Thursday , December 14 2017
Home / Hacking

Hacking

WordPress 4.2 Stored XSS

Overview Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If triggered by a logged-in administrator, under default settings the attacker can leverage the vulnerability to execute arbitrary code on the …

Read More »

Certified Ethical Hacking ebook Collection

Certified Ethical Hacking ebook Collection Certified Ethical Hacking ebook Collection English | PDF | Collection | 269.473 Mb CEH-Classroom-Lab-Setup-v6.pdf CEHv6 Module 00 Student Introduction.pdf CEHv6 Module 01 Introduction to Ethical Hacking.pdf CEHv6 Module 02 Hacking Laws.pdf CEHv6 Module 03 Footprinting.pdf CEHv6 Module 04 Google Hacking.pdf CEHv6 Module 05 Scanning.pdf CEHv6 …

Read More »

Dasar – dasar Google Hacking

Pengertian Google Hacking & Dasar –¬† Dasar Google Hacking Intro Tulisan ini bisa merupakan bahasan lama, namun tehnik ini masih bisa digunakan sebagai dasar dari google hacking atau menggunakan media mesin pencari google untuk menemukan berbagai informasi mengenai berbagai hal seperti konfigurasi sebuah sistem, informasi system aplikasi danlainnya. Disamping itu …

Read More »

Latest Google Hacking (Dork)

Latest Google Hacking Entries Date Title Category 2015-03-16 allintext:Copyright Smart PHP Poll. All Rights Res… Vulnerable Servers 2015-03-10 ext:sql intext:”alter user” intext:”… Files containing passwords 2015-03-04 allinurl:moadmin.php -google -github Vulnerable Servers 2015-02-27 inurl:/wp-content/wpbackitup_backups Sensitive Directories 2015-02-19 “Config” intitle:”Index of” in… Sensitive Directories 2015-02-17 intitle:”AP Router New Generation” intex… Various Online …

Read More »

Windows 8.1 – Local WebDAV NTLM Reflection Elevation of Privilege

Windows: Local WebDAV NTLM Reflection Elevation of Privilege Platform: Windows 8.1 Update, Windows 7 Class: Elevation of Privilege Summary: A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system. Description: NTLM reflection …

Read More »

Inilah Cara Melewati Lock Screen iOS 7

Inilah Cara Melewati Lock Screen iOS 7 Celah keamanan kembali ditemukan, kali terjadi pada iOS 7 yang memungkinkan fitur lock screen bisa dilalui oleh orang yang tidak berhak. Untuk menutup celah keamanan ini adalah dengan cara menonaktifkan akses Control Center dari lock screen. Hal ini harus dilakukan hingga Apple menutup …

Read More »

WHMCS v4.x & v5.x – Multiple Web Vulnerabilities

Exploit Title: WHMCS v4.x & v5.x – Multiple Web Vulnerabilities # Date: 2013-12-10 # Exploit Author: ahwak2000 # Vendor Homepage: http://whmcs.com/ # Version: 4.x , 5.x # Tested on: win 7 +——————+ | Vulnerability | +——————+ File : includesdbfunctions.php function db_escape_string($string) { $string = mysql_real_escape_string($string); return $string; } +——————+ | …

Read More »

WHMCS v4.x & v5.x – Multiple Web Vulnerabilities

# Exploit Title: WHMCS v4.x & v5.x - Multiple Web Vulnerabilities # Date: 2013-12-10 # Exploit Author: ahwak2000 # Vendor Homepage: http://whmcs.com/ # Version: 4.x , 5.x # Tested on: win 7 +------------------+ | Vulnerability | +------------------+ File : includesdbfunctions.php function db_escape_string($string) { $string = mysql_real_escape_string($string); return $string; } +------------------+ …

Read More »

Flunym0us Vulnerability Scanner WordPress

Flunym0us is a Vulnerability Scanner for WordPress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for WordPress and other for Moodle. Flunym0us requires python. Arguments allowed: -h, –help: Show this help message …

Read More »

Flunym0us Vulnerability Scanner WordPress

Flunym0us is a Vulnerability Scanner for WordPress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for WordPress and other for Moodle. Flunym0us requires python. Arguments allowed: -h, –help: Show this help message …

Read More »