Waraxe IT Security Portal
Login or Register
July 1, 2025
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 69
Members: 0
Total: 69
Full disclosure
Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title> Tag
CVE-2025-32978 - Quest KACE SMA Unauthenticated LicenseReplacement
CVE-2025-32977 - Quest KACE Unauthenticated Backup Upload
CVE-2025-32976 - Quest KACE SMA 2FA Bypass
CVE-2025-32975 - Quest KACE SMA Authentication Bypass
RansomLord (NG v1.0) anti-ransomware exploit tool
Disclosure Yealink Cloud vulnerabilities
: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)
SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem
Call for Applications: ERCIM STM WG 2025 Award for the Best Ph.D. Thesis on Security and Trust Management (July 31, 2025)
SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version
Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Defense in depth -- the Microsoft way (part 89): user grouppolicies don't deserve tamper protection
CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 13 matches
Make c99 or r57 less detectable by antivir programs!
PostForum:Shell commands injection Posted: Mon Jun 25, 2007 2:09 pm Subject: Make c99 or r57 less detectable by antivir programs!
barr0w
Replies: 5
Views: 15558




I hear that c99 sucks a lot, but what is a better alternative? I have yet to find something better that has an interface in English.
Flash: Need Help Embedding Javascript
PostForum:Newbies corner Posted: Wed Jun 06, 2007 7:12 pm Subject: Flash: Need Help Embedding Javascript
barr0w
Replies: 0
Views: 6061




Hey everyone,
The ultimate goal is embedding my already working cookie stealer into a Flash movie. I've made some attempts but am having trouble. I create a flash movie and put the following in an ...
Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
PostForum:All other software Posted: Wed Jun 06, 2007 3:21 pm Subject: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
barr0w
Replies: 7
Views: 42373




Has anyone seen this new advisory that just showed up on milw0rm?

http://www.milw0rm.com/exploits/4039

Unfortunately all of the comments are written in Spanish. It also looks like the exploit i ...
PasswordsPro 2.3.1.0
PostForum:Tools Posted: Sat Jun 02, 2007 11:25 pm Subject: PasswordsPro 2.3.1.0
barr0w
Replies: 2
Views: 9252




I've been that version, it's very nice. Does anyone have a really big English dictionary file though?
I'm the new admin... now what?
PostForum:Newbies corner Posted: Sat Jun 02, 2007 3:28 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




Thank you so much for your help Koko, HAS is a very interesting tool.

UPDATE: Using HAS I was able to make edits to the .htaccess file disabling mod_security. This let me upload my shell. Thanks ...
I'm the new admin... now what?
PostForum:Newbies corner Posted: Sat Jun 02, 2007 12:00 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




I've tried:
- Manage -> Files
- Plugins -> Plugin Editor
- Write -> Post -> Upload

The mod-security rule is affecting all of those. Unless someone has another idea of getting around ...
I'm the new admin... now what?
PostForum:Newbies corner Posted: Fri Jun 01, 2007 11:29 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




Sorry to keep posting but I keep getting one step further.

I think that I'm receiving these 406 errors because of some mod_security settings on the server. Does this mean that I hit a dead end? A ...
I'm the new admin... now what?
PostForum:Newbies corner Posted: Fri Jun 01, 2007 8:31 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




Koko, your English is fine.

So I realized that I have edit access to all of the plugins, so I figured I would just edit the Hello Dolly plugin since it's not activated.

I go to Plugins -> Plu ...
I'm the new admin... now what?
PostForum:Newbies corner Posted: Fri Jun 01, 2007 3:54 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




I managed to find out where in the functions.php is the allowed upload list. I was able to upload my shell, but when I try to hit it:

http://site/blog/wp-content/uploads/2007/06/shell.php

I get ...
I'm the new admin... now what?
PostForum:Newbies corner Posted: Fri Jun 01, 2007 3:25 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




Continuing on my quest to upload a shell after I used Waraze's newest Wordpress exploit to gain Wordpress admin access.

So I have write permissions on a ton of .php files.

My idea was you utiliz ...
I'm the new admin... now what?
PostForum:Newbies corner Posted: Fri Jun 01, 2007 12:31 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189




Thanks for the direction Koko. I'm going to make attempts today on all of those suggestions.
I'm the new admin... now what?
PostForum:Newbies corner Posted: Thu May 31, 2007 7:50 pm Subject: I'm the new admin... now what?
barr0w
Replies: 29
Views: 33189





Well if you have access to admin panel uploading shell is easy

What about uploading shell with Wordpress admin access. I've done some searching and haven't really found anything that makes me be ...
WordPress 2.1.3 sql injection blind fishing exploit ver. 2
PostForum:All other software Posted: Wed May 30, 2007 12:54 pm Subject: WordPress 2.1.3 sql injection blind fishing exploit ver. 2
barr0w
Replies: 52
Views: 473667




Yesterday I built a LAMP box with PHP/CURL just to try this exploit out. It works PERFECTLY. I just wanted to say great work and thank you. Now if I was just more skilled at md5 hacking I'd be all ...
Page 1 of 1
All times are GMT


Powered by phpBB © 2001-2008 phpBB Group



PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.050 Seconds