Oct 31, 2009

ITS Wallpaper


Oct 26, 2009

Router Hacking

Router Hacking Part 1


Router Hacking Part 2


Router Hacking Part 3


Router Hacking 4

Router Hacking 5


Router Hacking 6


# ITS ©
# 2008 - 2009

Oct 18, 2009

Metasploit MSSQL Payload Delivery




Module added to MSF for delivering payload through MSSQL.
Payload HERE


# ITS ©
# 2008 - 2009

Oct 4, 2009

Deploying Metasploit as a Payload on a Rooted Box



# ITS ©
# 2008 - 2009

Cain and Abel Malformed RDP File Buffer Overflow



Cain and Abel is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects Cain & Abel 4.9.24 and prior versions.
This is an example of how security and hacking tools themselves might be vulnerable to attack. You can download the exploit code from Milw0rm.


# ITS ©
# 2008 - 2009

Google.com Universal redirect maker

Video : View Here

PHP Script : Download Here

# ITS ©
# 2008 - 2009

Microsoft IIS FTPd NLST Remote Buffer Overflow



Microsoft IIS is prone to a remote stack-based buffer-overflow vulnerability affecting the application's FTP server. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects the following:

* IIS 5.0
* IIS 5.1
* IIS 6.0 (denial of service only)
* IIS 7.0 (denial of service only)


Note that Microsoft IIS 7.0 with FTP Service 7.5 is not affected.

Exploit Here : Klik Here

# ITS ©
# 2008 - 2009

Oct 3, 2009

Ubuntu Package Backdoor using a Metasploit


This is a great demo where he shows how to create a trojan using the xbomb game package. He creates the trojan by bundling a Metasploit reverse TCP stager payload with the game package. When the game is installed and executed, the Metasploit payload executes and connects back to the attacker, giving him a shell on the system. As most installations are done as root, this in most cases will end up becoming a root shell. :) Very creative! This is another example to show that Linux Malware can very easily be written and deployed, contrary to popular belief.

# ITS ©
# 2008 - 2009

Oct 2, 2009

Pwning using OpenVAS and Metasploit




OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

# ITS ©
# 2008 - 2009

Oct 1, 2009

Finding Subdomains using Goorecon



In the Information Gathering stage of a pentest, we are interested in finding out the various sub-domains of our target domain. As we have seen in previous videos, querying DNS servers using zone transfer requests or trying to retrieve entries using a dictionary / brute-forcing attack, is a good start, but fails in most cases. Another alternate technique to figure out sub-domains is to query google and check if it has found any sub-domains during it's web mining exercise on the target. Goorecon is just the tool we need in order to do this.
Download Goorecon :
http://www.darkoperator.com/tools-and-scripts/

# ITS ©
# 2008 - 2009

Remote Keylogger Firefox Addon

This video shows how easy is to make a remote keylogger as a firefox addon. With little knowlege on how to make a firefox addons and coding in javascript you can make a potentialy dangerous addon. You can read on how to make a firefox addon on:

https://developer.mozilla.org/En/Developing_add-ons

Video :
http://securitytube.net/Remote-Keylogger-Firefox-Addon-video.aspx

# ITS ©
# 2008 - 2009