178 matches found
Apache killer exploit modified for better Results
Apache killer exploit modified for better Results "4L4N4 K!LL3R " or Killapache DDOS tool exploit, previously coded by kingscope 's , re-edited and coded by "S4uR4 " , which kills apache and still many websites are vulnerable. S4uR4 rewrite this exploit on php/curl web based with agressive mode...
Automated HTTPS Vulnerability Testing by Qualys SSL Labs
Automated HTTPS Vulnerability Testing by Qualys SSL Labs One of main problem in HTTP protocol is encrypting traffic and verifying data security, securing the web application against any threat is very important especially that if hackers conduct a Man-in the middle attack he can get all users...
New Metasploit 3.6 Targets Security Compliance !
Security vulnerability testing is getting a boost this week with the release of Metasploit 3.6. Metasploit Pro, the commercial version of the product, now includes new PCI compliance reporting capabilities. There is also a new Project Activity Report, which helps organization manage and track...
Toolza 1.0
=== Toolza1.0 === Nix/Windows/Mac - UTF-8 perlscript download last version at the end of this post /последнюю версию скачать можно снизу этого поста Данная утилита предназначена для тестирования своего веб-ресурса на уязвимости. Любое другое использование скрипта преследуется по закону Last updat...
Re: D-Link DIR-300 authentication bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks for your replies especially linuxoid.rain at gmail dot com and mfardiles . Mentioned above users informed me that my vulerability also affect DIR-600 and DIR-320 D-Link router models. I'm going to buy those routers and test all available...
E-Php content management system SQL injection exploit-vulnerability warning-the black bar safety net
| E-Php Content Management System CMS, article. php page there is SQL injection. Vulnerability testing: Trojan http://www.chinasg.tk/article.php?esid=-1+union+select+1,version,3,4,5,6,7,8,9,1 0,1 1,1 2...
Exploit Hub Aims to be iTunes for Exploits
It’s been tried before, but NSS Labs founder Rick Moy says his company’s new Exploit Hub – a store front for exploit code – can work. In an interview with Threatpost.com, he explains why the current market for exploits doesn’t work for the good guys, and why zero day exploits don’t help anyone...
Aleza Portal 1.6 - Insecure SQL Injection Cookie Handling
Aleza Portal 1.6 - Insecure SQL Injection Cookie Handling Aleza Portal v1.6 - Insecure SQLi Cookie Handling ========================================================= My + Author : KnocKout Contact : [email protected] Software info Web App. : Aleza Portal v1.6 Software: http://www.webavail.com/...
Old Y article management system v2. 5 sp2 SQL injection&Cookie spoofing vulnerability-vulnerability warning-the black bar safety net
Old Y article management system v2. 5 sp2/user/ 'UserLogin'. asp file there is a SQL injection vulnerability, a malicious user can exploit to give the database any data. In addition the background of the landing of improper handling, caused by the falsification of the management account password,...
blogbus.com(blog coach)XSS cross site vulnerability-vulnerability warning-the black bar safety net
Vulnerability testing process: 1. Apply for an account 2. Into the background--blog--template--homepage layout settings-the content of the articleedit 3. In the dialog box the Edit link in the Add at the Cross-Station code or into the article publishing Switch the editor to HTML mode 4. Test code...
DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)
/ Deepburner pro 1.9.0.228 dbr file buffer overflow exploituniversal This is buffer: header 253 bytes + junk+ next seh + seh addr + tail 957 bytes dbr/dbi file Date: 29.01.2010 Dicovery Credits: fl0 fl0w Exploit Credits : fl0 fl0w ?Download latest vuln vs from: http://www.deepburner.com/?r=downlo...
Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit (ppc)
No description provided by source. / Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...
ILIAS LMS <= 3.9.9/3.10.7 Arbitrary Edition/Info Disclosure Vulns
Exploit for unknown platform in category web applications ================================================================= ILIAS LMS WEB: http://www.ilias.de/ | |--DOWNLOAD: http://www.ilias.de/docu/goto.php?target=st22935&clientid=docu | |--DEMO: http://www.demo.ilias-support.com/ | |--CATEGORY...
ProjectCMS 1.0b - 'index.php?sn' SQL Injection
|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | SQL INJECTIO...
debopenssh-auth.txt
/ Debian maybe other derivates |KUDUBUTUNTU| OpenSSH Remote -=Authenticated=- SELinux Privilege Elevation Fedora/RHEL Linux should be tested because it MAY contain the same vulnerability in it's OpenSSH patches in a time slice. Latest OpenSSH should not be vulnerable. Older Debian Releases may. O...
Yuhhu 2008 SuperStar (board) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================= Yuhhu 2008 SuperStar board Remote SQL Injection Exploit ========================================================= ."; $bul=pregmatch$ara,$tuttum,$rmx;...
Technical analysis:“the meat machine”on encounters of an unknown virus-vulnerability warning-the black bar safety net
5 month 1 3 day morning, the author in the online test MySQL Fun vulnerability, in fact, can not say that the vulnerability can only be said to be a technology only, use the MySQL Fun to overcome a Xeon host, inside, the want to do some testing, but stumbled across this station the host of the...
AppScan QA automated vulnerability testing tool buffer overflow
Buffer overflow on oversized HTTP server WWW-Authenticate header Realm parameter...
Recommendation:the Guangdong a University site detection notes(figure)-vulnerability warning-the black bar safety net
Recently by PPMM in a McDonald's cajoling, let me test out their school website, security how to,this thought can like our school like ten minutes away,I agreed, I did not expect...... The following start, in order not to cause unnecessary trouble, the removal of sensitive information. C:\ping...
DCP - portal XSS & SQL attacks
Web Site: http://www.dcp-portal.org/ DCP Portal = v6 This script is possibly vulnerable to SQL Injection attacks AND Cross Site Scripting XSS attacks The script has been tested with these query variables: XSS : http://target/index.php?page=send&cid=scriptalertdocument.cookie;/script XSS - only PO...