Upgrade MySQL in DirectAdmin
Step 1. Do a server backup. shit things can go wrong
Step 2.
[cc lang="bash"]cd /usr/local/directadmin/custombuild
nano options.conf[/cc]
Modify the following in options.conf:
[cc lang="bash"]mysql=5.1
mysql_inst=yes
mysql_backup=yes[/cc]
Where mysql= can be 5.1, 5.0 or 4.1.
Step 3. Save/exit, then type:
[cc lang="bash"]./build mysql[/cc]
After the mysql update, always recompile php.
[cc lang="bash"]./build php n[/cc]
Facebook – Session sidejacking – PoC
Recently, there was a vulnerability discovered in LinkedIn, which is
described here http://www.wtfuzz.com/blogs/linkedin-ssl-cookie-vulnerability/
Basically, this allows someone in network to sniff a cookie value and
apply it in his browses session to hijack the target's user session.
This simple concept even works even in Facebook. I was able to hijack
n number of user's session sitting in my university room in few
minutes.
For every POST request in facebook, similar cookie string is transmitted:
Cookie: datr=09bXXXQ2oOgQuUK0yAzK_JU9; lu=wgj9pmpkAsdXXXTp5vthfh2w;
locale=en_US; L=2; act=13078123502562F3; c_user=xxxxxx;
sct=1123416461; xs=603Afe43db8a71239bd8d7b2a831xxx6241f;
presence=EM307818375L26REp_5f123422481F22X3078XXX1367K1H0V0Z21G307818375PEuoFD769839560FDexpF1307818409174EflF_5b_5dEolF-1CCCC;
e=n
I was able to hijack the remote user's session by just placing the
value of 2 cookies: c_user (which is obviously user id) and xs (seems
like auth token) in my browser session.
Step by step POC:
http://madhur.github.com/blog/2011/06/12/facebooksessionhijacking.html
Cookie: datr=09bXXXQ2oOgQuUK0yAzK_JU9; lu=wgj9pmpkAsdXXXTp5vthfh2w;
locale=en_US; L=2; act=13078123502562F3; c_user=xxxxxx;
sct=1123416461; xs=603Afe43db8a71239bd8d7b2a831xxx6241f;
presence=EM307818375L26REp_5f123422481F22X3078XXX1367K1H0V0Z21G307818375PEuoFD769839560FDexpF1307818409174EflF_5b_5dEolF-1CCCC;
e=n
Is this how it works in all social sites ?
If the answer is yes, I will be highly doubtful of using internet at
any public place where sniffing or MITM attack is relatively simple to
make.
Are there any measures to prevent it ?
Madhur
http://madhur.github.com
SecretSync – client-side encryption for DropBox
How it helps
Now you can safely sync your confidential files. SecretSync uses client-side encryption to give you absolute privacy and control over your data.
How you can use it
Secure synchronization
SecretSync is a great way to easily share proprietary, sensitive information using online synchronization utilities like Dropbox.
Offsite backup
Even if you're not synchronizing, you can still use SecretSync to create an instant, secure, offsite backup. You can use it to backup financials, tax info, or any sensitive personal and business information you may have.
How it works
New! See the Getting started guide for more details.
We add an additional folder to your computer, a SecretSync folder. Anything that gets put in SecretSync is encrypted and then added to Dropbox to be synchronized to your other computers.
Before your files are synchronized by Dropbox to your other computers, they're encrypted with 256-bit AES encryption, using a key to which only you have access. The files are only decrypted on the other end — that is, on your other computers.
Your files are always encrypted when online. This means that before your files leave the computer you physically control and own, they're encrypted. They stay encrypted while being synchronized, until they're back in your physical control.
HTTP parameter pollution vulnerabilities in web applications
HTTP PARAMETER POLLUTION VULNERABILITIES IN WEB APPLICATIONS // MARCO BALDUZZI
While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded query string delimiters into other existing parameters. If a web application does not properly sanitize the user input, a malicious user can compromise the logic of the application to perform either client-side or server-side attacks. This talk analyzes HTTP Parameter Pollution and presents the first automated system for the detection of HPP flaws in real web applications. We used this system to conduct a large-scale experiment by testing more than 5,000 popular websites and discovering unknown HPP bugs in many important and well-known sites such as Microsoft, Google, VMWare and PayPal. In this presentation we will describe the details of the architecture and of the algorithms we implemented to efficiently detect HPP vulnerabilities. We will conclude by discussing the HPP phenomenon and giving suggestions on how to prevent this novel class of injection vulnerabilities in future web applications.
add WordPress Social Buttons from code – identi.ca, facebook like, twitter and google plus one
I came across a lot of stupid plugins that were suppose to do this but didn't so... I ended up writing this 
hope it helps
Add this in header.php
[cc lang="html"][/cc]
[cc lang="php"][/cc]
Add this before ^
For twitter button:
[cc lang="html"]Tweet[/cc]
//change data-via variable
For google +1
[cc lang="html"]
For facebook recommend button:
[cc lang="html"][/cc]
if you like the classic like button change layout variable to standard
For identi.ca button
[cc lang="html"]ID)); ?>">[/cc]
change http:/urltourpng.com/identica.png to a valid one
phpvirtualbox manage your virtual machines from anywhere how-to
Phpvirtualbox is web-based AJAX administration interface that allow more easily to manage and control VirtualBox virtual machines from any web browser. Some features present on Phpvirtualbox are: (Start / Stop VMs, Snapshots: Take Snapshot, Delete Snapshot Restore Snapshot. Import / Export Virtual Machines ). This guide explains how to successfully install Phpvirtualbox and run your VirtualBox instances.
Read the full tutorial here
interesting papers on malware, botnets, antivirus and security
Alex Kirk - Characteristics and detection of HTTP C&C.pptx 25-May-2011 13:12 1.0M
Andrei Saygo and Patrik Vicol - How to stop the Daemon.ppsx 25-May-2011 12:35 640K
Anoirel Issa - Polymorphism and anti anti-virus techniques - A look at recent malware trends.pdf 05-May-2011 08:26 568K
Anthony Bettini - (In)security in URL shortening and redirection services.pptx 23-May-2011 10:13 1.2M
Christine Bejerasco - Building a reputation - A session with a website shrink.pptx 25-May-2011 13:07 2.8M
Chun Feng - The shellcode storm caused by the butterfly effect.pptx 25-May-2011 13:09 3.2M
Daniel Radu and Bruce Dang - Shellcode analysis using dynamic binary instrumentation.pdf 25-May-2011 12:58 521K
DonatoFerrante - Java malware.pdf 03-May-2011 23:14 6.7M
Igor Muttik - Keynote address - Ubiquitous malware and ubiquitous AV.pptx 25-May-2011 13:08 7.2M
Jindrich Kubec and Jiri Sejtko - Grabbing the PDF by the tail.PDF 25-May-2011 12:32 2.6M
Jose Miguel Esparza - Obfuscation and (non-)detection of malicious PDF files.PDF 20-May-2011 10:55 1.1M
Jui-Chieh Wu and Ray Liao - Building world-wide domain reputation.pptx 25-May-2011 13:33 5.3M
Mikel Gastesi - Banking fraud evolution - New techniques in real fraud cases.ppt 25-May-2011 13:21 4.6M
Richard Ford - Hardening the net - Building a new platform for security.pptx 25-May-2011 13:22 725K
Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov - Cybercrime in Russia - Trends and isues.pdf 25-May-2011 13:10 2.5M - must read
Robert Sandilands - Scaling a viruslab.PDF 03-May-2011 02:30 676K
Stephan Chenette - Fireshark v2 - An analysis toolkit for malicious web sites.html
Windows 7 USB/DVD Download Tool
An update to create a windows 7 usb install stick
The official tool from Microsoft link
search for a specific installed hotfix on a windows server
You can search for a specific installed hotfix on a windows server using the following command:
[cc lang="dos"]wmic qfe list full | findstr KB123456[/cc]
change 123456 to fit your needs
Export the full list of install updates to a htm file:
[cc lang="dos"]wmic qfe list full /format:htable >C:hotfixes.htm[/cc]
and get some MAC
[cc lang="dos"]wmic nic get macaddress,description[/cc]
Solving Lotus Domino Backup Exec unable to attach to a resource. V-79-57344-33932 – Unable to attach to a resource
V-79-57344-33932 - Unable to attach to a resource. Make sure that all selected resources exist and are online, and then try again. If the server or resource no longer exists, remove it from the selection list. Edit the selection list properties, click the View Selection Details tab, and then remove the resource.
Disclaimer
Categories
- android (1)
- antivirus (1)
- backup (1)
- backup exec (2)
- bruteforce (6)
- conference (2)
- CRSF (2)
- DirectAdmin (1)
- DoS (11)
- enumeration (2)
- Fără categorie (2)
- flash (2)
- Fuzzer (2)
- games (1)
- hacking (116)
- how-to (32)
- Information gathering (2)
- lfi (3)
- linux (27)
- mobile (1)
- ms exchange (2)
- News (2)
- Phishing (1)
- php (1)
- rdp (1)
- rfi (5)
- rootkit (1)
- scripts (33)
- seo (1)
- sniff (3)
- social engineering (2)
- source code (33)
- sqli (16)
- ssh (2)
- symantec (3)
- tools (73)
- tutorials (20)
- tutorials (1)
- Uncategorized (7)
- vranger (1)
- windows (12)
- wireless (1)
- wsus (1)
- xpath (1)
- xsrf (1)
- xss (12)
