 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
| bleh |
|
| Replies: 0 |
| Views: 5719 |
|
|
 |
|
 |
|
Vulnerable url:
http://www.example.com/product.aspx?idC=132'
Result:
Server Error in '/' Application.
http://h.imagehost.org/t/0382/error.jpg
Hackable?  |
|
|
|
| bleh |
|
| Replies: 4 |
| Views: 11043 |
|
|
|
|
|
|
| So.. you want a program that every X minutes will beep? |
|
|
|
| bleh |
|
| Replies: 2 |
| Views: 10847 |
|
|
|
|
|
|
Great!  |
|
|
|
| bleh |
|
| Replies: 2 |
| Views: 10847 |
|
|
|
|
|
|
Im new to RFI, so excuse my noobness
Is this exploitable?
if (!defined('ROOT_DIR')) define('ROOT_DIR', realpath(dirname(__FILE__)).'/');
require_once ... |
|
|
|
| bleh |
|
| Replies: 11 |
| Views: 26904 |
|
|
|
|
|
|
does anyone got a working shell? Mine doesn't work  |
|
|
|
| bleh |
|
| Replies: 5 |
| Views: 14715 |
|
|
|
|
|
|
Look, what i wrote in my previous post:
find sql injection in UPDATE query, which deals with table you want to manipulate
So if you have sql injection in UPDATE query, which deals with polls ... |
|
|
|
| bleh |
|
| Replies: 10 |
| Views: 13166 |
|
|
|
|
|
|
Right now (april 2008) i don't know any fast methods for Vbulletin salted hashes cracking. Rainbow tables can't be used because of salting. Only options are wordlist method and bruteforce. And becau ... |
|
|
|
| bleh |
|
| Replies: 10 |
| Views: 13166 |
|
|
|
|
|
|
Right now (april 2008) i don't know any fast methods for Vbulletin salted hashes cracking. Rainbow tables can't be used because of salting. Only options are wordlist method and bruteforce. And becau ... |
|
|
|
| bleh |
|
| Replies: 5 |
| Views: 14715 |
|
|
|
|
|
|
| That was what I first thought, just wanted to hear the experts. So, after more digging, I've found out another vuln. It's in a poll script, so there's a high probability of using the update command.. ... |
|
|
|
| bleh |
|
| Replies: 5 |
| Views: 14715 |
|
|
|
|
|
|
Hey
I've got this vulnerable url:
http://www.example.com/main/index.php?type=journal&kid=NULL+UNION+ALL+SELECT+1,concat(uid),3,4,5,6,7,8,9,10,11,12,13,14+FROM+admin--
I want ... |
|
|
|
| bleh |
|
| Replies: 9 |
| Views: 22966 |
|
|
|
|
|
|
its my footer.php and it gave me that...i dont know what to do with it
 |
|
|
|
| bleh |
|
| Replies: 9 |
| Views: 22966 |
|
|
|
|
|
|
Well... I decoded it with the same app and it gave me this:
<div class="clear"></div>
</div>
<div id="footer">
Communist design ... |
|
|
|
| bleh |
|
| Replies: 7 |
| Views: 11990 |
|
|
|
|
|
|
Use $_POST or $_COOKIE, because $_GET means, that webserver will log your payload ...
Oh crap, that's not good
I've rewritten it. Thanks! 
$f = fopen("userprofile.php", & ... |
|
|
|
| bleh |
|
| Replies: 7 |
| Views: 11990 |
|
|
|
|
|
|
I have been running passwordpro for over 3 hours and nothing. I will just let it run. Meanwhile I'll do my hack in the middle of the night so there will be few people online
I've tested this b ... |
|
|
|
| bleh |
|
| Replies: 9 |
| Views: 22966 |
|
|
|
|
|
|
| np |
|
|
| Page 1 of 2 |
Goto page 1, 2Next
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 55
Members: 0
Total: 55
