 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 284
 Members: 0
 Total: 284
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
IP login |
|
 Posted: Fri Mar 20, 2009 6:02 pm |
 |
|
| ladylearner |
| Regular user |
 |
|
| Joined: Oct 23, 2005 |
| Posts: 21 |
|
|
|
 |
|
 |
|
| I have some usernames and passwords to a website, which I know work, the problem is that the admin has now made it so that each user can only log in when using their own IP numbers. Is there anyway that I can bypass this? |
|
|
|
|
| Posted: Fri Mar 20, 2009 6:13 pm |
|
|
| -AO- |
| Advanced user |
 |
|
| Joined: Jul 15, 2008 |
| Posts: 205 |
| Location: United States |
|
|
|
|
|
|
| Use a xss shell.. put script source from admin panel if you have it. |
|
|
|
|
| Posted: Sat Mar 21, 2009 10:00 pm |
|
|
| brisk |
| Advanced user |
|
|
| Joined: Mar 07, 2009 |
| Posts: 108 |
|
|
|
|
|
|
|
| -AO- wrote: | | Use a xss shell.. put script source from admin panel if you have it. |
Hey.. I have same problem like the kid up there..
Victim's /administrator folder is filtering ip addresses by using .htaccess and they're running on joomla..
What do u mean by xss shell ? |
|
|
|
|
| Posted: Sat Mar 21, 2009 10:45 pm |
|
|
| slsl |
| Advanced user |
|
|
| Joined: Oct 14, 2008 |
| Posts: 66 |
|
|
|
|
|
|
|
|
|
|
|
| Posted: Sat Mar 21, 2009 10:49 pm |
|
|
| -AO- |
| Advanced user |
|
|
| Joined: Jul 15, 2008 |
| Posts: 205 |
| Location: United States |
|
|
|
|
|
|
| Set it up on a free host that supports asp. |
|
|
|
|
| Posted: Sat Mar 21, 2009 10:56 pm |
|
|
| brisk |
| Advanced user |
|
|
| Joined: Mar 07, 2009 |
| Posts: 108 |
|
|
|
|
|
|
|
damn, I tolly didn't get how to use this  |
|
|
|
|
| Posted: Sat Mar 21, 2009 11:04 pm |
|
|
| slsl |
| Advanced user |
|
|
| Joined: Oct 14, 2008 |
| Posts: 66 |
|
|
|
|
|
|
|
| im too lazy to write an entire tutorial for it you can just google that but bassicly there are two parts to it there is the part you put in a site via an xss hole and then theres the part that you have a server of your own. after you set both you wait on your server until victims go onto the xss on the other site and you can send various commands to them and i havn't looked in to it but it does say you can bypass ip restrictions |
|
|
|
|
|
|
|
|
| Posted: Sat Mar 21, 2009 11:05 pm |
|
|
| brisk |
| Advanced user |
|
|
| Joined: Mar 07, 2009 |
| Posts: 108 |
|
|
|
|
|
|
|
| slsl wrote: | | im too lazy to write an entire tutorial for it you can just google that but bassicly there are two parts to it there is the part you put in a site via an xss hole and then theres the part that you have a server of your own. after you set both you wait on your server until victims go onto the xss on the other site and you can send various commands to them and i havn't looked in to it but it does say you can bypass ip restrictions |
Aight, Gotcha..
I just found out that it would be too hard... |
|
|
|
|
| Posted: Sun Mar 22, 2009 2:31 am |
|
|
| -AO- |
| Advanced user |
|
|
| Joined: Jul 15, 2008 |
| Posts: 205 |
| Location: United States |
|
|
|
|
|
|
Try it out and I can help you step by step  |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
