1260 web sites… Can be HACKED for 5 min

1260 web sites… Can be HACKED for 5 min!

At June 10, 2010 I modified the published FLAW for FCKEDITOR to gain full root access to the 3 biggest Internet services providers in Macedonia.  The hack was working on IIS Web Servers from Microsoft and a Exploited version of open source web based editor FCKEDITOR.

During a penetration test on a web site of our relative I discovered that the hosting server is not well secured. During the scans I discovered that owners of the web server are not informed about the exploit of FCKEDITOR in ASP platform. I contacted the authorities in all regular way to warm them about the exploits but nobody didn’t take my advice serious. After couple of mounts of waiting I released the information public on my BLOG and FACEBOK fun page.  The funniest thing is that same flaws are still remains on that server after 2 years. Continue reading “1260 web sites… Can be HACKED for 5 min” →

On Aug 5, 2007 unwillingly I discovered a new way of Carrier unlock…

On Aug 5, 2007 unwillingly I discovered a new way of Carrier unlock…

When I got my first iPhone from USA it was locked to AT&T. I know that it was not so easy to wait something when you know that will not work … but what can I du my love and passion to have the Apple’s first mobile phone put me on the game. After couple of weeks of waiting’s I got my iPhone and unboxed and turned on with big passion and curiosity and the famous connect to iTunes for activate logo was waiting me… no this is not happening because I was waiting this device more than 2 weeks and I cant even make a call… So I take my simclone box with all programmers and smart card from my basement and started to make some test with my AT&T and T-Mobile MK sim cards… Continue reading “On Aug 5, 2007 unwillingly I discovered a new way of Carrier unlock…” →

Ethical Hacking and Countermeasures (CEHv7)

Ethical Hacking and Countermeasures (CEHv7)
Candidate ID: ECC018789
License ECC958399

 

PECB-ISMS – MASTER / ISO 27001

PECB-ISMS – MASTER (PECB)

• PECB – Professional Evaluation And Certification Board
• License PECB-ISMSM-100005
• September 2011

PECB-ISMS – Lead Implementer / ISO 27001

PECB-ISMS – Lead Implementer / ISO 27001 (PECB)

• PECB – Professional Evaluation And Certification Board
• License PECB-ISMSLI-100050
• July 2011

PECB-ISMS – Lead Auditor / ISO 27001

PECB-ISMS – Lead Auditor / ISO 27001 (PECB)

• PECB – Professional Evaluation And Certification Board
• License PECB-ISMSLA-100067
• July 2011

The State University in Tetovo announced my success.

The State University in Tetovo announced my success..

Read

Interview for iPhone hack at www.kirilica.com.mk

Interview on local internet newspaper.

 

 

 

 

 

 

 

 

 

Read

ISRMS – Certified Risk Manager / ISO 27005

Information Security Risk Management System – Certified Risk Manager / ISO 27005 (RABQSA)

• Veridion / RABQSA
• License RM-A000060
• August 2010

Proof of Concept : NEOTEL server

3.Web server of NEOTEL | IIS Microsoft. | 80.77.144.13
The exploit is ranked as HIGH RISK because a attacker can take FULL control of the Server.
Proof of Concept:
user:IUSR_WEBSERVER
pass:GE|-TWRZc*****
domain:80
path:c:inetpubwwwroot
web site count: 121 web sites can be HACKED
To al users who have a Web page on this server pls change login details and DB access lists updated because every single WEBCONFIG file is readable !!! Continue reading “Proof of Concept : NEOTEL server” →