Home MD Hacks

MD Hacks

windows 10 language
On a single user PC, it is cool to set your native language. But on a multiuser computer, the language becomes a great issue. Specifically, their are multi-lingual users. In such conditions, you have two options. Either to set an international language on the system or use different languages on different users' accounts. It is a particularly advantageous feature when you...
windows 10
If you intend to configure within the Windows 10, there are various methods for it. When we are talking about BIOS, it means we are discussing the program that is built-in to your system's motherboard. BIOS software basically controls each and everything related to the boot function. It is an evident fact that it being a pre-boot environment, that is impossible...
I dont know whether HomePlug networks are growing in use or not, but the following statements caught my attention: Officials at Intellon, the chip maker that developed the HomePlug spec, say that hacking into a HomePlug network would require cracking the governments DES encryption standard. - link My favourite: HomePlug specification products also protect data by utilizing powerful DES encryption, which makes...
Vulnerability Title: WordPress Persistent XSS Author: David Kierznowski Homepage: http://michaeldaw.org Software Vendor: WordPress Persistent XSS Versions affected: Confirmed in v2.0.5 (latest) WordPress is a popular open source blogging software. A persistent XSS vulnerability has been found in WordPress (to be honest I have found a few problems and hope to publish these soon). This issue affects the latest version v2.0.5. Discussion: When editing files a shortcut is...
Its been a few days since the release of: http://michaeldaw.org/md-hacks/wordpress-persistent-xss/. Other references: http://www.securityfocus.com/bid/21782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6808 Time to release a proof of concept exploit for this. I am sure the crackers will already be exploiting this in the wild. If you remember from my original advisory, our attack was limited due to our attack being passed through PHPs basename function. To get around this we...