[Metasploit] Joomla Media Manager File Upload Vulnerability

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info={}) ...

Baca Selengkapnya... [Metasploit] Joomla Media Manager File Upload Vulnerability

Cisco ASA Ethernet Information Leak

#!/usr/bin/env python # CVE-2003-0001 'Etherleak' exploit # ================================= # Exploit for hosts which use a network device driver that pads # ethernet frames with data which vary from one packet to another, # likely taken from kernel memory, system memory allocated to # the device driver, or a hardware buffer on its network interface # card. Exploit uses scapy with either ICMP or ARP requests as # this can trigger with either but...

Baca Selengkapnya... Cisco ASA Ethernet Information Leak

WinRoot ver 0.1

Surce code http://pastie.org/pastes/7896...

Baca Selengkapnya... WinRoot ver 0.1

ZPanel Code Execution

Hi all, There's an arbitrary (PHP) code execution in ZPanel, a free and open-source shared hosting control panel. Using the included zsudo binary, access can be escalated and commands can be run as root. The vulnerability : ZPanel uses a poor "templater" system that basically consists of a few str_replace calls and an eval... and as could be expected from something like this, it does a very poor job at preventing malicious code. The relevant...

Baca Selengkapnya... ZPanel Code Execution

Samsung Developer Competition 2013

Samsung menggelar rangkaian acara Samsung Developer Competition 2013. Sebuah acara untuk menjembatani pemain di industri mobile, ahli di bidang produk mobile dan juga para pengembang aplikasi. Tujuannya adalah agar para pengembang bisa melihat apa saja kebutuhan industri yang bisa dipenuhi dengan aplikasi mobile. Acara kompetisi ini telah dimulai dengan rangkaian workshop dan seminar ke berbagai kampus. Untuk gelaran pertama telah dilaksanakan di...

Baca Selengkapnya... Samsung Developer Competition 2013

Analisa tentang Tools Adwind ( Adwind Web Fake ) yang berbentuk *.jar

Saya kurang begitu tau tentang kapan dan dimana pertama kali software ini di Release. pertama kali saya mendengar software ini dr teman yang namanya tidak bisa saya sebutkan. Teman saya bertanya MyFriends : man, lo udah tau belum tentang soft "Adwind Web Fake"? Me : wew, itu tools apa kk??? MyFriends : Tools itu semacam tools untuk membuat web Fake dimana...

Baca Selengkapnya... Analisa tentang Tools Adwind ( Adwind Web Fake ) yang berbentuk *.jar

SyRiAn Sh3ll V7

Source Lengkap bisa diambil di sini http://pastebin.com/vsnFh...

Baca Selengkapnya... SyRiAn Sh3ll V7

Google Fusion Tables Cross Site Scripting

# Title: Google Fusion Tables XSS (HTML Injection) Vulnerability # Release Date: 07/03/2013 # Author: Junaid Hussain - [ illSecure Research Group ] # Contact: illSecResearchGroup@Gmail.com | Website: http://illSecure.com # Vulnerable Application: https://www.google.com/fusiontables/DataSource?dsrcid=implicit ------------------------------------------------------------------------------------- //##### Process: 1. go to https://www.google.com/fusiontables/DataSource?dsrcid=implicit 2....

Baca Selengkapnya... Google Fusion Tables Cross Site Scripting

Learning Whitehat Hacking and Penetration Testing 2012

Infinite Skills - Learning Whitehat Hacking and Penetration Testing 2012 | Size 1.35 GB  SKU: 01724 | Duration: 10.5 hours - 103 lessons | Date Released: 2012-10-05 Works on: Windows PC or Mac | Format: DVD and Download | Instructor: Ric Messier In this Ethical Hacking - Whitehat Hacking and Penetration testing training course, expert Ric Messier...

Baca Selengkapnya... Learning Whitehat Hacking and Penetration Testing 2012

Computer Hacking Forensic Investigator v8 (Slides)

Computer Hacking Forensic Investigator v8 (Slides) | 445 MB File Computer Hacking Forensic Investigator v8 (Slides) : Module 01 Computer Forensics in Todays World.pptx Module 02 Computer Forensics Investigation Process.pptx Module 03 Searching and Seizing Computers.pptx Module 04 Digital Evidence.pptx Module 05 First Responder Procedures.pptx Module...

Baca Selengkapnya... Computer Hacking Forensic Investigator v8 (Slides)

Blackberry GSM codes

The following are codes that you can use on a BlackBerry. Most require you to hold down the ALT key whilst typing the letters after the + sign (they don't need to be capitals). IMEI number Shows your device's international mobile equipment identity (IMEI - your serial number) on-screen. Type "*#06#" (home screen or call screen. Home Screen ALT(left)+Shift(right)+Del - Restart the Blackberry (only for full-keyboard Blackberries) ALT + JKVV - Display...

Baca Selengkapnya... Blackberry GSM codes

RethinkDB (ReQL) The Next Generation NoSQL systems

Seperti dikutip dihalam webnya http://www.rethinkdb.com/ "RethinkDB is built to store JSON documents, and scale to multiple machines with very little effort. It has a pleasant query language that supports really useful queries like table joins and group by, and is easy to setup and learn." ReQL merupakan Next Generasi NoSQL System Database dimana system ini berbeda dengan MongoDB dan system NoSQL Lainnya. berikut penjelasan RethinkDB mengenai...

Baca Selengkapnya... RethinkDB (ReQL) The Next Generation NoSQL systems