aslitsecurity.blogspot.com
ASL IT SECURITY: Sql Injection in Facebook applications!
http://aslitsecurity.blogspot.com/2011/03/sql-injection-in-facebook-applications.html
Wednesday, March 9, 2011. Sql Injection in Facebook applications! We found a vulnerability in 2 facebook applications. One is patched now so we are disclosing the vulnerability. There was a SQL Injection vulnerability in apps.facebook.com. Location: http:/ apps.facebook.com/. Impact: Database access/server control. It was possible to extract all data of all databases located on that servers. 7/3/2010 - Facebook vendors notified. 8/3/2010 - Response from verdor. 8/3/2010 - Vendor patched the vulnerability.
aslitsecurity.blogspot.com
ASL IT SECURITY: July 2011
http://aslitsecurity.blogspot.com/2011_07_01_archive.html
Tuesday, July 5, 2011. SAP Player 0.9 (.m3u) universal. This exploit uses direct return address. Not SEH version. Http:/ packetstormsecurity.org/files/view/102792/sapplayer-overflow.py.txt. Subscribe to: Posts (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. SAP Player 0.9 (.m3u) universal. TrustedSec Security Podcast Episode 52 – Paul Asadoorian from Security Weekly, Bad Air, Azure, Cisco, Clinton Foundation. I am lady" Linux.Lady trojan samples. Dr IDE's PoC of the Day Club.
github.com
GitHub - aslitsecurity/ASLHackMeLabs: ASL HackMe Labs is yet another vulnerabile web application to practice various web based attacks.
https://github.com/aslitsecurity/ASLHackMeLabs
ASL HackMe Labs is yet another vulnerabile web application to practice various web based attacks. Use Git or checkout with SVN using the web URL. Cannot retrieve the latest commit at this time. Failed to load latest commit information. ASL HackMe Labs is yet another vulnerabile web application to practice various web based attacks. You can practice many web application attacks with these labs. Can be installed in both XAMPP and WAMPP. To install extract all contents in web root. 1) SQLi login bypass.
aslitsecurity.blogspot.com
ASL IT SECURITY: Yahoo Cross Site Scripting Vulnerability!
http://aslitsecurity.blogspot.com/2012/02/yahoo-cross-site-scripting.html
Sunday, February 12, 2012. Yahoo Cross Site Scripting Vulnerability! There is a Cross Site Scripting Vulnerability in yahoo.com subdomain. Its in upcoming.yahoo.com . This vulnerability allows the attacker to steal cookies and perform session hijacking attacks or use XSS worms. The vendor has been notified regarding the vulnerability details. July 6, 2012 at 10:47 PM. Subscribe to: Post Comments (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. I am lady" Linux.Lady trojan samples.
aslitsecurity.blogspot.com
ASL IT SECURITY: CVE-2014-6352 When defenses fall - eliminating the use of .inf files and bypassing Antiviruses!
http://aslitsecurity.blogspot.com/2014/11/cve-2014-6352-when-defenses-fall.html
Wednesday, November 5, 2014. CVE-2014-6352 When defenses fall - eliminating the use of .inf files and bypassing Antiviruses! Regarding CVE-2014-6352 and CVE-2014-4114 as we know .inf files were used in malware samples found in the wild to execute the executable payloads. One of the workaround from Microsoft was to Block the launching of executables via Setup information files (. Https:/ technet.microsoft.com/en-us/library/security/ms14-060.aspx. OleObject1.bin - which is embedded executable. TrustedSec S...
aslitsecurity.blogspot.com
ASL IT SECURITY: February 2012
http://aslitsecurity.blogspot.com/2012_02_01_archive.html
Sunday, February 12, 2012. Yahoo Cross Site Scripting Vulnerability! There is a Cross Site Scripting Vulnerability in yahoo.com subdomain. Its in upcoming.yahoo.com . This vulnerability allows the attacker to steal cookies and perform session hijacking attacks or use XSS worms. The vendor has been notified regarding the vulnerability details. Subscribe to: Posts (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. Yahoo Cross Site Scripting Vulnerability! Dr IDE's PoC of the Day Club.
aslitsecurity.blogspot.com
ASL IT SECURITY: April 2012
http://aslitsecurity.blogspot.com/2012_04_01_archive.html
Thursday, April 19, 2012. MS Word RTFPfragments exploit for office 2008 OSX. Please download the code from. Http:/ www.exploit-db.com/exploits/18749. Http:/ www.1337day.com/exploits/18068. Wednesday, April 18, 2012. XSS vulnerability in AOL search. We are trying to contact the AOL team. No reply from them yet. Subscribe to: Posts (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. MS Word RTFPfragments exploit for office 2008 OSX. I am lady" Linux.Lady trojan samples.
aslitsecurity.blogspot.com
ASL IT SECURITY: Pragyan CMS v 3,0 mulltiple vulnerabilities!
http://aslitsecurity.blogspot.com/2011/02/pragyan-cms-v-30-mulltiple.html
Saturday, February 26, 2011. Pragyan CMS v 3,0 mulltiple vulnerabilities! During the Pragyan's hacking challange we found these vulnerabilities in their open source CMS. Pragyan CMS v 3.0 mutiple Vulnerabilities. Author Villy and Abhishek Lyall - villys777[at]gmail[dot]com,. Web - http:/ www.aslitsecurity.com/. Blog - http:/ bugix-security.blogspot.com. Http:/ www.aslitsecurity.blogspot.com/. Pragyan CMS v 3.0. 1) Code execution in INSTALL/install.php. Script not correctly validate entered fields. Video:...
aslitsecurity.blogspot.com
ASL IT SECURITY: October 2014
http://aslitsecurity.blogspot.com/2014_10_01_archive.html
Friday, October 31, 2014. ASL HackMe Labs - Yet another vulnerable web application! ASL HackMe Labs is yet another vulnerabile web application to practice various web based attacks. You can practice many web application attacks with these labs. Can be installed in both XAMPP and WAMPP. To install extract all contents in web root. Create a database named "security" and import security.sql file to it. For RFI to work set allow url include=On and allow url fopen=On in your php.ini. 1) SQLi login bypass.
aslitsecurity.blogspot.com
ASL IT SECURITY: February 2011
http://aslitsecurity.blogspot.com/2011_02_01_archive.html
Saturday, February 26, 2011. Pragyan CMS v 3,0 mulltiple vulnerabilities! During the Pragyan's hacking challange we found these vulnerabilities in their open source CMS. Pragyan CMS v 3.0 mutiple Vulnerabilities. Author Villy and Abhishek Lyall - villys777[at]gmail[dot]com,. Web - http:/ www.aslitsecurity.com/. Blog - http:/ bugix-security.blogspot.com. Http:/ www.aslitsecurity.blogspot.com/. Pragyan CMS v 3.0. 1) Code execution in INSTALL/install.php. Script not correctly validate entered fields. Video:...
SOCIAL ENGAGEMENT