For free time that I don’t have

Hello everybody , after a insufferable weak that I complain with , I’m here to post up the blog , I’ve recently been occupied by penetration test on some web applications , while these days I’ve frequently seen several bypasses for php and I just wondered , the vulnerabilities are advancing coming out faster than I thought they would Read more…

Bypassing, General, Hacking, PHP, Security Cpanel Bypass Safe mode [ extract tar.gz by Cpanel ], open_basedir, PHP 5.2.11/5.3.0 Multiple Vulnerabilities, PHP 5.2.12/5.3.1 symlink() open_basedir bypass, posix_mkfifo(), Safe mode bypass, symlink(), tempnam()

This publishing is around bonus stuff which I’ve considered ,MySQL injection , I had written a query :

/page.php?id=-1 union select table_name,2 from from information_schema.tables
where TABLE_SCHEMA='Sc0rpion'

As you see we used a single quote in query Read more…

Bypassing, General, Hacking, Mysql injection, PHP, Security bypass mysql_real_escape_string, Bypassing, escaping by mysql_real_escape_string(), Mysql injection, PHP, Securitybypass magic_quote

The bug has been found by Alireza Afzali from ISCN team , date of finding bug : 2008/05/5 and it was private till to night . over 10 military websites and 20 states of United State of America have been defaced by this bug Read more…

Bypassing, Hacking DNN gallery remote file upload, DNN remote file upload, dot net nuke remote file upload

Hi , the tutorial clip around cracking the passwords of cPanel has recently been published , the method is mainly focused on trying different passwords within a user name ( brute force ) . you might ask me about the protection installed in cPanels that commonly controls authentication against brute force attacks Read more…

Bypassing, Hacking, PHP Bypass PHP 5.2.9 safe mode, cPanel brute forcer, cPanel password cracker, open basedir Bypass PHP 5.2.9, php cPanel brute forcer, php cpanel password cracker, safe mode Bypass PHP 5.2.9

Today my words are linked to my previous publications around MySQL injection attack , I examine the structure of URL used to attack .  as known each database has exclusive language ( query ) and the developing coding language handling dynamic queries makes no difference … Read more…

Bypassing, Mysql injection, PHP, Security bypass magic_quote, bypass mysql_real_escape_string, escaping by mysql_real_escape_string(), information schema, information schema mysql, local database, magic_quote, Mysql injection, order by, TABLE_SCHEMA, union select, union select table_name, unsafe dynamic mysql query

Hi , as this article is focused mainly on web based attack I will go over the method fairly quickly , maybe you have seen the server with long listed of disable functions Read more…

Bypassing, Command execution, Hacking, PHP /etc/passwd, bypass php.ini, bypass safe mode, cgi-shell, CGI-Telnet Version 1.0, Commands execution, disable functions

Old but useful , I recorded this clip since the bug had been found about 1 week or little more , this hole exists on PHP 5.2.3 and PHP 4.4.7 , The current PHP stables are 5.2.6 and 4.4.9 …  Read more…

Bypassing, PHP bypass safe mod, PHP 4.4.7, PHP 5.2.3, Safe mod