Hidden iframe injection attacks | Structured Randomness [Updated on October 27, 2009 with new a version of the script] It is a shame that after all those posts about security, some of my websites were under attack today. Shoban and Anand emailed me about this today morning (Thanks guys) and I tried to understand what was going on. All the index.* files in the server were infected with a piece of code that loaded a hidden iframe in the page. To the html pages the following piece of code was added: To php pages it added: echo “<iframe src=\” Asha took the effort and cleaned most of the infected files. How did the worm inject the hidden iframes to my files? There are two ways through which the worm is believed to infect your files: 1) Server is compromised This is the most common way. 2) Client side FTP The worm resides in some/any of the client side PCs you use for accessing the ftp/control panel accounts of your hosting server. How can I recover from a hidden iframe injection attack? Here are a few tips that might help you:
Conway's Game of Life SecurityXploit: Pentest web-sorrow - Linux Am Saturday, 19. May 2012 im Topic 'Pentest' A perl based tool used for checking a Web server for misconfiguration, version detection, enumeration, and server information. I will build more Functionality in the future. what is's NOT: Vulnerably scanner, inspection proxy, DDoS tool, exploitation framework. basic: perl Wsorrow.pl -host scanme.nmap.org -S look for login pages: perl Wsorrow.pl -host 192.168.1.1 -auth CMS intense scan: perl Wsorrow.pl -host 192.168.1.1 -Ws -Cp all -I most intense scan possible: perl Wsorrow.pl -host 192.168.1.1 -e -ua "I come in peace" Do Permalink HackBar 1.6.1 - Add-on Am Friday, 4. This toolbar will help you in testing sql injections, XSS holes and site security. Dow " # Load url ( alt a ) This loads the url of the current page into the textarea. Permalink maxisploit-scanner Am Monday, 30. This tool has three purposes : 1. 3. 4. X-Scan
Help! Some idiot partitioned my giant hard drive! - Download Squad Steve, a loyal DS reader, left this comment on my listing of five apps to clone hard drives: "Some idiot (my friend) partitioned my 1TB drive @ 10gb just to start me off and I can't do anything. I have partitioned/formatted the rest of my drive and cloned onto the new partition but I can't get rid of my C drive to use my new partition as my main drive. Any suggestions? Please help." Ah, yes. Now what? Easeus Partition Manager Home Edition is probably the easiest free software to use, and the option I'd recommend to most casual users. Parted Magic is another great option. Burn it to a disk and force your computer to boot to the CD (on many mainboards hold F8 or F11 at the POST screen will invoke a boot selection menu, but check your motherboard manual to be sure). Boot with either of these, delete your 990gb partition, and expand the 10gb c: partition to whatever size you like. Good luck, Steve! Tags: askdls, freeware
Ophcrack Robert Burke's MSDN Weblog : Adventures in XNA 6: A Wii Flock of Boids Here's a flock of butterflies, brought to you in XNA, which can soar around their environment with the help of the Wii controller. By tilting and rolling the Wiimote, you can control the flight of the lead butterfly. The rest of the flock sticks together, chasing you wherever your accellerometer-fuelled flights of fancy take you. All the butterflies, including the one controlled by the Wiimote, avoid collisions with eachother, as well as with the features of the environment. [Update: After showing this demo at my Last Stand in Dublin, I posted an updated version of this blog entry on my new blog.] How it's done WiiMote Control: I integrated the Wii controller using the Managed Library for Nintendo's Wiimote which I found through Coding4Fun. I am now using the EPoX BT-DG05A Bluetooth USB Dongle. Once I got the Wiimote talking to my PC, having Wii input is very, very, very, very cool. Future Stuff XNA Refresh Available I'd love to publish this game so that you can check it out yourself.
Offensive Computer Security Home Page (CIS 4930 / CIS 5930) Spring 2014 - Vimperator Instructors Prof. Xiuwen Liu (homepage: W. Owen Redwood (homepage: Course Time and Location Mondays and Wednesdays (Not Fridays) at 3:35PM-4:50PM, HCB 0216. This web site contains the up-to-date information related to this class such as news, announcements, assignments, lecture notes, and useful links to resources that are helpful to this class. Office Hours Prof Liu - Tuesdays and Thursdays from 11AM - 12noon LOV 166(Love building). Also available is Joshua Lawrence - Tuesday and Thursdays from 2PM-3PM in LOV 167. Rationale: The primary incentive for an attacker to exploit a vulnerability, or series of vulnerabilities is to achieve a return on an investment (his/her time usually). License This work is licensed under a Creative Commons license.
Stellarium your own free planetarium » gHacks tech news Men has been looking to the stars right from the beginning of time, and this tradition is still very much alive in our modern world, although for slightly changed reasons. Still, the fascination is very much alive and it is only natural that computers come to our aid to assist us in our desire to explore space. After the download of Stellarium finishes (Windows, Mac and Linux version available) you may start the application to take a first look at the star map it makes available. I took a look from Paris, not sure if this is the default for everyone though. You may change the location from where you are looking at the sky to almost any place on earth. Stellarium is a fantastic application that lets you explore the stars and learn about them at the same time,but also by displaying beautiful images. The computer planetarium has been updated throughout the years and ships with impressive features as of August 2012. Tips Keyboard shortcuts are available to speed up certain operations.
Cryptocat QLiner Makes Hotkeys Drag-and-Drop Easy - Download Squad by Lee Mathews on August 14, 2008 at 03:00 PM I've used plenty of hotkey applications, but none is as visually appealing or easy to configure as QLiner. Download and install QLiner, launch it, and then press win + z to open the main window (above). New hotkeys can be added by simply dragging a shortcut from your desktop onto a key - it even works with URLs from your browser. More than just a launcher, QLiner first tries to match your hotkey with a running application. If it finds a match, it'll bring that window to the front instead of spawning a new process. QLiner also has built-in layouts that are tailored for Sony, IBM, Toshiba, and Dell laptop keyboards. Its 45mb memory footprint is a tad on the bulky side, but it's easy to overlook because of QLiner's ease-of-use and flexibility. [ via Cybernet ] Tags: freeware
Essential Wireless Hacking Tools By Daniel V. Hoffman, CISSP, CWNA, CEH Anyone interested in gaining a deeper knowledge of wireless security and exploiting vulnerabilities will need a good set of base tools with which to work. Fortunately, there are an abundance of free tools available on the Internet. Finding Wireless Networks Locating a wireless network is the first step in trying to exploit it. Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. (NetStumbler Screenshot) Kismet – One of the key functional elements missing from NetStumbler is the ability to display Wireless Networks that are not broadcasting their SSID. (Kismet Screenshot) Attaching to the Found Wireless Network Once you’ve found a wireless network, the next step is to try to connect to it. Airsnort – This is a very easy to use tool that can be used to sniff and crack WEP keys. (Screenshot of Airsnort in Action) (coWPAtty Options Screenshot) (ASLeap Options Screenshot)
SBaGen -- Binaural Beat Brain Wave Experimenter's Lab Intro | Mailing lists | Downloads | FAQ | TODO Intro Welcome to the world of Binaural Beats! The theory behind binaural beats is that if you apply slightly different frequency sine waves to each ear, a beating affect is created in the brain itself, due to the brain's internal wiring. Here is a table from Calleman on how brain-wave frequencies relate to Earth layer boundary resonant frequencies: It is also possible to produce mixtures of brain waves of different frequencies by mixing binaural tones, and in this way, with practice and experimentation, it is reportedly possible to achieve rather unusual states, such as out-of-body stuff, and more. I should add that I have only read about the more advanced and unusual uses (OOBEs and so on). So, SBAGEN is my utility, released as free software (under the GNU General Public Licence) for Linux, Windows, DOS and Mac OS X, that generates binaural tones in real-time according to a 24-hour programmed sequence read from a file. Downloads Community More:
The TCP/IP Guide The TCP/IP Guide Welcome to the free online version of The TCP/IP Guide! My name is Charles and I am the author and publisher. I hope you will find the material here useful to you in your studies of computing, networking, and programming. Here are a few tips, links and reminders to help you out: Introduction: Newcomers to The TCP/IP Guide may wish to read the Introduction and Guide to the Guide, which will explain what the Guide is about and provide you with useful information about how to use it. Last but definitely not least: this site is provided as an online reference resource for casual use. If you like The TCP/IP Guide enough to want your own copy in convenient PDF format, please license the full Guide. Thanks again and enjoy the site! Charles Home - Table Of Contents - Contact Us