 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 112
 Members: 0
 Total: 112
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 Posted: Mon Jun 16, 2008 4:42 pm |
 |
|
| Final |
| Beginner |
 |
|
| Joined: Jun 05, 2008 |
| Posts: 3 |
|
|
|
 |
|
 |
|
Thanks for your help, mixman, but I can't get it to work. Where exactly do I have to put the code when editing the templates? I have created a new template which hasn't been used in any news yet, but when I try the second way you described and hit 'Save Changes', I get a blank screen - And that happens every time I try to edit it. The only way to undo my actions is to use the backwards-button of my browser.
Any step-by-step instructions, anyone?  |
|
|
|
|
| Posted: Mon Jul 07, 2008 10:46 am |
|
|
| Dr_Death |
| Beginner |
|
|
| Joined: Jul 07, 2008 |
| Posts: 1 |
|
|
|
|
|
|
|
| thanks waraxe, exploit have bug it hange with users that have space (firstname lastname) ...etc |
|
|
|
|
| Posted: Thu Aug 07, 2008 8:37 pm |
|
|
| harasym |
| Regular user |
|
|
| Joined: Aug 07, 2008 |
| Posts: 6 |
|
|
|
|
|
|
|
I have a problem when trying to exploit cutenews. Here it is:
C:\Program Files\PHP>php cuteuser.php
Validating target URL
PHP Fatal error: Call to undefined function curl_init() in C:\Program Files\PHP
\cuteuser.php on line 347
C:\Program Files\PHP> |
|
|
|
|
| Posted: Thu Aug 07, 2008 9:12 pm |
|
|
| oniric |
| Advanced user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 65 |
|
|
|
|
|
|
|
| You have to enable curl extension from you php.ini. Decomment the related line. |
|
|
|
|
| Posted: Fri Aug 08, 2008 10:25 am |
|
|
| harasym |
| Regular user |
|
|
| Joined: Aug 07, 2008 |
| Posts: 6 |
|
|
|
|
|
|
|
I used search in php.ini file but i don't found curl line  |
|
|
|
|
| Posted: Fri Aug 08, 2008 11:10 am |
|
|
| oniric |
| Advanced user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 65 |
|
|
|
|
|
|
|
Look in you php ext dir for the file php_curl.dll ( I assume you use Windows ). If it's there then add to your php.ini the line
extension=php_curl.dll
The extension is included in php for windows as far as I know. |
|
|
|
|
| Posted: Fri Aug 08, 2008 11:54 am |
|
|
| harasym |
| Regular user |
|
|
| Joined: Aug 07, 2008 |
| Posts: 6 |
|
|
|
|
|
|
|
| oniric wrote: | Look in you php ext dir for the file php_curl.dll ( I assume you use Windows ). If it's there then add to your php.ini the line
extension=php_curl.dll
The extension is included in php for windows as far as I know. |
Yes? I'm using windows, but i haven't php_curl.dll file in my php dir. Here is a link to php installer that i've installed:
_http://ua2.php.net/get/php-5.2.6-Win32.zip/from/this/mirror |
|
|
|
|
| Posted: Fri Aug 08, 2008 12:31 pm |
|
|
| oniric |
| Advanced user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 65 |
|
|
|
|
|
|
|
| Isn't it in the ext dir as I said? |
|
|
|
|
| Posted: Fri Aug 08, 2008 2:32 pm |
|
|
| harasym |
| Regular user |
|
|
| Joined: Aug 07, 2008 |
| Posts: 6 |
|
|
|
|
|
|
|
|
|
|
|
| Posted: Fri Aug 08, 2008 2:48 pm |
|
|
| oniric |
| Advanced user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 65 |
|
|
|
|
|
|
|
I just download the same zip file and it's there  |
|
|
|
|
| Posted: Sat Jan 10, 2009 2:32 pm |
|
|
| Pauwlas |
| Beginner |
|
|
| Joined: Jan 10, 2009 |
| Posts: 2 |
|
|
|
|
|
|
|
I don't understand why this script don't work for me, just write this error:
Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\hack\acc.php on line 347
Can someone help my? |
|
|
|
|
| Posted: Sat Jan 10, 2009 2:56 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
|
|
|
|
| Posted: Mon Feb 09, 2009 11:13 pm |
|
|
| NYDAz |
| Advanced user |
 |
|
| Joined: Jan 26, 2009 |
| Posts: 109 |
| Location: Valley of the Kings |
|
|
|
|
|
|
On 3 different cutenews powered sites I'm getting the same md5 hash :
d24725eda8256a3f7c2561d5677e9abd
Waraxe, what can it be ?
EDIT :
It's my password !
md5("winstonz") = d24725eda8256a3f7c2561d5677e9abd
LATER EDIT:
I was using this exploit http://www.milw0rm.com/exploits/4779
 |
|
_________________
A person who never made a mistake never tried anything new. |
|
|
|
www.waraxe.us Forum Index -> All other software
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 2 of 2
Goto page Previous1, 2
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
