Forwarded from DailyCVE
π΅Unpatched wordpress plugin bug: Site Kit by google.The toggle to allow Site Kit to place Analytics tracking code on a users site remains once they've disconnected Tag Manager..
https://dailycve.com/unpatched-wordpress-site-kit-google-pluginthe-toggle-allow-site-kit-place-analytics-tracking-code
https://dailycve.com/unpatched-wordpress-site-kit-google-pluginthe-toggle-allow-site-kit-place-analytics-tracking-code
Dailycve
Unpatched wordpress Site Kit by google plugin.The toggle to allow Site Kit to place Analytics tracking code on a users site remainsβ¦
Details:
Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.a new bug in Site Kit plugin ensure the toggle to allow Site Kit to place Analytics tracking code on a users site remainsβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦PHP related path and modification method in ubuntu environment :
php path/usr/bin/php
phpize5 /usr/bin/phpize5
php5-fpm /usr/sbin/php5-fpm
All php configuration files /etc/php5/fpm
Restart php-fpm sudo kill -USR2
Change the development directory path of php in apache2 in ubuntu
After installing php and apache,
how to set the development directory to what you want
The default development directory address: /var/www
change:ο»Ώο»Ώο»Ώsudo ο»Ώvim /etc/apache2/sites-available/default
Change the two places inside /var/www to your desired directory, mine is /home/dev/www
Or create a symbolic link, under /home/dev:
ln -s www /var/www (note that www cannot exist in /home/dev)
Then change the permissions: sudo chmod 777 /var/www
Start apache2
sudo /etc/init.d/apache2 restart
OK!
You can write a script to test it! ! !
Modify the default root directory of the website under Ubuntu10 Apache2 php5
Modify the default document directory of apache2 under ubuntu10.10. The default is in /var/www.
sudo gedit /etc/apache2/sites-enabled/000-default
Find DocumentRoot in the document. Modify the directory where you want to place the web page file later.
as follows:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot /var/www/
</VirtualHost>
π¦The last step is to restart apache
sudo /etc/init.d/apache2 restart
ubuntu modify the web root directory
Modify the default document root directory
ubuntu default directory is /var/www/html, you
need to modify /setc/apache2/sites-enabled/000-default.conf
DocumentRoot /var/www/XXX, of course, you need to set the permissions, so You can view the ubuntu permission settings
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦PHP related path and modification method in ubuntu environment :
php path/usr/bin/php
phpize5 /usr/bin/phpize5
php5-fpm /usr/sbin/php5-fpm
All php configuration files /etc/php5/fpm
Restart php-fpm sudo kill -USR2
cat /var/run/php5-fpm.pidChange the development directory path of php in apache2 in ubuntu
After installing php and apache,
how to set the development directory to what you want
The default development directory address: /var/www
change:ο»Ώο»Ώο»Ώsudo ο»Ώvim /etc/apache2/sites-available/default
Change the two places inside /var/www to your desired directory, mine is /home/dev/www
Or create a symbolic link, under /home/dev:
ln -s www /var/www (note that www cannot exist in /home/dev)
Then change the permissions: sudo chmod 777 /var/www
Start apache2
sudo /etc/init.d/apache2 restart
OK!
You can write a script to test it! ! !
Modify the default root directory of the website under Ubuntu10 Apache2 php5
Modify the default document directory of apache2 under ubuntu10.10. The default is in /var/www.
sudo gedit /etc/apache2/sites-enabled/000-default
Find DocumentRoot in the document. Modify the directory where you want to place the web page file later.
as follows:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot /var/www/
</VirtualHost>
π¦The last step is to restart apache
sudo /etc/init.d/apache2 restart
ubuntu modify the web root directory
Modify the default document root directory
ubuntu default directory is /var/www/html, you
need to modify /setc/apache2/sites-enabled/000-default.conf
DocumentRoot /var/www/XXX, of course, you need to set the permissions, so You can view the ubuntu permission settings
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅Google Chrome Expired code and Broken links at the "Overview ->
https://dailycve.com/google-chrome-expired-code-and-broken-links-overview
https://dailycve.com/google-chrome-expired-code-and-broken-links-overview
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
π¦This a good free hacking collection of Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
https://github.com/nullsecuritynet/tools
https://github.com/nullsecuritynet/tools
GitHub
GitHub - nullsecuritynet/tools: Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts. - nullsecuritynet/tools
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
π΅golang-websocket: Denial of service - Remote/unauthenticated CVE-2020-27813 :
https://dailycve.com/golang-websocket-denial-service-remoteunauthenticated-cve-2020-27813
https://dailycve.com/golang-websocket-denial-service-remoteunauthenticated-cve-2020-27813
Dailycve
golang-websocket: Denial of service - Remote/unauthenticated CVE-2020-27813 | CVE
Details:
There was an integer overflow vulnerability concerning the length of websocket
frames received via a websocket connection. An attacker could use this flaw to
cause a denial of service attack on an HTTP Server allowing websocket
connections.
Forβ¦
There was an integer overflow vulnerability concerning the length of websocket
frames received via a websocket connection. An attacker could use this flaw to
cause a denial of service attack on an HTTP Server allowing websocket
connections.
Forβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Android APK reversing and analysis suite:
F E A T U R E S :
Package name, debug and backup status
Exported components (activities, services, providers and receivers)
Deeplinks
Implicit intent filters
Critical permissions
Bytecode Analysis
Usage Analysis
SQLite DBs
SharedPreferences
Vulnerability Analysis
ICC
Web Issues
Storage Issues
Networking
Crypto Issues
Secrets Analysis
URLs
API tokens
Strings from native libraries
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) CLONE https://github.com/abhi-r3v0/Adhrit
2) cd abhi-r3v0/Adhrit
3) python3 run.py
This will automatically launch the Web interface where the APK can be uploaded and the report will be generated.
4) If the UI didn't launch by itself, navigate to http://localhost:4200/
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Android APK reversing and analysis suite:
F E A T U R E S :
Package name, debug and backup status
Exported components (activities, services, providers and receivers)
Deeplinks
Implicit intent filters
Critical permissions
Bytecode Analysis
Usage Analysis
SQLite DBs
SharedPreferences
Vulnerability Analysis
ICC
Web Issues
Storage Issues
Networking
Crypto Issues
Secrets Analysis
URLs
API tokens
Strings from native libraries
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) CLONE https://github.com/abhi-r3v0/Adhrit
2) cd abhi-r3v0/Adhrit
3) python3 run.py
This will automatically launch the Web interface where the APK can be uploaded and the report will be generated.
4) If the UI didn't launch by itself, navigate to http://localhost:4200/
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - abhi-r3v0/Adhrit: Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks. - abhi-r3v0/Adhrit
Forwarded from DailyCVE
π΅UPDATE F5 BIG-IP and BIG-IQ products: Multiple CVE:
https://dailycve.com/update-f5-big-ip-and-big-iq-products-multiple-cve
https://dailycve.com/update-f5-big-ip-and-big-iq-products-multiple-cve
Dailycve
UPDATE F5 BIG-IP and BIG-IQ products: Multiple CVE | CVE
Details:
K43404629: F5 SSH server key size vulnerability CVE-2020-5917
Original Publication Date: 26 Aug, 2020
Latest Publication Date: 07 Jan, 2021
The BIG-IP and BIG-IQ host OpenSSH servers use keys less than 2048 bits that
are no longer consideredβ¦
Forwarded from UNDERCODE NEWS
