klout.com cookie vulnerability – full disclosure – Proof of concept

5 04 2010

Today, I have discovered a vulnerability within klout.com.
This bug allows you to update other people’s stats, change their password, or their email.

The vulnerability is situated in the cookies.

To achieve the desired result, you must edit your cookies (through, for example, the firecookie plug-in for the firebug add-on for firefox)
Read the rest of this entry »

Advertisements




Apple QuickTime 7.2/7.3 — Remote Buffer Overflow Exploit — (Perl Edition )

7 01 2010

I usually don’t just go and post exploits without much explanation.
I just thought this exploit would be interesting to study since it’s a popular program.
Also, the exploit was coded before, but only in python and ruby, so since this is a perl version, it deserves to be put on here too.

This is a remote buffer overflow for QuickTime 7.2/7.3

Read the rest of this entry »





Uploading a shell to a website through Local File Inclusion [LFI to RCE]

25 12 2009

First of all, this is not my own work, i’m just spreading the word.

Original article can be found here and full credit goes out to the original author.

1 – Introduction

2 – Finding LFI

3 – Checking if proc/self/environ is accessible

4 – Injecting malicious code

5 – Access our shell

6 – Shoutz

Read the rest of this entry »





Discovering and exploiting a remote buffer overflow vulnerability in an FTP server – PART 1

28 11 2009

Hello all, in this tutorial we will learn how to identify a vulnerability in an FTP server through the process of “Fuzzing” which could lead to a DoS or Buffer Overflow vulnerability identification. In this specific part we will use FTPFuzz to crash FileCOPA and identify a vulnerability in the LIST command.

Read the rest of this entry »





Buffer overflow primer review

17 11 2009

Hello all, after a while of not updating my blog, and switching blogs, I decided to finally make a new post after all.

This post will be a review on the video tutorial series “Buffer overflow primer” by Vivek Ramachandran.

Read the rest of this entry »





New 0-Day wordpress exploit

20 10 2009

A new wordpress exploit has been discovered just recently creating a buffer overflow that will generate a lot of traffic. And I mean a LOT.

A quick temporary patch is to add these lines into your apache config file.

Read the rest of this entry »





SQLmap video tutorial and SQL injection prevention

20 10 2009

Hi all,

I just finished a small video tutorial on using SQLmap to test your web application for SQL injection and automaticly inject it.

It also shortly goes over preventing SQL injection on your website.

Read the rest of this entry »