Search the Community
Showing results for tags 'read'.
-
Hi all?? Baidu Security Team found a vulnerability in extjs,with this vulnerability we can read arbitrary file and request internal http services File: /examples/feed-viewer/feed-proxy.php line:3-line:6 $feed = $_REQUEST['feed']; if($feed != '' && strpos($feed, 'http') === 0){ header('Content-Type: text/xml'); $xml = file_get_contents($feed); When we request like this url http://dev.sencha.com/extjs/5.0.0/examples/feed-viewer/feed-proxy.php?feed=http://10.1.1.1 if the resource exist,we can get internal http services info ??strpos($feed, 'http') === 0?? we can re
-
SQLi Dumper v.7 - Tool to find bugs errors or vulnerabilities in MySQL database Functions SQL Injection Operation System Function Dump Database Extract Database Schema Search Columns Name Read File (read only) Create File (read only) Brute Table & Column http://www.4shared.com/rar/7grTslfQce/SQLi_Dumper_v71.html
-
Proof of Concept 1: http://www.mediafire.com/dynamic/ct.php?link=norm_header_up_btn&url=%2F%25%77%77%77% 2E%79%61%68%6F%6F%2E%63%6F%6D%20%20 Read more: http://dl.packetstormsecurity.net/1502-exploits/Mediafire.pdf
-
This is a brief write up noting javascript backdoors left in common PHP shells. Read more: http://dl.packetstormsecurity.net/papers/general/backdoor.pdf
-
" Decipher the unspoken vocabulary of body language. A tilt of the head, the crossing of legs, the buttoning and unbuttoning of a jacket, and other gestures can speak volumes about what a person is thinking or feeling. By learning to spot hidden emotional, social, and sexual messages, you can tell how a person is reacting to you, respond appropriately, andinfluence the outcome of any situation. Detect and send messages of friendliness and flirtation. Gain and maintain the upper hand in negotiations and arguments. Determine whether someone is lying, recognize boredom, and overcome defensiveness
- 7 replies
-
- book
- engineering
-
(and 3 more)
Tagged with: