Ransomwares are one of the most popular malwares that spreads in the internet around the world today. This type of malware will encrypt all your files using a very strong encryption algorithm. But you can still recover your file, in…
All posts filed under “Net Sec”
Unserialize PHP Exploit Samples
Unserialize PHP exploit is a kind of PHP Object injection. This exploit will occur when a user defined input is not being sanitized properly before being passed to unseriliaze function. For this exploit to work, you need to take advantage…
Smartwatch can steal your ATM PIN
Smartwatch is a mobile device that can be worn on your wrist. It’s actually pretty neat and has a lot of things you can do with it. But did you know a hacker can steal your ATM PIN code using…
:(){ : | : &}; : – Forkbomb explained
Some of my friends ask me what is this command? How does it work? Why does it make my computer lag so bad that they have to reboot it?! This command is actually a version of a Forkbomb. When executed,…
How to prevent SQL-injection on PHP/MySQL?
This is a very old vulnerability, but it surprises me how many developer doesn’t know it exists or doesn’t even bother coding to prevent it. How does SQL-injection work? SQL injection is simply just SQL statement not properly formated. The…
Hacking Facebook Accounts using linked Phone number
So you are using a very long password with numbers, special characters and Capital letters just to make sure no one can hack your account. But what if I tell you that someone can hack your account regardless of how…
Create PHP Shell using Imagick (Image Magick) Vulnerability
Please don’t use this information to attack someone else’s application. Instead use this to protect yourself from being compromise on this particular vulnerability. This hack will work on Image Magick version 3.3.0 and below Below is a sample php code…
MongoDB Injection Example
Below is a example on how MongoDB Injection works: For example you have a PHP code like this. <?php $m = new \MongoDB\Driver\Manager(); if(isset($_POST[‘u’]) && isset($_POST[‘p’])) { $c = new \MongoDB\Driver\Query(array(‘username’ => $_POST[‘u’], ‘password’ => $_POST[‘p’]), array(‘limit’ => 10)); $user…