SomeoneE1se
-
Posts
2,800 -
Joined
-
Last visited
Posts posted by SomeoneE1se
-
-
-
testingYeah.'IP AddressShareName' make sure the ip address is the vpn one.
errm but why are you using vpn for a direct link
-
not for the switchblade, I've seen white hat uses for it*, but for this payload What's the white hat use for fucking over an OS?
(*moonlit you need to build a anti USB hack payload)
-
wow, you're like that DEA angent "I am the only in this room who can handle this glock9" *bang* he shoots himself in the foot.... only you
did it twice...
-
I'll help you figure it out if you can name one white hat use for this
-
I have the mogul but any phone with bluetooth teathering + Vaio TZ
-
I take it back I'm going to have to recommend the light install of XP it would be mind numbingly simple to get xp to do all that and worst case backup desktop.
-
Having never used it and knowing next to nothing about it I suggest Microsoft's Home server.
-
I have a clients site whose server is vulnerable to the somefile.php.jpg executable attack due to the way his Apache server is configured. I fixed his upload scripts to strip out any code with ".php." in the uploaded file names, but I want to make sure there isn't any other way they can use this attack on the site.
I don't have control panel or shell access to the site, just strictly FTP access. I want to know, is there a way to override the default Apache handler of "AddHandler x-httpd-php .php" (which is what causes the vulnerability) with "AddType x-httpd-php .php" using an htaccess file. I have been reading up on it, but it seems all documentation points to the servers config files.
I am not 100% sure, but I think it can be done using a mod rewrite somehow in an htaccess file, but if so, I don't know how to format the override.
Anyone have experience with this flaw and how to block it (short of sanitizing the upload scripts).
I am thinking something along the lines of "RemoveHandler .php." or "RemoveType .php."
don't piss around sanitize the damn upload script.
-
but MS defenitly should give Hak5 some money for this one.
care to explain that one?
-
'cause everyone know they be smrt.
-
unless you find it and point it out,
There is not anything wrong with the first one. FAIL!
There is probably a dick laying on the ground or something.
no it's probably a fake one that made to trick n00bs into thinking it's a mindfuck.
2cm from the guys knee, there is a skull in the grass.
--- Edit ---
To the left.
that's REALLY stretching it
-
I was so ready to flame grill for a 7 min ep... until I relised that there was more damage then what happened to the celing, my bad dude good luck with that one. Also 15$ donated don't spend it all in one place ;)
plus+ good ep geek approved.
-
hmm, getting into someone elses computer is wrong.
you might want to google some random phrases, as penance
phrases like
'booting linux into single user mode'
'john the ripper'
lmao
(I know one word post are annoying and not helpful, but that was too funny not to.)
-
unless you find it and point it out,
There is not anything wrong with the first one. FAIL!
There is probably a dick laying on the ground or something.
no it's probably a fake one that made to trick n00bs into thinking it's a mindfuck.
-
I've been thinking about this myself, the two ideas I've come up with are to use a database for individual users/permissions;
id, userID, module, premissionLevel,
or grouping them into groups;
access level: user (read only), editor (create, manage own created entrys), manager (manage any entry), admin (manage users *)
so a "user" could be a editor and create entrys but not a user and read them.
-
any reason to not just use your own?
-
unless you find it and point it out,
There is not anything wrong with the first one. FAIL! -
Yeah, break your own network.
-
-
someone invite snubsgeek chicks can have waterfights anyday of the week tho ^^ -
..yeah I got that part, but the acronym doesn't make sense. And has nothing to do with cofee, of what had he spent a little time could have been a great joke.
I said it was a lame joke to be ignored. Ah well, time for the grand edit.
I would have but the conversation continued, also editing after someone has quoted you serves no point, also,
Anyone know how to get a copy of it? -
a VPN is not what you want, SSH and a tunneling client it what you should be looking at for this a VPN would be over kill. Also have you tried asking IT what they are doing, or not doing anything at work you don't want them to see. And any of this becomes pointless if they have monitering software already install on the computer.
-
create a dir that ONLY you're user can see or write to, and create a root cron job to check to see if /home/user/secret/dir/shutdown.file exists if it does delete it and shutdown...
Peer to Peer VPN
in Questions
Posted
wireshark will tell you the originating ip and the destination IP fire it up and start a movie located on the other computer that will generate traffic and you can then find out what IP you're using. The problem you're having is that the VPN traffic will appear as local because it is local once you go remote you can tell if the VPN is working just by connecting. Also if you can figure out what IP is witch transfer some files BEFORE you start the VPN that will tell you what IP to ignore.