MSF PostgresQL Problem on BT5

If you read this post then I bet you have the same problem with me. When I tried to run the msfconsole on my BT5 I have this buggy information. Seems that the MSF could not connect to Postgres database server. I tried to install the Postgres server inside my BT5 and still have no…More

Silent Backdoor with Weevely

Ever think to gain access to your backdoor undetected? Well, maybe not all web administrators examine their php files? Weevely is the answer. Just follow these actions (I was doing this on Backtrack 5): Where: -p = your password to access the backdoor -g = generate a new encrypted php file (it doesn’t actually encrypt…More

Mel0nPlayer 1.0.11.x Denial of Service POC

Software Description Mel0n Player is a famous software in Indonesia to play music that are provided by the Melon portal (http://www.melon.co.id). This software can play any music file types such as mp3, wav, wma, mp4, and others. This player can also play the files on your local computer or by online streaming to the portal…More

Useful Addresses When Dealing with ROP

Saya nulis ini supaya ga lupa. Sebenarnya bisa dicari lagi sih alamat ini, cuma lebih enak klo udah ada disini tanpa nyari lagi khan?!. Sejumlah alamat yang dipake untuk tehnik ROP, sbb: VirtualAlloc() Secara sederhana, fungsi VirtualAlloc() akan mengalokasikan memory baru. Salah satu dari parameter di fungsi ini yang bisa membuat memory yang baru bisa…More

Metasploit Meterpreter Command Shell Upgrade

Seeing is believing Good, command shell is on the background now, what if we want to change that existing command shell session into meterpreter session? re-exploit? Oops, you should forget about to re-exploit, Metasploit has a feature to upgrade the command shell session to meterpreter session, look at the -u option. Let’s try that.…More

Some Documents of File Specifications/Formats

Here are some documents to help you understand some file formats/headers, for file format fuzzing purpose: WAVE PCM soundfile format (RIFF) https://ccrma.stanford.edu/courses/422/projects/WaveFormat/ ZIP File format specification http://www.pkware.com/documents/casestudies/APPNOTE.TXT MPEG File format http://www.mpgedit.org/mpgedit/mpeg_format/mpeghdr.htm#MPEGTAG GZip File format http://www.gzip.org/zlib/rfc-gzip.html SWF File format http://the-labs.com/MacromediaFlash/SWF-Spec/SWFfileformat.html TIFF File format http://www.awaresystems.be/imaging/tiff/faq.html EXIF File format http://www.media.mit.edu/pia/Research/deepview/exif.html ID3Tag File format (v.2.3.0) http://www.id3.org/id3v2.3.0 PNG File format…More

Backtrack 5: How to install VMware Workstation 7.1.3

So I want to install VMware Workstation 7.1.3 on Backtrack 5, but there are some things to do there’re errors after I ran the binary (e.g: ./VMware-Workstation-Full-7.1.3-324285.x86_64.bundle), so here’s the solution: Prepare the Kernel Look here: http://www.backtrack-linux.org/forums/backtrack-5-how-tos/40276-backtrack-5-how-prepare-kernel-sources-vmare-tools-drivers-etc.html Download patch http://communities.vmware.com/servlet/JiveServlet/download/2344-293321-1721368-58749/vmware-7.1.3-2.6.38-1-generic.patch Patching Compile Module Voila! VMware Workstation 7.1.3 installed, and you can proceed to upgrade to…More

Dump Windows System Info

When you were asked to collect all Windows system information such as list of users, services, software installed and its version, Windows update history, etc..probably you wanted to see these tools: System Information Collector WinUpdatesList v1.31 WinAudit Freeware v2.28.2 SAM/Password Extractor pwdump7* ( v7.1 ) (detected as HackTool/Possible Unwanted Application) FGDump* (detected as HackTool/Possible Unwanted…More