View RSS Feed

Recent Blogs Posts

  1. HITBCONF2017 - A DEEP-KNOWLEDGE SECURITY EVENTÖ Registrations and CFP open now!

    Name:  hitbg4h.jpg
Views: 608
Size:  17.1 KB

    We are glad to announce that Garage4hackers is now a community partner for Hack In The Box Security Conference


    WHAT?

    HITBSecConf2017 - Amsterdam
    Early Bird Registration Closes 31st December. Register now and save!


    WHEN & WHERE?

    The Netherlands taking place on April 10th Ė 14th at the NH Grand Krasnapolsky in Amsterdam.


    WHAT's IN IT FOR ME?
    ...
    Tags: -1' Add / Edit Tags
    Categories
    Uncategorized
    Attached Thumbnails Attached Images  
  2. (CVE-2016-8856) Foxit Reader for Linux and Mac: Local Privilege Escalation Writeup

    Hi guys,

    Recently, I stumbled on a very simple bug in Foxit Reader for Mac and Linux (From here on, just Foxit Reader). The vulnerability was caused by improper file permissions granted on core Foxit Reader's files on Linux and Mac systems. An attacker with a low privilege access could've exploited this vulnerability to elevate their privileges, execute commands as a higher privileged user, or both.

    The version affected were:

    Foxit Reader for Mac 2.1.0.0804 ...
  3. Command Injection in #Google for which I got 6000$

    Hey all ,

    Few months back I found a command injection bug in Google Cloud shell

    Since the title goes by the name "command injection" , you all might be thinking it as "normal Command injection which affects servers" but this vulnerability is quite different.
    We can put this in different way as "Client Side command injection".

    Lets get into the finding

    While I was testing "console.cloud.google.com" ...

    Updated 03-16-2016 at 03:08 PM by 41.w4r10r

    Categories
    Uncategorized
  4. Crack Password from Salted Hash

    Hi ya,

    I have some work to do. I have some salted hashed files from the dump MySql database. I need to crack the password from the salted hashed files. I have used hashcat, findmyhash and many more other things to crack but unsuccessful. So need your help. If anyone can help me, i will really appreciate this. I only have one day left. Here is the salted :
    2834da08d58330d8dafbb2ac1c0f85f6b3b135ef
    92e54f10103a3c511853c7098c04141f114719c1
    437fbc6892b38db6ac5bdbe2eab3f7bc924527d9 ...
    Categories
    Uncategorized
  5. CVE-2015-2652 Ė Unauthenticated File Upload in Oracle E-business Suite.

    Quote Originally Posted by [s] View Post
    During my regular job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be easily used to upload files on the web-server and also an attacker can flood the hard-disk of the server,thus making it easier for an attacker to leverage the vulnerability remotely.

    Oracle released Critical Patch Update containing security fixes for the Oracle E-Business Suite. This vulnerability is remotely
    ...
    Tags: -1', zap Add / Edit Tags
    Categories
    Uncategorized
  6. How to Bypass iPhone 6+ IOS 8.3 Emergency Call

    Hello Guys, After several days I was busy at work, I come back with a new subject which you can see on top of this text. Before I start, Iíve to say my IOS is updated and version is 8.3. Keep reading to know more.

    I donít want make it hard to be understood, so I explain it basic and fast. All you need to do is to turn on WiFi or mobile internet data and lock the screen, as you can see, iPhone just let you to call emergency numbers [example: 911]. Now you hold the ďHomeĒ button and ...
  7. Google Bug: Gmail 2-Step Verification Detector

    Hello world! [ Including People , Robots, Zombies Dariush & Arash, Alien dudes if they exist, and my friends ], By the way, I decided to write about a Gmail Bug. Itís not a vulnerability of Gmail but itís some kind of bug let us know if we hack a Gmail, we can login it or not without alert the Gmail owner. I talking about 2-Step verification, Imagine to grab a Gmail password and not be sure to login or not , victim might be use Gmail SMS auth service and when you click login, Google send victim ...
    Categories
    Uncategorized
  8. How to Setup Secure Website for Hackers

    When security researchers and hackers want to setup a self blog, the biggest stress on their head is what to do to secure their server(s) and site(s). what if someone come and naughty their server(s) ? what if server get DOS/DDOS attack when they donít have access to fix up their server(s) and they are travelling or go for business or something and they canít access their server(s) for some reason. After some years that I spent my life on information security I release that nothing canít be secure ...

    Updated 05-29-2015 at 09:59 PM by G3n3Rall

    Tags: linux, php, python, service, waf, zap Add / Edit Tags
    Categories
    Uncategorized
  9. Commix : Automated All-in-One OS Command Injection and Exploitation Tool

    Quote Originally Posted by plage View Post
    Hello all, It recently came to my attention a command injection exploitation tool, which has the name commix ( 1 ) and by using it, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or string.

    Commix seems to be a great command injection tool which successfully exploits many vulnerable applications such as DVWA, bWAPP, ShelLOL, Persistence, Kioptrix(2014), w3af-moth etc.

    I found references on that tool in many sites,
    ...
    Categories
    Uncategorized
  10. WordPress Plugin Ė Revslider update captions CSS file critical vulnerability

    Today being another day at work for SecureLayer7 to recover our clientís defaced website, and bang I think I hit upon a nasty vulnerability of a famous plugin.

    Although we successfully patched the vulnerability and we fixed the undoing of the blacklisting. On further research I stumbled upon its usage over the internet and as it turns out large number of web users online are affected, putting them to greater risk if not mitigated with a proper patch or an update.

    Following ...
    Attached Thumbnails Attached Images  
Page 1 of 14 12311 ... LastLast