Th1 232017
Hack the Basic HTTP Authentication using Burpsuite

In the context of a HTTP transaction, basic access authentication is a method for a HTTP user agent to provide a user name and password when making a request. HTTP Basic authentication (BA) implementation is the simplest technique for enforcing access controls to web resources because it doesn’t require cookies, session identifiers, or login pages; rather, HTTP Basic authentication uses standard fields in the HTTP header, obviating the need [Đọc tiếp …]

Th12 302016
CVE-2016-8655 - Linux af_packet.c race condition (local root)

CVE-2016-8655 Overview The net / packet / af_packet.c of Linux Kernel vulnerability of race condition, you can be promoted to root privileges from the general user privileges. packet_set_ring is, when you create a ring buffer, if the version of the packet is a TPACKET_V3 initializes the structure timer_list. This value is, and then you set [Đọc tiếp …]

 Posted by at 10:16 sáng
Th9 282014

Lỗ hổng bảo mật “bash” (CVE-2014-6271) là gì? Lỗ hổng bảo mật “bash” được mô tả với mã CVE-2014-6271 là một lỗ hổng vô cùng nguy hiểm do có tầm ảnh hưởng lớn và dễ dàng khai thác. Tin tặc có thể dễ dàng thực hiện các lệnh của hệ thống cùng quyền của dịch vụ bị [Đọc tiếp …]

Th9 262014

Ethical Hacking Course Part-1 Kali Linux Introduction & Installation URL: What is Kali Linux? Kali Linux is the most preferred operating system for professionals. Kali is an advanced Linux-based operating system, a collection of open source software that is used to perform different tasks within penetration testing, computer forensics, and security audits.   Kali Linux [Đọc tiếp …]

Th9 252014

A fun Bash bug: it doesn’t stop interpreting a variable at the end of a functions, and is, therefore, susceptible to arbitrary command execution. If you’re using CGIs, this becomes RCE. For this example, I’ve chosen to abuse the user-agent setting: 1 2 3 $ curl   PoC||GTFO Great, we get a page. Now [Đọc tiếp …]

Th9 192014

There are many ways you can hack a computer – RATs, Keyloggers, bots and Password Stealers.In this tutorial I will teach you how to set up your own Keylogger and also protect yourself against them. What is a Keylogger? A keylogger is a program that records a persons keystrokes (everything they type) and send the [Đọc tiếp …]