Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
April 23, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 374
Members: 0
Total: 374
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 61 matches
Some info on shell injection..
PostForum: Shell commands injection   Posted: Thu Nov 03, 2005 3:07 pm   Subject: Some info on shell injection..
KingOfSka
 
Replies: 1
Views: 11470




hi Very Happy i'm interested in knowing more about "backticks" , can someone explain me more about them ?
edit: i need info also on exploiting "pre_replace" with e modifier Very Happy
PHP Nuke <= 7.8 Multiple SQL Injections
PostForum: PhpNuke   Posted: Thu Nov 03, 2005 12:40 pm   Subject: PHP Nuke <= 7.8 Multiple SQL Injections
KingOfSka
 
Replies: 13
Views: 30032




i compiled and tested this exploit locally on my linux box, it works perfectly, but the target site must have mysql => 4.0 , when you get "ccccc" it should be because the target was patched or was ...
Rainbow Table Torrent
PostForum: Cooperation proposals   Posted: Fri Oct 07, 2005 1:08 pm   Subject: Rainbow Table Torrent
KingOfSka
 
Replies: 4
Views: 21458




ok we could try Very Happy i'm setting up an ftp server on my linux box to distribute first copyies for seeders
Rainbow Table Torrent
PostForum: Cooperation proposals   Posted: Wed Sep 21, 2005 5:57 pm   Subject: Rainbow Table Torrent
KingOfSka
 
Replies: 4
Views: 21458




hi all, i'm putting up a tracker/website with phpMyBitTorrent at contropoteresharing.no-ip.org .
my main purpose is to use this site to share all security tools , tuts and so on, and mainly rainbow t ...
phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
PostForum: PhpBB   Posted: Thu Jul 14, 2005 8:06 am   Subject: phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
KingOfSka
 
Replies: 108
Views: 157879




sometimes you simply can't, there are some mod that require the admin to inserti his password to log in the admin panel, regardless cookies, so you have to crack it
phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
PostForum: PhpBB   Posted: Tue Jul 12, 2005 9:44 am   Subject: phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
KingOfSka
 
Replies: 108
Views: 157879





any ideas ?is there a mistake here :
[color=#EFEFEF][url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));' ...
phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
PostForum: PhpBB   Posted: Mon Jul 11, 2005 6:27 pm   Subject: phpBB 2.0.16 XSS Remote Cookie Disclosure Exploit
KingOfSka
 
Replies: 108
Views: 157879




i tested locally and in some test forum, the exploit is working (i used a mine cookie stealer file) but i used mod rewrite to have a .png file to be processed as php, but the only problem is that it s ...
How can I call 1 record from database
PostForum: Sql injection   Posted: Fri Jul 08, 2005 1:15 pm   Subject: How can I call 1 record from database
KingOfSka
 
Replies: 2
Views: 8115




it seems you are trying sql injection, so you have to use a valid username , usually admin is good, then a mysql statement which is alwasy true, like x=x , so the password could be
randomtext' or 'x' ...
new XMLRPC exploit , i've got the shell , and now.. ?
PostForum: Newbies corner   Posted: Fri Jul 08, 2005 9:11 am   Subject: new XMLRPC exploit , i've got the shell , and now.. ?
KingOfSka
 
Replies: 10
Views: 16209




do a uname -a to see what os is running, then try to find a folder with rw access, usually are the temp one, then upload an exploit for the os or some software installed and gain root Very Happy it worked for ...
phpBB 2.0.15 PHP-code injection bug
PostForum: PhpBB   Posted: Tue Jul 05, 2005 12:05 pm   Subject: phpBB 2.0.15 PHP-code injection bug
KingOfSka
 
Replies: 7
Views: 16559




and what about using system ? i tryied and it works, but only with commands without spaces in them for example:
ls => works
cat config.php => doesn't work
PhpBB 2.0.15 Database Authentication Details Exploit
PostForum: PhpBB   Posted: Tue Jul 05, 2005 7:51 am   Subject: PhpBB 2.0.15 Database Authentication Details Exploit
KingOfSka
 
Replies: 17
Views: 39800




i've tryed exploiting using others method like the one described by Maroni and they works locally , but what about using system ? i tryied adjusting Zeelock exploit for this version but i can't make i ...
PhpBB 2.0.15 Database Authentication Details Exploit
PostForum: PhpBB   Posted: Mon Jul 04, 2005 5:18 pm   Subject: PhpBB 2.0.15 Database Authentication Details Exploit
KingOfSka
 
Replies: 17
Views: 39800




this should work only for phpBB 2.0.15 , not <= 2.0.15 , but i'm testing locally and i've got no result:

gentoo root # ./db.pl 127.0.0.1 /phpBB2/ 1
+-------------------------------------------- ...
PhpBB 2.0.15 Database Authentication Details Exploit
PostForum: PhpBB   Posted: Mon Jul 04, 2005 4:39 pm   Subject: PhpBB 2.0.15 Database Authentication Details Exploit
KingOfSka
 
Replies: 17
Views: 39800




have someone tryied it ? i'm testing on one of my forum but it seems not to be working.. i'm looking at the code...
A Vulnerable in cpanel
PostForum: Sql injection   Posted: Wed Jun 22, 2005 11:02 am   Subject: A Vulnerable in cpanel
KingOfSka
 
Replies: 5
Views: 12712




1st : don't post link to real site Very Happy
2nd: this is not an sql injection but an XSS
3rd: if this exploit is for cpanel <= 1.8 , that site is using cpanel 10 so it wouldn't work Very Happy
IPB forum sql injection exploit
PostForum: All other security holes   Posted: Wed May 18, 2005 5:59 pm   Subject: IPB forum sql injection exploit
KingOfSka
 
Replies: 6
Views: 20153




i've got the same problem..
Page 1 of 5 Goto page 1, 2, 3, 4, 5  Next
All times are GMT
  




Powered by phpBB 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.131 Seconds