SEH Based Stack Overflow – The Basic

Kali ini saya akan coba tehnik lain dari stack overflow, yaitu stack overflow berbasis SEH. Apa itu SEH? silakan dibaca diliteratur-literatur berikut: Structured Exception Handling Win32 Exception handling for assembler programmers Tidak ada yang lebih menyenangkan daripada belajar sambil mencoba. Kita akan mencoba SEH based stack overflow pada program yang pernah di post oleh sickness,…

Backtrack 5: How to install VMware Workstation 7.1.3

So I want to install VMware Workstation 7.1.3 on Backtrack 5, but there are some things to do there're errors after I ran the binary (e.g: ./VMware-Workstation-Full-7.1.3-324285.x86_64.bundle), so here's the solution: Prepare the Kernel Look here: http://www.backtrack-linux.org/forums/backtrack-5-how-tos/40276-backtrack-5-how-prepare-kernel-sources-vmare-tools-drivers-etc.html Download patch http://communities.vmware.com/servlet/JiveServlet/download/2344-293321-1721368-58749/vmware-7.1.3-2.6.38-1-generic.patch Patching Compile Module Voila! VMware Workstation 7.1.3 installed, and you can proceed to upgrade to…

Dump Windows System Info

When you were asked to collect all Windows system information such as list of users, services, software installed and its version, Windows update history, etc..probably you wanted to see these tools: System Information Collector WinUpdatesList v1.31 WinAudit Freeware v2.28.2 SAM/Password Extractor pwdump7* ( v7.1 ) (detected as HackTool/Possible Unwanted Application) FGDump* (detected as HackTool/Possible Unwanted…

Remove Comments from Configuration

Sometimes when you want to config something, it contains the comments from the developer which will help us to figured out which options of arguments will be used. But if you are already familiar with the configuration, comments are so annoying, so here is how to eliminate them (using apache2.conf as example): or write it…

How to: SQLMap (dump and destroy)

SQLMap is the tool to automate SQL Injection vulnerability exploitation. This tool is very popular to exploit the SQL Injection vulnerability. While most of web hacker enthusiast knew about this tool to gather information and retrieves the tables information, i try to share this information about the powerful of SQLMap rather than just as "a…

PHP Include Exploitation with Metasploit

Metasploit support for PHP Include exploitation, or simply known as RFI (Remote File Inclusion). I will show you how this work on CS-Cart 1.3.3 which vulnerable to remote file inclusion. The vulnerable path is at classes/phpmailer/class.cs_phpmailer.php?classes_dir=[include arbitrary php code] so in Metasploit, the PHPURI PATH will be like this: Now we set all options. After…

Secure Browsing Dengan SSH Tunnel

Tehnik ini saya gunakan ketika memakai akses internet di area publik seperti Wireless Hotspot. Yup, secure browsing kali ini menggunakan SSH Tunnel. Tehnik yang menarik karena SSH bisa “ditebengin” dengan paket lain, sehingga paket yang “nebeng” protokol SSH juga ikut terenkripsi (SSH merupakan protokol yang aman karena tiap paket yang berjalan di enkripsi). Ok basa-basi…

Tehnik Tunneling Dalam Hacking

Tunneling biasanya dipakai sebagai tehnik untuk meloloskan paket dari jaringan yang terisolasi oleh firewall atau oleh jaringan itu sendiri (NAT). Para administrator jaringan biasanya membuat sebuah tunnel untuk dapat mengakses bagian yang tidak dapat diakses tersebut. Bayangkan jika Anda seorang administrator jaringan hendak melakukan remote connection ke jaringan Anda sendiri namun komputer yang hendak Anda…