Search:
Type: Posts; User: nebulus200; Keyword(s):
Search:
Search took 0.11 seconds; generated 43 minute(s) ago.
-
July 23rd, 2009, 07:02 PM
Interested in logs/info...based on what you are saying sounds to me like the malware that's been spreading around using mass sql injection attacks...does you web page (since it is hosted), have any...
-
July 13th, 2009, 09:03 PM
Or one better, netstat -anob
You don't have to ask what has it open ;)
-
September 23rd, 2008, 02:43 PM
There are a number of ways...two that come to mind are hidden form inputs and cookies...make sure you don't trust either :)
-
August 19th, 2008, 02:30 PM
Usually that means something about the format of your password file isn't something it can read...otherwise it would come back and list the number of passwords and the type of hash, even if it didn't...
-
August 11th, 2008, 03:44 PM
Just a little warning, we had a user register for that site and we literally started receiving thousands of spam email messages from them, spoofing as from that user to other users. It was severe...
-
August 7th, 2008, 01:01 AM
Where's the conference highlights ? :(
Oh well...definitely making it next year...
-
July 24th, 2008, 08:33 PM
Nikto looks at several things that are returned by the webserver. It probably was confused by a result and reported it. As with any scanning tool, it is wise to double check the results for false...
-
July 24th, 2008, 08:29 PM
Congrats, got married there this year myself :) Ochos Rios...
-
July 10th, 2008, 09:20 PM
Missing it for the first time in a while this year :(
-
June 17th, 2008, 12:23 AM
LOL, sorry about that, guess he let his domain name go :), shame, it was a useful tool...
-
June 11th, 2008, 07:21 PM
macdaddy?
http://www.opensourceforensics.org/tools/unix.html
Title: mac-daddy Author: Rob Lee
Description: MAC Time collector for forensic incident response. This toolset is a modified...
-
April 1st, 2008, 07:28 PM
Love the new definition of full disclosure :D
-
March 31st, 2008, 10:07 PM
Heh...pot, kettle, black? See my earlier answer to your post ;)
For actual exploit examples that prove/show what is being done is correct (ie, # of cols and types are what is important, not what...
-
March 31st, 2008, 05:47 PM
What does:
'+UNION+SELECT+(1,2)+FROM+users--
''+UNION+SELECT+(1,2)+FROM+users--
return? Note: no numeric argument there and the second is two '
or
1+UNION+SELECT+1,2+FROM+users/*
or
-
March 31st, 2008, 02:50 PM
My best guess would be something to the effect of :
?idProduct=1'+UNION+SELECT+(1,2)+FROM+users--
?idProduct=1"+UNION+SELECT+(1,2)+FROM+users--
Since it is choking on the union, my thought is...
-
March 31st, 2008, 02:10 PM
Not necessarily, the only thing that matters is that the # of columns matches and that the type is correct...
If I had to guess I'd say there is possibly an issue with a quote somewhere...the...
-
March 26th, 2008, 09:19 PM
Glad you were a little more specific about Core's findings and some of the more recent vulnerabilities...I was a little too vague when I mentioned detecting VM's and doing nasty things...
-
March 26th, 2008, 07:49 PM
Just because nobody MAY be able to access you directly from the 'outside' does not mean, even by a long shot, that you are safe. A great number of the vulnerabilities out these days for windows /...
-
March 21st, 2008, 05:29 PM
I've read through some of the discussions here and just wanted to add my random $0.02 in (these days not worth much, but that is another discussion)...
I miss the tutorials, I even wrote a few of...
-
January 3rd, 2008, 03:52 PM
Ditto...IMHO you can't effectively learn the finer points of something until you understand the overall architecture of it...get the theory/terminology down pat and the other stuff IMO will come...
-
December 6th, 2007, 08:15 PM
Don't allow posting to any forums without logging on and require image verification for each logon...went a long way towards removing the problem on our clan forums...both are natively supported in...
-
December 5th, 2007, 03:44 PM
Are the UDP destination or source ports consistent? Assuming XP SP2 or Win2k3 and consistent ports, try netstat -nab, this will tell you all active connections/open/listening ports, and what...
-
December 3rd, 2007, 04:50 PM
Definitely check out Peter Finnigan...
http://www.petefinnigan.com/
-
November 9th, 2007, 01:11 AM
Couple of things, think you are trying merge the actual list and the actual node together in one struct and I don't know if that will work quite right...especially if you start manipulating the...
-
October 12th, 2007, 02:23 PM
Autopsy combined with memdump/dd/macdaddy (from Rob Lee @ SANS) is fairly lethal in my opinion...
At least on the free side...
|
|