s? m? ?in? mai mult de o zi.
  7. PM Status: Sent!
  8. Kwelwild

    Salut

    Salutare tututor. S? începem cu începutul. M? numesc Marian, am 15 ani (inca cresc) ?i sunt un român din Romania. Momentan sunt clasa a 9-a (cu ce am în cap poate a 10-a). Cuno?tin?e: Vulnerability: SQLi, LFI/RFI, XSS; Programming: Python, SQL/MySQL, HTML, C++. Toate acestea rezumându-se la medium. 'Specializ?ri': In afar? de ce am specificat mai sus: Jocuri de noroc, burn, colla, /etc. 'Relatii': Nu cunosc pe nimeni pe aici dar prietenii se fac în timp. The end: Sper c? o s? ne in?elegem bine.
×
×
  • Create New...