Hackers2DevNull - Hacking To Learn | Learning To Defend
Hackers2DevNull
Wednesday, 18 December 2013
Thursday, 31 October 2013
LFI vulnerability + image upload form? You got Remote Code Execution!
An easy RCE when you find a LFI vulnerability and are able to upload images/any other file to the website.
Wednesday, 23 October 2013
[Release!] Backcat - Back-connect Utility [*nix]
[+] Outline:
A simple utility for making life easier when back-connecting from a foreign host where firewall rules are not known. Run a copy locally specifying a port range to listen on (optionally specify another program to handle the connection). And on the server run a copy specifying the port destination range to try and 'brute-force' (optionally specify a local port range to bind to instead of taking the first available / and optionally specify a program to pass the connection to, e.g. "/bin/sh -i").
Wednesday, 25 September 2013
How to hide XSS in flash movies/games
Here is a tutorial on how to rip and edit an existing flash movie/game for use in XSS attacks. The objective is to steal cookies silently without changing the flash movie's behavior from the perspective of the user.
Monday, 16 September 2013
r0ng's XSS Challenges - Challenge 2
Try to solve these challenges and send me your solutions via the
comments (moderated), if you are correct I will add you to the solvers
list :).
r0ng's XSS Challenges - Challenge 1
Try to solve these challenges and send me your solutions via the comments (moderated), if you are correct I will add you to the solvers list :).
Sunday, 11 August 2013
r0ng's cookie logger script - for silently stealing website cookies
Saturday, 6 July 2013
Sunday, 19 May 2013
"One does not simply finds a DOM based XSS without js analysis"
Checkout this cool blog from Prakhar Prasad (http://blog.prakharprasad.com/), they setup an interesting XSS challenge that requires code analysis to solve, here: xss.prakharprasad.com (also thanks to MaXoNe who I think contributed to it).
Saturday, 18 May 2013
CGI-C Shell - PHP disabled functions/Safe Mode Bypass Shell source [Windows/Linux]
When Safe mode is on it can be a pain to do what you want to do on the system. Being able to access CGI solves this problem, and here is my implementation of a shell (safe mode bypass) in C for windows and linux.
Wednesday, 15 May 2013
Persistent XSS in wysiwyg module CKEditor below 4.1 - drupal 6.x 7.x
This persistent XSS vulnerability requires a little bit social engineering to work, see the report below:
Friday, 10 May 2013
How to shell a server via image upload and bypass extension + real image verification
During a website audit, upload forms and other interactive 'user-content' driven facilities are often found to be protected by client side and/or server side security checks. This tutorial presents the methods that can be used to circumvent these security checks. In this case we're specifically considering image uploads that allow JPG files in particular.
Friday, 25 January 2013
2nd Cross-site-scripting vulnerability find in Microsoft.com
Friday, 14 December 2012
C Source Release:
LastDoor - Root Backdoor and Log-Cleaner for Linux
[+] What is it?
A backdoor for retaining root access and a log cleaner with several functions.
Thursday, 1 March 2012
XSS find in Google.com - on the hall of fame at last!
March update:
Google updated their wall of fame for Jan-March (http://www.google.co.uk/about/appsecurity/hall-of-fame/reward/). I disclosed a cross site scripting (XSS) vulnerability last month, and Google were kind enough to put me on their wall (and give me a few pennies to spend at the sweet shop).
Subscribe to:
Posts (Atom)