We are doing reforms

+ USER PANEL
+ COMMUNITY
+ INTERNAL SYSTEM
+ BLOG SYSTEM
+ TOP USERS
+ KARMA SYSTEM
+ MORE, MORE, MORE
COMMING SOON...

[shell]:~$ vi /home/h4x0rz/h0

Hack0wn is a hacker website where experts, researchers and developers ... present their discoveries, texts and codes. In addition, hack0wn is the largest database of hacker information.

The principal topics in Hack0wn are:

  • Explotation techniques
  • Pen-testing
  • Rootkits
  • Risk assessment
  • Programming
  • Security flaws


    • Advisories: 586 - Exploits: 2075 - Papers: 94 - Sources: 117 - Bins: 15 - Shellcodes: 105 - Misc: 41 - Videos: 10


    Advisories

    date author hits
    2010-06-30 :: Bonsai :: 793 :: TornadoStore 1.4.3 Multiple XSS Vulnerabilities
    2010-06-30 :: Bonsai :: 531 :: TornadoStore 1.4.3 Multiple SQL Injection Vulnerabilities
    2010-05-27 :: HP :: 459 :: HP MFP Digital Sending Software Running Local Unauthorized Access
    2010-05-27 :: Debian :: 377 :: Debian Linux Security Advisory 2046-1 (phpgroupware)
    2010-05-27 :: Stefan Cornelius :: 271 :: Secunia: aria2 1.9.1 metalink "name" Directory Traversal Vulnerability
    2010-05-27 :: Stefan Cornelius :: 283 :: Secunia: Free Download Manager 3.0 Directory Traversal Vulnerability
    2010-05-27 :: Stefan Cornelius :: 260 :: Secunia: Free Download Manager 3.0 Multiple BoF Vulnerabilities
    2010-05-27 :: Stefan Cornelius :: 464 :: Secunia: KDE 4.4.2 KGet 2.4.2 Directory Traversal Vulnerability
    2010-05-27 :: Stefan Cornelius :: 241 :: Secunia: KDE 4.4.2 KGet 2.4.2 Insecure File Operation Vulnerability
    2010-05-27 :: Ubuntu :: 380 :: Ubuntu Security Notice 938-1 (kdenetwork)
    2010-05-27 :: Mandriva :: 288 :: Mandriva Linux Security Advisory 2010-095 (libxext)
    2010-05-27 :: Mandriva :: 289 :: Mandriva Linux Security Advisory 2010-094 (tetex)
    2010-05-23 :: Cisco :: 454 :: Cisco PGW Softswitch Multiple vulnerabilities
    2010-05-23 :: Stefan Cornelius :: 312 :: Secunia: IrfanView PSD RLE Decompression Buffer Overflow
    2010-05-23 :: Stefan Cornelius :: 325 :: Secunia: IrfanView PSD Image Parsing Sign-Extension Vulnerability
    2010-05-23 :: Secunia :: 462 :: TomatoCMS 2.0.4 (q) SQL Injection Vulnerability
    2010-05-23 :: Secunia :: 317 :: TomatoCMS Script 2.0.4 Insertion Vulnerabilities
    2010-05-23 :: HP :: 302 :: HP Insight Control Server Migration for Windows XSS Vulnerability
    2010-05-23 :: HP :: 323 :: HP Systems Insight Manager Remote Unauthorized Access to Data
    2010-05-23 :: Chaouki Bekrar :: 373 :: Adobe Shockwave 0xFFFFFF49 3D Block Code Execution Vulnerability
    2010-05-23 :: Chaouki Bekrar :: 256 :: Adobe Shockwave DIRAPI Multiple Code Execution Vulnerabilities
    2010-05-23 :: Chaouki Bekrar :: 245 :: Adobe Shockwave 3D Two Code Execution Vulnerabilities
    2010-05-23 :: Chaouki Bekrar :: 222 :: Adobe Shockwave IML32 Multiple Code Execution Vulnerabilities
    2010-05-23 :: Alin Rad Pop :: 240 :: Secunia: Adobe Shockwave Player Font Processing Buffer Overflow
    2010-05-23 :: Alin Rad Pop :: 258 :: Secunia: Adobe Shockwave Player Asset Entry Parsing Vulnerability
    2010-05-23 :: Alin Rad Pop :: 213 :: Secunia: Adobe Shockwave Player Integer Overflow Vulnerability
    2010-05-23 :: Alin Rad Pop :: 221 :: Secunia: Adobe Shockwave Player Array Indexing Vulnerability
    2010-05-23 :: Alin Rad Pop :: 216 :: Secunia: Adobe Shockwave Player Signedness Error Vulnerability
    2010-05-23 :: Alin Rad Pop :: 222 :: Secunia: Adobe Shockwave Player 3D Parsing Memory Corruption
    2010-05-23 :: iDefense :: 252 :: iDefense Security Advisory 05.11.10 (Adobe Shockwave Player)

    Exploits
    date author hits
    2010-07-01 :: Blake :: 504 :: BlazeDVD v6.0 Buffer Overflow Exploit (meta)
    2010-07-01 :: chap0 :: 455 :: GSM SIM Utility v5.15 (.sms) Local Buffer Overflow Exploit (SEH)
    2010-07-01 :: MadjiX :: 270 :: RM Downloader 3.1.3 Buffer Overflow Exploit (SEH)
    2010-07-01 :: MadjiX :: 211 :: Serenity Audio Player 3.2.3 Buffer Overflow Exploit (SEH)
    2010-07-01 :: MadjiX :: 227 :: Mediacoder v0.7.3.4682 Universal Buffer Overflow Exploit (SEH)
    2010-07-01 :: Node :: 221 :: RM Downloader 3.1.3 Local BoF SEH Exploit (Win7 ASLR and DEP Bypass)
    2010-07-01 :: Th3 RDX :: 523 :: Setiran CMS Blind SQL Injection Vulnerability
    2010-07-01 :: K053 :: 431 :: SIDA University System SQL Injection Vulnerability
    2010-07-01 :: **RoAd_KiLlEr** :: 808 :: Joomla Component com_dateconverter 0.1 SQL Injection Vulnerability
    2010-07-01 :: **RoAd_KiLlEr** :: 586 :: Joomla Component com_wmtpic 1.0 SQL Injection Vulnerability
    2010-07-01 :: ADEO Security :: 487 :: NinkoBB (admin.php) CSRF Exploit
    2010-07-01 :: JaMbA :: 478 :: Golf Club Site SQL Injection Vulnerability
    2010-07-01 :: JaMbA :: 328 :: Specialist Bed and Breakfast Website SQL Injection Vulnerability
    2010-07-01 :: ADEO Security :: 288 :: webERP v3.11.4 (SQL/CSRF) Multiple Vulnerabilities
    2010-07-01 :: Sid3^effects :: 696 :: Joomla Component Joomanager SQL Injection Vulnerability
    2010-07-01 :: Dante90 :: 1305 :: Oxygen2PHP <= 1.1.3 (forumdisplay.php) Blind SQL Injection Exploit
    2010-07-01 :: Dante90 :: 242 :: Oxygen2PHP <= 1.1.3 (post.php) Blind SQL Injection Exploit
    2010-07-01 :: Dante90 :: 308 :: Oxygen2PHP <= 1.1.3 (member.php) SQL Injection Exploit
    2010-07-01 :: Dante90 :: 442 :: ShopCartDx <= v4.30 (products.php) Blind SQL Injection Exploit
    2010-07-01 :: Dante90 :: 748 :: PHP-Nuke <= 8.0 Remote SQL Injection Exploit

    Papers
    date author hits
    2010-06-30 :: gunslinger_ :: 346 :: Linux Buffer Overflow Tutorial II (Basic)
    2010-06-29 :: gunslinger_ :: 757 :: Linux Buffer Overflow Tutorial (Basic)
    2010-06-15 :: s4r4d0 :: 980 :: Mysql Injection Tutorial
    2010-06-14 :: Hendrix :: 306 :: Detectando Hooks en procesos desde un modulo de Kernel
    2010-06-11 :: Firebits :: 433 :: Backtrack 4 - Updating the Nmap 5.0 fingerprint database
    2010-05-20 :: GlaDiaT0R :: 712 :: UPLOAD Variable Bypassing

    Sources
    date author hits
    2010-06-29 :: Lidya Saram :: 455 :: Flooding in SYN and IP Tables
    2010-06-23 :: Christian Martorel :: 261 :: Geoedge v0.1
    2010-06-23 :: cmartorella and vd :: 289 :: Argeniss SQL Server 2005 Backdoor Client
    2010-06-17 :: DexteR Al-jibril :: 703 :: Bluetooth Hacking Tool v.X-00.1
    2010-06-17 :: DexteR Al-jibril :: 727 :: Admin Finder v.X-00.1
    2010-06-17 :: DexteR Al-jibril :: 413 :: GeoBytes IP Locator v.X-00.1

    Bins
    date author hits
    2010-02-23 :: Holy_Father :: 1449 :: Hacker Defender rootkit for Windows
    2010-01-26 :: n/a :: 689 :: OllyDbg v1.10
    2010-01-26 :: Weld Pond :: 853 :: Netcat 1.10
    2010-01-13 :: Mike Kershaw :: 594 :: Kismet 2010-01 R1
    2010-01-12 :: Terence Stenvold :: 633 :: Harald Scan osx-0.41
    2010-01-12 :: Terence Stenvold :: 553 :: Harald Scan dist-0.41

    Shellcodes
    date author hits
    2010-06-30 :: gunslinger_ :: 289 :: linux/x86 /bin/sh Polymorphic 116 bytes
    2010-06-29 :: gunslinger_ :: 208 :: linux/x86 delete all data on filesystem sys_rmdir ("/") Polymorphic 16 bytes
    2010-06-29 :: gunslinger_ :: 144 :: linux/x86 delete all data on filesystem sys_rmdir ("/") 16 bytes
    2010-06-19 :: gunslinger_ :: 351 :: linux/x86 killall running process sys_kill(-1,9) Polymorphic 35 bytes
    2010-06-19 :: gunslinger_ :: 368 :: linux/x86 Bind Port 31337 with setreuid (0,0) Polymorphic 131 bytes
    2010-06-19 :: gunslinger_ :: 183 :: linux/x86 Bindport 13123 Polymorphic 125 bytes

    Misc
    date author hits
    2010-06-14 :: eCORE :: 391 :: Hash Table Reference
    2010-06-11 :: Ange Gutek :: 197 :: OPIE off-by-one stack overflow nmap .nse script file
    2010-06-11 :: XCon :: 218 :: XCon 2010 Call For Papers
    2010-06-11 :: Recon :: 180 :: RECON 2010 Speakers Announcement
    2010-06-11 :: PacSec :: 164 :: PacSec 2010 Call For Papers
    2010-05-22 :: HITB :: 247 :: HITB 2010 Call For Papers

    Videos
    date author hits
    2010-05-09 :: ruiner_zer0 :: 1664 :: phpBB Session Handling Authentication Bypass Demonstration
    2010-03-28 :: aramosf :: 1604 :: Demonstration of Blind MySQL Injection (bsqlbf)
    2010-03-03 :: reversing :: 1643 :: Demonstration of Blind MySQL Injection (mysql_bftools)
    2010-02-13 :: muts :: 1760 :: Tunneling Exploits Through SSH (whoppix)
    2010-01-31 :: Qnix :: 1060 :: Reverse Engineering with LD_PRELOAD
    2010-01-30 :: Qnix :: 964 :: Qnix Demonstrating Exploration of Simple Buffer Overflows


    This was written for educational purpose. Use it at your own risk. Author will be not responsible for any damage.