Metasploit Explained For Beginners
Labels:
Metasploit,
Metasploit Framework
·
Metaspoit Framework is a open source penetration tool used for developing and executing exploit code against a remote target machine it, Metasploit frame work has the world’s largest database of public, tested exploits. In simple words, Metasploit can be used to test the vulnerability of computer systems in order to protect them and on the other hand it can alsobe used to break into remote systems.
IDS (Intrusion Detection System)
Labels:
IDS,
Intrusion Detection System
·
An intrusion detection system (IDS) is software and/or hardware based system that monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. In some cases the IDS may also respond to anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network.
Typical locations for an intrusion detection system is as shown in the following figure -
Use SSH Tunneling to surf net invisibly
Labels:
SSH,
SSH Tunneling,
Surf Invisible,
Tunneling
·
Unable to surf net over work/college ? Want to surf net invisibly ? Well,we have a solution for that,SSH Tunneling.An SSH tunnel is an encrypted tunnel created through an SSH protocol connection. SSH tunnels may be used to tunnel unencrypted traffic over a network through an encrypted channel.In easy language,you can surf net without being monitored and even surf blocked sites too.SSH Is pretty awesome.
TinyFileBrowser ~ Remote file Upload Vulnerability
Labels:
TinyFileBrowser,
upload,
Vuln,
Vulnerability
·
Google Dork : ”inurl:tinybrowser/upload.php”
Lets Start : Open google.com/ncr or you country dOmain like Google.co.om and enter This dork
“inurl:tinybrowser/upload.php”
Vulnerable website’s title will TinyBrowser :: Upload in search results
and in sOme sites it will show you website directory in title
click on Vulnerable website only … igNore sOme extra results
RTE remote File Upload Vulnerability
Labels:
remote,
RTE,
upload,
Vuln,
Vulnerability
·
Google Dorks
inurl:rte/my_documents/my_files
inurl:/my_documents/my_files/
Exploit:
http://www.website.com/rte/RTE_popup_file_atch.asp
or
http://www.website.com/admin/RTE_popup_file_atch.asp
List Of Run Commands
Labels:
Guide,
List Of Run Commands,
Run,
Windows
·
The complete A to Z guide to all the RUN Commands executed in windows:
Check them Out, and if u have any more please do comment to let us know so that we can update readers with more commanding interface:
Make your Google search more effective
Labels:
Google Tricks,
Googlr Handlers,
Tricks
·
Use the below mentioned guidelines during your Google Search and it will surely provide you with more better and relevant results..Preventing SQL Injection
Labels:
PHP,
Prevent SQL,
SQL
·
NOTE : IF YOU DO NOT KNOW PHP NOTHING TO WORRY .. THIS IS NOOB FRIENDLY
There are usually two types of attacks :
1. URL based
2. Form based
Major reason for both of them is ‘badly architectured parametres’
many say That remove/rename or unlink the database configuration file, ofcourse this will work but this is NOT the solution, as it will halt the functionality of the site, your
Dynamic website will turn into just html pages in seconds, this is anologus to condition like, because of fear of robbery you don’t buy anything for yourself too: P
what we will be doing is sanitizing and validating php variables, we have make sure That our critical global arrays like get, post, files, session, cookies etc allow data which we
Want them to store and nothing else, because we can’t trust the fact that users will enter expected data. What we mean is suppose you have site script like this:
Blind SQLI
Labels:
Blind SQLi,
SQL
·
What is Blind SQLi
Blind SQL Injection is used when a web application is vulnerable to an SQL injection but the results of the injection are not visible to the attacker. The page with the vulnerability may not be one that displays data but will display differently depending on the results of a logical statement injected into the legitimate SQL statement called for that page. This type of attack can become time-intensive because a new statement must be crafted for each bit recovered. There are several tools that can automate these attacks once the location of the vulnerability and the target information has been established
Blind SQLi Tutorial
Basic Windows Commands That You SHould Know
Labels:
CMD,
CMD Tricks,
Tricks,
Windows
·
So in this section we will discus some of the most used basic commands of windows and frequently used switches with them. Now why the hell in world of Graphical User Interface (GUI) of windows I need to learn windows commands? Answer is, no matter how much cool the GUI appears, the most powerful feature of any OS till today is its shell when comes to control,I may hardly get any to disagree on this and shell is handled with the help of shell interpreter/emulator better known as command line in common, command prompt in windows and terminal/konsole/tsch/zch etc in Linux depending on shell emulator. As a hacker you must be able to master most of the commands and their most commonly used switches. So get ready to have a look on them,
Subscribe to:
Comments (Atom)
