Wednesday, December 22, 2010

How to Change Login Background in Fedora 14

1 - copy your wallpaper to the
/usr/share/backgrounds/laughlin/default/wide/
/usr/share/backgrounds/laughlin/default/standard/
/usr/share/backgrounds/laughlin/default/normalish/

make sure you do it with root privilige.

2 - go to the /usr/share/backgrounds/laughlin/default/ directory
3 - edit the laughlin.xml using vi

4 - change the wallpaper to your wallpaper that just copied before.


5 - Save, and complete!

You can see your login page with a new wallpaper.

kudos to http://aenguillo.wordpress.com

Tuesday, December 21, 2010

Transmission for your Centos

What is transmission?
If u know about torrentflux,so this transmission is the alterantive to torrentflux.

Website : http://www.transmissionbt.com

Its easy to setup this transmission to your server.
thanks to y0nd13 coz introduced this thing to me and lollerskates from transmission forum for his easy tutorial on how to setup the transmission in Centos server.
This tutorial originally by lollerskates


How to install Transmission with yum on CentOS 5




Install dependencies and some tools we will use:

Code: Select all
yum -y install openssl-devel curl-devel libevent-devel intltool.i386 gettext wget nano



Get and unpack transmission (warning, current version 2.12 is in these filenames)

Code: Select all
wget http://download.transmissionbt.com/files/transmission-2.12.tar.bz2
tar xjvf transmission-2.12.tar.bz2
cd transmission-2.12



Try to build transmission and make after this

Code: Select all
./configure



If u get some errors, do this

Code: Select all
yum -y groupinstall "Development Tools"
./configure



Now make...

Code: Select all
make && make install



already done? not yet..need to create the settings.json

Code: Select all
transmission-daemon



Kill it.. appending -HUP to force dump the settings

Code: Select all
killall -HUP transmission-daemon



Now, u need to adjust your settings,based on what you prefer. then save.
Code: Select all
cd ~
nano .config/transmission-daemon/settings.json

Rerun the transmission-daemon.then FINISH! U can access to your web interface at port 9091


Code: Select all
transmission-daemon

Sunday, December 19, 2010

WebEvent Web Calendar by peoplecube.com Non-Persistent XSS

# Exploit Title: WebEvent Web Calendar by peoplecube.com Non-Persistent XSS
# Date: 20 December 2010
# Author: p0pc0rn
# Software Link: http://www.peoplecube.com/
: http://www.peoplecube.com/products-other-web-event.htm



XSS
====
http://site.com/webevent.pl?cmd=[XSS]
http://site.com/webevent.cgi?cmd=[XSS]


Screenshot:



http://img710.imageshack.us/img710/5901/screenshotah.png
http://img694.imageshack.us/img694/5028/screenshotxed.png

Status: Reported.

Thanks

p0pc0rn

Tuesday, December 14, 2010

CalendarScript is Vulnerable to Cross Site Scripting

# Exploit Title: CalendarScript is Vulnerable to Cross Site Scripting
# Date: 15 December 2010
# Author: p0pc0rn
# Software Link: http://www.calendarscript.com/



XSS
====
http://www.calendarscript.com/demo/calendar_admin.pl
POST : [XSS]
http://www.calendarscript.com/demo/calendar.pl
POST : [XSS]

XSS 2 (for old version i think)
=====
http://site.com/cgi-bin/calendar/calendar.pl?ACTION=VIEWDAY&Year=[XSS]&Month=12&Date=[XSS]&config=calendar.cfg

Screenshot:



http://img580.imageshack.us/img580/9347/calendarss.png
http://img815.imageshack.us/img815/9159/calendar2z.png

Thanks

p0pc0rn

How to Review Java Source Code using 3rd party tool, Lapse!

How to Review Java Source Code using 3rd party tool, Lapse!

Want to share with you all how to use this 3rd party tool with eclipse.
This tool or plugin is really useful if you going to review java source code.

What you need

1 - eclipse-java-helios-SR1-win32, can download from here
2 - Lapse.jar plugin can get it from here here
3 - The source code itself.

What you need to do

1 - put your Lapse.jar to C://your_eclipse_path_directories/plugins


2 - open the eclipse.exe


3 - create a new java project || Go to File > New > Java Project


4 - browse for your source code folder,then click OK from the browse window.

5 - at the New Java Project window, just click Next and Finish.

6 - then go to Window > Show View and choose Other..


7 - find your Lapse folder and choose Vulnerability Sinks ( or others if you want to try the output )
then click OK.


8 - there will be a new Vulnerability Sinks tab and then you can start find the sinks.


9 - after a while, you will get the results. and you can verify them



thanks

p0pc0rn

Sunday, December 12, 2010

WorldCat search library vulnerable to Cross Site Scripting

# Exploit Title: WorldCat search library vulnerable to Cross Site Scripting
# Date: 12 December 2010
# Author: p0pc0rn
# Vendor: http://www.worldcat.org/



XSS
====
http://site/search?q=kw:[XSS]

Screenshot
===========

http://img842.imageshack.us/img842/6059/worldcatorg.jpg

Status
======
Reported

Thanks

p0pc0rn

Saturday, December 11, 2010

The CMU Pronouncing Dictionary vulnerable to XSS

# Exploit Title: The CMU Pronouncing Dictionary vulnerable to XSS
# Google Dork: none
# Date: 11 December 2010
# Author: p0pc0rn
# Software Link: https://cmusphinx.svn.sourceforge.net/svnroot/cmusphinx/trunk/cmudict/



XSS
====
http://site/something/cmudict?in=[xss]


Screenshot
===========


http://img72.imageshack.us/img72/9166/cmudict.png

Status
=======
Reported on 11th December 2010
and Fixed by the developer on 12th December

Thanks

p0pc0rn

How to using Facebook Chat in your pidgin (Windows)

Okay,

My gf always online using her ipod to chat with me via facebook chat.
Since she claimed that her ipod cannot using gtalk's client.So,its ok, but chatting using facebook chat from the facebook page quite annoying. Why??

1 - the sounds
2 - the lagging
3 - the always online offline thingy
4 - the chat popup will appear in every facebook tabs that u currently open.


sigh..
I'm using pidgin in my Windows.
So,after googling I found two methods.

1 - u can refer to this blog

2 - using the plugins available from the guys that really concern about this problem..keh3..

So, for the 1st method, i failed. Then I try for the another method which I found easy and working!

so here's how u want to do it.

1 - U need a pidgin of coz.

2 - Download this libfacebook plugin from here and put it in C:\Program Files\Pidgin\plugins\ directory.

3 - Download another plugin called json-glib from here and put it in
C:\Program Files\Pidgin\ directory.

4 - Restart your pidgin.

5 - Add your facebook account || Accounts > Manage Accounts > Add




and w00t! now u can using facebook chat via pidgin! congratz!



thx to them
any problem u can ask them :)

p0pc0rn

Friday, December 10, 2010

Is it SSL v2 or v3?!

Hye.

This post might help some of you out there that working as a pentester/security consultant/IT staff/etc.

During pentest,after scanned the server/host/ip, u might get a result saying that the server/host/ip using old version of SSL. The latest one currently is version 3.

So,how to ensure this is a true positive or false positive? U can check it by using Internet Explorer browser.

go to Tools > Internet Options
then
go to the Advance tab.

tick the box like i show below if u want to check either that server/host/ip using old version of SSL in this case v2.

then click OK.

go the server/host/ip using the same browser.
if u can get to the webpage, this means the server/host/ip is using v2 of SSL.
if not,u'll get an error/too long to load/timeout connection/,this means the server/host/ip is not using the v2 of SSL.

then,try to check for the other version,in this case is version 3.
the same thing u need to check. after tick the v3 SSL box, check the server/host/ip
like u did for v2 SSL.



hope u all can understand my post :)

p0pc0rn

Thursday, December 9, 2010

This is War?

what the ..

before this..

4chan



VS

tumblr




and now..there'll be an



between Wikileaks VS anti-Wikileaks




next?????



p0pc0rn

MWeb Online Catalog vulnerable to Cross Site Scripting

# Exploit Title: MWeb Online Catalog vulnerable to Cross Site Scripting
# Google Dork: intext:This is an MWeb™ Online Catalog
# Date: 09 December 2010
# Author: p0pc0rn
# Software Link: http://www.systemsplanning.com/mweb/credits.asp



XSS
====
http://site/something/mweb.exe?request=[XSS]

Screenshot:
http://img202.imageshack.us/img202/628/mweb.png



Status
======
Reported

Thanks
p0pc0rn

Monday, December 6, 2010

Calcium Web Calendar vulnerable to Cross Site Scripting

# Exploit Title: Calcium Web Calendar vulnerable to Cross Site Scripting
# Google Dork: intext:Calcium 4.0.4 Professional 25
# Date: 07 December 2010
# Author: p0pc0rn
# Software Link: Brown Bear Software http://www.brownbearsw.com
# Version: 4.0.4


XSS
====
http://site/something/Calcium40.pl?Op=ShowIt&CalendarName=[XSS]

Screenshot:
http://img256.imageshack.us/img256/3848/calcium.png



Status
======
Reported

Thanks


p0pc0rn

Wednesday, November 24, 2010

Hacking WEP using WEPbuster

ever heard about aircrack-ng suite? yeah..its a wep cracking programm. its really common now among wardrivers.

but do u know there's a new toolkit that is one step easier than aircrack?
i heard this from my colleague. the tool called WEPBuster.
just run it in Backtrack and it will automatically crack the wep around u!

available in unix only.so,windows user..u know what to do :D

read more about WEPbuster here
and here

p/s read the first link.make sure ur pc meet the requirements.


p0pc0rn

WAF != WARF

warf warf! sounds like a barking sound.

will hear that sound when some anonymous skidds found a vuln website and try to inject it but failed.
"warf! this page non-injectable...dont waste your time!"

and hey..warf also sounds like when we say wadefff!!!
(not wadefak my friend. but the 'wtf' word)

arh..here's the topic.
just learned a little bit about WAF = Web Application Filter.
nowdays u can get a lot of vuln sites. when u put a singe quote (') as example,there'll be a mysql error or etc.
but when try to inject (based on the tutorials given after some googling) and failed, does this mean that site is non-injectable?

NO. this is because of WAF

so hey noobs out there(including me) lets learn about WAF!

WAF from owasp


p0pc0rn

Saturday, November 20, 2010

isCollection search form Designed by dubuweb XSS vulnerability

# Exploit Title: isCollection search form Designed by dubuweb XSS vulnerability
# http://www.dubuweb.com
# dork : intext:Designed by dubuweb
# Date: 20/11/2010
# Author: p0pc0rn
# Risk level: Medium
# Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.

XSS
===
http:site.com/search/search.php?isCollection=webpage&k=[xss]

POC
===
http://www.greeninc.co.kr/search/search.php?isCollection=webpage&k=[xss]

Screenshot
==========

http://img600.imageshack.us/img600/4213/dubuweb.png



p0pc0rn

p/s : there are more vuln in this cms

Friday, November 19, 2010

ZMSE v2.0 (ZaLab Meta Search Engine) XSS vulnerability

# Exploit Title: ZMSE v2.0 (ZaLab Meta Search Engine) XSS vulnerability
# http://lab.zagia.com/
# Date: 20/11/2010
# Author: p0pc0rn
# Risk level: Medium
# Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.

XSS
===
http://site.com/[search]/?where=[]&query=[xss]

Screenshot
==========

http://img251.imageshack.us/img251/6649/74928518.png


p0pc0rn

Tuesday, November 9, 2010

E-commerce by Hinetmedia™ XSS Vulnerability

Title:E-commerce by Hinetmedia™ XSS Vulnerability
Vendor:http://hinetmedia.com
Vulnerability Type: XSS (Cross Site Scripting)
Found by : p0pc0rn 09/11/2010
Risk level: Medium
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.

===
XSS
===
http://site.com/default.hm?store=[]&keywords=[XSS]


Status
=======
Fixed by technical support this evening.so fast! :D

Screenshot
==========


http://img513.imageshack.us/img513/6277/59796609.png


p0pc0rn

Sunday, September 26, 2010