Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: September 8, 2024 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 84 Members: 0 Total: 84 Full disclosure [SYSS-2024-030]: C-MOR Video Surveillance - OS Command Injection (CWE-78) [SYSS-2024-029]: C-MOR Video Surveillance - Dependency on Vulnerable Third-Party Component (CWE-1395) [SYSS-2024-028]: C-MOR Video Surveillance - Cleartext Storage of Sensitive Information (CWE-312) [SYSS-2024-027]: C-MOR Video Surveillance - Improper Privilege Management (CWE-269) [SYSS-2024-026]: C-MOR Video Surveillance - Unrestricted Upload of File with Dangerous Type (CWE-434) [SYSS-2024-025]: C-MOR Video Surveillance - Relative Path Traversal (CWE-23) Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH) HackTool.Win32.Freezer.br (WinSpy) / Insecure CredentialStorage Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials Backdoor.Win32.JustJoke.2 1 (BackDoor Pro) / Unauthenticated Remote Command Execution Backdoor.Win32.PoisonIvy. ymw / Insecure Credential Storage [SYSS-2024-024]: C-MOR Video Surveillance - Improper Access Control (CWE-284) [SYSS-2024-023]: C-MOR Video Surveillance - SQL Injection(CWE-89) [SYSS-2024-022]: C-MOR Video Surveillance - Cross-Site Request Forgery (CWE-352) [SYSS-2024-021]: C-MOR Video Surveillance - Persistent Cross-Site Scripting (CWE-79) IT Security and Insecurity Portal www.waraxe.us Forum Index -> All other software -> Cutenews <= 1.4.5 usernames fetching exploit Goto page Previous1, 2 View previous topic :: View next topic Posted: Mon Jun 16, 2008 4:42 pm Final Beginner Joined: Jun 05, 2008 Posts: 3 Thanks for your help, mixman, but I can't get it to work. Where exactly do I have to put the code when editing the templates? I have created a new template which hasn't been used in any news yet, but when I try the second way you described and hit 'Save Changes', I get a blank screen - And that happens every time I try to edit it. The only way to undo my actions is to use the backwards-button of my browser. Any step-by-step instructions, anyone? Posted: Mon Jul 07, 2008 10:46 am Dr_Death Beginner Joined: Jul 07, 2008 Posts: 1 thanks waraxe, exploit have bug it hange with users that have space (firstname lastname) ...etc Posted: Thu Aug 07, 2008 8:37 pm harasym Regular user Joined: Aug 07, 2008 Posts: 6 I have a problem when trying to exploit cutenews. Here it is: C:\Program Files\PHP>php cuteuser.php Validating target URL PHP Fatal error: Call to undefined function curl_init() in C:\Program Files\PHP \cuteuser.php on line 347 C:\Program Files\PHP> Posted: Thu Aug 07, 2008 9:12 pm oniric Advanced user Joined: Jul 24, 2008 Posts: 65 You have to enable curl extension from you php.ini. Decomment the related line. Posted: Fri Aug 08, 2008 10:25 am harasym Regular user Joined: Aug 07, 2008 Posts: 6 I used search in php.ini file but i don't found curl line Posted: Fri Aug 08, 2008 11:10 am oniric Advanced user Joined: Jul 24, 2008 Posts: 65 Look in you php ext dir for the file php_curl.dll ( I assume you use Windows ). If it's there then add to your php.ini the line extension=php_curl.dll The extension is included in php for windows as far as I know. Posted: Fri Aug 08, 2008 11:54 am harasym Regular user Joined: Aug 07, 2008 Posts: 6 oniric wrote: Look in you php ext dir for the file php_curl.dll ( I assume you use Windows ). If it's there then add to your php.ini the line extension=php_curl.dll The extension is included in php for windows as far as I know. Yes? I'm using windows, but i haven't php_curl.dll file in my php dir. Here is a link to php installer that i've installed: _http://ua2.php.net/get/php-5.2.6-Win32.zip/from/this/mirror Posted: Fri Aug 08, 2008 12:31 pm oniric Advanced user Joined: Jul 24, 2008 Posts: 65 Isn't it in the ext dir as I said? Posted: Fri Aug 08, 2008 2:32 pm harasym Regular user Joined: Aug 07, 2008 Posts: 6 No it isn't Posted: Fri Aug 08, 2008 2:48 pm oniric Advanced user Joined: Jul 24, 2008 Posts: 65 I just download the same zip file and it's there Posted: Sat Jan 10, 2009 2:32 pm Pauwlas Beginner Joined: Jan 10, 2009 Posts: 2 I don't understand why this script don't work for me, just write this error: Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\hack\acc.php on line 347 Can someone help my? Posted: Sat Jan 10, 2009 2:56 pm waraxe Site admin Joined: May 11, 2004 Posts: 2407 Location: Estonia, Tartu Pauwlas wrote: I don't understand why this script don't work for me, just write this error: Fatal error: Call to undefined function curl_init() in C:\xampp\htdocs\hack\acc.php on line 347 Can someone help my? You need to activate curl extension: http://www.google.ee/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&channel=s&hl=et&q=site%3Awaraxe.us+curl_init&lr=&btnG=Google+otsing Posted: Mon Feb 09, 2009 11:13 pm NYDAz Advanced user Joined: Jan 26, 2009 Posts: 109 Location: Valley of the Kings On 3 different cutenews powered sites I'm getting the same md5 hash : d24725eda8256a3f7c2561d5677e9abd Waraxe, what can it be ? EDIT : It's my password ! md5("winstonz") = d24725eda8256a3f7c2561d5677e9abd LATER EDIT: I was using this exploit http://www.milw0rm.com/exploits/4779 _________________ A person who never made a mistake never tried anything new. Cutenews <= 1.4.5 usernames fetching exploit www.waraxe.us Forum Index -> All other software You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum All times are GMT Page 2 of 2 Goto page Previous1, 2 All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 YearOldest FirstNewest First Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.139 Seconds