Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
November 29, 2020
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 277
Members: 0
Total: 277
PacketStorm News
Currently there is a problem with headlines from this site
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 33 matches
cPanel need help
PostForum: Sql injection   Posted: Wed Mar 12, 2008 8:18 pm   Subject: cPanel need help
gtal3x
 
Replies: 3
Views: 3919




Sql inj where?In cPanel or some other appz on server?Somewere else, i was able to get usernames and passwords for users, tryed to use some of them on cPanel, dident work...
cPanel need help
PostForum: Sql injection   Posted: Wed Mar 12, 2008 7:13 pm   Subject: cPanel need help
gtal3x
 
Replies: 3
Views: 3919




Hello does anybody know the name of table and columns for cPanel? I found sql injection all i need is to get admin hashes now, btw are they simple md5's or with salt? Thnx
SQL INJ HELP
PostForum: Sql injection   Posted: Tue Feb 12, 2008 2:50 am   Subject: SQL INJ HELP
gtal3x
 
Replies: 17
Views: 13236




kr0k0 i dont understand, if you puted http://www.yahoo.com and it worked, that mean anything is gona work, you dont need to upload shell throu sql injection, just upload it into any free web hostings ...
MySQL injection problem
PostForum: Sql injection   Posted: Sun Feb 10, 2008 5:09 am   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




C:\AppServ\www>php test.p
0----
1----


Work finished!Thats what i did, no error at all, but nothing in out.txt, btw tryed on linux is well...
MySQL injection problem
PostForum: Sql injection   Posted: Sun Feb 10, 2008 3:24 am   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




waraxe for some reason your script doest work for me, it runs ok, but doesnt save anything in out.txt, the script is easy but i am not good with files functions Cool... Basicly it looks strange to me t ...
MySQL injection problem
PostForum: Sql injection   Posted: Sat Feb 09, 2008 7:02 pm   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




why not do it str8?
UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,CONCAT_WS(CHAR(58),mail,password)+FROM+Users/*

btw i think the best thing to do is just t ...
MySQL injection problem
PostForum: Sql injection   Posted: Sat Feb 09, 2008 6:28 pm   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




i guess u can try to find a perl script that finds the right tables and columns for you, or write it your self, but this is for mysql 4x, in 5x you can always use the information schem to find excaly ...
MySQL injection problem
PostForum: Sql injection   Posted: Sat Feb 09, 2008 5:57 pm   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




or just try this and tell me what u see...
+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,email,7,8,9,0,1,2+from+User+limit+1,1/*
MySQL injection problem
PostForum: Sql injection   Posted: Sat Feb 09, 2008 5:49 pm   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




thats exacly wat u need, with my code u found that the column name is "User", u can go ferther by limit+2,1... etc, or u can start finding tables with the same comand (cahnge columns for tables) and t ...
MySQL injection problem
PostForum: Sql injection   Posted: Sat Feb 09, 2008 5:14 pm   Subject: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




just do this:
+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,column_name,7,8,9,0,1,2+from+information_schema.columns+where+column_name+like+0x257573657225+limit+1,1/*

btw r u tryin to hack skai.gr ? ...
unknown ... help, Please
PostForum: All other security holes   Posted: Sat Feb 09, 2008 1:07 pm   Subject: unknown ... help, Please
gtal3x
 
Replies: 4
Views: 5540




1st of all where did you get this pass from? i mean from what software? For me it seems like a mysql 64bit, with no salt
MySQL injection problem
PostForum: Sql injection   Posted: Sat Feb 09, 2008 1:04 pm   Subject: Re: MySQL injection problem
gtal3x
 
Replies: 40
Views: 20317




Well for me it seems that u dident find the right number of columns, btw use:
union+select+1,2,3,4,5/*
vBulletin 3.6.8 patch2 Admin panel upload shell
PostForum: vBulletin Board   Posted: Fri Feb 08, 2008 1:26 pm   Subject: vBulletin 3.6.8 patch2 Admin panel upload shell
gtal3x
 
Replies: 11
Views: 20358




koko thnx for help, i managed to make it work...!
vBulletin 3.6.8 patch2 Admin panel upload shell
PostForum: vBulletin Board   Posted: Fri Feb 08, 2008 12:53 pm   Subject: vBulletin 3.6.8 patch2 Admin panel upload shell
gtal3x
 
Replies: 11
Views: 20358




I tryed ntsview and r57... They dident work... But PHP works, just tryed echo"Test"; and it worked..! Do you have any good shell i can upload?
vBulletin 3.6.8 patch2 Admin panel upload shell
PostForum: vBulletin Board   Posted: Thu Feb 07, 2008 10:15 pm   Subject: vBulletin 3.6.8 patch2 Admin panel upload shell
gtal3x
 
Replies: 11
Views: 20358




koko thx fro reply, i did everything you said, i wrote: echo "Test"; (just to test it), then i went to site.com/forum/ajax.php but nothing came up... What did i do wrong?
Page 1 of 3 Goto page 1, 2, 3  Next
All times are GMT
  




Powered by phpBB 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.079 Seconds