i was a part of infosec community for over a year. And many times i came across the people who told me about this amazing tech convention which was held in Goa march every year. This got me really excited for the NULLCON.
So i did little research about nullcon and how to get entry in this event. So i got to know that there ware passes available to get in the event. But at that time i was not able to afford the passes so i dropped the idea to go in nullcon. But later on i heard about
Updated 03-16-2017 at 09:00 PM by 41.w4r10r
Hello, I am Double Chow.The purpose of establishing WeChat Subscription is to share knowledge about cyber security ,simple but very fun that we maybe often used in daily life .Today, we share an article about cracking WIFI. The most simple way: use third party interface to crack WIFI, whcih is called the first step to break our village WIFI. In order to facilitate the application in the actual scene,I put all the operations on the phone as possible .The first step, WarDriving collect WIFI
We are glad to announce that Garage4hackers is now a community partner for Hack In The Box Security Conference
HITBSecConf2017 - Amsterdam
Early Bird Registration Closes 31st December. Register now and save!
WHEN & WHERE?
The Netherlands taking place on April 10th Ė 14th at the NH Grand Krasnapolsky in Amsterdam.
WHAT's IN IT FOR ME?
Recently, I stumbled on a very simple bug in Foxit Reader for Mac and Linux (From here on, just Foxit Reader). The vulnerability was caused by improper file permissions granted on core Foxit Reader's files on Linux and Mac systems. An attacker with a low privilege access could've exploited this vulnerability to elevate their privileges, execute commands as a higher privileged user, or both.
The version affected were:
Foxit Reader for Mac 2.1.0.0804
Hey all ,
Few months back I found a command injection bug in Google Cloud shell
Since the title goes by the name "command injection" , you all might be thinking it as "normal Command injection which affects servers" but this vulnerability is quite different.
We can put this in different way as "Client Side command injection".
Lets get into the finding
While I was testing "console.cloud.google.com"
Updated 03-16-2016 at 02:08 PM by 41.w4r10r
I have some work to do. I have some salted hashed files from the dump MySql database. I need to crack the password from the salted hashed files. I have used hashcat, findmyhash and many more other things to crack but unsuccessful. So need your help. If anyone can help me, i will really appreciate this. I only have one day left. Here is the salted :
Originally Posted by [s]
During my regular job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be easily used to upload files on the web-server and also an attacker can flood the hard-disk of the server,thus making it easier for an attacker to leverage the vulnerability remotely.
Oracle released Critical Patch Update containing security fixes for the Oracle E-Business Suite. This vulnerability is remotely
Hello Guys, After several days I was busy at work, I come back with a new subject which you can see on top of this text. Before I start, Iíve to say my IOS is updated and version is 8.3. Keep reading to know more.
I donít want make it hard to be understood, so I explain it basic and fast. All you need to do is to turn on WiFi or mobile internet data and lock the screen, as you can see, iPhone just let you to call emergency numbers [example: 911]. Now you hold the ďHomeĒ button and
Hello world! [ Including People , Robots, Zombies Dariush & Arash, Alien dudes if they exist, and my friends ], By the way, I decided to write about a Gmail Bug. Itís not a vulnerability of Gmail but itís some kind of bug let us know if we hack a Gmail, we can login it or not without alert the Gmail owner. I talking about 2-Step verification, Imagine to grab a Gmail password and not be sure to login or not , victim might be use Gmail SMS auth service and when you click login, Google send victim
When security researchers and hackers want to setup a self blog, the biggest stress on their head is what to do to secure their server(s) and site(s). what if someone come and naughty their server(s) ? what if server get DOS/DDOS attack when they donít have access to fix up their server(s) and they are travelling or go for business or something and they canít access their server(s) for some reason. After some years that I spent my life on information security I release that nothing canít be secure
Updated 05-29-2015 at 08:59 PM by G3n3Rall