ClsHack:Computer Security Blog    

XSSer is upgraded to version 1.6 :)

From the official website:

Cross Site “Scripter” is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.It contains several options to try to bypass certain filters, and various special techniques of code injection.

This version has been added to bypass filters also phpids, have been fixed some bugs and improved performance :)

In backbox or other debian based distribution can be made by the installazzione deb package, otherwise instalalre xsser is very simple :)
Download the latest version by typing svn:
(more…)

In Defcon 18(DEF CON® Hacking Conference) we talked about SHODAN,which is nothing but a search engine, But very different from the usual, bing google,yahoo ecc.

With SHODAN, We can filter the results leads to, server, by continent,look for passwords… Web applications “old”,router,FTP and more…looking for answers in the server gives us, eg “Server: iis 5″
From the official website:

SHODAN is a computer search engine. But it is unlike any other search engine. While other search engines scour the web for content, SHODAN scans for information about the sites themselves. The result is a search engine that aggregates banners from well-known services. This presentation will focus on the applications of SHODAN to penetration testers, and in particular will detail a number of case studies demonstrating passive vulnerability analysis including default passwords, descriptive banners, and complete pwnage. For penetration testers, SHODAN is a game-changer, and a goldmine of potential vulnerabilities.

Michael Schearer (“theprez98″) is a government contractor who spent nearly nine years in the United States Navy as a combat-experienced EA-6B Prowler Electronic Countermeasures Officer. He also spent nine months on the ground doing counter-IED work with the U.S. Army. He is a graduate of Georgetown University’s National Security Studies Program and a previous presenter at DEFCON, and has spoken at ShmooCon, HOPE and internationally at CONFidence (Poland) and HackCon (Norway) as well as other numerous conferences. Michael is a licensed amateur radio operator and an active member of the Church of WiFi. He lives in Maryland with his wife and four children.

Even with google, as you know you can filter the results by the famous dork .

For example, if we try google o.o:
inurl:"password" filetype:xls
Well we plunge off password mediaset, megaupload,rapidshare,tim,vodafone,Aruba and other crap :D that our friend google indexes.
(more…)

It’ 10 days that I have the fever does not go hog fucking shit more then aaaaaaaaa aaaaaaaa ok, I'm hot shit.

They say that the bug report, respond well:

One, is true, is a bug, but we do not know how to patch.. you have any suggestions?

We're talking security google, I do not think so are idiots.

But, frankly are not very security-conscious.

A couple of years ago ', Evil socket, has shown that loading of igoogle Gadgets made ad hoc, you can take control of the victim's browser.

Evil, was only an alert(document.cookie), but if he had inserted the script as beef ?O. The

All this because google does not control user uploaded on Gadgets.

On the other hand can not even manually check the many gadgets that are uploaded daily.

This problem also applies to extensions of firefox or google chrome, where they found a worm.
(more…)

UPDATED.

As you know, chromium, is the original version of google chrome.

If you have not installed, I recommend it, immediately, seen the performance:
Install Chromium on Ubuntu and derivatives

Chromium, as the same chrome oppure firefox, stores the history, bookmark, bookmarks feed, settings, etc. in the database file sql lite.

Add, remove,creates and deletes, mean that these tables become very slow !!!

Today to open a new tab to take me 30 second :(
(more…)

Information Gathering, or how to gather information from remote systems and.
This phase, is very useful in an approach for example with the penetration-test.

Let's say that before attacking, need to know “What's behind”, and this stage allows us to gather a wealth of information, come email, telephone numbers, or other useful also for conducting a social attack.

In backTrack, are placed in this category, Numbers Software, I, I have selected some.
I'm not saying that others do not go well, rather , but I can not talk about 30 tool :D

• theHarvester, Email, User names and Subdomain/Hostnames finder[presente in backtrack]
• Maltego 2[presente in backtrack]
• Fierce Domain Scan
• httprint is a web server fingerprinting tool. [presente in backtrack]
• DirBuster

We start from the first: theHarvester, Email, User names and Subdomain/Hostnames finder.

This simple tool, python found in backtrack, with the name of goog email enum.

This tool, as from the description, allows to find:

• Email;
• User names;
• Subdomain/Hostnames;

Leveraging google, or other search services such as linklin or bing ;)
Let's see how to use it.
I put the package on my website to facilitate any change of address ;)
We open our console :D
wget http://www.clshack.com/nopaste/theHarvester-1.6.tar
tar -xvf theHar*.tar
cd theH*
Well now we type, per un help:
python theHarvester.py
Example:
python theHarvester.py -d SITO_DA_CERCARE -l 100 -b bing
I used bing, because I know that I required the google captcha, I have found no human :)
(more…)