Posts tagged Security
Nmap Scripting Engine Usage Examples
1
Nmap, who doesn’t know this tool? I’m sure you already know and use it. As a computer users, especially system administrator, performing these kinds of checks is crucial, because a lot more damage can be done by a worm or a hacker using this vulnerability than by a scanner. Well this time, I would like to share about Nmap features, the NSE scripts. For those who do not have Nmap , you can download and install it first by following commands below : (more…)
Newbie Guide To Basic Web Applications Hacking
0
In this simple article, we will discuss the vulnerabilities, and what goes wrong with the developers, and some ways to exploit and how to maintain it. :D
Things you should know before :
Vulnerability : a security hole, can be exploited to change the way the webapp / software works / functions.
CMS : Content Management System. Such as forums uses DataBases to store the info like users, posts, threads, messages and so on, its usually / mostly a MySQL server.
RFI [ Remote File Inclusion ] : a malicious user can include a ‘bad’ code to be executed on the vulnerable site.
LFI [ Local File Inclusion ] : a malicious user can open any file on the server.
SQL Injection : Injecting a MySQL query to bypass or get more info from a Database.
XSS [ Cross Site Scripting ] : if it was a permanent vulnerability, where the users input is saved, the user can log cookies, IP, and much more…
Exploit : a script made to maliciously use a vulnerability. (more…)
PHP Admin Location Lookup
0
Program Name : PHP Admin Location Lookup
Program Language : PHP
Author : Christian Ditaputratama
License : Open Source, FREE for FREEDOM under GNU GPL License.
Concept : Admin location finder for single site, optionally dump scan result to text file.
Disclaimer : This script are often used solely for informative, educational purposes only. Author cannot be held responsible for any damage and (or) (ab)use of these script.
Please submit changes of the script so other people can use them as well. This script is free to use, don’t abuse. (more…)
Spam Email Attack Containing Malware That Pretends To Be Facebook Support
4
When I open my email in junk folder, I found an email with subject “Facebook Support. Your account is blocked. ID961″ from”Facebook Support” which includes a file named “Facebook_document_Nr0591.zip” attached which carries a Trojan horse.
And the contents of the email are as follows: (more…)
Another Facebook Phishing Site Found
0
Someone request for a friend on my Facebook, and when I check his Facebook profile, my attention goes to his Website URL: http://www.sang****dewa.hyperphp.com/confirmation
There is ‘confirmation‘ directory on his website structure. Wow, I’ve been suspicious of such websites, and my guess was correct. This is a Facebook phishing.
For those not know what a phishing attack, please take a look for their own means on google =) (more…)
Christian Ditaputratama
First, you need to chmod +x ./install.sh so it can be executable. Then you need to be "root" to install them.
Eg : sudo ./install.sh
:D
2 months ago
sutoro
help me ....
intall show
bash: ./install.sh: Permission denied
2 months ago
Richard
Awesome! Well done dude.
3 months ago
Torby
i did open the mail but did not download the attachment & deleted the mail
will i get infected?????
3 months ago
Ramonita
Advantageously, the write-up is in reality the freshest topic on this associated problem. I fit in together with your conclusions and will […]
3 months ago
