Nytro

Ce va mai place sa comentati aiurea... Daca nu va intereseaza, nu postati. Ramaneti la McDonalds.

Da, e smechera dracia aia, web shell rapid

You are za best! Thanks!

Nu stiu daca s-a mai postat: Criza refugia?ilor e de fapt o invazie musulman? organizat? | NapocaNews

O sa fie si un workshop de web security: https://www.owasp.org/index.php/OWASP_EEE_Bucharest_Event_2015#tab=Agenda Daca sunteti interesati, sau aveti prieteni care lucreaza pe web, vi-l recomand.

Asta as vrea si eu sa inteleg. Ce as putea face cu un astfel de cont?

My first Defcon experience Defcon is a meta-conference which anyone passionate by IT security should attend. It is more than a conference, it is the heaven of hackers and security professionals, a place where definitely you will find something both cool and useful, even if you are interested in web security, reverse engineering, social engineering, hardware, lock-picking, Internet of Things or car-hacking topics. Articol: My first Defcon experience – Security Café Cate poze si pareri despre conferinta. Din pacate, nu am apucat sa vad tot ce era acolo. Sper sa ajung si la anul.

Lame.

Daca e adevarat, e doar un motiv in plus sa il folosesc. Oricum, din declaratiile lor, am inteles ca diverse firme de AV le foloseau semnaturile. Le furau. Deci mi s-ar parea o razbunare geniala.

[h=1]IP.Board 4.X - Stored XSS[/h] # Exploit Title: IP.Board 4.X Stored XSS # Date: 27-08-2015 # Software Link: https://www.invisionpower.com/ # Exploit Author: snop. # Contact: http://twitter.com/rabbitz_org # Website: http://rabbitz.org # Category: webapps 1. Description A registered or non-registered user can create a calendar event including malicious JavaScript code who will be permanently stored in the pages source. 2. Proof of Concept http://URL_TO_FORUM/calendar/submit/?calendar=1 POST: Affected Paramter: event_location[address][] 3. Solution Update to version 4.0.12.1 https://community.invisionpower.com/release-notes/40121-r22/ Disclosure Timeline 27.07.15: Vendor notified 05.08.15: Fix released 27.08.15: Public disclosure Sursa: https://www.exploit-db.com/exploits/37989/

bot/gate.php Doesn't look like "educational purposes".

Beleth - Dictionary based SSH cracker Usage: ./beleth [OPTIONS] -c [payload] Execute payload on remote server once logged in -h Display this help -l [threads] Limit threads to given number. Default: 4 -p [port] Specify remote port -P [password] Use single password attempt -t [target] Attempt connections to this server -u [user] Attempt connection using this username -v -v (Show attempts) -vv (Show debugging) -w [wordlist] Use this wordlist. Defaults to wordlist.txt Example: $ ./beleth -l 15 -t 127.0.0.1 -u stderr -w wordlist.txt ?????????????????????????????????????????? ? Beleth ? ? www.chokepoint.net ? ?????????????????????????????????????????? [*] Read 25 passwords from file. [*] Starting task manager [*] Spawning 15 threads [*] Starting attack on root@127.0.0.1:22 [*] Authentication succeeded (root:jesus@127.0.0.1:22) [*] Executing: uname -a [*] Linux eclipse 3.2.0-4-686-pae #1 SMP Debian 3.2.46-1+deb7u1 i686 GNU/Linux [*] Cleaning up child processes. Sursa: https://github.com/chokepoint/Beleth

Hacking an aircraft: is it already real? August 26, 2015 Ilja Shatilin In-flight security made quite a lot of headlines earlier this summer, but this time at unusual angle. Aviation has always been focused on safety and had remained the most secure industry that ever existed. However, the buzz was about another aspect of security — the one quite surprising for an average passenger and quite expected for an IT specialist. It’s not a secret that today’s aircraft are one huge computer, with the pilot being more of a PC operator rather than of an actual ‘ace’ pilot — he handles a single task of supervising smart machinery. An orientation pilot and a panel operator are no more, fully replaced by computers. As it turned out that those computers are as hackable as the rest. The potential impact of a hacker attack on a plane is devastating: just think of a terrorist who would no longer have to hold passengers hostages, or break into the cockpit. The only thing the culprit would need for him to wreak havoc is a laptop. The wave of panic emerged in spring with the report on on-board Wi-Fi security published by US Government Accountability Office. The relevance between aviation, cybersecurity and GAO remains unclear, yet some media outlets managed to invent a lot of dreadful stories for the common folk: according to a number of publications, terrorists now would be able to hijack planes while sitting with a tablet in the backyard and making target aircrafts land in the same yard. The @USGAO has 168 #security recommendations to improve FAA network security. http://t.co/IwyzS55anS — Threatpost (@threatpost) March 3, 2015 Obviously no one bothered to read the full report: aerophobic people craved for another reason to believe airplanes were the most dangerous means of transportation. At the same time, the report is a terrific bore: it contains pages and pages of claims that since Internet is accessible on board through Wi-Fi and satellite, it’s time the industry thought of securing this channel. An unencrypted 802.11 network is insecure per se, and in this very application it serves as a local network, like the one you have at home or in the office, so someone could log in and hack other devices connected to this on-board network. The possibility of getting access to flight management systems through on-board Wi-Fi is referenced as theoretically plausible, since no one even managed to do that. However, then an extravagant and, obviously, hungry for fame aviation security researcher popped up out of nowhere. Chris Roberts boarded onto a United flight and tweeted: “Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? ” Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? — Chris Roberts (@Sidragon1) April 15, 2015 As a result, upon landing in the destination airport he was approached by strangers who urged him to follow them, as it later turned out, into a dimly lit room with FBI agents. His laptop and tablet were confiscated for further investigation and he was held for questioning for hours. The airline, meanwhile, cancelled his return ticket. The tweet was a joke that was supposed to attract attention to Roberts: he had been dealing with in-flight systems security for a number of years, without particular attention from the industry players. Later during investigation, Roberts admitted he managed to gain control over flight management system for a brief period of time and even was able to change the direction of the flight. Moreover, he revealed the details of the ‘hack': he tampered with in-flight entertainment system by connecting to its bus through a custom adapter. Except for the hacker’s word, there is no proof he actually managed to hijack control over the flight management system. Drawing a different course on the maps broadcasted on the passengers’ multimedia displays and really changing is not the same thing. If the course had really been changed, it would not go unnoticed by pilots and dispatches, which would provide reason enough for a very serious investigation. Hacking an #aircraft: is it already real? #infosec #aviation #security Tweet Digital Security, a Russian security firm, studied 500 flights of 30 different airlines during five years and found out that there are security vulnerabilities on planes, and hackers have tried to exploit them in order to discover the potential of such hacks. If briefly summarized, there are certain entry points in the aircraft’s IT systems which are of interest for culprits: Flight Management System Router of another networking appliance which facilitates communication between systems, for instance, SATCOM, a satellite communication server Multimedia server Terminal multimedia devices An easy target would be a multimedia device, which is built into the seat in front of the passenger. Once it is attacked, a hacker is able to infiltrate its operation system and use it to compromise other systems. There are several ways to execute such an attack. One could leverage a vulnerable USB port to plug in a keyboard emulator and send commands into the system. Or, or instance, it’s possible to exploit a bug in the software responsible for multimedia playback from a thumb drive. Some aircrafts, in addition to USB, have complementary RJ-45 ports, which enable a wider arsenal of hacking tricks on a connected laptop. A savvy hacker would be able to gain control over the entire in-flight multimedia system and even get hold of a multimedia server, which is challenging but feasible. The main thing: some aircrafts feature RJ-45 ports marked as “Private use only.” It’s possible that once connected through this port, a hacker would be able to access critical system elements. There is no evidence of such attack offering access to flight management systems, though. At the same time, there were cases of malfunctioning due to software bugs. Recently, three of four engines of a cargo Airbus failed during takeoff because the calibration data was lost due to incorrect software update, resulting in a crash. Airbus confirms software configuration error caused plane crash http://t.co/cw6IRPZUUW by @thepacketrat — Ars Technica (@arstechnica) June 1, 2015 This happened because programmers did not think of an alert for these types of failures. They did not even think that those configuration files would go amiss: software updates are supposed to check whether configuration files are there. Due to this flaw, the sensor data was interpreted incorrectly; the main computer thought that the affected engines failed and turned them off – software developers did not consider simultaneous failure of more than two engines: with only two functional engines the plane would have continued the flight and successfully performed an emergency landing. A bug was also discovered in Boeing planes: Boeing 787 Dreamliner may suffer from the complete electrical shutdown during the flight: if all four power generators are launched simultaneously and operate incessantly during 248 days, they’d shut down in an emergency mode, leaving the plane in a blackout. US aviation authority: Boeing 787 software bug could cause 'loss of control' http://t.co/fFUqjlR3DX — The Guardian (@guardian) May 1, 2015 The reason of the failure is simple: stack overflow in the internal timer. It’s understandable that such a coincidence is hardly plausible in real life scenarios, but this case may serve the reminder that an aircraft managed by a computer is susceptible to the same flaws as any other computer, including your desktop. So, don’t be surprised once you learn about Kaspersky Inflight Security’s availability on the market. Sursa: https://blog.kaspersky.com/hacking-aircraft-is-it-real/9659/

[h=1]DEF CON 23 - Charlie Miller & Chris Valasek - Remote Exploitation of an Unaltered Passenger Vehicle[/h] Although the hacking of automobiles is a topic often discussed, details regarding successful attacks, if ever made public, are non-comprehensive at best. The ambiguous nature of automotive security leads to narratives that are polar opposites: either we’re all going to die or our cars are perfectly safe. In this talk, we will show the reality of car hacking by demonstrating exactly how a remote attack works against an unaltered, factory vehicle. Starting with remote exploitation, we will show how to pivot through different pieces of the vehicle’s hardware in order to be able to send messages on the CAN bus to critical electronic control units. We will conclude by showing several CAN messages that affect physical systems of the vehicle. By chaining these elements together, we will demonstrate the reality and limitations of remote car attacks. Charlie Miller is a security engineer at Twitter, a hacker, and a gentleman. Back when he still had time to research, he was the first with a public remote exploit for both the iPhone and the G1 Android phone. He is a four time winner of the CanSecWest Pwn2Own competition. He has authored three information security books and holds a PhD from the University of Notre Dame. He has hacked browsers, phones, cars, and batteries. Charlie spends his free time trying to get back together with Apple, but sadly they still list their relationship status as "It's complicated". Twitter: @0xcharlie Christopher Valasek is the Director of Vehicle Security Research at IOActive, an industry leader in comprehensive computer security services. Valasek specializes in offensive research methodologies with a focus in reverse engineering and exploitation. Valasek is known for his extensive research in the automotive field and his exploitation and reverse engineering of Windows. Valasek is also the Chairman of SummerCon, the nation's oldest hacker conference. He holds a B.S. in Computer Science from the University of Pittsburgh. Twitter: @nudehaberdasher

You have the code that does this here: https://github.com/NytroRST/NetRipper Read and understand.

A aplicat cineva la Call for Papers/Presentations?

No. You declare a pointer, an uninitialized pointer, and allocate space based on "strlen(uninitialized pointer)"? @StoneIce: char fname[35] ="Shawn Little"; NOT char* fname[35] ="Shawn Little"; char namez[50]; namez = (char*) malloc(50*sizeof(char)); It is either char namez[50] OR char *namez=(char *)malloc(...) but NOT both. Come on, C is not that complicated. Just RTFM.

In sfarsit un tutorial pe care chiar il citeste lumea. Sau cel putin se uita la poze.

Such security. Much wow. Pentest.

Hacking DefCon 23’s IoT Village Samsung fridge Posted on Tuesday, August 18th, 2015 by Pedro Venda. As well as running the Hacking You Fat: The FitBit Aria workshop at DefCon 23’s IoT Village this year (more on that later) we also thought we’d take on their big fridge challenge: “Can you own our #IoT #Samsung - RF28HMELBSR fridge ::] @_defcon_”. As a team we’re doing more and more IoT research and hacking so this was a great opportunity to work on something we can’t get our hands on in the UK yet. It was a full-on team effort over the course of a day, so I’ve gathered everyone’s notes here. What’s the fridge? In the summer of last year Samsung brought out their RF28HMELBSR smart fridge, the successor to the RF4289HARS from two year previous. The fridge is part of Samsung’s line-up of Smart Home appliances which can be controlled via their Smart Home app. Man in the middle attack Whilst the fridge implements SSL, it FAILS to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. This includes those made to Google's servers to download Gmail calendar information for the on-screen display. So, MITM the victim’s fridge from next door, or on the road outside and you can potentially steal their Google credentials. The notable exception to the rule above is when the terminal connects to the update server - we were able to isolate the URL https://www.samsungotn.net which is the same used by TVs, etc. We generated a set of certificates with the exact same contents as those on the real website (fake server cert + fake CA signing cert) in the hope that the validation was weak but it failed. The terminal must have a copy of the CA and is making sure that the server's cert is signed against that one. We can't hack this without access to the file system where we could replace the CA it is validating against. Long story short we couldn't intercept communications between the fridge terminal and the update server. Google Calendar service The fridge runs Google calendar, so you can set events and generally boss your family around from the fridge screen! It’s a usable feature and one that hasn’t gone without its own share of API update bugs This should have been an excellent route to get content on to the fridge; attaching tags and more to calendar entries. However, as HTML and other mark-up is not interpreted we couldn’t get a foot hold there either. Firmware attack We also looked at the possibility of faking a firmware update to compromise the unit via malicious custom update. We found the URL scheme to download the file, but we still need to find out a number of parameters to complete the URL. These are not secret things, just difficult to guess, like a code name for the model of the device, likely a serial number, etc. TCP services and certificate challenges The fridge's terminal has at least 2 listening services. One on port 4444 (SSL) and one on port 8888. The service on port 4444 requires a client side certificate for most requests, though not all are validated against the client side cert. We suspect this is used by the mobile app and therefore the cert must be located in the mobile app code. The mobile app We pulled apart the mobile app and found what we believe is the certificate inside a keystore. We “believe” we did because it is has a name that suggests this. However, it is correctly passworded and we are yet to extract the password that opens the key store. We think we’ve found the password to the certificate in the client side code, but it’s obfuscated and we haven’t got round to reversing it, yet. Conclusion …and that's how far we got. We wanted to pull the terminal unit out of the fridge to get physical access to things like a USB port and serial or JTAG interfaces, but ran out time. However, we still found some interesting bugs that definitely merit further investigation. The MITM alone is enough to expose a user’s Gmail creds. The fridge STILL isn’t shipping in the UK, nor can we find any other Samsung smart fridges on the market here. Sursa: http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/

[h=1]Native Java Bytecode Debugging without Source Code[/h]12 Feb 2014 Jason Geffner At CrowdStrike, we’ve seen a moderate increase in Java-based malware recently, with Remote Access Tools (RATs) like Adwind becoming increasingly prevalent. Reverse engineering Java is typically very straightforward, since excellent Java binary decompilers have existed for years. Tools like JD-GUI make Java analysis a breeze and do an excellent job at recovering Java binaries’ source code (minus the comments). In cases where we need to dynamically debug Java programs, decompiled Java can be exported from the decompiler and then imported into a Java IDE like Eclipse as part of a new Java project. This allows us to build a project using the decompiled code and then dynamically debug it through the IDE. However, this all goes out the window when dealing with Java bytecode-based obfuscation, as most Java IDEs won’t compile raw JVM instructions, nor allow you to step through these instructions without the original source code. Decompiled Non-Obfuscated Java Decompiled Obfuscated Java The best solution we’ve found for debugging malware’s native Java bytecode is Dr. Garbage’s Bytecode Visualizer. We haven’t seen any thorough walkthroughs on installing and using Bytecode Visualizer, so this blog entry serves as a step-by-step guide on how to dynamically analyze native Java bytecode with Bytecode Visualizer: [h=2]1. Install the Java SE JDK[/h] The Java Standard Edition Development Kit can be downloaded from Oracle’s website at http://www.oracle.com/technetwork/java/javase/downloads/index.html. JDK 7 is currently the latest version and can be downloaded directly from http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html. During the JDK installation, be sure to have the JDK installer install the Public JRE as well if it isn’t already installed: Installation Options [h=2]2. Install Eclipse[/h] The Eclipse IDE for Java Developers can be downloaded from https://www.eclipse.org/downloads/packages/eclipse-ide-java-developers/keplersr1 (the download links are on the right side of the page). [h=2]3. Install Bytecode Visualizer[/h] Run Eclipse and in the menu bar go to Help ? Eclipse Marketplace… In the Search tab of Eclipse Marketplace window, type “Dr. Garbage” into the Find textbox and press the Go button: Eclipse Marketplace Scroll to Bytecode Visualizer and press the Install button. Once installation is completed, restart Eclipse when prompted. [h=2]4. Load the JAR to be Analyzed[/h] Once Eclipse restarts, close the Welcome tab, and in the menu bar go to File ? New ? Java Project. Specify any project name you like and press the Next button: Create a Java Project In the Java Settings window, click the Libraries tab. In the Libraries tab, press the Add External JARs button and select the JAR file you want to debug, thereby adding it to the Java project’s build path: Java Settings Once the JAR has been added to the build path, press the Finish button. [h=2]5. Open the JAR’s Code with Bytecode Visualizer[/h] In the Package Explorer tab, expand your project’s Referenced Libraries to find your JAR file. Right-click on the class you want to debug and select Open with Bytecode Visualizer: Open with Bytecode Visualizer [h=2]6. Set Breakpoints[/h] With the JAR’s code now visible in Bytecode Visualizer, you can set breakpoints by double-clicking on the vertical gray bar to the left of the disassembled Java code: Setting a Breakpoint Note that Bytecode Visualizer only allows you to set breakpoints on method entrypoints (the first instruction of a method); you can’t set breakpoints on arbitrary instructions. [h=2]7. Debugging the Disassembled Code[/h] You can now run the disassembled code by right-clicking on the class you want to debug and choosing Debug As ? Java Application: Debug as Java Application In the Debug perspective view, there are buttons to Step Into Bytecode and Step Over Bytecode (circled in red below). Use the Step Over Bytecode button to perform standard single-stepping; use the Step Into Bytecode button only to step into calls. The Debug perspective also allows you to see local variable in the Variables tab, and to add your own watches in the Expressions tab (you can add this tab via Window ? Show View ? Expressions in the menu bar); you can see below that I added a watch/expression for variable b: Debug Perspective As far as we’ve seen, Bytecode Visualizer does not offer a view of the raw JVM stack, but even without it, tracing the code flow via single-stepping and examining memory with the Variables and Expressions tabs should typically allow you to successfully debug your target as needed. For more information on Java-based malware or the adversaries using it, including detection logic or any of the adversaries tracked by CrowdStrike, please contact: intelligence@crowdstrike.com and inquire about our Intelligence subscription. Sursa: http://blog.crowdstrike.com/native-java-bytecode-debugging-without-source-code/

By SexyCyborg · 4 days ago · 37 images · 184,121 views · stats I’ve been watching the TV show "Mr. Robot" and while I know not all of it is accurate some of it is and it got me curious. I’m already pretty comfortable with command line and remote server administration from my web development work, and it turns out a lot of ‘hacking’ tools are just testing tools any sensible IT professional would use- just without a GUI. So I spent this month hitting the books (well web pages) watching lots of videos and learning a bit about information security and penetration testing (I wonder how many idiot jokes that phrase is going to cause…). I still don’t know much, but I know a tiny bit more than I did. Enough to ask people who know more than me the right questions- and enough for a fun project. So I got to thinking- if I had to do penetration testing on a corporate facility, how would I do it? Social engineering for one- I’m a natural honeypot. I think there's a reasonable chance that a guy might invite me back to their office after a few drinks in the neighborhood? But a handbag would be suspicious and leaving cell phones at the gate would be standard practice in any reasonably secure facility. My typical clothing does not leave room to hide anything- but that’s all the more reason they would not be suspicious of me. So I devised the Wu Ying Shoes (???)! - Penetration Testing Platform Heels! "Wu Ying" means “shadowless", the name is from the folk hero Wong Fei Hung’s (???) famous "shadowless kick" (???). Wong Fei Hung is from Foshan, which is my ancestral home as well as the ancestral home of Bruce Lee. As legend has it, to execute the "shadowless kick" Wong would distract his opponent with a punch or upper body move while striking with his foot. With my shadowless shoes I distract the target with my…upper body and they don’t see the real danger on my feet:-) Also I get tired of English names for everything. If we are ever going to stop copying Western things we should stop copying Western names as well right? So "Wu Ying Shoes". Each shoe has a drawer that can be slid out without my having to take the shoes off. This drawer can be customized for various payloads. (Just FYI- of course I asked the staff for spray and a cloth to wipe off the table carefully after I took these pictures). For the purposes of this first test version, my right shoe contains a pen testing drop box. This is a wireless router running OpenWRT with a built in rechargeable battery that could either be left running inside the shoe (for war-walking, wifi sniffing and logging etc) or could be removed and plugged into a convenient open network jack as soon as I was inside and had direct access to the LAN. Once this is done you can gain remote access anytime you want via SSH tunnel. Installing OpenWRT on the TL-MR10U is just like upgrading the firmware on any router. It’s two links and a button- nothing to it. There’s a lot of different software you can run once you have OpenWRT flashed. This router may-or-may-not be running a custom version of Wispi for the TP-Link TL-MR10U because if it was it would probably be illegal in China so maybe its not. But if it was I could run Jasager/Karma which lets you can fake being a friendly/known wifi access point and setup a fake login page to capture passwords, among other cool tricks. Wispi also has a few other handy utilities that you should never use in the real world but are pretty cool to try at home once or twice just so you know how. In my left shoe there is a USB keystroke recorder. This is a pass-through device that goes into the back of the computer where you normally plug the keyboard in and records everything typed on the keyboard (so all passwords) in it’s built in memory. A retractable ethernet cable for the OpenWRT router. A shim for opening padlocks. …and a basic lock pick set for gaining access to network cabinets, file drawers etc. I learned how to use the picks at a Locksport meet-up. I can only do simple locks but still loads of fun! Like little metal puzzles... Here’s the model I made for 3D printing. I’m sticking with TinkerCAD just to annoy all the CAD snobs who keep commenting on it ;-P I had to print it at 0.3mm so the layers are a little coarse. It was taking forever at 0.2mm (what I did my LED skirt control box at). Still looks decent. That’s PLA plastic. Infill is 20% and it supports my weight without any issues. Each shoe weighs about the same as a normal, non-printed shoe. Obligatory denim overalls work-clothes shot for the boys. You know the world is a strange place when fan-service is overalls and the slutty mini-dress is “meh". Removing the support structure. This kind of 3D printer can’t really do an overhang over 45% or so since each layer has to rest on the one below. Sacrificial columns are printed to support the overhang for printing and then peeled away afterwards. Source files are here if you'd like to make your own: http://www.thingiverse.com/thing:980191 LibraryBox can be a good way to share movies and ebooks with friends if you are traveling or don’t have wifi. I could see Piratebox being useful in time of disaster for sharing information when the wireless networks are down. It’s kind of like a mini-NAS. Wispi and Pentest drop boxes should of course should only be experimented with at home for educational purposes. While it’s good to know about this stuff always obey your local laws. People think all sorts of crazy stuff about China and I don’t want to talk politics- but my city Shenzhen is a really, really cool place to live (think Bladerunner) so there’s really no reason to do dumb stuff. As always- thanks to my friends for helping to clean up my English above. I had a ton of technical help but I follow a strict “don’t do it for me, show me how” rule so learned a tremendous amount. As I’ve also mentioned before, I’m not much more technical than my female friends but I am patient, good at following tutorials and and asking questions. If you can follow a recipe I assure you that you could do this sort of thing also. Any women with questions about teaching themselves online should feel free to contact me on Reddit and I’d be delighted to offer any help I can. Remember ladies- if you are thinking about becoming a Maker, learning to code or doing hardware; if a girl who looks like me can do it, how hard can it really be? Edit: Normally I have to sort though about 50% identical replies to my posts on Reddit. For those flexing their fingers and getting ready to give me a hard time: Yes, they are fake. Yes, I feature them prominently and deliberately in everything I do. No, most of my projects do not have all that much technical merit- they are 90% silicone and 10% silicon ;-) No, if you point out the absolutely obvious no one will think you are insightful, edgy or cool. They will think you are 12. Sursa: http://imgur.com/a/c4WNF#PEc4q1x

MySQL Error Based SQL Injection Using EXP Table of Contents Overview Injection Extracting Data Dump In One Shot Reading Files Injection in Insert Injection in Update Injection in Delete Conclusion References Download: https://www.exploit-db.com/docs/37953.pdf

The PenTesters Framework (PTF) A TrustedSec Project - Copyright 2015 Written by: David Kennedy @hackinGDave The PenTesters Framework (PTF) is a Python script designed for Debian/Ubuntu based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we've been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all of the time. We have those "go to" tools that we use on a regular basis, and using the latest and greatest is important. PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used. PTF simplifies installation and packaging and creates an entire pentest framework for you. Since this is a framework, you can configure and add as you see fit. We commonly see internally developed repos that you can use as well as part of this framework. It's all up to you. The ultimate goal is for community support on this project. We want new tools added to the github repository. Submit your modules. It's super simple to configure and add them and only takes a few minute. Sursa: https://github.com/trustedsec/ptf