Category: Security

Simple Fix for Login Bypass Vulnerability on PHP Application

Before we’re started, let’s getting know about this vulnerability and this bug is almost same with SQL Injection, so this vulnerability letting user directly login to sites without exploiting any other vulnerability. Several Injection Strings: ‘=”or’ ‘ or 1=1 or ”=’ ‘ or 1=1- ‘ or 1=1# Then, how we patching that vulnerability? I will…

July 19, 2018
Capturing and Cracking WPA on macOS

Capturing & Cracking WPA on macOS? maybe I just use the excellent VirtualBox images of Kali Linux from Offensive Security and aircrack-ng. but I just forgotten that: Using advanced wireless features is impossible from a virtual machine Even if he used Kali Linux with a dual boot, installing the wireless drivers to make it work…

July 19, 2018
How to open router settings

The router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. A data packet is typically forwarded from one router to another router through the networks that constitute an internetwork until it reaches its destination node. A router is connected to two or more data lines from different networks. When a data packet comes in on…

May 25, 2018
Change Windows Computer IP address

Shutdown your computer for a minute and turn it back on. Again, the common nature of DHCP is to assign the device same IP address each time it connects to the network, it’s unlikely that you’ll receive different address first time your restart your computer. If you restart a few times, you may get lucky and…

May 10, 2018
Change Router IP address

A router is a layer 3 networking device that connects multiple computers to the Internet. In home network with dynamically assigned IP address, a router is assigned a public IP address and all the computers connected to the router is assigned a private IP address. When computers connected to the router visits the Internet, the…

May 10, 2018
SQL Injection

SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. Now many websites are built using PHP and…

May 9, 2018
Hidden Uploader

So many technique that can accessing server via website like SQLi and Hidden Uploader, hidden uploader is a file containing function to upload data that can triggered from the live web or remote exploiting. This is caused because some Administrator that don’t know about program, making the sites vulnerable but this is need a great…

May 8, 2018
Drupal RCE bug

Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code. Three weeks ago, Drupal security team discovered a highly critical remote code execution vulnerability, dubbed Drupalgeddon2, in its content management system software that could allow attackers to completely take over vulnerable websites. To address this…

April 28, 2018