This another small shellcode I’ve written for both linux x86 and x86_64 architectures. Let’s have a look at the Linux programmers manual about how execve() takes arguments.
[code language=”C”]
#include <unistd.h>
int execve(const char *filename, char *const argv[],
char *const envp[]);
[/code]
This is my first hand written shellcode for linux which I wrote it for fun and exploration. I am a bit new to shellcoding in *nix environments. This shellcode changes the permission of the shadow file in linux/x86 system to 0777. According to the Linux programmer’s manual of chmod it takes two arguments.
[code language=”c”]
#include <sys/stat.h>
int chmod(const char *path, mode_t mode);
[/code] (more…)
For reporting a security issues related to their web application I got rewarded with a license key for VMware 10 and a nice cap.
In ZTE routers the username is a constant which is “admin” and the password by default is “admin”
There is a rom-0 backup file contains sensitive information such as the passwords. There is a disclosure in which anyone can download that file without any authentication by a simple GET request.
http://192.168.1.1/rom-0 (more…)
I think by now you know the security issues disclosed related to TP-Link routers. I’ve noticed that some ZTE and TP-Link routers have the same ADSL firmware which is “FwVer:3.11.2.175_TC3086 HwVer:T14.F7_5.0”. I was curious to test the web application and I found out that the embedded server which is “RomPager” cannot handle fairly large POST requests.
Tested Routers:
Found one POST XSS issue and I got rewarded by Rapid7 ?
Thank you very much guys! Really love this 🙂 (more…)
For reporting many web app sec issue I got mentioned in their hall of fame. So they also sent me a small t-shirt 😉
For reporting few web application security issues I got rewarded 🙂
Xilisoft Video Converter Ultimate is a professional video converter which has a wide range of video and audio formats. I personally love this software since it uses GPU acceleration in converting videos.
It is on the high side of premium video converters for home use. It automatic profiles enhanced for just any device or format, graphics card detection and acceleration.
-CNET
