OWASP Mantra

OWASP Mantra - http://www.getmantra.com/
One File CMS - http://onefilecms.com/
Vulnerable script - http://www.exploit-db.com/wp-content/the…ilecms.txt
Default username: username and password: password
UWAMP - http://www.uwamp.com/
No-Redirect Firefox add-on - http://code.kliu.org/noredirect/

Vettila Music - http:://music.vettila.com/
1337day - http://1337day.com/exploits/17687
PacketStormSecurity - http://packetstormsecurity.org/files/110…ypass.html
Exploit-DB - http://www.exploit-db.com/exploits/18632/
Secunia - http://secunia.com/advisories/48350

Vulnerability Status: Fixed on version 1.1.5. Developer was very quick in responding to mails and to fix the issue. Bugfix version released within minutes after the notification. Great work.!!!
Commit: https://github.com/rocktronica/OneFileCM…a05c57594b

Who wants to be a Millionaire

This article got published in CHMag’s March 2012 edition and can be red over here: chmag.in/article/mar2012/who-wants-be-millionaire

[Image: cover.jpg]

You can read the magazine on line at chmag.in/issue/mar2012 or download it as a PDF

OWASP Mantra and Who Wants to be a Millionaire

OWASP Mantra - http://www.getmantra.com/
Who wants to be a Millionaire - http://sourceforge.net/projects/vulfa
7-Zip - http://www.7-zip.org/
HTTP File Server - http://www.rejetto.com/hfs/

OWASP Mantra and LAMP Security CTF 6

OWASP Mantra - http://www.getmantra.com/
LAMP Security CTF 6 Image -http://sourceforge.net/projects/lampsecurity/files/latest/download
VMWare Player - http://www.vmware.com/products/player/
7-Zip - http://www.7-zip.org/
SoftPerfect Network Scanner -http://www.softperfect.com/products/networkscanner/
C99 Shell - Google it. - http://lmgtfy.com/?q=c99+shell

Successful injection string - username=’ OR 1=1 #&password=’) OR 1=1 #

Reference - http://getmantra.com/forums/Thread-Login-Form-Bypass-using-Mantra-Security-Toolkit

To Tumblr, Love PixelUnion