PikaChu cyberheartmi9
cyberheartmi9
/ Full MSSQL Injection PWNage
Created
August 22, 2017 23:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Full MSSQL Injection PWNage | |
| Archived security papers and articles in various languages. | |
| |=--------------------------------------------------------------------=| | |
| |=----------------=[ Full MSSQL Injection PWNage ]=-----------------=| | |
| |=-----------------------=[ 28 January 2009 ]=------------------------=| | |
| |=---------------------=[ By CWH Underground ]=---------------------=| | |
| |=--------------------------------------------------------------------=| | |
cyberheartmi9
/ Attacking Ruby on Rails Applications
Created
August 22, 2017 23:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ==Phrack Inc.== | |
| Volume 0x0f, Issue 0x45, Phile #0x0c of 0x10 | |
| |=-----------------------------------------------------------------------=| | |
| |=--------------=[ Attacking Ruby on Rails Applications ]=---------------=| | |
| |=-----------------------------------------------------------------------=| | |
| |=---------------------=[ joernchen of Phenoelit ]=----------------------=| | |
| |=---------------------=[ joernchen@phenoelit.de ]=----------------------=| | |
| |=-----------------------------------------------------------------------=| |
cyberheartmi9
/ Ret2libc bypass setuid
Last active
April 4, 2018 00:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |printf|pop-ret|%5$n|execl|exit|/bin/sh/|/bin/sh|execl-last-arg| | |
| ---------------------- | stack grow | |
| |execl-last-arg | | | |
| |--------------------- | | |
| |/bin/sh | | | |
| |--------------------- | |
cyberheartmi9
/ gist:b4a4ff0f691be6b5c866450563258e86
Created
April 4, 2018 08:40
Beyond SQLi: Obfuscate and Bypas
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |=--------------------------------------------------------------------=| | |
| |=--------------=[ Beyond SQLi: Obfuscate and Bypass ]=---------------=| | |
| |=-------------------------=[ 6 October 2011 ]=-----------------------=| | |
| |=----------------------=[ By CWH Underground ]=--------------------=| | |
| |=--------------------------------------------------------------------=| | |
| ###### | |
| Info | |
| ###### |
cyberheartmi9
/ vulnerabilities Cheat Sheet
Created
April 4, 2018 08:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ Sql injection ] | |
| https://sqlwiki.netspi.com/ | |
| https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet | |
| https://www.owasp.org/index.php/Injection_Prevention_Cheat_Sheet | |
| http://securityidiots.com |
cyberheartmi9
/ Finding vulnerabilities in PHP scripts FULL
Created
April 4, 2018 08:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Name : Finding vulnerabilities in PHP scripts FULL ( with examples ) | |
| Author : SirGod | |
| Email : sirgod08@gmail.com | |
| Contents : | |
| 1) About | |
| 2) Some stuff | |
| 3) Remote File Inclusion | |
| 3.0 - Basic example | |
| 3.1 - Simple example |
cyberheartmi9
/ 0x280 Heap-and bss-Based Overflows
Created
April 17, 2018 00:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Table of Contents | |
| Previous Section Next Section | |
| 0x280 Heap-and bss-Based Overflows | |
| In addition to stack-based overflows, there are buffer-overflow vulnerabilities that can occur in the heap and bss memory segments. While these types of overflows aren't as standardized as stack-based overflows, they can be just as effective. Because there's no return address to overwrite, these types of overflows depend on important variables being stored in memory after a buffer that can be overflowed. If an important variable, such as one that keeps track of user permissions or authentication state, is stored after an overflowable buffer, this variable can be overwritten to give full permissions or to set authentication. Or if a function pointer is stored after an overflowable buffer, it can be overwritten, causing the program to call a different memory address (where shellcode would be) when the function pointer is eventually called. | |
| Because overflow exploits in the heap and bss memory segments are much more dependent o |
cyberheartmi9
/ List of mine types
Created
April 20, 2018 02:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| content-types by ak1t4 | |
| List of mine types | |
| application/andrew-inset ez | |
| application/mac-binhex40 hqx | |
| application/mac-compactpro cpt | |
| application/mathml xml mathml | |
| application/msword doc | |
| application/octet-stream bin dms lha lzh exe class so dll |
cyberheartmi9
/ Exploiting non-classical Format String Vulnerability
Created
April 22, 2018 20:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |=---------------=[ Exploiting non-classical format string vulnerability ]=--------------=| | |
| |=-----------------------=[ darkeagle <d4rkeagle@gmail.com> ]=---------------------------=| | |
| |=--------------------=[ 55k7 researcherz <http://www.unl0ck.net> ]=---------------------=| | |
| --[ Table of contents | |
| 1 - Intro | |
| 2 - Local Exploitation | |
| 3 - Remote Exploitation | |
| 4 - References |
cyberheartmi9
/ Format Strings (Gotfault Security Community)
Created
April 22, 2018 20:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Gotfault Security Community | |
| (GSC) | |
| ---------[ Chapter : 0x400 ] | |
| ---------[ Subject : Format Strings ] | |
| ---------[ Author : xgc/dx A.K.A Thyago Silva ] | |
| ---------[ Date : 11/02/2005 ] | |
| ---------[ Version : 2.5 ] | |