Category: Tutorial

This is my experience when I was dealing with some applications which have a Directory Traversal vulnerability. I was using DotDotPwn by nitr0us when finding vulnerability on Quickshare File Server 1.2.1 (on the FTP protocol). I also used DotDotPwn when I was doing a pentest on my client. So, let the experience tell you the […]

Beberapa waktu yang lalu saya udah memberikan tutorial basic exploit development (direct return technique) dan exploit development berbasis SEH. Sekarang mari kita porting exploit tersebut ke Metasploit Framework agar exploit tersebut semakin reliable dan bisa menggunakan macam-macam payload, fitur-fitur canggih yang ada di Metasploit. Kita akan meng-konversi exploit yang pertama, yaitu Free CD to MP3 […]

If you read this post then I bet you have the same problem with me. When I tried to run the msfconsole on my BT5 I have this buggy information. Seems that the MSF could not connect to Postgres database server. I tried to install the Postgres server inside my BT5 and still have no […]

OK, today I’m trying to playin’ around with HolyNix V.1 while waiting for fasting break time. You may refer to my previous post, on where to get the HolyNix. You may also find a bunch of walk-through / help / cheat or whatever you name it, on how to solve the challenge on Google. But […]

Seeing is believing 🙂 Good, command shell is on the background now, what if we want to change that existing command shell session into meterpreter session? re-exploit? Oops, you should forget about to re-exploit, Metasploit has a feature to upgrade the command shell session to meterpreter session, look at the -u option. Let’s try that. […]

So I want to install VMware Workstation 7.1.3 on Backtrack 5, but there are some things to do there’re errors after I ran the binary (e.g: ./VMware-Workstation-Full-7.1.3-324285.x86_64.bundle), so here’s the solution: Prepare the Kernel Look here: Download patch Patching Compile Module Voila! VMware Workstation 7.1.3 installed, and you can proceed to upgrade to […]