Hackers2DevNull - Hacking To Learn | Learning To Defend
Hackers2DevNull
Wednesday 18 December 2013
Thursday 31 October 2013
LFI vulnerability + image upload form? You got Remote Code Execution!
An easy RCE when you find a LFI vulnerability and are able to upload images/any other file to the website.
Wednesday 23 October 2013
[Release!] Backcat - Back-connect Utility [*nix]
[+] Outline:
A simple utility for making life easier when back-connecting from a foreign host where firewall rules are not known. Run a copy locally specifying a port range to listen on (optionally specify another program to handle the connection). And on the server run a copy specifying the port destination range to try and 'brute-force' (optionally specify a local port range to bind to instead of taking the first available / and optionally specify a program to pass the connection to, e.g. "/bin/sh -i").
Wednesday 25 September 2013
How to hide XSS in flash movies/games
Here is a tutorial on how to rip and edit an existing flash movie/game for use in XSS attacks. The objective is to steal cookies silently without changing the flash movie's behavior from the perspective of the user.
Monday 16 September 2013
r0ng's XSS Challenges - Challenge 2
Try to solve these challenges and send me your solutions via the
comments (moderated), if you are correct I will add you to the solvers
list :).
r0ng's XSS Challenges - Challenge 1
Try to solve these challenges and send me your solutions via the comments (moderated), if you are correct I will add you to the solvers list :).
Sunday 11 August 2013
r0ng's cookie logger script - for silently stealing website cookies
Saturday 6 July 2013
Sunday 19 May 2013
"One does not simply finds a DOM based XSS without js analysis"
Checkout this cool blog from Prakhar Prasad (http://blog.prakharprasad.com/), they setup an interesting XSS challenge that requires code analysis to solve, here: xss.prakharprasad.com (also thanks to MaXoNe who I think contributed to it).
Saturday 18 May 2013
CGI-C Shell - PHP disabled functions/Safe Mode Bypass Shell source [Windows/Linux]
When Safe mode is on it can be a pain to do what you want to do on the system. Being able to access CGI solves this problem, and here is my implementation of a shell (safe mode bypass) in C for windows and linux.
Wednesday 15 May 2013
Persistent XSS in wysiwyg module CKEditor below 4.1 - drupal 6.x 7.x
This persistent XSS vulnerability requires a little bit social engineering to work, see the report below:
Friday 10 May 2013
How to shell a server via image upload and bypass extension + real image verification
During a website audit, upload forms and other interactive 'user-content' driven facilities are often found to be protected by client side and/or server side security checks. This tutorial presents the methods that can be used to circumvent these security checks. In this case we're specifically considering image uploads that allow JPG files in particular.
Friday 25 January 2013
2nd Cross-site-scripting vulnerability find in Microsoft.com
Friday 14 December 2012
C Source Release:
LastDoor - Root Backdoor and Log-Cleaner for Linux
[+] What is it?
A backdoor for retaining root access and a log cleaner with several functions.
Thursday 1 March 2012
XSS find in Google.com - on the hall of fame at last!
March update:
Google updated their wall of fame for Jan-March (http://www.google.co.uk/about/appsecurity/hall-of-fame/reward/). I disclosed a cross site scripting (XSS) vulnerability last month, and Google were kind enough to put me on their wall (and give me a few pennies to spend at the sweet shop).
Subscribe to:
Posts (Atom)