PyHttpShell is a shell written in python and php, traffic is over http protocol using a server in the middle.
All Posts Tagged
During my participation in the PayPal bug bounty program I came a cross an application which allows to make payments using a signature / gesture with your mobile phone, the app was hosted on https://apac.paypal-labs.com/gesture/, I guess this app was still in development due to the reason it was hosted on a PayPal-labs sub domain. […]
You have probably noticed the blog was down for a couple of weeks, it was due to an ttack on godaddy’s server. afer that attack i decided to move the blog to a more controlled hosting environment with the ability to manage logs and security measures. due to the new security measures taken visitors may experience trouble accessing certain areas or […]
During my SQL Injection learning journey I needed a vulnerable web application for practice I created a WebApp vulnerable to SQL Injection for my personal use, The result was an extremely vulnerable web site which I could test some SQLi techniques against MySQL. I must confess, I am not a programmer and I have never coded in PHP […]
On June 19th 2010 I attended the Offensive Security “How strong is your fu for charity” challenge , The objectives were to pawn 5 machines in 48 hours time frame. After some enumeration and rumors on the IRC channel it became clear to me that the easiest machine to pawn was the 192.168.x.200 (named iVuln), a […]
You are probably wondering what this post is all about, well….it’s about manually encoding egghunter shellcode why would you want to manually encode the shellcode if you have built in encoders in the metasploit framework ? Before we begin have a look at the following exploit by muts : HP OpenView NNM 7.5.1 OVAS.exe SEH […]
After watching Offensive-Security I Piss on Your AV Presentation I’ve decided to test my a/v. In this presentation muts shows how to defeat the signature based detection, He used an old backdoor called ncx which listens for incoming connections on port 99 and spawns a bind shell. The process is creating a Code Cave and […]