Thursday, 31 October 2013
Posted by Hackers2DevNull at 11:32
Wednesday, 23 October 2013
A simple utility for making life easier when back-connecting from a foreign host where firewall rules are not known. Run a copy locally specifying a port range to listen on (optionally specify another program to handle the connection). And on the server run a copy specifying the port destination range to try and 'brute-force' (optionally specify a local port range to bind to instead of taking the first available / and optionally specify a program to pass the connection to, e.g. "/bin/sh -i").
Posted by Hackers2DevNull at 13:58
Wednesday, 25 September 2013
Monday, 16 September 2013
Posted by Hackers2DevNull at 13:38
Sunday, 11 August 2013
Saturday, 6 July 2013
Sunday, 19 May 2013
Checkout this cool blog from Prakhar Prasad (http://blog.prakharprasad.com/), they setup an interesting XSS challenge that requires code analysis to solve, here: xss.prakharprasad.com (also thanks to MaXoNe who I think contributed to it).
Posted by Hackers2DevNull at 10:18
Saturday, 18 May 2013
When Safe mode is on it can be a pain to do what you want to do on the system. Being able to access CGI solves this problem, and here is my implementation of a shell (safe mode bypass) in C for windows and linux.
Posted by Hackers2DevNull at 20:57
Wednesday, 15 May 2013
This persistent XSS vulnerability requires a little bit social engineering to work, see the report below:
Posted by Hackers2DevNull at 04:17
Friday, 10 May 2013
Posted by Hackers2DevNull at 05:55
Friday, 25 January 2013
Friday, 14 December 2012
Thursday, 1 March 2012
Google updated their wall of fame for Jan-March (http://www.google.co.uk/about/appsecurity/hall-of-fame/reward/). I disclosed a cross site scripting (XSS) vulnerability last month, and Google were kind enough to put me on their wall (and give me a few pennies to spend at the sweet shop).
Posted by Hackers2DevNull at 12:46