Hack Whatsapp using Phishing
Recently Whatsapp has released a new important update for their Whatsapp users that is End-to-End Encryption, means it’s impossible to decrypt this type of encryption even Whatsapp can’t decrypt it....
View ArticleFinding Vulnerability in EasyCafe Server using Metasploit
This module exploits file retrieval vulnerability in EasyCafe Server. The vulnerability can be triggered by sending a specially crafted packet (opcode 0x43) to the 831/TCP port. This module has been...
View ArticleHack Remote Windows 10 Password in Plain Text using Wdigest Credential...
On Windows 8/2012 or higher, the Digest Security Provider (WDIGEST) is disabled by default. This module enables/disables credential caching by adding/changing the value of the UseLogonCredential DWORD...
View ArticleGather Browser and OS Information of Remote PC using Http Client Exploit
This module gathers information about a browser that exploits might be interested in, such as OS name, browser version, plugins, etc. By default, the module will return a fake 404, but you can...
View ArticleHack Remote Windows PC using Easy File Sharing HTTP Server 7.2 SEH Overflow
This module exploits a SEH overflow in the Easy File Sharing FTP Server 7.2 softwareExploit TargetsEasy File Sharing FTP Server 7.2RequirementAttacker: kali LinuxVictim PC: Windows 7Most Easy File...
View ArticleEncrypting File System (EFS) Tutorial for Beginners
Encrypting File System (EFS) is a feature of Windows that you can use to store information on your hard disk in an encrypted format. It uses sha1 algorithm for encryption/Decryption.Encrypting a...
View ArticleHack Remote Windows PC using PCMAN FTP Server Buffer Overflow - PUT Command
This module exploits a buffer overflow vulnerability found in the PUT command of the PCMAN FTP v2.0.7 Server. This requires authentication but by default anonymous credentials are enabled...Exploit...
View ArticlePentest Lab Setup for Windows Server Environment (Beginner Guide)
To install Windows server 2008 R2 click thislinkTo install active directory in the windows server, assign static IP address. Such as       IP Address  :   192.168.0.101                     Subnet...
View ArticleVulnerability Scanning in Wordpress Site using WPScan
WPScan is a black box vulnerability scanner for WordPress written in PHP mainly focus on different types of vulnerability in WordPress, WordPress themes, and plugins. Well, WPScan tool is already...
View ArticleHack Remote Linux PC using PHPFilemanager 0.9.8 Remote Code Execurion
This module exploits remote code execution vulnerability in phpFileManager 0.9.8 which is a filesystem management tool on a single file.Exploit TargetsphpFileManager 0.9.8RequirementAttacker: kali...
View ArticleHack Remote PC using WordPress N-Media Website Contact Form with File Upload...
This module exploits an arbitrary PHP code upload in the WordPress N-Media Website Contact Form plugin, version 1.3.4. The vulnerability allows for arbitrary file upload and remote code...
View ArticleHack Remote PC using WordPress Reflex Gallery Upload Vulnerability
This module exploits an arbitrary PHP code upload in the WordPress Reflex Gallery version 3.1.3. The vulnerability allows for arbitrary file upload and remote code executionExploit TargetsReflex...
View ArticleHack Remote PC using Wordpress Ajax Load More PHP Upload Vulnerability
This module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows uploading arbitrary php files and getting remote code execution. This module has been tested...
View ArticleHack Remote PC using Wordpress Work the Flow Upload Vulnerability
This module exploits an arbitrary PHP code upload in the WordPress Work the Flow plugin, version 2.5.2. The vulnerability allows for arbitrary file upload and remote code executionExploit TargetsWork...
View ArticleExploit Remote PC using WordPress Photo Gallery Unrestricted File Upload
Photo Gallery Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the photo-gallery\photo-gallery.php script allows access to...
View ArticleExploit Remote PC using WordPress WordPress WPTouch Authenticated File Upload
The Wordpress WPTouch plugin contains authenticated file upload vulnerability. A wp-nonce (CSRF token) is created on the backend index page and the same token is used on handling ajax file uploads...
View ArticleExploit Remote PC using Wordpress InfusionSoft Upload Vulnerability
This module exploits an arbitrary PHP code upload in the WordPress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code...
View ArticleHack Remote PC using WordPress WP EasyCart Unrestricted File Upload
WordPress Shopping Cart (WP EasyCart) Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the...
View ArticleHack Remote Windows PC using Office OLE multiple DLL side loading...
Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various these components as an embedded OLE object. When instantiating a...
View Article