Thursday 29 December 2011

[REPOST] Sudo as an access control is universally stupid!

... From my old blog (yes, finally importing my old posts while I create new ones)

>> original post  HERE


Poorly set SUDO privs can REALLY ruin your day.


We have made a user (fuck) with a password of (fuck) and given the silly fucker access to "less" via SUDO.


Now lets REALLY ruin the sysadmins life, by giving FUCK root with a few commands!


See the video - it shows how it works :D




original video (better quality) -- video here
Posted by at 07:07 1 comments

Wednesday 28 December 2011

Perl GET SQL Injection Exploit Template

http://pastebin.com/raw.php?i=fq8b0EmR

So I am working on making templates for SQL Injection, etc, exploits to standardize my bugs out of sheer boredom. Here is the GET template so far... Maybe I shall make something to auto-fill-in-the-blanks? Kind of an "exploit builder"?

Dunno, depends if I could be bothered...
Posted by at 08:31 0 comments

Eircom Netopia Router Pwnage! Video + Original Advisory!


Original Advisory by NetCat: http://packetstormsecurity.org/files/99769/eircom-backdoor.txt
Passwords? What fuckin password!
http://packetstormsecurity.org/files/91948/netkeys.tar.gz
http://packetstormsecurity.org/files/22458/defaultpasswords.txt
Posted by at 07:51 0 comments
Labels:

Tuesday 20 December 2011

Watch out - many posts coming

ok. I am about to grab ALL my old blog material and repost it, as I do not wish to have it vanish. Videos are being mirrored as are posts, to this new account (old one is seized, probably forever...).

Expect a flurry of tweets and blog posts as I mirror stuff :)
Posted by at 13:12 0 comments

Monday 19 December 2011

Bobby Tables.py v1.2 Unleashed!



So, after my experiment with automating SQL injection - Database dumping automation back in my blackhat days, I decided to dig up my old code and revamp it for todays needs of people who, err, wish to dump tables :)

It has TOR support/Proxy support, and when ran lists tables that you can dump :) Sometimes it offers an "all" mode (sometimes... unreliable) and it TRIES to give you an ETA. It was partially written by Trollpoll (the original) and I will continue to develop it over time.

Bobby Tables v1.2
Pastebin Mirror
Posted by at 08:04 0 comments

Wednesday 14 December 2011

Downtime :(

Seems everything on shells.tor.hu is down, but only the webserver end. Perhaps a reverse proxy along the way broke, but I hope that it can be fixed as soon as possible :)
Posted by at 01:56 0 comments
Labels:

Monday 12 December 2011

Site is updated!

Hey! The site I run at has been updated! Now has the services page (I offer reverse engineering services), the Projects page (check it out) and the legal page... Along with some other!

Link to site! Infodox Homepage

I made a Youtube video on the HideMAC project in use, here it is!

Posted by at 07:20 0 comments
Labels:

Thursday 8 December 2011

Software Release: HideMAC v1.5

Howdy,
First post on this blog, and here it is: a quick overview of HideMAC.

HideMAC is a simple, easy to use MAC changing program in Python for Linux systems. It uses both GNU-MACCHANGER and ifconfig to change MAC. It must be ran as root.

Also, it currently depends on Aircrack-ng suite for WiFi card detection...


Anyway, read the src and you will see how she rolls :)

SOURCE CODE!! - -  HideMAC 1.5
Posted by at 17:02 0 comments
Labels:
Subscribe to: Posts (Atom)