Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: June 16, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 63 Members: 0 Total: 63 Full disclosure SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft Defense in depth -- the Microsoft way (part 89): user grouppolicies don't deserve tamper protection CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page ERPNext v15.53.1 Stored XSS in user_image Field Allows Script Execution via Injected Image Path Local information disclosure in apport and systemd-coredump Stored XSS via File Upload - adaptcmsv3.0.3 IDOR "Change Password" Functionality - adaptcmsv3.0.3 Stored XSS "Send Message" Functionality - adaptcmsv3.0.3 Authenticated File Upload to RCE - adaptcmsv3.0.3 Stored XSS in "Description" Functionality - cubecartv6.5.9 Multiple Vulnerabilities in SAP GuiXT Scripting CVE-2024-47081: Netrc credential leak in PSF requests library Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2) IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 13 matches Make c99 or r57 less detectable by antivir programs! Forum:Shell commands injection Posted: Mon Jun 25, 2007 2:09 pm Subject: Make c99 or r57 less detectable by antivir programs! barr0w Replies: 5 Views: 15510 I hear that c99 sucks a lot, but what is a better alternative? I have yet to find something better that has an interface in English. Flash: Need Help Embedding Javascript Forum:Newbies corner Posted: Wed Jun 06, 2007 7:12 pm Subject: Flash: Need Help Embedding Javascript barr0w Replies: 0 Views: 6006 Hey everyone, The ultimate goal is embedding my already working cookie stealer into a Flash movie. I've made some attempts but am having trouble. I create a flash movie and put the following in an ... Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit Forum:All other software Posted: Wed Jun 06, 2007 3:21 pm Subject: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit barr0w Replies: 7 Views: 42334 Has anyone seen this new advisory that just showed up on milw0rm? http://www.milw0rm.com/exploits/4039 Unfortunately all of the comments are written in Spanish. It also looks like the exploit i ... PasswordsPro 2.3.1.0 Forum:Tools Posted: Sat Jun 02, 2007 11:25 pm Subject: PasswordsPro 2.3.1.0 barr0w Replies: 2 Views: 9231 I've been that version, it's very nice. Does anyone have a really big English dictionary file though? I'm the new admin... now what? Forum:Newbies corner Posted: Sat Jun 02, 2007 3:28 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 Thank you so much for your help Koko, HAS is a very interesting tool. UPDATE: Using HAS I was able to make edits to the .htaccess file disabling mod_security. This let me upload my shell. Thanks ... I'm the new admin... now what? Forum:Newbies corner Posted: Sat Jun 02, 2007 12:00 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 I've tried: - Manage -> Files - Plugins -> Plugin Editor - Write -> Post -> Upload The mod-security rule is affecting all of those. Unless someone has another idea of getting around ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 11:29 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 Sorry to keep posting but I keep getting one step further. I think that I'm receiving these 406 errors because of some mod_security settings on the server. Does this mean that I hit a dead end? A ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 8:31 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 Koko, your English is fine. So I realized that I have edit access to all of the plugins, so I figured I would just edit the Hello Dolly plugin since it's not activated. I go to Plugins -> Plu ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 3:54 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 I managed to find out where in the functions.php is the allowed upload list. I was able to upload my shell, but when I try to hit it: http://site/blog/wp-content/uploads/2007/06/shell.php I get ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 3:25 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 Continuing on my quest to upload a shell after I used Waraze's newest Wordpress exploit to gain Wordpress admin access. So I have write permissions on a ton of .php files. My idea was you utiliz ... I'm the new admin... now what? Forum:Newbies corner Posted: Fri Jun 01, 2007 12:31 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 Thanks for the direction Koko. I'm going to make attempts today on all of those suggestions. I'm the new admin... now what? Forum:Newbies corner Posted: Thu May 31, 2007 7:50 pm Subject: I'm the new admin... now what? barr0w Replies: 29 Views: 32969 Well if you have access to admin panel uploading shell is easy What about uploading shell with Wordpress admin access. I've done some searching and haven't really found anything that makes me be ... WordPress 2.1.3 sql injection blind fishing exploit ver. 2 Forum:All other software Posted: Wed May 30, 2007 12:54 pm Subject: WordPress 2.1.3 sql injection blind fishing exploit ver. 2 barr0w Replies: 52 Views: 473349 Yesterday I built a LAMP box with PHP/CURL just to try this exploit out. It works PERFECTLY. I just wanted to say great work and thank you. Now if I was just more skilled at md5 hacking I'd be all ... Page 1 of 1 All times are GMT Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.030 Seconds