How To Jailbreak IPhone 4S / iPad 2 On IOS 5.0.1 Untethered With Greenpois0n Absinthe

iPhone4S1 Unlock
The long waited Jailbreak for iPhone 4S/ iPad 2 untethred has been released by Chronic Dev team and they have named it as GreenPois0n Absinthe. The GreenPois0n Absinthe will enables a user to jailbreak 5.01 Untethered.Pod2g was the mastermind behind the vulnerability. On finding the vulnerability around 8 months ago in IOS 5.0.1 he handed over it to Chronic Dev team and iPhone dev team. The two giants of Jailbreaking industry.  However both of the well known teams managed to create the exploit which enables the user to jailbreak 5.0.1. The iPhone dev team Named it as Redsn0w 0.9.10 and the chronic dev team named it as GreenPois0n Absinthe.

January 2012 Contest Sponsor For RHA - PentestMag

<---------Update: Winners Announced Click Here -------->
RHA contest

Due to a tremendous response of readers and huge number of participants of the last contest ElearnSecurity, we decided to setup another contest for RHA readers. We have partnered with pentestmag.com and arranged a contest for our readers, The winners will be handed over with prizes worth up to 1400$.

How Websites Get Hacked With FileUpload Vulnerability?

The vulnerability which we are about to demonstrate in my opinion is the number 1 reason why websites hacked and are exploited further to the server level. When a hacker performs a SQL Injection attack on a website he needs a way to get shell level access and install the PHP backdoor so he can touch other files on server or compromise the server itself if it's vulnerable. If we could secure our uploads and restrict our upload area so that they don't allow it does not allow the upload of other files instead of images we can protect our upload area.

Local File Inclusion Vulnerability Demonstration - Shell Upload

Local file inclusion is a very popular web application attack, It was very common few years back. However now a days you will rarely find websites vulnerable to this attack. However a single vulnerability can result in getting your website compromised. We have already written an article on Directory transversal attack. Therefore I believe that we need no to go in details about the attack. You might know avinash by now the author of the previous article How Hackers Are Hacking Into Websites On Shared Hosts. However in this article he will demonstrate a local file inclusion vulnerability and he will enhance the attack by uploading a shell on the website.

How to Make the Best Out Of A Vulnerability Scanner

As your knowledge and experience in security increases, you start looking at a variety of security solutions that could help you do a better job and automate many of the processes. One of the first products that you would probably test is a vulnerability scanner. That’s an excellent first step but now comes the harder part, if you are new to vulnerability scanning, how do you go about making effective use of this solution?
Not all vulnerability scanners are the same and some of the functionality mentioned in this article may or may not be available to you; however I recommend that you go for a solution that gives you as wide a range of features as possible.

How Hackers Are Hacking Into Websites On Shared Hosts - Symlink Bypass Explained

You might have noticed a tremendous increase number of hack attacks on wordpress, joomla blogs and other content managing systems. What the hackers are doing is that instead of targeting the CMS itself meaning wordpress or joomla. They are targeting a vulnerable website on a server, Once they gain access to a single vulnerable website on the server, They upload a shell and with a method called "Symlink Bypass". They manage to extract the configuration files of another website hosted on that same server and later on using a simple MySQL interface they connect to that website.

How To Deal With Insider Threats?


The biggest threats to IT security don’t originate from outside a company. Employees, contractors, and business partners on the inside pose a far greater security risk. As long as your current or former staff and associates have access to your internal network, you are vulnerable to a security breach.

Here’s how to deal with the real and significant threat of attack from insiders, and avoid the widespread damage they can unleash on your company’s finances and reputation.

FBI Shudowns Megaupload.com, Anonymous Shutdowns FBI

Megaupload.com was shut down by FBI on Thursday.
A day after a 24-hour blackout of popular Websites such as Wikipedia, Reddit and BoingBoing, which were protesting a pair of controversial anti-piracy bills(SOPA/PIPA) making their way through Congress, FBI stepped in and shut down one of the world's largest file-sharing sites Megaupload.com, also charged four people connected to it in New Zealand and seized Millions in cash from the authorities. However three of the higher authorities are on the run and thought not to be in New Zealand.

Penetration Testing in the Real World By Offensive Security

Why browsing on the internet, I found an excellent video regarding penetration testing in real world by offensive security. Penetration testing in the real world is really difficult from what you do inside testing environments like webgoat, DVWA tools etc. There are lots of security mechanisms being implemented now a days like IDS, IPS, firewalls etc. Therefore Penetration testing in the real world has became quite difficult. In the following video the instructor explains penetration testing in real world. He goes right away from exploiting the Filetransfer protocol right up to gaining administrator access to the machine.

Hack Facebook Account Status - Facebook Status Vulnerability

We have already disscussed alot about "How To Hack Facebook Passwords" in my article Top 10 Ways How Hackers Can Hack Facebook Accounts In 2011. However in this article I will talk about a common vulnerablility which can be used by hackers to hack a facebook account status. Before I proceed with this article I would like to mention it clearly that every thing explained here is for educational purposes only. Our mission is not to encourage people to hack facebook accounts, However we want to raise awareness among people regarding latest internet security threats.

Wordpress Plugin Easy Comment Uploads Vulnerability - Thousands Of Websites Vulnerable

Wordpress as you might know is one of the most widely used blogging platforms, As a reason of which it has became the favorite target of hackers. Wordpress itself is quite secure, however the plugins make it unsecure resulting in hack attacks, data loss etc, when they are created the developers do not think of the security or do not know how to write the secure code, hence skipping lots of necessary checks making the plugins vulnerable to attacks like SQLInjetion, Remote File inclusion etc.

Which Programming Language To Learn For Hacking?

                                                   
Having the prior knowledge of programming is something which will separate you from all the other script kiddes( Wanna be hackers) and other tool lovers out there, Lots of times during penetration tests you come across a point where you need to write or build your own custom scripts and programs this is where the knowledge of programming comes handy.

The other and by the far the most important advantage of programming is that you will be able to understand exploit codes and even learn to write them too, Though there are softwares which have made the process of exploit writing much simpler, but you still need to have a solid grasp of programming languages in order to know how the exploits work.

How to hack facebook password

Are you curious to "hack facebook password" well then this post is just for you, Most people ask me to tell them the easiest way to hack facebook password, so here are some ways to that hackers take to hack facebook password:

Winners Announced - December 2011 Contest

                  
It's finally time to announce winners for My "elearnSecurity Penetration testing course", First of all I would like to thank all the people who participated in the contest, Secondly I would like to inform you that the winners were not picked by me, They were picked by elearnsecurity team. We also received some private entries from people who were not interested in revealing their email addresses through the comments section.

Facebook Hacked: A Worm Steals More Than 45k Passwords

                                        

Facebook as you might know has been a victim of malware attacks and hoaxes for a large span of time now, It seems that facebook has been unsuccessful to stop these kind of attacks. A famous worm called Ramnit worm has been actively found in the facebook environment. It is reported by Symantec that this worm is responsible for the theft of more than 45k passwords.

 
Rafay Baloch is an Independent security researcher, Internet marketer, Entrepreneur and a SEO consultant, He is the founder of RHA blog and multiple other blogs. Rafay got famous after finding a Remote Code Execution bug inside PayPal for which PayPal awarded him a sum of 10,000$ Read More..

Join In!

RHA © 2013. All Rights Reserved.