Sep 13, 2012

Metasploit post exploitation scripts to steal iOS 5 backups

Usage Steps:
1. Download the apple_ios_backup.rb and place it in /opt/metasploit/msf3/modules/post/multi/gather/ directory.
2. Download the apple_backup_manifestdb.rb and place it in /opt/metasploit/msf3/lib/rex/parser/ directory.
3. Open the Metasploit using msfconsole.
4. Use meterpreter as a payload and exploit a vulnerability in the target system.


If you like my blog, Please Donate Me

Web Shell Detector - Find the web shell in your server.

Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.  

To activate Web Shell Detector:
1) Upload shelldetect.php and shelldetect.db to your root directory
2) Open shelldetect.php file in your browser
3) Inspect all strange files, if some of files look suspicious, send them to team. After submitting your file, it will be inspected and if there are any threats, it will be inserted into a “web shell detector” web shells signature database.
4) If any web shells found and identified use your ftp/ssh client to remove it from your web server (IMPORTANT: please be carefull because some of shells may be integrated into system files!).


If you like my blog, Please Donate Me

Sep 10, 2012

OWASP Xenotix XSS Exploit Framework

Features of Xenotix XSS Exploit Framework

  1. Built in XSS Payloads
  2. XSS Key logger
  3. XSS Executable Drive-by downloader
  4. Automatic XSS Testing
  5. XSS Encoder


If you like my blog, Please Donate Me




 Please subscribe my blog.

 Old Subscribe

Share |