|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 82
Members: 0
Total: 82
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
|
nice work, I'm sure people who want a secure upload script will find this useful |
|
|
|
|
Hey all, this is a file upload script I had on my site previously, it has been hacked somehow and I can't figure out how! So here's a challenge - someone was able to upload php files.
<?php
... |
|
|
|
|
free hosting is quite secure, they go to special steps because they are giving almost public access to their boxes. however, even sites like www.hackthissite.org have been hacked before, so there's al ... |
|
|
|
|
Strange, could be something simple like your OS is hiding .pl files, or maybe virus scanner is deleting it. |
|
|
|
|
looks like some kind of web shell thing that uses a symlink exploit to retrieve files. |
|
|
|
|
Difference between Hybrid Dictionary Attack and Dictionary Attack?
I have a Core2Duo @2.00GHz processor, and I get 480K passwords per seconds, is that good? When I check it says that only about 50% ... |
|
|
|
|
You should install invision on your own server and then play around with moving the ACP and seeing if you can still find a link to it or something. You can also play around with other things that an a ... |
|
|
|
|
can you run any PHP code at all? |
|
|
|
|
Please help with this! isnt there a exploit that allows you to find out the location of the admin directory or something??
Nope. If the admin is really paranoid he might delete the admin CP whenever ... |
|
|
|
|
Why not spend a little time trying to understand what you are doing.
php exploit.php www.site.com /forum/ |
|
|
|
|
Agreed, it's pretty useless.. might as well do brute force instead. |
|
|
|
|
it would probably require alot of learning on your part to get that XSS to do something useful for you. Basically you can get another user to create a new thread with it. If you want to try it, set up ... |
|
|
|
|
You specify the arguments on the command line when u start the script.
eg: php exploit.php -attack 1 -url www.site.com/forum/ -uid 1
Pretty straight forward. |
|
|
Page 1 of 14 |
Goto page 1, 2, 3 ... 12, 13, 14Next All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|