 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| |
|
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9145
 People Online:
 Visitors: 428
 Members: 0
 Total: 428
|
|
|
|
|
|
PacketStorm News |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
hi folks
i've been studying php exploits, and recently i was watching waraxe-2004-SA#036 and found a thing that i don't understand....
you use an unitializated variable to inject some SQL, but m ... |
|
|
|
|
&highlight=%2527.$poster=$dbname.%2527
is there a way i could make a SQL query and thus obtain the admin's hashed password ?
yes i wish i could do that too. i used the exploit in http://www. ... |
|
|
|
|
I've got a friend with phpnuke 7.3 but he's got coppermine for phpnuke last version (v 1.2.2b) that waraxe made a advisor with a real problem (remote file including)
there isn't a new release of co ... |
|
|
|
|
Well, you have sql injection case allready, if you see that error message. So try now to provoke various mysql error messages, and maybe one of them will reveal real table name...
well I was very ... |
|
|
|
|
if you start this thing, I'm on it with a friend  Pentium4 3,5Ghz + Centrino 1,5Ghz + 2 x Athlon 2200+ all working for you
there must be organization in table managment... if we could make a l ... |
|
|
|
|
Rainbow crack is promising thing, thats for sure.
why not create a community in this forum where we can build a big rainbow table for our use?? with eachone effort it's not so difficult to build a ... |
|
|
|
|
well thx for your help, u rule
but one little question. I was trying using your knowledge but I've got this error:
SQL Error : 1146 Table 'lusodemo.phpbb_users' doesn't exist
so it sems that ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
