first of all, I'd like to know from some competent guy if my hacking platform is ok: i'm using JAP. Is JAP good enough? How'd you rate JAP for ...privacy?
Next, my questions: I am trying to use the Wordpress 3.0.1 hack at http://www.exploit-d...exploits/15684/ (should be http://www.cvedetail.../CVE-2010-4257/). While fuzzing the page i am interested into, I did notice i got some 'blind' sql injections possible over comments field (i got a 500 internal error, which should happen only IFF the field value breaks the query in the script, no??
Now, I do not understand how to use http://www.exploit-d...xploits/15684/: it says "Exploitation. The logged in user must have publish_posts and edit_published_posts capabilities (this corresponds to the Author role)". What's the point of exploiting something if I have the author role - I mean, if I am blog's Author, wtf. *OR* it means that I leave a comment AND when the blog's author VIEW it the exploit triggers? Is anybody capable of explaining me how to use it??
Next part: Malicious PDF/SWF with metasploit. I examined the module creator, and I have a question: is it possible to 'edit' the generated pdf in order to add content of some kind? As it comes out, the created PDF/SWF is rather... empty. I have examined the possibility to create manually a pdf and embed it out of metasploit, but I do not know well the exploit string/how to generate it, so i've learned how to create a pdf (manually, not with a printer filter) but... I dont know the exploit string to embed.
Thanks in advance.
Edited by m.rce, 05 May 2011 - 09:02 AM.