Hi Readers.

Recently Python Suffered a Remote Buffer OverFlow vulnerAbility and Exploit Coded By Our Bro @sha0coder.

Vuln Code is in socket.recvfrom_into()

and This was not Actually Sanitizing the input Value and directly Executing it .

Here Exploit Can be Found Which I've Posted on Pastebin






This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)


Hello Guyz.

I've got Many Many Requests about Facebook Hacking. So Let me Tell You That there is No Any Softwear Which can Hack Any Fb id From their database , These Softwears are Just Scams.

But Yes It is Possible to Crack and Get Password of Any Password Using Brute Forcing Techniques. Also Possible Via Phishing & Tabnapping Which I'll Post Soon , Now im Just Going to Clear the Brute Forcing facebook id Concepts.

This Script is Coded in Perl. so you Have to install Perl , in Linux distros its Already PreInstalled. But in Windows You Can install it Form The Link Below.

Download Perl Here

Now its Time to Get That Perl Script. So You Can Download it From its Official Site.
Download Script Here

Now Download AnyPassList From google But i Prefer Darkc0de.lst

# How to Use?

For Linux Users.

Simply Give This Command in Terminal
 perl script.pl username passwordlist.txt
and Bingoooo ;)

For Windows Users.

Install Perl and Then Goto
 Start>run> and Enter "cmd" then Hit "Enter"
 Navigate To Directory Where You Saved Script . Then Execute This command.

perl script.pl username passwordlist.txt


Hope You'll Like it, In Any Problem Please Comment down , i'll Get Back to You As soon As Possible.

 This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)


Hi Guyz.

A while Back i Thought to Creat Hacking Articles, but Now i just Realized that it would be better For You to Make a Lab for Testing and Learning Pentesting.

So I'm Here with Article How to Setup Your DvWa Pentesting Lab.

DvWa - Damn vulnerable WebApps

This is a bunch of Pages which Damn Vulnerable and is best Plate Form to Learn Pentesting for Beginners.

So What You Guyz Have to do to Setup DvWa. Lets Start

I've Divided it in Two Categories.

1. For Windows Users.


  • Download XMPP Server 
  • download DvWa Lab 
  • Install Xmpp server On Windows
  • Copy 'DvWa' folder in "C:\xampp\htdocs"
  • Now Start Xampp Control Panel and Start "Apache" and "MySql" Services.
  • Now open Your Favourite Browser and goto
     "C:\xampp\htdocs"
 http://localhost
  • choose DvWa Folder and You'll see Login Page.
  • Simply Login with "User = Admin" & "Pass = Password"
  • Now You'r Done and in DvWa Lab
  • Learn and Do Your Best :)

2. For Linux Users.

  •  Download DvWa Lab From Above Link
  • Extract it and Copy it in "/var/www" Folder
  • Open a Terminal and Type
 service mysql start && service apache2 start
  • Now open up Your Favourite Browser and Just goto 
 http://localhost
  • and do Same as Above :)

 Please Like adn Share us :) and in Any Problem Be Sure to Comment Down , i'll Get Back to You As soon as Possible.


This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)

 Hello Guyz.

Let me Share What error i got today and How i Fixed it, It will Obviously Help You while Updating Your Ubunu Distro.

The Error Was:
Before you can run VMware, several modules must be compiled and loaded into the running kernel.

and After a Lot of Search Finally I Got Solution to Fix it.

Here it Goes.

Open up Terminal & Paste This Command.
sudo apt-get install open-vm-tools open-vm-tools-dev open-vm-dkms open-vm-toolbox open-vm-tools-dev
then this one
sudo apt-get install gc
Finally this one
sudo vmware-modconfig --console --install-all --appname="VMware Player" --icon="vmware-player"


and after it I was able to run it successfully :P, Hope it could Help someone of You Guys ;)

This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)


Hello Readers,

 Recently I wrote How to Exploit Rdp's via My Own Coded Script

But Now i Thought That I should show you How to get Kali Linux In ur Favorate Ubuntu OS.

Lets start From Basic.

first of All Open Up a Terminal then Give This command.

sudo nano /etc/apt/sources.list
Now Enter These Lines at the End of List.

deb http://ppa.launchpad.net/wagungs/kali-linux2/ubuntu raring main
deb-src http://ppa.launchpad.net/wagungs/kali-linux2/ubuntu raring main
deb http://ppa.launchpad.net/wagungs/kali-linux/ubuntu raring main
deb-src http://ppa.launchpad.net/wagungs/kali-linux/ubuntu raring main


Note Down that :
Raring= 13.04
Quantal= 12.10
Precise= 12.04

ok Now Save it Using CTRL+O and Exit Via CTRL+X.

Now Copy the Following PGP key into a file and Save it AS Linux.pgp

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.4
Comment: Hostname: keyserver.ubuntu.com

mI0ET324YwEEANbSlISrOlAGjxgFRxiN6jk0JIl/vxQ8lapRdxZ4DHDAQdXbX4AuigMBkP5e
sOxhMpDnkgMRtEVpaBMdQheA0/431pPQYqkr3jdeZw5JS5opiyJ4qr/QrcoSFHSluEkWkbZ6
RYOkA25vW31KK2FB2LQVRYk580llXAVgIUznm2ATABEBAAG0GExhdW5jaHBhZCBQUEEgZm9y
IHdhZ3VuZ4i4BBMBAgAiBQJPfbhjAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAb
IuuNj9/bVxabBADSGN8cp+hqkdZqwq263wdz/UGsiuB1bCrH06/HznC/ZC5rjfH3aQ1Dwwag
zYCrSD3c0cKNAqD10009N76RMlzZBH8kKL9khH3zPL/k4/lYuVP7y6NKFbBsnawEUc0mWcCa
mH4ScTdWWPXP/mOQiUUjnQ1bZhzpcbQOb+hEUAqExg==
=fJ+8
-----END PGP PUBLIC KEY BLOCK-----

 Now add this PGP to Your APT Commands List :

sudo apt-key add linux.pgp
Now Update Your OS Again By Using:

sudo apt-get update
and install Synaptic.

sudo apt-get install synaptic

and Thats all Now Open up synapt and Click on ORIGIN then You'll Be Able to See Kali Linux in Project List Just Mark it And Click APPLY . Your Favourite Kali Linux Will Be Installed in Your Ubunu OS.


PS: if You Get Any Problem Please Comment Down i'll Get Back to you As soon as possible.

This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)


Hello All,

Welcome to HaxWorm. The Place where we Show you the Way to Play with Security.

Recently I've Posted Sql-Injection-Tutorial-Part1

Now I'm going to Share How to Bypass WAFs.

WAF - Web Application Firewall.

I'm Assuming That You all Know About SQLi. if NO! Please Read PART1

Now ,

I'll Tell How to Bypass The things Which are Being filtered.


  • Spaces
We Can use /**/ Alternatively.
  •  , (Commas)
You can using => %2C
  • What if Union and Select Both are not Allowed.
Execute Like this - Union (select x,y,z)--+HaxWorm
  • What if Concat is Not Allowed.
Use CONVERT,Unhex(hex),Conver using latin1,convert using binary,aes_decrypt(aes_encrypt) & so on.
  •  what if Query Execution is Not allowed?
use # (%23) to Comment out Query
  • Incase We Can't use any of these Predictions 
You can use (Join (select  x)y ) Queries

and so on.

Sql Waf Bypassing is Totally Your IDEA That how to Bypass the Things Which are getting Bypassed. Anyway Hope You Have Enjoyed it.

If You Didn't Get Still. Please Let me Know by commenting Down, I'll Get Back to you As soon as Possible.

This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)
Hello Readers.

A Bunch of Python tools Which I've Coded Can be Seen Here

This time I'm Here with Rdp Exploit Which is Actually Just Can be used on Backtrack.

OR

To Use it You Need to install Nmap & Metasploit .

Anyway Here is How to Use this simple Script.

./Script.py [Remote Host]




 Here is sourceCode of Script.





PS: incase you don't Understand How to use it. Please comment Dwon i'll Get Back to you as soon as possible.


This Post Is Written By Muhammad Adeel , He is a Security Researcher And Programmer Of C++,C,Python,Ruby,HTML and A Bit More ;)