Kwelwild

Description: Shellcode from public resources might not always be "ready for immediate use" - In many cases the author of the shellcode might have left placeholders for modification. If you do not know how to look into and make these modifications then the shellcode would be useless to you. Here is one case: Linux/x86 - Remote file Download - 42 bytes In this video, we first analyze the shellcode and see that it uses execve to run wget with the URL to download. The shellcode author has hardcoded the URL as "aaaa" which would be useless if you were a copy-paste person We understand how the shellcode functions and use Python shortcuts to create the shellcode for the file name to download. This video is a quick and dirty guide to modifying shellcode Enjoy and Let me know your comments. This free video is sponsored by SecurityTube Certifications: SecurityTube Trainings Surs?: Hack Of The Day: Customizing Shellcode For Fun And Profit

Acum depinde ?i de calitatea membrilor. Mul?i i?i fac cont, nu respect? regulamentul ?i ne p?r?sesc. Mai bine 10 buni, decât 50 de inactivi.

Description: In this video i will show you how to use Nikto for Web Application Vulnerability Scanning. Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated. Nikto2 | CIRT.net Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Sursa: Web App Scan Using Nikto

Description: In this video i will show you how to exploit PHP-CGI Vulnerability (CVE-2012-1823 ) using Metasploit Framework. Vulnerable ISO : - https://www.pentesterlab.com/cve-2012-1823/cve-2012-1823.iso This exercise explains how you can exploit CVE-2012-1823 to retrieve the source code of an application and gain code execution. PDF : - https://www.pentesterlab.com/cve-2012-1823/cve-2012-1823.pdf The bug The bug is due to an error on how the URI is used and provided to PHP CGI when a URL lacks = sign (typically used to separate parameter's name and value. Basically, the URI is passed to the php-cgi binary without enough filtering or encoding allowing an attacker to pass extra-argument to php-cgi command line. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Metasploit Exploiting Cve-2012-1823

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any harmful attacks. http://www.youtube.com/watch?feature=player_embedded&v=P8W2lERiPh4#at=471 Link for download: Downloads - web-sorrow - a versatile security scanner for the information disclosure and fingerprinting phases of pentesting. written in perl - Google Project Hosting Surs?: YouTube

Este un nologin. Folose?te un program de conectare (un Client SSH) ca s? vezi dac? func?ioneaz?.

De la Samsung i?i recomand S1. ?i Iphone se aude frumos dar e problem? cu bateria, cel pu?in eu vreau s? m? ?in? mai mult de o zi.

PM Status: Sent!

Salutare tututor. S? începem cu începutul. M? numesc Marian, am 15 ani (inca cresc) ?i sunt un român din Romania. Momentan sunt clasa a 9-a (cu ce am în cap poate a 10-a). Cuno?tin?e: Vulnerability: SQLi, LFI/RFI, XSS; Programming: Python, SQL/MySQL, HTML, C++. Toate acestea rezumându-se la medium. 'Specializ?ri': In afar? de ce am specificat mai sus: Jocuri de noroc, burn, colla, /etc. 'Relatii': Nu cunosc pe nimeni pe aici dar prietenii se fac în timp. The end: Sper c? o s? ne in?elegem bine.