0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
I'm going through the Web Penetration Testing videos and have hit a wall. I keep getting the error “can’t use ‘defined(@array)’ Maybe you should just omit the defined()?) at /usr/bin/sqlsus line 83.” When attempting to run sqlsus. I’ve made an attempt to install sqlsus manually and this did not fix it. I've also run several apt-get's to see if there ...
if the website gives the following msg doesnt mean its not injectable? Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable ...
SQL Injection Testing Too many too list - Please use this link to find the latest ones uploaded and their ratings https://sourceforge.net/directory/os:windows/?q=blind%20sql%20injection%20tool Absinthe - https://sourceforge.net/projects/absinthe/ Absinthe is an automated SQL injection utility capable of both blind and verbose SQL injections. Blind SQL Injection Brute Forcer - This perl script allows extraction of data from Blind SQL Injections. It accepts custom ...
Trying to have a look at the CompTIA Network+ videos but instead of a video I get "Sorry Because of its privacy settings, this video cannot be played here" What settings should I change? Is it only accessible from certain ips? Regards Same problem here. Yesterday it worked fine. Today even in the place of videos I could access yesterday this ...
Hi, I'm new on cybrary.it , nice to meet you all ! While exploring my router's configuration I came across a log utility. Sure thing, I decided to check it out and found that "A device failed to connect to SSID (name of my SSID) because it provided incorrect login information". The thing is, while looking deeper, I found out ...
I was watching this video about smbclient but when i tried on my own it showed an error message \\\\\\\\\\\\\\\\\\\\\_ What I typed.\\\\\\\\\\\\\\\\\\\\\\ smbclient -I (valid IP adress) -L (site's name) -N -U I actually did the same as was told in the video but instead getting a good result i got this- \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ OUTPUT\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Warning : The "syslog" option ...
Which layer is SIP? I thought it would be layer 5, "Session" (thought that was a give away) initiation Protocol. This site says it's level 7 application??? https://searchunifiedcommunications.techtarget.com/definition/Session-Initiation-Protocol Officially SIP is a layer 7 protocol. This comes from RFC 2543 which defines the SIP protocol. However, there does seem to be some confusion or differing opinions about this. Cisco has a ...
I just wanted to take a minute to tell you all something potentially helpful. (I try to be as resourceful as I can) So I learned that Shodan.io offers an academic upgrade to a full membership (from a free account). If you don't know what Shodan is, check this irongeek video out: https://www.irongeek.com/i.php?page=videos/showmecon2014/1-10-inside-the-worlds-most-dangerous-search-engine-john-matherly All you have to do is email ...
Hello all, I have compromised a test setup with MSF. I can open a SHELL but am not able to open a meterpreter, anyone know what I am missing. I launched the exploit by hand, target was vulnerable and is compromised. Thanks Did you set meterpreter as the payload? If so, what is the error? I will copy the error as soon ...
For the self study option of Certified Ethical Hacker exam, you must seek approval from EC councel with $100 fee. Their site says you must have 2 years experience in Information Security or an educational background. Unfortunately it doesn't go much into detail about the educational background? Does anyone have any ideas? I would like to take this exam as ...