Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: July 19, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 107 Members: 0 Total: 107 Full disclosure Missing Critical Security Headers in OpenBlow SAP NetWeaver S/4HANA - ABAP Code Execution via InternalFunction Tiki Wiki CMS Groupware <= 28.3 Two Server-Side TemplateInjection Vulnerabilities KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution KL-001-2025-008: Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery KL-001-2025-007: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution KL-001-2025-006: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection eSIM security research (GSMA eUICC compromise and certificatetheft) Directory Traversal "Site Title" - bluditv3.16.2 XSS via SVG File Uploa - bluditv3.16.2 Stored XSS "Add New Content" Functionality - bluditv3.16.2 Session Fixation - bluditv3.16.2 iOS Activation Flaw Enables Pre-User Device Compromise andIdentity Exposure (iOS 18.5) IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 13 matches Make c99 or r57 less detectable by antivir programs! Forum:Shell commands injection Posted: Mon Jun 25, 2007 2:09 pm Subject: Make c99 or r57 less detectable by antivir programs! barr0w Replies: 5 Views: 15616 I hear that c99 sucks a lot, but what is a better alternative? I have yet to find something better that has an interface in English. Flash: Need Help Embedding Javascript Forum:Newbies corner Posted: Wed Jun 06, 2007 7:12 pm Subject: Flash: Need Help Embedding Javascript barr0w Replies: 0 Views: 6084 Hey everyone, The ultimate goal is embedding my already working cookie stealer into a Flash movie. I've made some attempts but am having trouble. I create a flash movie and put the following in an ... Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit Forum:All other software Posted: Wed Jun 06, 2007 3:21 pm Subject: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit barr0w Replies: 7 Views: 42427 Has anyone seen this new advisory that just showed up on milw0rm? http://www.milw0rm.com/exploits/4039 Unfortunately all of the comments are written in Spanish. It also looks like the exploit i ... PasswordsPro 2.3.1.0 Forum:Tools Posted: Sat Jun 02, 2007 11:25 pm Subject: PasswordsPro 2.3.1.0 barr0w Replies: 2 Views: 9288 I've been that version, it's very nice. Does anyone have a really big English dictionary file though? I'm the new admin... now what? Forum:Newbies corner Posted: Sat Jun 02, 2007 3:28 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 Thank you so much for your help Koko, HAS is a very interesting tool. UPDATE: Using HAS I was able to make edits to the .htaccess file disabling mod_security. This let me upload my shell. Thanks ... I'm the new admin... now what? Forum:Newbies corner Posted: Sat Jun 02, 2007 12:00 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 I've tried: - Manage -> Files - Plugins -> Plugin Editor - Write -> Post -> Upload The mod-security rule is affecting all of those. Unless someone has another idea of getting around ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 11:29 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 Sorry to keep posting but I keep getting one step further. I think that I'm receiving these 406 errors because of some mod_security settings on the server. Does this mean that I hit a dead end? A ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 8:31 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 Koko, your English is fine. So I realized that I have edit access to all of the plugins, so I figured I would just edit the Hello Dolly plugin since it's not activated. I go to Plugins -> Plu ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 3:54 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 I managed to find out where in the functions.php is the allowed upload list. I was able to upload my shell, but when I try to hit it: http://site/blog/wp-content/uploads/2007/06/shell.php I get ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 3:25 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 Continuing on my quest to upload a shell after I used Waraze's newest Wordpress exploit to gain Wordpress admin access. So I have write permissions on a ton of .php files. My idea was you utiliz ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 12:31 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 Thanks for the direction Koko. I'm going to make attempts today on all of those suggestions. I'm the new admin... now what? Forum:Newbies corner Posted: Thu May 31, 2007 7:50 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 33374 Well if you have access to admin panel uploading shell is easy What about uploading shell with Wordpress admin access. I've done some searching and haven't really found anything that makes me be ... WordPress 2.1.3 sql injection blind fishing exploit ver. 2 Forum:All other software Posted: Wed May 30, 2007 12:54 pm Subject: WordPress 2.1.3 sql injection blind fishing exploit ver. 2 barr0w Replies: 52 Views: 474050 Yesterday I built a LAMP box with PHP/CURL just to try this exploit out. It works PERFECTLY. I just wanted to say great work and thank you. Now if I was just more skilled at md5 hacking I'd be all ... Page 1 of 1 All times are GMT Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.038 Seconds