Hacking Remote Pc by Exploiting Java Applet Field Bytecode Verifier Cache Remote Code Execution

CVE-2012-1723: This is a vulnerability in the HotSpot bytecode verifier where an invalid optimization of GETFIELD/PUTFIELD/GETSTATIC/PUTSTATIC instructions leads to insufficient type checking. A specially-crafted class file could possibly use this flaw to bypass Java sandbox restrictions, and load additional classes in order to perform malicious operations. The vulnerability was made public by Michael ‘mihi’ Schierl. Requirement: […]

CVE-2012-1889: Microsoft XML Core Services Vulnerability Metasploit Demo

CVE-2012-1889: Microsoft XML Core Services Vulnerability A vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 allows remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users […]

CVE-2012-1875 : Hacking windows using MS12-037 Internet Explorer Same ID Vulnerability

Hi, Today i am going to explain how to hack the Windows system using the recent IE exploit.  This article is intend to educate PenTesters.  If you don’t know what Penetration testing means, then please reads this article.  Also please read the previous articles on Pen Testing. CVE-2012-1875 : MS12-037 Internet Explorer Same ID Vulnerability […]

How to hack remote computer using Metasploit? Exploiting Java vulnerability CVE-2012-0507

Whenever someone say PenTesting tool, the first thing come in our mind is MetaSploit . Today, i am going to demonstrate how to use the Metasploit tool to exploit the popular java AtomicReferenceArray Type Violation vulnerability(CVE-2012-0507). About MetaSploit: Metsploit is a very Powerful PenTesting Tool . Metasploit Framework, a tool for developing and executing exploit […]

Complete Cross Site Scripting(XSS) Guide : Web Application Pen Testing

Hello BTS readers, Here is complete series that explains everything about the Cross site scripting.  Still more articles are on the way, Stay tuned to BreakTheSec..!Link To Tutorials: Cross Site Scripting(XSS) Basics DOM Based XSS attack XSS Filter Bypass Techniques Self-XSS (Cross Site Scripting) :Social Engineering Attack and Prevention  XSS Cheat Sheet  XSS Attacks Examples […]