Did you look at this?
http://bitsum.com/firmware_mod_kit.htm
I had played with this a while back, for extracting the HTTP Console files
of a router. Works well!
Thanks,
Atul Agarwal
Secfence Technologies
http://www.secfence.com
http://blog.secfence.com
@secfence https://twitter.com/secfence
,
Atul Agarwal
Secfence Technologies
http://www.secfence.com
On Mon, May 23, 2011 at 12:16 AM, ichib0d crane themadichi...@gmail.comwrote:
Turns outnot so much :P
https://www.facebook.com/connect/connect_to_node_error.php?body=%3Cscript%3Ealert%28String.fromCharCode%2888,%2083,%2083%29%29
Lol.. nice presentation!
BTW, I could not fail to notice in the vendor logos slide, that you have
included HBGary's logo without any modifications.. Any special reasons?
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
On Fri, Apr 8, 2011 at 2:30 AM, Z z...@wechall.net wrote
Just finished watching the videos, and I have to admit that they were quite
nicely done. Very interesting demonstration of the facebook flaws. Many
vulns nicely chained to create the worms.
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
2010/10/4 John JEAN j...@wargan.com
IMHO, I think its rather useless.
Instead of it executing wab.exe (Windows Address Book) and open the file
test.vcf, one can directly get any .exe file open.
If one
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
On Fri, Aug 27, 2010 at 1:23 AM, matt m...@attackvector.org wrote
handy in a Pentest.
Rest is only left up to one's imagination.
Find the POC script attached.
PS: I did not report this, as I am unsure on what to call it, a bug,
vuln or a feature.
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
attachment: fbextract.php
handy in a Pentest.
Rest is only left up to one's imagination.
Find the POC script attached.
PS: I did not report this, as I am unsure on what to call it, a bug,
vuln or a feature.
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
attachment: fbextract.php
Never encountered that, nevertheless excellent find!
Would check it and would incorporate that in the script!
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
On Wed, Aug 11, 2010 at 7:41 PM, Kevin Connolly bugt...@gmail.com wrote:
It gets better. If you enter an e-mail address
intentions could have the
complete contact list using any of the freely available contact importer
script (http://svetlozar.net/page/Import-Gmail-Addresses.html should work
fine), and the victim wont have a clue.
Thanks,
Atul Agarwal
Secfence Technologies
www.secfence.com
On Wed, Aug 4, 2010 at 3:39