Login or Register ::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  :: May 21, 2012 Menu  Home  Logout  Discussions  Forums  Members List  IRC chat  Tools  Base64 coder  MD5 hash  CRC32 checksum  ROT13 coder  SHA-1 hash  URL-decoder  Sql Char Encoder  Affiliates  y3dips ITsec  Md5 Cracker  User Manuals  AlbumNow  Content  Content  Sections  FAQ  Top  Info  Feedback  Recommend Us  Search  Journal  Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: finalfantasy New Today: 0 New Yesterday: 2 Overall: 8196 People Online: Visitors: 250 Members: 3 Total: 253 Online Now: 01: BigBob - Forums 02: johnburn - Homepage 03: killer38480 - Forums milw0rm ·[linux/x86] - linux/x86 - polymorphic espeak shellcode - 45 bytes ·[webapps / 0day] - NACElink CS Manager - Persistent Web Vulnerability ·[webapps / 0day] - Doorsweb SQL Injection Vulnerability ·[webapps / 0day] - Doll shopping store Kr/Jp SQL injection Vulnerability ·[local exploits] - Linux Kernel 3.3.x <= 3.3.4 Buffer overflow in HFS plus filesystem ·[webapps / 0day] - SMCWBR14-G2 PPPoE Data Disclosure (ADSL Router) ·[local exploits] - LAN Messenger v1.2.28 - Persistent Software Vulnerability ·[webapps / 0day] - MobileSpy Android|iPhone|W7P|sOS - Web Vulnerabilities ·[webapps / 0day] - CLscript CMS v3.0 - SQL Injection Vulnerability ·[webapps / 0day] - Minnesota Premier Publications SQL injection Vulnerability read more... PacketStorm News ·OpenOffice.org 3.3.0 Powerpoint Denial Of Service ·Drupal Zen 6.x Cross Site Scripting ·OpenOffice.org Memory Overwrite ·Debian Security Advisory 2473-1 ·Drupal Aberdeen 6.x Cross Site Scripting ·Drupal Hostmaster 6.x Cross Site Scripting / Access Bypass ·Drupal Post Affiliate Pro 6.x Cross Site Scripting / Access Bypass ·OpenOffice.org vclmi.dll Integer Overflow ·Linux Kernel HFS Plus Buffer Overflow ·Apple Security Advisory 2012-05-15-1 read more... IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 13 matches Make c99 or r57 less detectable by antivir programs! Forum: Shell commands injection   Posted: Mon Jun 25, 2007 2:09 pm   Subject: Make c99 or r57 less detectable by antivir programs! barr0w   Replies: 5 Views: 2197 I hear that c99 sucks a lot, but what is a better alternative? I have yet to find something better that has an interface in English. Flash: Need Help Embedding Javascript Forum: Newbies corner   Posted: Wed Jun 06, 2007 7:12 pm   Subject: Flash: Need Help Embedding Javascript barr0w   Replies: 0 Views: 1029 Hey everyone, The ultimate goal is embedding my already working cookie stealer into a Flash movie. I've made some attempts but am having trouble. I create a flash movie and put the following in an ... Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit Forum: All other software   Posted: Wed Jun 06, 2007 3:21 pm   Subject: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit barr0w   Replies: 7 Views: 3410 Has anyone seen this new advisory that just showed up on milw0rm? http://www.milw0rm.com/exploits/4039 Unfortunately all of the comments are written in Spanish. It also looks like the exploit i ... PasswordsPro 2.3.1.0 Forum: Tools   Posted: Sat Jun 02, 2007 11:25 pm   Subject: PasswordsPro 2.3.1.0 barr0w   Replies: 2 Views: 2312 I've been that version, it's very nice. Does anyone have a really big English dictionary file though? I'm the new admin... now what? Forum: Newbies corner   Posted: Sat Jun 02, 2007 3:28 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 Thank you so much for your help Koko, HAS is a very interesting tool. UPDATE: Using HAS I was able to make edits to the .htaccess file disabling mod_security. This let me upload my shell. Thanks ... I'm the new admin... now what? Forum: Newbies corner   Posted: Sat Jun 02, 2007 12:00 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 I've tried: - Manage -> Files - Plugins -> Plugin Editor - Write -> Post -> Upload The mod-security rule is affecting all of those. Unless someone has another idea of getting around ... I'm the new admin... now what? Forum: Newbies corner   Posted: Fri Jun 01, 2007 11:29 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 Sorry to keep posting but I keep getting one step further. I think that I'm receiving these 406 errors because of some mod_security settings on the server. Does this mean that I hit a dead end? A ... I'm the new admin... now what? Forum: Newbies corner   Posted: Fri Jun 01, 2007 8:31 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 Koko, your English is fine. So I realized that I have edit access to all of the plugins, so I figured I would just edit the Hello Dolly plugin since it's not activated. I go to Plugins -> Plu ... I'm the new admin... now what? Forum: Newbies corner   Posted: Fri Jun 01, 2007 3:54 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 I managed to find out where in the functions.php is the allowed upload list. I was able to upload my shell, but when I try to hit it: http://site/blog/wp-content/uploads/2007/06/shell.php I get ... I'm the new admin... now what? Forum: Newbies corner   Posted: Fri Jun 01, 2007 3:25 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 Continuing on my quest to upload a shell after I used Waraze's newest Wordpress exploit to gain Wordpress admin access. So I have write permissions on a ton of .php files. My idea was you utiliz ... I'm the new admin... now what? Forum: Newbies corner   Posted: Fri Jun 01, 2007 12:31 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 Thanks for the direction Koko. I'm going to make attempts today on all of those suggestions. I'm the new admin... now what? Forum: Newbies corner   Posted: Thu May 31, 2007 7:50 pm   Subject: I'm the new admin... now what? barr0w   Replies: 29 Views: 5040 Well if you have access to admin panel uploading shell is easy What about uploading shell with Wordpress admin access. I've done some searching and haven't really found anything that makes me be ... WordPress 2.1.3 sql injection blind fishing exploit ver. 2 Forum: All other software   Posted: Wed May 30, 2007 12:54 pm   Subject: WordPress 2.1.3 sql injection blind fishing exploit ver. 2 barr0w   Replies: 52 Views: 51688 Yesterday I built a LAMP box with PHP/CURL just to try this exploit out. It works PERFECTLY. I just wanted to say great work and thank you. Now if I was just more skilled at md5 hacking I'd be all ... Page 1 of 1 All times are GMT Select a forum Security Research by waraxe----------------General discussionHow to fixMetasploit related Hash cracking requests----------------MD5 hashesAll other hashesHash related information http://www.waraxe.us portal----------------SuggestionsCooperation proposals Security bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holes Various software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107FullxmlMamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo Gallery Programming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssembler Reverse engineering----------------Newbies cornerDisassemblingPHP script decode requests Miscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy database Direct Downloads----------------ToolsTutorialsWordlists Recycle Bin----------------Removed messagesOutdated posts   Powered by phpBB © 2001-2008 phpBB Group

All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2010 Janek Vind "waraxe"

Page Generation: 0.103 Seconds