talk

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Joomla Component com_jfusion (Itemid) Blind SQL-injection Vulnerability
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


###################################################
[+] Author : Chip D3 Bi0s
[+] Email : chipdebios[alt+64]gmail.com
[+] Vulnerability : Blind SQL injection

################################################### Continue reading

talk

MaxClients
—————

The number of worker processes is limited by the parameter MaxClients.

MaxClients = Total RAM dedicated to the web server / Max child process size.

The default value of  MaxClients is 150.

If we have a server with 1gb of ram and  child process take an average size
of 20 mb.

We can set the  MaxClients as 1024/20 = 52 Continue reading

talk

Most PHP scripts and content management system scripts (CMS scripts) require writable permission 777 (rwxrwzrwz) to be set for certain folders for uploading photos and videos. Many security experts warn that setting 777 permission means that anybody can upload any content to your server, install malicious code, run unwanted programs and could potentially misuse your server. This is big security risk. Continue reading

talk

We need data recovery tools on daily basis. Once we lose very sensitive data, we get desperate to retrieve them at any cost. Data recovery is very delicate job. The key is that once you lose your data in a particular hard drive, please, do not copy or install anything on it. Leave the drive intact. Otherwise, you wouldn’t be able to recover data. Just make an image at a different location of your hard drive where you lost your data and use the data recovery tool on the image to recover data. There are quite a few good open source data recovery tool available in the market and Scrounge NTF is one of them. We are going to take a quick look of the tool. Continue reading

talk

RPM and DEB packages are both containers for other files. An RPM is some sort of cpio archive. On the other hand, a DEB file is a pure ar archive. So, it should be possible to unpack their contents using standard archiving tools, regardless of your distribution’s package format. Under normal conditions, you should use your distribution’s standard package manager, rpm or dpkg and their frontends, to manage those files. But, if you need to be more generic, here is how to do it. Continue reading