A Brief History of CSRF

October 4, 2005 cyber world witnessed its fastest spreading worm called samy virus of all time that was designed to propagate across the MySpace social-networking site written by Samy Kamkar. Within just 20 hours of its release, over one million users had run the payload that displayed the string “but most of all, samy is […]

Cross Site Scripting (XSS) via Host Header Injection

Vulnerability Name: Cross Site Scripting (XSS) vulnerability via Host Header Injection. Product: Forcepoint Web Security 7.7.X Scenario and Reproduction Steps: To reproduce this issue, I need forcepoint to handle any error/exception. Fortunately I found a website (http://prasenjit.com) which has improper SSL over HTTP. That is why, without forcepoint, browser shows below error page while anyone tries […]

Natkhat NetCat

Introduction: If you are a penetration tester then netcat is one of the most used tools of yours. For over 20 years, this tiny but powerful tool has been used by hackers for a wide-range of activities. It’s so powerful and useful, that many people within the hacking community refer to it as the “Swiss Army knife […]

Cross Site Scripting (XSS) to Meterpreter

Hello Guys, Today we are going to learn about how we can exploit Cross Site Scripting (XSS) vulnerability and gain access over client’s system via meterpreter. Sounds weird?? Let’s have a look of it. Before proceeding, we need to learn following topics and tools. What is Cross Site Scripting (XSS)? Cross-site scripting (XSS) is a […]

Insecure PUT method to Meterpreter

Hello guys. Today I will describe another way to compromise a remote system. We are going to exploit vulnerable HTTP methods PUT to gain access over the web server. Before starting we need to understand following topics. HTTP Methods: HTTP defines a set of request methods to indicate the desired action to be performed for […]

File Inclusion to Meterpreter

What is File Inclusion vulnerability? File inclusion vulnerability is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control […]

File upload vulnerability to Meterpreter

Vulnerability Name: Arbitrary file upload vulnerability in DVWA frame work in “low” section. System Specification: Victim – Windows XP SP2 [IP: 192.168.24.131] Attacker – Kali Linux 2.0 [IP: 192.168.24.133 PORT: 4444] Success Criteria: Following two conditions are mandatory for exploiting file upload vulnerability – Attacker can upload any file (including .php, .asp, .aspx etc) Attacker […]