Ref- itpro.co.uk |
"Zero-Day" is a common type of exploit.You can hack in many different ways with many different procedures. Kevin Mitnick created hacking history with just a phone and a dream. Hackers, Exploit writers and Defacers are always the challenge for Security Experts and Compa-
nies.An attacker can write exploits because of some misconfiguration, unsecure development and is lacking IT management.
There are various Exploit Database sites available with thousands of Exploits.
For example:
1337 Exploit DB/ Inj3ct0r : http://www.1337day.com
Exploit-DB : http://www.exploit-db.com/
Exploit writers from all over world submit their latest exploits on these websites.
Anyone can grab the exploit for personal usage and for more Research.Exploits Exploits are not always against Security, however, when security is breached this is the best way by which developers get free auditing and security testing of their services and products.
So far in 2011, almost every day there is a new big hacking case. The most recent and famous one is the SONY hacks. Hackers from all over world are trying to exploit the SONY sites, servers and products. To date we have noticed that 11 Serial attacks are done on the SONY network, including PSN, Ericson, and SOE etc.
Similarly, PSB.org also was hacked because of an 0day Exploit of Movable Type. Hackers uploaded the shell and got access to the whole server of PBS with one security hole.Sometimes one small vulnerability can cause a major Security Breach. The above examples are enough to prove this.
Today we are going to Introduce about 1337 Exploit DB or Inj3ct0r . Inj3ct0r is a hacking group that attacked the popular social networking site facebook with an sql injection attack in late 2009. They found vulnerabilities in one of the web apps through the url and managed to extract valuable information from the sql database. They also host a full-disclosure website much like milw0rm which is hosted by a user who goes by the name str0ke.Later, str0ke said "I have talked with a few friends and I'll be handing the site over so a group of people can add exploits and other things to the site. Hopefully it will be a new good start”. This was the born of inj3ct0r.The website works by receiving emails from hackers who have discovered vulnerabilities in web applications and written exploits to gain restricted access on the host-pc that the program application has been installed on.Inj3ct0r.com was originally founded in 2003, by a hacker computer enthusiast.Initially, Inj3ct0r was a private team. Domain Inj3ct0r.com was registered in 2008.The enormous database, the constant updates, the unique nature of the content published.
No comments :
Post a Comment