Bigojey

Microsoft Security Bulletin List With some public exploits with source code and executables try it get in...jav.ch greetz

nice mersi ghici

yes thank you very much anonim

thx brotha n1

wow thank you very much m8... nice work

<div class='quotetop'>QUOTE("Xavier")</div> pls in english german or espanol i hope it isnt such negativsentence

i got this exploit from a friend. his name is Mustafa Can Bjorn but everybody knows him as nukedx ps: i dont know if this exploit was given before so dont be angry pls if you already know this exploit here's the exploit : Vendor: MKPortal (http://www.mkportal.it/) Version: 1.1 RC1 and prior versions must be affected. (Runs on vBulletin!) About: Via this methods remote attacker can inject arbitrary SQL queries to ind parameter in index.php of MKPortal. Vulnerable code can be found in the file mkportal/include/VB/vb_board_functions.php at line 35-37, as you can see it easy to by pass this SQL update function. Also there is cross-site scripting vulnerability in pm_popup.php the parameters u1,m1,m2,m3,m4 did not sanitized properly. Level: Critical --- How&Example: SQL Injection : GET -> http://[victim]/[mkportaldir]/index.php?ind= EXAMPLE -> [url]http://[victim]/[/url][mkportaldir]/index.php?ind=',userid='1 So with this example remote attacker updates his session's userid to 1 and after refreshing the page he can logs as userid 1. XSS: GET -> [url]http://[victim]/[/url][mkportaldir]/includes/pm_popup.php?u1=[XSS]&m1=[XSS]&m2=[XSS]&m3=[XSS]&m4=[XSS] --- Timeline: * 21/04/2006: Vulnerability found. * 21/04/2006: Contacted with vendor and waiting reply. --- Exploit: http://www.nukedx.com/?getxpl=26 --- Dorks: "MKPortal 1.1 RC1" --- Original advisory can be found at: http://www.nukedx.com/?viewdoc=26

<div class='quotetop'>QUOTE("Alex")</div> Alex m8 ive already found one but thx... but i will not flame now we are all brothers xD

thx m8! but the page is down i think look @ the pic KLICK FOR THE PIC

thx for the tutorial nos could you pls post the url to the decoder ???

very cool. n1 thank you very much . everybody needs these shells

Yeah i saw it after downloading and opening it. Very useful! Thx again

i dont know what it is but i will download and look thx for sharing

i have looked for a crack but i am not sure if it will work. my sockscap32.exe is the 2.38 version but i've found only crackz for the 2.37 <= versions i will upload some crackz i hope it will work if you test it. but pls check the crackz with your av! http://rapidshare.de/files/24296638/crackz.rar.html greetz

yes : P thank you i hope the other users like it ,too. greetz

Hi Community i hope a lot of you can understand me:) I have asked a good friend of me if he could make a Video for RomanianHackersZone. The VideoTutorial treats about the Vnc remote Exploit. We can easyly bypass the login (usernane-password) and get into RemoteComputers which has got a Vulnerable VncServer. Enjoy it Password: dafreak Mirror 1 : http://rapidshare.de/files/24269467/Vnc-Sc...aFreak.rar.html Mirror 2 : http://www.megaupload.com/?d=BRXBTYJ5 greetz BigOjey

sry i was a long time not in this board because i had problems with my pc. i am happy that u liked it ^^. (the bad thing is that i can only speak german,english,latin,espanol,turkish but not your language :'( but i hope that i will learn it soon

thank you very much. nice package

http://rapidshare.de/files/23506381/Sql_In..._freak.rar.html (pass: dafreak) hope u enjoy it