ThunderDNS - Tool To Forward TCP Traffic Over DNS Protocol

This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support. Run Setting up NS records on our domain: Please wait for clearing DNS-cache. Simple server run: python3 ./server.py --domain oversec.ru Simple server run Dockerfile: docker run -e DOMAIN='' Simple client ru...

Exploit for CVE-2018-11776

CVE-2018-11776 Environment for CVE-2018-11776 / S2-057 Dem...

How to Collect Support Bundle from XenMobile Server CLI using FileZilla

This article describes how to collect XenMobile support bundle with FileZilla. FileZilla can be installed locally and act as FTP server...

Error: "Http/1.1 Internal Server Error 43531" When Enrolling Device to XenMobile

MAM enrollment is failing with below errors: 1. While authenticating from the Gateway Web Page -"Http/1.1 Internal Server Error 43531" 2. While attempting from the mobile device - "Enrollment Failed - There's a prblem with the server setup. Please contact your administrator"...

Rainmap Lite - Responsive Web Based Interface That Allows Users To Launch Nmap Scans From Their Mobiles/Tablets/Web Browsers

Rainmap Lite - Responsive web application that allows users to launch Nmap scans from their mobiles/tablets/web browsers! Unlike it's predecessor 1, Rainmap-lite does not require special services RabbitMQ, PostgreSQL, Celery, supervisor, etc to make it easy to install on any server. You simply ne...

How to to implement Rights Management Service in XenMobile Secure Mail

This article will guide you with the steps to implement Rights Management Service in conjunction with the exchange server on Secure Mail Active Sync Client, 1. Install and Configure Rights Management Service. 2. Validate the Rights Management Service Configuration. 3. Enable Rights Management...

Information Leakage Via Error Pages

fatfreecrm is vulnerable to information leakage via error pages. The vulnerability is possible because considerallrequestslocal is set to true by default in production mode, exposing the server setup information in 404 and 500 error pages...

How to Integrate StoreFront and XenMobile when XenMobile is enabled with Domain and Certificate Based Authentication

This article will guide you with the steps to enable XenMobile server and StoreFront Server integration when XenMobile environment is enabled withCertificate + Domain based authentication. To achieve the above use case, you as an admin need to setup the following. 1. Configure/Enable XenMobile...

XSS Hunter is Now Open Source – Here’s How to Set It Up!

Recently I opened up XSS Hunter for public registration, this was after publishing a post on how I used XSS Hunter to hack GoDaddy via blind XSS and pointed out that many penetration testers use a very limited alert box-based pentesting methodology which will not detect these types of issues. Aft...

How to configure standalone SQL server, Database Mirroring, and Always on High Availability

How to configure standalone SQL server, Database Mirroring, and Always on High Availability...

Mail.ru: [api.allodsteam.com] Authentication Data

api.allodsteam.com had an open public folder with some sensitive information for initial server setup, including sensitive internal documentation and database dumps...

SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration

!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...

SMF (Simple Machine Forum) 2.0.10 Remote Memory Exfiltration

!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...

SMF 2.0.10 Remote Memory Exfiltration Exploit

Exploit for php platform in category web applications !/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Filippo Roncari Truel Lab http://lab.truel.it import sys, requests, time, os, socket, thread, base64, string, urllib from multiprocessing import Process Payload config bytesnum = 000 num of...

Online Automated Tasks: Huginn

Huginn is a system for building agents that perform automated tasks for you online. They can read the web, watch for events, and take actions on your behalf. Huginn’s Agents create and consume events, propagating them along a directed graph. Think of it as a hackable Yahoo! Pipes plus IFTTT on yo...

Streisand

The Internet can be a little unfair. It’s way too easy for ISPs, telecoms, politicians, and corporations to block access to the sites and information that you care about. But breaking through these restrictions is tough . Or is it? Introducing Streisand A single command sets up a brand new server...

tcp(port&seq) backdoor

Автор: slashd Что это? Реализации скрытого канала передачи данных на сервер с помощью стандартных полейв нашем случае поля SEQ и Source Port TCP-заголовка. Теоритическая часть. Реализовать скрытую передачу данных с помощью TCP-заголовка можно несколькими способами. Клиентхакер иницирующий...

Nmap NSE net: netbus-info

Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself. The extracted host information includes a list of running applications, and the hosts sound volume settings. The extracted service information includes it's access control list acl, server...

SuSE 10 Security Update : dhcpcd (ZYPP Patch Number 7452)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 Note: this is a...

Buffer overflow

Multiple buffer overflows in the 1 main function in a client.c, and the 2 serversetup and 3 serverclientconnect functions in b server.c in gxine 0.5.9 and earlier allow local users to cause a denial of service daemon crash or gain privileges via a long HOME environment variable. NOTE: some of the...