Tuesday , August 22 2017
Home / Hacking

Hacking

NadraGate Part 2 – PaperPk 200,000 Users Data At Risk

PaperPk 200,000 Users Data At Risk

PaperPk.com is an online Jobs Searching platform like Rozee.pk where the users can find jobs from all newspapers ads. All latest jobs are mostly advertised in newspapers like Jang , Dawn and Express Daily so people would likely have to buy a newspaper else if they are unable to buy a newspaper, they …

Read More »

Exploit with OS Command Injection

OS command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. the attacker-supplied operating system …

Read More »

Bypass HTTP Basic Authentication with Nmap and Metasploit

Bypass HTTP Basic Authentication

Basic HTTP authentication is a method for providing username and password when making a request for particular web resources. The client sends the user name and password as unencrypted base64 encoded text. When an anonymous request for protected resource is received by HTTP, it can force the use of Basic …

Read More »

How to configure Proxychains with tor in Kali Linux

configure Proxychains with tor in Kali Linux

The goal of this tutorial is to configure proxychains with tor in Kali Linux in order to anonymize all the web traffic including network related traffic generated by various applications. Proxy chains has a great importance when it comes to anonymizing the traffic generated by footprinting and doing nmap to …

Read More »

Top 33 Wireless Attacking Tools by Kali

Wireless Attacking Tools

We have compiled a group of Wireless Attacking Tools available in Kali that are used for wireless attacks. Note: This post is for experimental purposes. 1. Aircrack-ng Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements …

Read More »

Introduction to HTTP Parameter Pollution

HTTP Parameter Pollution

HTTP Parameter Pollution, or HPP, occurs when a website accepts input from a user and uses it to make an HTTP request to another system without validating that user’s input. This can happen one of two ways, via the server (or back end) and via the client side. Supplying multiple …

Read More »

Russia no longer denies hacking DNC

russia no longer denies hacking dnc

WASHINGTON — U.S. officials blame hackers guided by the Russian government for the attacks on DNC servers earlier this year that resulted in WikiLeaks publishing about 20,000 private emails just before Hillary Clinton’s nominating convention in July. Russia no longer denies hacking DNC. Vladimir Putin said the hacking of thousands …

Read More »

Server-Side Includes (SSI) Injection

server side includes

SSI Injection (Server side Includes) is a server-side exploit technique that allows an attacker to send code into a web application, which will later be executed locally by the web server. SSI Injection SSI are generally the directives that are present on the web applications which are used to feed …

Read More »

How do buffer overflow attack works?

buffer overflow

When a web application is launched a process is created in a CPU where PMU (Process Management Unit) allocates temporary storage in RAM which holds the data right before it is used by the application. Before going into buffer overflow attack we should learn what it really means. How Buffer …

Read More »

What is DNS Spoofing? How to redirect traffic to fake website?

DNS Spoofing

DNS Spoofing is also known as DNS cache poisoning. It is malicious technique used by attackers to divert legitimate traffic to attacker’s fake website for his own sake. DNS Spoofing The main idea behind DNS spoofing is that attacker introduces a corrupt domain name in the DNS resolver’s cache, where …

Read More »

What is Man-in-the-middle attack (MITM)

man-in-the-middle

In computer security and cryptography (study of techniques for secure communication in the presence of third parties), man-in-the-middle is an attack where an attacker secretly keeps an eye on the communication happening in between two legitimate users while they are not aware of any external threat. Man-in-the-middle attack is one …

Read More »

What is ARP Protocol, ARP Poisoning or ARP Spoofing and how it works?

ARP Protocol, ARP Poisoning or ARP Spoofing

As always, most of the people don’t have any background knowledge about hacking or particular type of topic we are discussing here today. So before moving ahead to ARP Protocol, ARP Poisoning or ARP Spoofing we should first learn what is ARP or ARP Protocol. What is ARP Protocol? Address …

Read More »

Hack with Cookie Poisoning, Cookie Stealing, Session Hijacking

Before learning session hijacking let’s learn session first. The connectivity between a client and server or client active to a website is known as session. We will learn to hack with Cookie Poisoning, Cookie Stealing, Session Hijacking. What is the purpose of a session? A web server is responsible for …

Read More »

OS Command Injection Vulnerability

Command Injection

Command Injection attack is also known as Arbitrary Code Execution. In Command Injection an attacker generally injects a malicious user input to the system functions which executes system shell commands based on the attacker’s input. The Command Injection vulnerability occurs when the web applications supplies vulnerable (unsafe) input fields to …

Read More »

How to detect code injection attack

code injection attack

Code injection is also known as PHP code injection. Code injection attack is an exploitation technique where a computer bug is exploited by injecting code into an application which is then executed by application itself. PHP code injection attacks are generally performed by injecting a PHP code into the PHP …

Read More »

Responsive WordPress Theme Freetheme wordpress magazine responsive freetheme wordpress news responsive freeWORDPRESS PLUGIN PREMIUM FREEDownload theme free