CVE Certified

WordPress TimThumb Exploitation

12th August 2011 - by MaXe

Exploit DatabaseWordPress is one of the worlds biggest blogging platforms and can be easily extended with vulnerable add-ons to support a variety of functions – from CMS’s to stores and pretty much anything in between. Within some web applications, themes may contain variables that refer to dynamic elements while in others, like WordPress, insecure PHP files used for caching and resizing images are surprisingly quite common.

vbSEO – From XSS to Reverse PHP Shell

31st January 2011 - by MaXe

XSS is not a big deal, or is it? On many occasions, I’ve seen this vulnerability being classified as useless, not serious, and being a low threat. What I’ve always had in mind is that it’s only the capabilities of the browser, and the hackers mind which sets the limit for a XSS attack.

Owned and Exposed

25th December 2010 - by admin

There’s nothing like having your butt kicked Christmas morning, which is exactly what happened to us today. We were owned and exposed, in true fashion. Initially, the inj3ct0r team took “creds” for the hack, which quickly proved false as the original ezine showed up – and now inj3ct0r (their new site) is no longer online. As a wise Chinese man once said: “do not anger one who has shell on your server”. The zine also mentioned other sites, as well as the ettercap project being backdoored.

We are currently cleaning out our systems and analyzing the attacks – thankfully, the compromise was limited to non root access, and other than our egos, the damage is not severe. To the “owned and exposed” guys, we have a couple of things to say:

1) Thanks for not rm’ing us.

2) The irony of posting your zine in our “papers” section is not lost on us.

Merry Christmas to you all, and a happy new year!

Google Hacking Database Updates

20th December 2010 - by dookie2000ca

GHDB

Since we took up the torch of the Google Hacking Database from Johnny Long, we have introduced some changes that we feel provides a great deal of added value to our database of dorks. To make it easier for our visitors to identify changes in the database, there is a ‘New’ graphic that will appear next to a category name where new entries have been added.

Bypassing UAC with User Privilege under Windows Vista/7 – Mirror

26th November 2010 - by admin

Introduction

I would like to present an exploit of an ambiguous parameter in Windows kernel API that leads to buffer overflows under nearly every version of Microsoft Windows, especially one that can be used as a backdoor to Windows user privilege system as well as User Access Control.