 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 Posted: Sun Feb 03, 2008 8:55 pm |
 |
|
| pexli |
| Valuable expert |
 |
|
| Joined: May 24, 2007 |
| Posts: 665 |
| Location: Bulgaria |
|
|
 |
|
 |
|
| Delete everything from your PC reboot and when install xammp.I install this many times and everything working very nice. |
|
|
|
|
| Posted: Mon Feb 04, 2008 2:07 am |
|
|
| Zone |
| Beginner |
 |
|
| Joined: Feb 03, 2008 |
| Posts: 3 |
|
|
|
|
|
|
|
| koko wrote: | | Delete everything from your PC reboot and when install xammp.I install this many times and everything working very nice. |
This is a fresh install, fresh windows, fresh drive. |
|
|
|
|
| Posted: Thu Mar 06, 2008 2:18 am |
|
|
| Gibs |
| Beginner |
|
|
| Joined: Mar 06, 2008 |
| Posts: 3 |
|
|
|
|
|
|
|
EDIT======
Thanks!Works like a charm.Waraxe you rock ^_^
Plus,I was using cutenews myself,so thanks for this tip.I guess,since you use phpbb2,that has less vuln.  |
|
|
|
|
| Posted: Thu Mar 06, 2008 2:01 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Gibs wrote: | EDIT======
Thanks!Works like a charm.Waraxe you rock ^_^
Plus,I was using cutenews myself,so thanks for this tip.I guess,since you use phpbb2,that has less vuln. |
I am using rewritten-from-scratch phpnuke 7.x with integrated phpbb and i was reviewing all the source code before putting this website online. So i'm sure that there is no big security flaws right now  |
|
|
|
|
|
 |
|
 |
| Posted: Fri Mar 07, 2008 1:47 pm |
|
|
| DZ-015 |
| Beginner |
|
|
| Joined: Mar 07, 2008 |
| Posts: 2 |
|
|
|
|
|
|
|
hi waraxe, first of all respect for your tool and support
I got a problem - I know that the url that I target is correct and accessible with the browser, but I get something like that:
| Code: |
user@domain:~$ php /home/user/cutemd5.php
Validating target URL
Target URL not valid!user@domain:~$
|
I'm running the script on my laptop with the target in the internet, in my current location theres a lame filter to block "inappropriate" sites, including my training target - is it possible that this might be the case? and if yes, any advice on how to set up a proxy for the script? (i'm using TOR for the browser, and for now I could use TOR network without abusing it - the target is run by my friend and its a PoC attack)
btw, a tip for debian/ubuntu user who run into the problem with curl - no need do compile php :] use:
| Code: | | sudo apt-get install php5-curl |
|
|
|
|
|
|
|
|
|
| Posted: Fri Mar 07, 2008 3:56 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
I think, that best way is to instruct curl to use proxy, something like:
| Code: |
curl_setopt($ch, CURLOPT_PROXY, 'proxy_ip:proxy_port');
|
or
| Code: |
curl_setopt ($ch, CURLPROXY_HTTP, 'http://host:port');
|
More info in php manual comments section:
http://ee.php.net/curl
|
|
|
|
|
| Posted: Sun Apr 27, 2008 11:22 am |
|
|
| MEGAHERTZ |
| Beginner |
|
|
| Joined: Apr 26, 2008 |
| Posts: 3 |
|
|
|
|
|
|
|
download this exploit. But to work it he refuses 
Gives out such mistake error
Fatal error: Call to undefined function: curl_init() in z:\home\megahertz.ru\www\exploit.php on line 227
What to do make?
sorry for mine english. I Russian
icq 48-66-48-25 |
|
|
|
|
| Posted: Sun Apr 27, 2008 11:36 am |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| MEGAHERTZ wrote: | download this exploit. But to work it he refuses
Gives out such mistake error
Fatal error: Call to undefined function: curl_init() in z:\home\megahertz.ru\www\exploit.php on line 227
What to do make?
sorry for mine english. I Russian
icq 48-66-48-25 |
You need to activate curl extension in php.
Search for "php.ini" file, probably in Windows folder.
There is a text line:
| Code: |
;extension=php_curl.dll
|
Uncomment it like this:
| Code: |
extension=php_curl.dll
|
This should help |
|
|
|
|
|
|
|
|
| Posted: Sun Apr 27, 2008 11:42 am |
|
|
| MEGAHERTZ |
| Beginner |
|
|
| Joined: Apr 26, 2008 |
| Posts: 3 |
|
|
|
|
|
|
|
| waraxe wrote: | | MEGAHERTZ wrote: | download this exploit. But to work it he refuses
Gives out such mistake error
Fatal error: Call to undefined function: curl_init() in z:\home\megahertz.ru\www\exploit.php on line 227
What to do make?
sorry for mine english. I Russian
icq 48-66-48-25 |
You need to activate curl extension in php.
Search for "php.ini" file, probably in Windows folder.
There is a text line:
| Code: |
;extension=php_curl.dll
|
Uncomment it like this:
| Code: |
extension=php_curl.dll
|
This should help |
yeah it's OK)) thank!!! |
|
|
|
|
| Posted: Thu May 08, 2008 10:38 pm |
|
|
| tommyturner2007 |
| Beginner |
|
|
| Joined: May 09, 2008 |
| Posts: 1 |
|
|
|
|
|
|
|
Hey Guy's
Just found this site on the net
I am returning error "Pretest 1 failed - Wrong username?" On all my searches however is correct username.
Can anyone suggest why this happens? |
|
|
|
|
| Posted: Thu May 15, 2008 3:03 am |
|
|
| Terminal |
| Beginner |
|
|
| Joined: May 15, 2008 |
| Posts: 4 |
|
|
|
|
|
|
|
Hey, at first i had problems with the curl_dll but i fixed that by pasting the curl.dll file into the php main foler.
Now when i run cutemd5 i get "Target URL Not Valid" i know it is valid because its accessible and i tried two different forums with the same result.
Help would be appreciated. |
|
|
|
|
| Posted: Sun May 18, 2008 10:27 am |
|
|
| Terminal |
| Beginner |
|
|
| Joined: May 15, 2008 |
| Posts: 4 |
|
|
|
|
|
|
|
|
|
|
|
| Posted: Sun May 18, 2008 11:30 am |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
Look for this code fragment:
| Code: |
// Target URL valid?
xecho("Validating target URL");
if(strpos(make_get($GLOBALS['target']), 'search_in_archives') === false)
{
die('Target URL not valid!');
}
xecho("URL is valid");
|
and disable it by commenting out the "die()" function:
| Code: |
// Target URL valid?
xecho("Validating target URL");
if(strpos(make_get($GLOBALS['target']), 'search_in_archives') === false)
{
//die('Target URL not valid!');
}
xecho("URL is valid");
|
|
|
|
|
|
| Posted: Sun May 18, 2008 2:31 pm |
|
|
| Terminal |
| Beginner |
|
|
| Joined: May 15, 2008 |
| Posts: 4 |
|
|
|
|
|
|
|
Okay thanks that helped a little but now i get
URL is Valid
Request Failed!
Sleeping 1 Seconds
Awake...
Retry #2
and it keeps going adding a second and a retry everytime.
until #10 when its gives fatal error and stops. |
|
Last edited by Terminal on Mon May 19, 2008 2:08 am; edited 1 time in total |
|
|
|
| Posted: Sun May 18, 2008 2:59 pm |
|
|
| Rivalo |
| Beginner |
|
|
| Joined: May 18, 2008 |
| Posts: 1 |
|
|
|
|
|
|
|
ehh can cutenews logs your ip when you hack it and logging it
AND DELETE EVERYTING  ??? |
|
|
|
|
www.waraxe.us Forum Index -> All other software
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 3 of 4
Goto page Previous1, 2, 3, 4Next
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 232
Members: 0
Total: 232
