Kali Linux DOM Based XSS Writeup



Recently, I have been on a mission to find XSS in popular security training websites, Since these are the ones who care about their security the most. I have been successful in finding in almost all of them i have tried up to date, This one was a bit interesting to i thought to write a post on it, Basically it was not a reflected/stored xss, however it was a DOM based XSS, similar to the one i found in Microsoft. Unlike others, this particular XSS occurs in client side javascript.
Tags: 5 Comments

How Was 133day.com Hacked?


Today, in the morning when i browsed to 1337day.com (The famous exploit buying/selling database), I was shocked to see 1337day defaced by famous turkish hacker group named "Turkguvenligi", In past Turkguvenligi has been responsible for defacements of lots of famous websites. Here is what appeared when i came across 1337day.com
Tags: 5 Comments

Anonymous Hackers Cause Significant Damage To Banking And Government Agencies




A collective of hacker groups planed to attack the websites of major government agencies and banks on May 7 to protest American foreign policy.

For weeks, the groups, which include Anonymous, have used social media to publicize their planned operation, dubbed "#OpUSA."
Tags: 0 Comments

SQL Injection With Update Query



                             SQL1.bmp
We have wrote couple of articles discussing various techniques and attack vectors for SQL Injection, We have already discussed Basic SQL Injection With Union Based, Blind SQL Injection, Time Based SQL Injection and also discussed common problems and their solutions related to SQL Injection. However, this time Daniel Max a regular reader of RHA will discuss about exploiting SQL Injection with Update Query.
Tags: 1 Comments

Hacking Windows Servers - Privilege Escalation



Most of us here can hack websites and servers. But what we hate the most is an error message- Access Denied! We know some methods to bypass certain restrictions using the symlink, privilege-escalation using local root exploits and some similar attacks.

But, these get the job done only on Linux servers. What about windows servers?
Tags: , 5 Comments

Stored XSS, CSRF And Clickjacking Vulnerabilities in Opera




Now a days, I am not much active in bug bounty programs, However, still i wanted to share my experience with Opera, Opera does not have a bug bounty program, However they certainly have their own way of thanking researchers by sending them some swag and listing their name under Hall of fame.
4 Comments
Subscribe to: Posts (Atom)

Blog Archive

 

Popular Posts

Recent Comments

Stats

rafayhackingarticles.net DMCA.com Rafay Baloch - Find me on Bloggers.com

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Followers

RHA © 2013. All Rights Reserved.

Design By My Blogger Tricks | Home | RSS

Click Here To Subscribe Now To Our RSS FEED.