Category: Tutorial

EternalBlue dapat digunakan untuk melakukan eksploitasi pada layanan Server Message Block (SMB) tanpa membutuhkan proses otentikasi. Kemudian ditambah dengan menggunakan DoublePulsar untuk mengirim sekaligus mengeksekusi malicious Dynamic-Link Libraries (DLL) atau raw shellcode pada komputer korban.

This is my experience when I was dealing with some applications which have a Directory Traversal vulnerability. I was using DotDotPwn by nitr0us when finding vulnerability on Quickshare File Server 1.2.1 (on the FTP protocol). I also used DotDotPwn when I was doing a pentest on my client. So, let the experience tell you the story

Beberapa waktu yang lalu saya udah memberikan tutorial basic exploit development (direct return technique) dan exploit development berbasis SEH. Sekarang mari kita porting exploit tersebut ke Metasploit Framework agar exploit tersebut semakin reliable dan bisa menggunakan macam-macam payload, fitur-fitur canggih yang ada di Metasploit. Kita akan meng-konversi exploit yang pertama, yaitu Free CD to MP3 […]

Seems that the MSF could not connect to Postgres database server. I tried to install the Postgres server inside my BT5 and still have no luck. So I starting to search over the internet and found the solution for this problem. Here are the solution