Posts

Showing posts from July 19, 2009

Kata Sesepuh Baca Google .......

Sudah keseribu kesekian kali saya bilang ke temen saya , cari di google , apa sih susahnya mencari di google , padahal mudah sekali tinggal "buka google disana ilmu numplek plek sampe meriang meriang deh tuh :D kalo belajar disana " itu kata sesepuh saya , ilmu kanuragan sakti mandera guna yang
itemnya : mulai dari ilmu lo cari target kecil-kecilan sampe target yang segede gaban , nyepam2x , intip sana sini , dapetin ribuan email yang isinya cuma botnet doank , masuk ke wifi tetangga , deauth sana sini , wardriving di area hotspot , buka backtrack nemuin hole , cari local exploit , target root pasang backdoor dan kalo kalo
putihnya elo bisa dapetin : install network , routing squid , pake nginx , oprek router cisco , ngetrace mana yang titiknya putus , bgp , ospf , router RIP , java , josso , jboss , buat vhost , dns server , mail server pake zimbra banyak , nah skarang tinggal pilih lo mau jadi apaan , kalo untuk pengalaman bolehlah belajar semua , pake untuk kebaikan , su…

DD-WRT (httpd service) Remote Command Execution Vulnerability

This is a remote root vulnerability in DD-WRT's httpd server. The bug exists
at the latest 24 sp1 version of the firmware.

The problem is due to many bugs and bad software design decisions. Here is
part of httpd.c:

859 if (containsstring(file, "cgi-bin")) {
860
861 auth_fail = 0;
862 if (!do_auth
863 (conn_fp, auth_userid, auth_passwd, auth_realm,
864 authorization, auth_check))
865 auth_fail = 1;


......... (snip)............

899
900 }
901 exec = fopen("/tmp/exec.tmp", "wb");
902 fprintf(exec, "export REQUEST_METHOD=\"%s\"\n", method);
903 if (query)
904 fprintf(exec, "/bin/sh %s/%s905 server_dir != NULL ?
server_dir : "/www",file);
906 else
907 fprintf(e…

nginx proxy

Nginx terbukti ampuh seperti kata teman saya , kali ini saya akan mencoba implementasi penggunaan nginx ini .... nih konfigurasinya


#######################################################################
#
# This is the main Nginx configuration file.
#
# More information about the configuration options is available on
# * the English wiki - http://wiki.codemongers.com/Main
# * the Russian documentation - http://sysoev.ru/nginx/
#
#######################################################################

#----------------------------------------------------------------------
# Main Module - directives that cover basic functionality
#
# http://wiki.codemongers.com/NginxMainModule
#
#----------------------------------------------------------------------

user nobody nobody;
worker_processes 2;

error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

pid /var/run/nginx.pid;



#-----------------…

Download Backtrack in Indonesia

This is new link to download backtrack in indonesia network, i make this for my contribution as opensource lovers ... , greats to http://opensource.telkomspeedy.com

download :

http://repo.opensource.telkomspeedy.com/backtrack/

we hope you enjoy ......