Wednesday, December 22, 2010

How to Change Login Background in Fedora 14

1 - copy your wallpaper to the /usr/share/backgrounds/laughlin/default/wide//usr/share/backgrounds/laughlin/default/standard//usr/share/backgrounds/laughlin/default/normalish/make sure you do it with root privilige.2 - go...

Tuesday, December 21, 2010

Transmission for your Centos

What is transmission?If u know about torrentflux,so this transmission is the alterantive to torrentflux.Website : http://www.transmissionbt.comIts easy to setup this transmission to your server.thanks to y0nd13 coz introduced...

Sunday, December 19, 2010

WebEvent Web Calendar by peoplecube.com Non-Persistent XSS

# Exploit Title: WebEvent Web Calendar by peoplecube.com Non-Persistent XSS# Date: 20 December 2010# Author: p0pc0rn# Software Link: http://www.peoplecube.com/ : http://www.peoplecube.com/products-other-web-event.htmXSS====http://site.com/webevent.pl?cmd=[XSS]http://site.com/webevent.cgi?cmd=[XSS]Screenshot:http://img710.imageshack.us/img710/5901/screenshotah.pnghttp://img694.imageshack.us/img694/5028/screenshotxed.pngStatus:...

Tuesday, December 14, 2010

CalendarScript is Vulnerable to Cross Site Scripting

# Exploit Title: CalendarScript is Vulnerable to Cross Site Scripting# Date: 15 December 2010# Author: p0pc0rn# Software Link: http://www.calendarscript.com/XSS====http://www.calendarscript.com/demo/calendar_admin.plPOST...

Sunday, December 12, 2010

Saturday, December 11, 2010

The CMU Pronouncing Dictionary vulnerable to XSS

# Exploit Title: The CMU Pronouncing Dictionary vulnerable to XSS# Google Dork: none# Date: 11 December 2010# Author: p0pc0rn# Software Link: https://cmusphinx.svn.sourceforge.net/svnroot/cmusphinx/trunk/cmudict/XSS====http://site/something/cmudict?in=[xss]Screenshot===========http://img72.imageshack.us/img72/9166/cmudict.pngStatus=======Reported...

How to using Facebook Chat in your pidgin (Windows)

Okay,My gf always online using her ipod to chat with me via facebook chat.Since she claimed that her ipod cannot using gtalk's client.So,its ok, but chatting using facebook chat from the facebook page quite annoying. Why??1...

Friday, December 10, 2010

Is it SSL v2 or v3?!

Hye.This post might help some of you out there that working as a pentester/security consultant/IT staff/etc.During pentest,after scanned the server/host/ip, u might get a result saying that the server/host/ip using old version...

Thursday, December 9, 2010

This is War?

what the ..before this..4chanVStumblrand now..there'll be anbetween Wikileaks VS anti-Wikileaksnext?????p0pc...

Monday, December 6, 2010

Calcium Web Calendar vulnerable to Cross Site Scripting

# Exploit Title: Calcium Web Calendar vulnerable to Cross Site Scripting# Google Dork: intext:Calcium 4.0.4 Professional 25# Date: 07 December 2010# Author: p0pc0rn# Software Link: Brown Bear Software http://www.brownbearsw.com#...

Wednesday, November 24, 2010

Hacking WEP using WEPbuster

ever heard about aircrack-ng suite? yeah..its a wep cracking programm. its really common now among wardrivers. but do u know there's a new toolkit that is one step easier than aircrack?i heard this from my colleague. the...

WAF != WARF

warf warf! sounds like a barking sound.will hear that sound when some anonymous skidds found a vuln website and try to inject it but failed."warf! this page non-injectable...dont waste your time!"and hey..warf also sounds...

Saturday, November 20, 2010

Friday, November 19, 2010

Tuesday, November 9, 2010

E-commerce by Hinetmedia™ XSS Vulnerability

Title:E-commerce by Hinetmedia™ XSS VulnerabilityVendor:http://hinetmedia.comVulnerability Type: XSS (Cross Site Scripting)Found by : p0pc0rn 09/11/2010Risk level: MediumVulnerability Details:User can execute arbitrary...

Sunday, September 26, 2010