TAG | Exploits
10
Jarlsberg – Web Application Exploits and Defenses
2 Comments · Posted by inSecure in General Hacking, General News, Hacking Tools, Security Software, Web Hacking
Jarlsber
A aparut un nou tool, creat chiar de ‘marele’ Google.
Ce ofera acest tool?!
Learn how hackers find security vulnerabilities!
Learn how hackers exploit web applications!
Learn how to stop them!
This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application. Specifically, you'll learn the following:
How an application can be attacked using common web security vulnerabilities, like cross-site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF).
How to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.
To get the most out of this lab, you should have some familiarity with how a web application works (e.g., general knowledge of HTML, templates, cookies, AJAX, etc.).
O sa il incerc si eu, dupa licenta, ca deocamdata nu am timp. Daca ati reusit sa il testati voi, va rog dati-va cu parerea, sa stiu daca merita sa il incerc.
Apropo, NU sunt fan Google.
Website: http://jarlsberg.appspot.com/
Download: http://jarlsberg.appspot.com/jarlsberg-code.zip
Exploits · hackers · hacking games · how to hack · learn to hack · security tool · vulnerabilitati · vulnerbilities
FreeBSD Local Root Escalation Vulnerability
Da, a aparut si exploit de FreeBSD. De mult nu am mai vazut asa ceva, poate pentru ca nu prea e asa de folosit, si mai greu de configurat.
Ce face acest exploit?!
Pai ‘te face’ root, daca ai acces local la acel sistem.
Cum?
Pai daca gasesti vreo vulnerabilitate pe aplicatia web, sau ai acces ssh.
OFFtopic: i’m back.
Sursa: The Register
Exploits · FreeBSD exploit · FreeBSD local root · FreeBSD local root exploit
Cand navigam si eu pe internet si ma uitam de exploit-uri noi (o pasiune de a mea 
) am descoperit ca exista exploit remote pentru browser-ul Opera (era versiunea 9.61).
Eu tip destept ce sunt m-am grabit sa imi fac update-ul, sa iau versiunea 9.62. Zis si facut , in cateva minute aveam Noul Opera (patchuit ,9.62) ,dar spre surpriza mea observ un RSS feed ( de la milw0rm ) ca a aparut un exploit remote de 9.62. Intru din nou pe site (in aceiasi zi s-a intamplat totul) si ce sa vad ??
chrome · Exploits · google · hacking · milw0rm · opera · POC · remote exploit · xss · xss vuln · yahoo
Am gasit nu de mult pe internet un tool numit WebGoat . Este foare interesant pentru ca zice ca ne invata cum sa “sparge/securizam ” aplicatii web . ( “WebGoat is a deliberately insecure J2EE web application designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application” )
(more…)
Exploits · hack · hacking · hacking tool · securitate · security tool · tool · tools · vulnerability · webgoat
