Power belongs to the people who take it

Tag: hacking (Page 4 of 4)

Stealing passwords with a FakeAP

In this post we’ll see how you can create a FakeAP wich substitutes an existent one by clonning his ESSID, MAC and de-authenticates the users who are connected to cause them to automatically connect to our FakeAp.
In this POC our victim Access point will be that of a simulated hotel that have a captive portal that asks for a password to access navigation. Our final objective will be steal credentials from a user of that hotel WIFI.
Continue reading

¿Me ayudas a compatirlo?

Secuestrando sesiones PHP (XSS Stored)

Sorry, this entry is only available in European Spanish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.

En este post veremos de forma práctica el secuestro de Sesiones PHP a través de un ataque de inyección XSS(Cross-site Scripting). Una mala validación de los campos sumado a la falta de protección en nuestras variables $_SESSION pueden provocar esta vulnerabilidad.
Continue reading

¿Me ayudas a compatirlo?
Newer posts »

© 2024 ironHackers

Theme by Anders NorenUp ↑