1 - copy your wallpaper to the /usr/share/backgrounds/laughlin/default/wide//usr/share/backgrounds/laughlin/default/standard//usr/share/backgrounds/laughlin/default/normalish/make sure you do it with root privilige.2 - go...
Wednesday, December 22, 2010
Tuesday, December 21, 2010
Transmission for your Centos
What is transmission?If u know about torrentflux,so this transmission is the alterantive to torrentflux.Website : http://www.transmissionbt.comIts easy to setup this transmission to your server.thanks to y0nd13 coz introduced...
Sunday, December 19, 2010
WebEvent Web Calendar by peoplecube.com Non-Persistent XSS
# Exploit Title: WebEvent Web Calendar by peoplecube.com Non-Persistent XSS# Date: 20 December 2010# Author: p0pc0rn# Software Link: http://www.peoplecube.com/ : http://www.peoplecube.com/products-other-web-event.htmXSS====http://site.com/webevent.pl?cmd=[XSS]http://site.com/webevent.cgi?cmd=[XSS]Screenshot:http://img710.imageshack.us/img710/5901/screenshotah.pnghttp://img694.imageshack.us/img694/5028/screenshotxed.pngStatus:...
Tuesday, December 14, 2010
CalendarScript is Vulnerable to Cross Site Scripting
# Exploit Title: CalendarScript is Vulnerable to Cross Site Scripting# Date: 15 December 2010# Author: p0pc0rn# Software Link: http://www.calendarscript.com/XSS====http://www.calendarscript.com/demo/calendar_admin.plPOST...
How to Review Java Source Code using 3rd party tool, Lapse!
How to Review Java Source Code using 3rd party tool, Lapse!Want to share with you all how to use this 3rd party tool with eclipse.This tool or plugin is really useful if you going to review java source code.What you need1...
Sunday, December 12, 2010
WorldCat search library vulnerable to Cross Site Scripting
# Exploit Title: WorldCat search library vulnerable to Cross Site Scripting# Date: 12 December 2010# Author: p0pc0rn# Vendor: http://www.worldcat.org/XSS====http://site/search?q=kw:[XSS]Screenshot===========http://img84...
Saturday, December 11, 2010
The CMU Pronouncing Dictionary vulnerable to XSS
# Exploit Title: The CMU Pronouncing Dictionary vulnerable to XSS# Google Dork: none# Date: 11 December 2010# Author: p0pc0rn# Software Link: https://cmusphinx.svn.sourceforge.net/svnroot/cmusphinx/trunk/cmudict/XSS====http://site/something/cmudict?in=[xss]Screenshot===========http://img72.imageshack.us/img72/9166/cmudict.pngStatus=======Reported...
How to using Facebook Chat in your pidgin (Windows)
Okay,My gf always online using her ipod to chat with me via facebook chat.Since she claimed that her ipod cannot using gtalk's client.So,its ok, but chatting using facebook chat from the facebook page quite annoying. Why??1...
Friday, December 10, 2010
Is it SSL v2 or v3?!
Hye.This post might help some of you out there that working as a pentester/security consultant/IT staff/etc.During pentest,after scanned the server/host/ip, u might get a result saying that the server/host/ip using old version...
Thursday, December 9, 2010
This is War?
what the ..before this..4chanVStumblrand now..there'll be anbetween Wikileaks VS anti-Wikileaksnext?????p0pc...
MWeb Online Catalog vulnerable to Cross Site Scripting
# Exploit Title: MWeb Online Catalog vulnerable to Cross Site Scripting# Google Dork: intext:This is an MWeb™ Online Catalog# Date: 09 December 2010# Author: p0pc0rn# Software Link: http://www.systemsplanning.com/mweb/c...
Monday, December 6, 2010
Calcium Web Calendar vulnerable to Cross Site Scripting
# Exploit Title: Calcium Web Calendar vulnerable to Cross Site Scripting# Google Dork: intext:Calcium 4.0.4 Professional 25# Date: 07 December 2010# Author: p0pc0rn# Software Link: Brown Bear Software http://www.brownbearsw.com#...
Wednesday, November 24, 2010
Hacking WEP using WEPbuster
ever heard about aircrack-ng suite? yeah..its a wep cracking programm. its really common now among wardrivers. but do u know there's a new toolkit that is one step easier than aircrack?i heard this from my colleague. the...
WAF != WARF
warf warf! sounds like a barking sound.will hear that sound when some anonymous skidds found a vuln website and try to inject it but failed."warf! this page non-injectable...dont waste your time!"and hey..warf also sounds...
Saturday, November 20, 2010
isCollection search form Designed by dubuweb XSS vulnerability
# Exploit Title: isCollection search form Designed by dubuweb XSS vulnerability# http://www.dubuweb.com# dork : intext:Designed by dubuweb# Date: 20/11/2010# Author: p0pc0rn# Risk level: Medium# Vulnerability Details: User...
Friday, November 19, 2010
ZMSE v2.0 (ZaLab Meta Search Engine) XSS vulnerability
# Exploit Title: ZMSE v2.0 (ZaLab Meta Search Engine) XSS vulnerability# http://lab.zagia.com/# Date: 20/11/2010# Author: p0pc0rn# Risk level: Medium# Vulnerability Details: User can execute arbitrary JavaScript code within...
Tuesday, November 9, 2010
E-commerce by Hinetmedia™ XSS Vulnerability
Title:E-commerce by Hinetmedia™ XSS VulnerabilityVendor:http://hinetmedia.comVulnerability Type: XSS (Cross Site Scripting)Found by : p0pc0rn 09/11/2010Risk level: MediumVulnerability Details:User can execute arbitrary...
Sunday, September 26, 2010
[XSS] Template by CORNERSTONE CONTENT MANAGEMENT SYSTEM
Found on 26/9/2010site infected : most of template by CORNERSTONE CONTENT MANAGEMENT SYSTEMvulnerable : cross site scripting and some cookies modifying also SQL Injection pic : ScreenShotaffected items : /search.cfm:)have...