Waraxe IT Security Portal
Login or Register
June 16, 2025
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 46
Members: 0
Total: 46
Full disclosure
SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version
Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Defense in depth -- the Microsoft way (part 89): user grouppolicies don't deserve tamper protection
CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0
ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page
ERPNext v15.53.1 Stored XSS in user_image Field Allows Script Execution via Injected Image Path
Local information disclosure in apport and systemd-coredump
Stored XSS via File Upload - adaptcmsv3.0.3
IDOR "Change Password" Functionality - adaptcmsv3.0.3
Stored XSS "Send Message" Functionality - adaptcmsv3.0.3
Authenticated File Upload to RCE - adaptcmsv3.0.3
Stored XSS in "Description" Functionality - cubecartv6.5.9
Multiple Vulnerabilities in SAP GuiXT Scripting
CVE-2024-47081: Netrc credential leak in PSF requests library
Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 60 matches
Host/mysql inj help!!!!!!!!!!!!
PostForum:Sql injection Posted: Tue May 25, 2010 2:58 pm Subject: Host/mysql inj help!!!!!!!!!!!!
delta
Replies: 7
Views: 11996




If the mysql server allows external connection you can connect directly, without access to the server.
Cross Database in SQL Server
PostForum:Sql injection Posted: Mon May 24, 2010 8:04 pm Subject: Cross Database in SQL Server
delta
Replies: 0
Views: 6501




Hello, getting the follow error in mssql 2005:



Well, this means that cross database is turned off, right?
My question is: There is a way to turn it on? Maybe with sp_configure, don't know...
...
Upload shell in vb4
PostForum:vBulletin Board Posted: Sun May 16, 2010 11:16 pm Subject: Upload shell in vb4
delta
Replies: 8
Views: 16289




Sry, I cant, I'm sure that this method don't work for this forum, I need other way to upload the shell.
Upload shell in vb4
PostForum:vBulletin Board Posted: Sun May 16, 2010 10:49 pm Subject: Upload shell in vb4
delta
Replies: 8
Views: 16289




After the file being "uploaded" by ajax.php
Upload shell in vb4
PostForum:vBulletin Board Posted: Sun May 16, 2010 10:11 pm Subject: Upload shell in vb4
delta
Replies: 8
Views: 16289




Yeah, I know, but already tried to upload the file before, always get a xml error.

O documento XML não está associado a estilos. A estrutura do documento é representada abaixo.

− ...
Upload shell in vb4
PostForum:vBulletin Board Posted: Sun May 16, 2010 9:07 pm Subject: Upload shell in vb4
delta
Replies: 8
Views: 16289




Already tried before, but when I open ajax.php only get "There was an error uploading the file, please try again!"
Upload shell in vb4
PostForum:vBulletin Board Posted: Sun May 16, 2010 7:37 pm Subject: Upload shell in vb4
delta
Replies: 8
Views: 16289




Already tried every known options. Using plugin, xml, etc, but none worked.

If I try uploading a xml style(old version) with shell i get this:

The text for the template contains potentially unsa ...
INTO OUTFILE Problem
PostForum:Sql injection Posted: Sun May 02, 2010 8:44 pm Subject: INTO OUTFILE Problem
delta
Replies: 4
Views: 9481




If I do load_file('/etc/passwd') it won't work too, already tried, but pangolin says that magic_quotes = OFF, so that's not true then?

Any other way I can upload the shell?
INTO OUTFILE Problem
PostForum:Sql injection Posted: Sat May 01, 2010 5:49 pm Subject: INTO OUTFILE Problem
delta
Replies: 4
Views: 9481




Ok, I have FILE privileges, can read /etc/passwd, etc with load_file, but when INTO OUTFILE is used the file isn't created, already tried to create the file in /tmp dir but not working. Magic Quotes = ...
Not retrieving columns
PostForum:Sql injection Posted: Wed Oct 21, 2009 7:16 pm Subject: Not retrieving columns
delta
Replies: 3
Views: 8521




Hello Ghosttt, I already find out the problem.

The page is running 2 querys, so I can't get the columns visual feedback because keep getting wrong number of columns.
Use blind is not viable, since ...
Not retrieving columns
PostForum:Sql injection Posted: Tue Sep 15, 2009 5:30 pm Subject: Not retrieving columns
delta
Replies: 3
Views: 8521




BUMP, Someone? Confused Confused
Not retrieving columns
PostForum:Sql injection Posted: Sun Sep 13, 2009 8:58 pm Subject: Not retrieving columns
delta
Replies: 3
Views: 8521




Well, I succeeded in this injection. But the problem is: I can't get the column names.

When I try:
id=6672+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,column_name,12,13,14%20from%20information_schema.column ...
MSSQL Like
PostForum:Sql injection Posted: Thu Aug 06, 2009 11:41 pm Subject: MSSQL Like
delta
Replies: 3
Views: 8853




hahaha You're right.
Used %25 insted of % and worked.
Feeling very stupid now Embarassed Embarassed Embarassed

hehe, thx for the help tehhunter
MSSQL Like
PostForum:Sql injection Posted: Thu Aug 06, 2009 8:31 pm Subject: MSSQL Like
delta
Replies: 3
Views: 8853




So...
Any one??
MSSQL Like
PostForum:Sql injection Posted: Wed Aug 05, 2009 9:32 pm Subject: MSSQL Like
delta
Replies: 3
Views: 8853




Well, I'm trying to use LIKE in a sql injection query in MSSQL but it's not working as expected --'
I'm trying:
FROM table WHERE column LIKE '123%' order by ...

But insted of returning the the r ...
Page 1 of 4 Goto page 1, 2, 3, 4Next
All times are GMT


Powered by phpBB © 2001-2008 phpBB Group



PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.028 Seconds