Submitted by Akira on 2009, May 21, 11:27 PM
# > tar xzvf cadaver-0.23.2.tar.gz
# --snip--
# > cd cadaver-0.23.2/
# > patch -p1 < ../cadaver-0.23.2-h4x.patch
# patching file lib/neon/ne_basic.c
# patching file lib/neon/ne_request.c
# patching file lib/neon/ne_uri.c
# > ./configure
# --snip--
# > make
# --snip--
#
# Now we should have a patched, compiled version of cadaver, so start it
# up with the server that was identified as having a vulnerable folder
# earlier:
» 阅读全文
Submitted by Akira on 2009, May 21, 12:28 PM
* Mac OS X users should disable Java applets in their browsers and
disable 'Open "safe" files after downloading' in Safari.
* Soylatte users running untrusted code should upgrade to an
OpenJDK6-based release, where possible. No future releases of the
JRL-based Soylatte branch are planned at this time. If this is an
issue for you, please feel free to contact me.
* No work-around is available for users otherwise running Java
untrusted code.
» 阅读全文
Submitted by Akira on 2009, May 17, 2:28 AM
hanxiaolian 为了躲避 lake2 ASP站长管理助手而写..
一.绕过lake2 Asp木马扫描的小马
» 阅读全文
Submitted by Akira on 2009, May 17, 1:49 AM
*** FOR IMMEDIATE RELEASE *** *** FOR IMMEDIATE RELEASE ***
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass
Discovered by Kingcope - May 12th, 2009
Affected Vendors
Microsoft
Affected Products
Web Server
Vulnerability Details
This vulnerability allows remote attackers to bypass access restrictions on vulnerable installations
of Internet Information Server 6.0.
The specific flaw exists within the WebDAV functionality of IIS 6.0. The Web Server fails to properly
handle unicode tokens when parsing the URI and sending back data. Exploitation of this issue can
result in the following:
» 阅读全文
Submitted by Akira on 2009, May 14, 12:59 PM
/*
ptrace_attach privilege escalation exploit by s0m3b0dy
[*] tested on Gentoo 2.6.29rc1
grataz:
Tazo, rassta, nukedclx, maciek, D0hannuk, mivus, wacky, nejmo, filo...
email: s0m3b0dy1 (at) gmail.com
*/
» 阅读全文
Submitted by Akira on 2009, May 13, 8:43 PM
我家靠着人民币,书写新的传奇
70码的速度能够撞到空中5米
需要什么随便开口请不用拘礼
多少花费没关系疏通没问题
» 阅读全文
Submitted by Akira on 2009, May 12, 12:52 PM
我的无线网卡(Linksys WPC55AG)用的是Atheros驱动,我需要对之打补丁。如果你的驱动和我的不同,你需要研究一下是否需要为驱动打补丁,是否甚至可以和 Aircrack套件协同工作。Aircrack-ng.org的论坛是一个用来测试的好地方,当然了,google search也是的。如果你的网卡也是Atheros的,我们称之为ath0,那么,在终端窗口敲入iwconfig,会出现一行字符,显示以太网控制器 是Atheros Communications……
» 阅读全文
Submitted by Akira on 2009, May 12, 4:00 AM
堆栈是一个先入后出的队列。一般计算机系统堆栈的方向与内存的方向相反。压栈的xx作push= ESP-4,出栈的xx作是pop=ESP+4. 在一次函数调用中,堆栈中将被依次压入:参数,返回地址,EBP。如果函数有局部变量,接下来,就在 堆栈中开辟相应的空间以构造变量。函数执行结束,这些局部变量的内容将被丢失。但是不被清除。在函 数返回的时候,弹出EBP,恢复堆栈到函数调用的地址,弹出返回地址到EIP以继续执行程序。
» 阅读全文
| « 2010年03月 » | ||||||
| 日 | 一 | 二 | 三 | 四 | 五 | 六 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
[43] [12] [16] [3] [2] [6] [4] [10] [3] [9] [6] [1]