Yup, you read it right.... Microsoft has a new vulnerability in IIS 6.0 which is more specifically: WebDav Unicode Remote Auth Bypass.
This means that an attacker can send malformed requests to the web server via the URL of a browser and be able to bypass passwords to download and list files on the webserver's protected folders.
Simple and easy way to hack IIS! Here are the details and links:
http://www.cgisecurity.com/2009/05/iis60-webdav-unicode-remote-auth-bypass.html
http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html
http://www.theregister.co.uk/2009/05/18/iis6_file_pilfering_bug/
Happy Hacking :)
Clean Hack .com | Dubai Con .com | Dubai hackers .com | Dubai Sec .com | Fan Hack .com | Hacker Pages .com | Hacking - Tools .com | UAE CON .com | UAE GSM .com | UAE Hacker .com | UAE IT .com | UAE RAK .com
UAE HACKERS.COM
United Arab Emirate's site for security news, latest security blog posts, security podcasts, hardware hacks and security related links.
Tuesday, May 19, 2009
Unicode on IIS Vulnerability...Again!
Labels:
bypass,
Exploit,
findings,
hacking,
IIS 6.0,
list files,
passwords,
protected folders,
Vulnerability,
WebDav
Thursday, May 14, 2009
HACKER PAGES.COM
We have secured the following domain name for UAE Hackers:
- HACKERPAGES.COM
If you are from UAE and you are interested in buying the domain name above, please let us know :) This domain will only be sold to people who will provide it with a good home!
- HACKERPAGES.COM
If you are from UAE and you are interested in buying the domain name above, please let us know :) This domain will only be sold to people who will provide it with a good home!
Wednesday, May 6, 2009
Researchers hijack botnet, score 56,000 passwords in an hour
Researchers at the University of California Santa Barbara have published a paper (PDF) detailing their findings after hijacking a botnet for ten days earlier this year. Among other things, the researchers were able to collect 70GB of data that the bots stole from users, including 56,000 passwords gathered within a single hour.
Read more here:
http://arstechnica.com/security/news/2009/05/researchers-hijack-botnet-score-56000-passwords-in-an-hour.ars
Read more here:
http://arstechnica.com/security/news/2009/05/researchers-hijack-botnet-score-56000-passwords-in-an-hour.ars
Thursday, March 19, 2009
Open Source Hardware Hackers Start P2P Bank | Gadget Lab
A Bank for open source hardware hackers... sounds good to me :) It is a do-it-yourself solution for people who want to design and build their own electronics like in the picture above.
For more info, visit:
Gadget Lab from Wired.com
For more info, visit:
Gadget Lab from Wired.com
Tuesday, February 3, 2009
MySecured.com is Blocked by Etisalat Proxy
I just found out about this today by checking my logs and noticing that no one visited me from UAE! Strange but true...
Try it for yourself:
http://www.mysecured.com
Try it for yourself:
http://www.mysecured.com
Sunday, December 28, 2008
Mod Ed iPhone.com - UAE Hackers' guide to everything iPhone
modediphone.com is our new website :) Looks like UAEHackers.com but is dedicated to the iPhone and modding it! Arabic guides will be added soon inshallah :) For now, give the site a visit and give us some feedback! It has all your iPhone news, links and rss feeds in one convenient place.
iphone at uaehackers dawt com!
http://www.modediphone.com/
iphone at uaehackers dawt com!
http://www.modediphone.com/
Friday, December 26, 2008
Dubai Hacker , Dubai Sec.com and UAE Hacker.com are now our Domains :)
We have successfully acquired the following domains names:
- UAE Hackers .com
- UAE Hacker .com
- Dubai Hackers .com
- Dubai Hacker .com
- Dubai Con .com
- Dubai Sec .com
- UAE IT .com
- UAE WWW .com
- UAE GSM .com
We even have UAE RAK .com representing all the hackers from RAK (Ras Al Khaimah!)
Some of these domains already point to uaehackers.com while others are in the process of being ported :) DubaiHacker.com is an exception as it is a stand alone site that has nothing to do with security but rather the hacking involved is Life Hacking ;)
Thanks for all the loyal readers for supporting us so far and providing us with tips on stories and upcoming events in the UAE and the Middle East region :) Also, for supporting us by clicking our sponsors' ads.
If you are interested in buying any of the domains above, please let us know :) These domains are only sold to people who will provide them with a good home though :P
- UAE Hackers .com
- UAE Hacker .com
- Dubai Hackers .com
- Dubai Hacker .com
- Dubai Con .com
- Dubai Sec .com
- UAE IT .com
- UAE WWW .com
- UAE GSM .com
We even have UAE RAK .com representing all the hackers from RAK (Ras Al Khaimah!)
Some of these domains already point to uaehackers.com while others are in the process of being ported :) DubaiHacker.com is an exception as it is a stand alone site that has nothing to do with security but rather the hacking involved is Life Hacking ;)
Thanks for all the loyal readers for supporting us so far and providing us with tips on stories and upcoming events in the UAE and the Middle East region :) Also, for supporting us by clicking our sponsors' ads.
If you are interested in buying any of the domains above, please let us know :) These domains are only sold to people who will provide them with a good home though :P
Subscribe to:
Posts (Atom)



