Vulnerability23 728x90 Wget FTP Symlink Attack Vulnerability http://thehackernews.com/2014/10/cve-2014-4877-wget-ftp-symlink-attack.html [Bug-wget] GNU wget 1.16 releasedIt is available for download here: ftp://ftp.gnu.org/gnu/wget/wget-1.16.tar.gz ftp://ftp.gnu.org/gnu/wget/wget-1.16.tar.xz and the GPG detached signatures using the key E163E1EA: ftp://ftp.gnu.org/gnu/wget/wget-1.16.tar.gz.sig ftp://ftp.gnu.org/gnu/wget/wget-1.16.tar.xz.sig To reduce load.. 2014. 10. 31. Bash Vulnerability Code Injection Attack bash_ld_preload.c#include #include #include static void __attribute__ ((constructor)) strip_env(void); extern char **environ; static void strip_env() { char *p,*c; int i = 0; for (p = environ[i]; p!=NULL;i++ ) { c = strstr(p,"=() {"); if (c != NULL) { *(c+2) = '\0'; } p = environ[i]; } } Compile it:gcc bash_ld_preload.c -fPIC -shared -Wl,-soname,bash_ld_preload.so.1 -o bash_ld_preload.so Copy ba.. 2014. 9. 25. sptoolkit : Simple Phishing Toolkit The spt project ( sptoolkit ) is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Organizations spend billions of dollars annually in an effort to safeguard information systems, but spend little to nothing on the under trained and susceptible minds that operate these systems, thus rendering most technical protections instantly ine.. 2012. 9. 7. WiFi Protected Setup PIN brute force vulnerability OverviewThe WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack. A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct. The lack of a proper lock out policy after a certain number of failed attempts.. 2012. 1. 4. PHP Vulnerability Hunter All testing was performed on Windows XP and Vista using XAMPP. Each target application was installed, then a full scan was performed. Noteworthy log entries revealing exploitable faults are shown followed by the expoit proof of concepts and resulting advisories.Case Study 1: MODx Revolution 2.0.2-plReflected Cross-site Scripting Log EntryAlert Name: Reflected XSS GET /modx/manager/index.php?serv.. 2011. 11. 21. 이전 1 2 3 4 5 다음 728x90