Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: July 1, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 69 Members: 0 Total: 69 Full disclosure Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title> Tag CVE-2025-32978 - Quest KACE SMA Unauthenticated LicenseReplacement CVE-2025-32977 - Quest KACE Unauthenticated Backup Upload CVE-2025-32976 - Quest KACE SMA 2FA Bypass CVE-2025-32975 - Quest KACE SMA Authentication Bypass RansomLord (NG v1.0) anti-ransomware exploit tool Disclosure Yealink Cloud vulnerabilities : "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer) SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem Call for Applications: ERCIM STM WG 2025 Award for the Best Ph.D. Thesis on Security and Trust Management (July 31, 2025) SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft Defense in depth -- the Microsoft way (part 89): user grouppolicies don't deserve tamper protection CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 13 matches Make c99 or r57 less detectable by antivir programs! Forum:Shell commands injection Posted: Mon Jun 25, 2007 2:09 pm Subject: Make c99 or r57 less detectable by antivir programs! barr0w Replies: 5 Views: 15558 I hear that c99 sucks a lot, but what is a better alternative? I have yet to find something better that has an interface in English. Flash: Need Help Embedding Javascript Forum:Newbies corner Posted: Wed Jun 06, 2007 7:12 pm Subject: Flash: Need Help Embedding Javascript barr0w Replies: 0 Views: 6061 Hey everyone, The ultimate goal is embedding my already working cookie stealer into a Flash movie. I've made some attempts but am having trouble. I create a flash movie and put the following in an ... Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit Forum:All other software Posted: Wed Jun 06, 2007 3:21 pm Subject: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit barr0w Replies: 7 Views: 42373 Has anyone seen this new advisory that just showed up on milw0rm? http://www.milw0rm.com/exploits/4039 Unfortunately all of the comments are written in Spanish. It also looks like the exploit i ... PasswordsPro 2.3.1.0 Forum:Tools Posted: Sat Jun 02, 2007 11:25 pm Subject: PasswordsPro 2.3.1.0 barr0w Replies: 2 Views: 9252 I've been that version, it's very nice. Does anyone have a really big English dictionary file though? I'm the new admin... now what? Forum:Newbies corner Posted: Sat Jun 02, 2007 3:28 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 Thank you so much for your help Koko, HAS is a very interesting tool. UPDATE: Using HAS I was able to make edits to the .htaccess file disabling mod_security. This let me upload my shell. Thanks ... I'm the new admin... now what? Forum:Newbies corner Posted: Sat Jun 02, 2007 12:00 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 I've tried: - Manage -> Files - Plugins -> Plugin Editor - Write -> Post -> Upload The mod-security rule is affecting all of those. Unless someone has another idea of getting around ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 11:29 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 Sorry to keep posting but I keep getting one step further. I think that I'm receiving these 406 errors because of some mod_security settings on the server. Does this mean that I hit a dead end? A ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 8:31 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 Koko, your English is fine. So I realized that I have edit access to all of the plugins, so I figured I would just edit the Hello Dolly plugin since it's not activated. I go to Plugins -> Plu ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 3:54 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 I managed to find out where in the functions.php is the allowed upload list. I was able to upload my shell, but when I try to hit it: http://site/blog/wp-content/uploads/2007/06/shell.php I get ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 3:25 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 Continuing on my quest to upload a shell after I used Waraze's newest Wordpress exploit to gain Wordpress admin access. So I have write permissions on a ton of .php files. My idea was you utiliz ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 12:31 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 Thanks for the direction Koko. I'm going to make attempts today on all of those suggestions. I'm the new admin... now what? Forum:Newbies corner Posted: Thu May 31, 2007 7:50 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33189 Well if you have access to admin panel uploading shell is easy What about uploading shell with Wordpress admin access. I've done some searching and haven't really found anything that makes me be ... WordPress 2.1.3 sql injection blind fishing exploit ver. 2 Forum:All other software Posted: Wed May 30, 2007 12:54 pm Subject: WordPress 2.1.3 sql injection blind fishing exploit ver. 2 barr0w Replies: 52 Views: 473667 Yesterday I built a LAMP box with PHP/CURL just to try this exploit out. It works PERFECTLY. I just wanted to say great work and thank you. Now if I was just more skilled at md5 hacking I'd be all ... Page 1 of 1 All times are GMT Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.050 Seconds