General

It has General things…

Allied Telesyn TFTP Daemon 1.9 Exploit

I would love to share this exploit with you guys. There are already public exploits but none of them works under windows server 2003, but this one does. The JMP is from NTDLL.dll it’s not stable because it differ from ServicePack to another.

BugtraqID: 21320 CVE : CVE-2006-6184 Published : Nov More >

apache

Apache mod_jk v1.2.20 remote exploit

I re-wrote an exploit for apache mod_jk v1.2.20 just to see how ruby works , even though there’s already a public exploit available for it, and also there’s a metasploit module for this exploit “Some methods on this code were taken from metasploit ::thanks”

#!/usr/bin/ruby
#######################################
#apache mod_jk v1.2.20 remote exploit
#qnix[at]0x80[dot]org
#####################
#some lines in the exploitation More >
OSCP (PWB)

I Passed OSCP (PWB)!

Finally after suffering for almost two months, I’m proud to say that I have passed OSCP (PWB) course from offensive security and will receive my certificate soon! It took me 45 days to get ready for the exam, and the exam took me 12 hours out of 24 hours. I recommend everyone who’s interested in More >

MySQL

Executing commands in MySQL with it’s running privilege

Sometimes when you are pen-testing or doing what ever your doing. You get an access to a box with a normal user privilege and you have an access to mysql as a root user, or the mysql root’s password is blank. You think you can’t execute commands on the box More >

Metasploit

The Art of Pivoting and Enumeration

While I was pen-testing a network there was one of the boxes a Windows 7 which was connected to an internal network that I needed to reach, enumerate and PWNE.

Some information about the network

  • Pentester (me): 192.168.1.30
  • Windows 7 (the one which has access to an internal network): 192.168.1.200
  • Internal network: 10.10.10.0 / 255.255.255.0

I have all the Admin’s More >

teensy 2.0

Create your own malicious keyboard or mouse!

In this tutorial I’m going to talk about how to create your own malicious keyboard or mouse. We will be using a small programmable USB-based micro-controller called Teensy from http://www.pjrc.com/teensy/.

Specification Teensy 2.0 Processor ATMEGA32U4 Flash Memory 32256 RAM Memory 2560 EEPROM 1024 I/O 25 Analog In 12 PWM 7 UART,I2C,SPI 1,1,1

This is More >

Android Froyo

How to install Android 2.2 CN:Froyo

Google have just released Froyo ( Android 2.2) couple days ago, and the source code still not available. Hopefully, It’ll be available soon. I can’t wait to see it’s mods! Some of the new features in this release are: (more…)

google-nexus-one

Finally Nexus one!

After suffering with my lame blackberry phone, I really needed to move to something new.. something real! So I bought the N1 the God’s phone!

But I had to tune it more because I’m not satisfied with the N1 battery life, and one of my friends told me that I’m going More >

N00b!

Vids for n00bs

N00b!

I brought you a good series of videos that has a lot of useful information .

The Academy

Free videos cover everything from firewalls, penetration testing, IDS/IPS to NAC and anti-spam.

*SecurityTube

A massive database of videos related to Security/Hacking from all over the net.

* Penetration Testing and Vulnerability Analysis

This is the course website More >

SPAM!

spammimic.py

SPAM!

I wrote a new python tool that encode/decode spam messages, it operates and does it job from the spammimic.com website.  I wrote this tool so you can do your spam messages from the command-line.

Explanation of SpamMIMIC : There are terrific tools (like PGP and GPG) for encrypting your mail. If somebody along More >

12345