[ad] What is Metasploit? The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and […]
vulnerabilities
FreeBSD Local Root Escalation Vulnerability
[ad] It’s been a long time since we’ve heard about a problem with FreeBSD, partially because the mass of people using it isn’t that large and secondly because BSD tends to be pretty secure as operating systems go. It’s a pretty serious flaw this time with root escalation, thankfully it’s only a local exploit though […]
Apache.org Hacked Using Remote SSH Key
[ad] Apache.org has been hacked quite a number of this times, last week it happened again and the whole infrastructure was down for a few hours while they sorted out what had happened and how to remedy it. Apparently one the remote SSH keys was compromised allowed attacked to upload code, the scary part is […]
WordPress 2.8.3 Admin Reset Exploit
Ah it’s WordPress again, sometimes I wonder how many holes there are in WordPress. I guess a dedicated attacker could find some serious ones with the complexity of the code base. It’s suspected some of the recent high profile breaches have come from WordPress exploits. The latest one to become public is a simple but […]
Damn Vulnerable Web App – Learn & Practise Web Hacking
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security. Vulnerabilities SQL Injection XSS (Cross Site Scripting) LFI (Local File Inclusion) RFI (Remote […]