Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: October 21, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 214 Members: 0 Total: 214 Full disclosure CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS apis.google.com - Insecure redirect via __lu parameter(exploited in the wild) Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS) Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS) [SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal [SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files CVE-2025-59397 - Open Web Analytics SQL Injection Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11 Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow IT Security and Insecurity Portal www.waraxe.us Forum Index -> PhpBB -> The .12 exploit. Quick question. View previous topic :: View next topic The .12 exploit. Quick question. Posted: Thu Mar 31, 2005 10:04 pm devn00b Regular user Joined: Feb 20, 2005 Posts: 22 I noticed that if you try to change user ID >9 the exploit stops working. Is there a way arround this? or am I missing somthing when creating the cookie? Posted: Fri Apr 01, 2005 12:11 pm shai-tan Valuable expert Joined: Feb 22, 2005 Posts: 477 Dude just edit admin to the way you want or login as admin and then change the user through the admin panel. Or just screw the site up. Its your call. _________________ Shai-tan ?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds Posted: Fri Apr 01, 2005 3:52 pm devn00b Regular user Joined: Feb 20, 2005 Posts: 22 Quote: Dude just edit admin to the way you want or login as admin and then change the user through the admin panel. Or just screw the site up. Its your call. See thats my problem, not all websites have an admin user <9. So i try to login and it just doesnt work. example: a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%2210%22%3B%7D That should if im doing this right log me into user 10, however it just logs me in as guest. Im not interested in screwing sites up, just reading a few pm's . Posted: Sat Apr 02, 2005 1:30 am waraxe Site admin Joined: May 11, 2004 Posts: 2407 Location: Estonia, Tartu devn00b wrote: Quote: Dude just edit admin to the way you want or login as admin and then change the user through the admin panel. Or just screw the site up. Its your call. See thats my problem, not all websites have an admin user <9. So i try to login and it just doesnt work. example: a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%2210%22%3B%7D That should if im doing this right log me into user 10, however it just logs me in as guest. Im not interested in screwing sites up, just reading a few pm's . If you urldecode() that stuff, you get this: Code: a:2:{s:11:"autologinid";b:1;s:6:"userid";s:1:"10";} This is serialized data and you can see, that it says "string with length 1 char and with value '10' ". Can you spot the error ? Right version is this: Code: a:2:{s:11:"autologinid";b:1;s:6:"userid";s:2:"10";} And in urlencoded style it will be as Code: a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%3A6%3A%22userid%22%3Bs%3A2%3A%2210%22%3B%7D See ya! Posted: Sat Apr 02, 2005 10:03 pm devn00b Regular user Joined: Feb 20, 2005 Posts: 22 Hey thanks for the response Waraxe. I knew it was somthing dumb I was missing. Isnt that always the case? Posted: Sun Apr 03, 2005 10:27 am y3dips Valuable expert Joined: Feb 25, 2005 Posts: 281 Location: Indonesia devn00b wrote: Hey thanks for the response Waraxe. I knew it was somthing dumb I was missing. Isnt that always the case? LOL , sometimes maybe you just to nervous _________________ IO::y3dips->new(http://clog.ammar.web.id); Posted: Tue Apr 05, 2005 5:38 pm devn00b Regular user Joined: Feb 20, 2005 Posts: 22 Okay last question I swear. Ive noticed a strange cookie from some sites s%3A0%3A%22%22%3B wich = s:0:""; is this exploitable if i do some modifications to the normal cookie sploit? Posted: Wed Apr 06, 2005 11:27 am shai-tan Valuable expert Joined: Feb 22, 2005 Posts: 477 You sure its not a forum with the 2.0.13 fix on? Maybe heavily modified forums? _________________ Shai-tan ?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds Posted: Wed Apr 06, 2005 1:04 pm waraxe Site admin Joined: May 11, 2004 Posts: 2407 Location: Estonia, Tartu devn00b wrote: Okay last question I swear. Ive noticed a strange cookie from some sites s%3A0%3A%22%22%3B wich = s:0:""; is this exploitable if i do some modifications to the normal cookie sploit? Maybe this cookie is set up, when user have anonymous status (i mean, does not have uid/uname). The .12 exploit. Quick question. www.waraxe.us Forum Index -> PhpBB You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum All times are GMT Page 1 of 1 All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 YearOldest FirstNewest First Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.035 Seconds