View RSS Feed

Recent Blogs Posts

  1. My Nullcon Experience.

    NULLCON is one of the best information security conference in India and every year everyone from the InfoSec community attends it. I have a great interest in Security and hacking ( If you follow my blog you will probably know it already www.hackatrick.com ) and yes I too look forward to the conference. Every year most of my friends who are into security attend NULLCON. I failed to go last year due to my Exams and last to last year i had my class 12 boards exam.

    This time I wanted ...

    Updated 04-04-2017 at 11:15 AM by 41.w4r10r

    Categories
    Uncategorized
  2. First Nullcon Experience

    i was a part of infosec community for over a year. And many times i came across the people who told me about this amazing tech convention which was held in Goa march every year. This got me really excited for the NULLCON.

    So i did little research about nullcon and how to get entry in this event. So i got to know that there ware passes available to get in the event. But at that time i was not able to afford the passes so i dropped the idea to go in nullcon. But later on i heard about ...

    Updated 03-16-2017 at 09:00 PM by 41.w4r10r

    Categories
    Uncategorized
  3. Cracking WIFI

    Hello, I am Double Chow.The purpose of establishing WeChat Subscription is to share knowledge about cyber security ,simple but very fun that we maybe often used in daily life .Today, we share an article about cracking WIFI. The most simple way: use third party interface to crack WIFI, whcih is called the first step to break our village WIFI. In order to facilitate the application in the actual scene,I put all the operations on the phone as possible .The first step, WarDriving collect WIFI ...
    Categories
    Uncategorized
  4. HITBCONF2017 - A DEEP-KNOWLEDGE SECURITY EVENT… Registrations and CFP open now!

    Name:  hitbg4h.jpg
Views: 3932
Size:  17.1 KB

    We are glad to announce that Garage4hackers is now a community partner for Hack In The Box Security Conference


    WHAT?

    HITBSecConf2017 - Amsterdam
    Early Bird Registration Closes 31st December. Register now and save!


    WHEN & WHERE?

    The Netherlands taking place on April 10th – 14th at the NH Grand Krasnapolsky in Amsterdam.


    WHAT's IN IT FOR ME?
    ...
    Categories
    Uncategorized
    Attached Thumbnails Attached Images  
  5. (CVE-2016-8856) Foxit Reader for Linux and Mac: Local Privilege Escalation Writeup

    Hi guys,

    Recently, I stumbled on a very simple bug in Foxit Reader for Mac and Linux (From here on, just Foxit Reader). The vulnerability was caused by improper file permissions granted on core Foxit Reader's files on Linux and Mac systems. An attacker with a low privilege access could've exploited this vulnerability to elevate their privileges, execute commands as a higher privileged user, or both.

    The version affected were:

    Foxit Reader for Mac 2.1.0.0804 ...
    Tags: -1' Add / Edit Tags
    Categories
    Uncategorized
  6. Command Injection in #Google for which I got 6000$

    Hey all ,

    Few months back I found a command injection bug in Google Cloud shell

    Since the title goes by the name "command injection" , you all might be thinking it as "normal Command injection which affects servers" but this vulnerability is quite different.
    We can put this in different way as "Client Side command injection".

    Lets get into the finding

    While I was testing "console.cloud.google.com" ...

    Updated 03-16-2016 at 02:08 PM by 41.w4r10r

    Categories
    Uncategorized
  7. Crack Password from Salted Hash

    Hi ya,

    I have some work to do. I have some salted hashed files from the dump MySql database. I need to crack the password from the salted hashed files. I have used hashcat, findmyhash and many more other things to crack but unsuccessful. So need your help. If anyone can help me, i will really appreciate this. I only have one day left. Here is the salted :
    2834da08d58330d8dafbb2ac1c0f85f6b3b135ef
    92e54f10103a3c511853c7098c04141f114719c1
    437fbc6892b38db6ac5bdbe2eab3f7bc924527d9 ...
    Categories
    Uncategorized
  8. CVE-2015-2652 – Unauthenticated File Upload in Oracle E-business Suite.

    Quote Originally Posted by [s] View Post
    During my regular job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be easily used to upload files on the web-server and also an attacker can flood the hard-disk of the server,thus making it easier for an attacker to leverage the vulnerability remotely.

    Oracle released Critical Patch Update containing security fixes for the Oracle E-Business Suite. This vulnerability is remotely
    ...
    Tags: zap Add / Edit Tags
    Categories
    Uncategorized
  9. How to Bypass iPhone 6+ IOS 8.3 Emergency Call

    Hello Guys, After several days I was busy at work, I come back with a new subject which you can see on top of this text. Before I start, I’ve to say my IOS is updated and version is 8.3. Keep reading to know more.

    I don’t want make it hard to be understood, so I explain it basic and fast. All you need to do is to turn on WiFi or mobile internet data and lock the screen, as you can see, iPhone just let you to call emergency numbers [example: 911]. Now you hold the “Home” button and ...
  10. Google Bug: Gmail 2-Step Verification Detector

    Hello world! [ Including People , Robots, Zombies Dariush & Arash, Alien dudes if they exist, and my friends ], By the way, I decided to write about a Gmail Bug. It’s not a vulnerability of Gmail but it’s some kind of bug let us know if we hack a Gmail, we can login it or not without alert the Gmail owner. I talking about 2-Step verification, Imagine to grab a Gmail password and not be sure to login or not , victim might be use Gmail SMS auth service and when you click login, Google send victim ...
    Categories
    Uncategorized
Page 1 of 14 12311 ... LastLast