Tuesday, February 24, 2009

Golabi CMS 1.0

Hi to all.
First version of my content management system name Golabi CMS was released. This is CMS written in php/mysql for administrating your sites. Some of features are: Modular, template based, multi language, secure and easy to use.

Download

Check it out.

Tuesday, February 26, 2008

Nukedit 4.9.x Login bypass SQL Injection

Hi
Nukedit is a free content management system (CMS).
I found some sql injection bugs in 4.9.x versions.

See here or here for proof of concept

Wednesday, February 6, 2008

FAddr, BrutDic and Dummy Protector

hi
some new programs:
Faddr
a program for finding address of APIs in DLLs.
Source of this program

Dummy Protector 1.01
don't let newbie crackers to crack your programs!

BrutDic
a command-line brute force dictionary maker.
you can use both words and letters in brute force string.
with opt:1 option you can avoid creating words that have 2 same letter near each other. this reduces number junk words
opt:2 avoid creating words with repetitive letter.
for more read usage.

Monday, January 28, 2008

PortalApp 3.x 4.x Multiple Vulnerabilities

I found multiple remote vulnerabilities in PortalApp about 2 weeks ago. Vulnerabilities are SQL Injection, Auth Bypass and XSS.
I'm lazy to describe more here! see more info at MilW0rm.com, PacketStormSecurity.org or SecurityFocus.com

Tuesday, January 22, 2008

Hi

English version of my weblog just created!

I'm interested in hacking and i love programing.
I post my programs and my studies about hack in this weblog.

Help me with your comments.