Guest Kenpachi Posted February 26, 2008 Report Share Posted February 26, 2008 nu'mi arde de voi ca sunteti ratati ...asta e linkul ...http://www.scoliosismentors.org/api/index.php?q=aHR0cDovL3d3dy5nb29nbGUuY29tLw==ghiciti voi ce face ... Quote Link to comment Share on other sites More sharing options...
VoRTeX Posted February 26, 2008 Report Share Posted February 26, 2008 Apare GOOGLE , cu avatarul lui Zarachi. Quote Link to comment Share on other sites More sharing options...
tw8 Posted February 26, 2008 Report Share Posted February 26, 2008 Bravo .Apare GOOGLE lol .Ia baga un dork si vezi ce sa intampla . Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted February 26, 2008 Report Share Posted February 26, 2008 btw e disgned pe mozilla si ar trebui folosit pe mozilla ... Quote Link to comment Share on other sites More sharing options...
VoRTeX Posted February 26, 2008 Report Share Posted February 26, 2008 Mda zi-mi sa bag un dork ca sa te intreb ce e un dork. N00b pe interval Quote Link to comment Share on other sites More sharing options...
yoyo2008 Posted February 26, 2008 Report Share Posted February 26, 2008 merge si asa http://www.scoliosismentors.org/api/index.php?q=aHR0cDovL3d3dy5nb29nbGUuY29t Quote Link to comment Share on other sites More sharing options...
tw8 Posted February 27, 2008 Report Share Posted February 27, 2008 Ok.Am luat linkul asta:[url]http://www.scoliosismentors.org/api/index.php?q=aHR0cDovL3d3dy5nb29nbGUuY29tLw==[/url]Am observat ca "q" ia valoarea unui text codat in Base64. L-am decodat.Am observat ca obtin link catre Google. Am codat alt link in Base64 si am pus parametrul q cu acea valoare. Merge.Am incercat sa gasesc un LFI/RFI in script. Am gasit cate ceva, dar nu prea mi-a folosit. Am aflat doar ca foloseste si PHProxy.Mai apoi, am gasit o posibilitate sa uploadez shell. L-am uploadat si am downloadat scriptul lui BanKai. Am aflat ca foloseste doar PHProxy.Deci va puteti face fiecare propriul astfel de script .Bafta . Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted February 27, 2008 Report Share Posted February 27, 2008 ar trebui sa precizezi ca ai reusit sa intri pe host prin vulnerabilitatile siteului nu prin ale scriptului meu care inafara de xss nu cred ca are alta problema ... nu m'am deranjat sa filtrez xss pentru ca oricum nu are treaba de sesiune deci nu ai ce credentials sa furi cu xss Quote Link to comment Share on other sites More sharing options...
zbeng Posted February 27, 2008 Report Share Posted February 27, 2008 maniac rfi tot pedepsit ramai Quote Link to comment Share on other sites More sharing options...
divinitypower Posted February 27, 2008 Report Share Posted February 27, 2008 Frumos...foarte frumos Quote Link to comment Share on other sites More sharing options...
tw8 Posted February 27, 2008 Report Share Posted February 27, 2008 ar trebui sa precizezi ca ai reusit sa intri pe host prin vulnerabilitatile siteului nu prin ale scriptului meu care inafara de xss nu cred ca are alta problemaDa, ai dreptate.Am observat XSS-ul din scriptul tau, dar stiam ca trebuie sa fie si ceva mai "mare", care te-a ajutat si pe tine . Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted February 27, 2008 Report Share Posted February 27, 2008 am vazut metoda prin care ai intrat si nu era aia pe care am folosit'o eu nici nu stiu daca o cunosti pe a meaedit : apropo nu mai folosi ip real cand faci treaba asta Quote Link to comment Share on other sites More sharing options...
tw8 Posted February 27, 2008 Report Share Posted February 27, 2008 am vazut metoda prin care ai intrat si nu era aia pe care am folosit'o eu nici nu stiu daca o cunosti pe a meaedit : apropo nu mai folosi ip real cand faci treaba asta Eram la scoala, aveam info .Metoda ta ... probabil un LFI ? Am gasit si eu unul, dar mi-a fost lene sa caut dupa loguri . Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted February 27, 2008 Report Share Posted February 27, 2008 te'am supraestimat cum vrei tu sa exploatezi lfi in scripturi cgi ? Quote Link to comment Share on other sites More sharing options...
sawyer Posted February 27, 2008 Report Share Posted February 27, 2008 super misto prima data credeam ca le`ai furat scriptul lol ) Quote Link to comment Share on other sites More sharing options...
tw8 Posted February 27, 2008 Report Share Posted February 27, 2008 te'am supraestimat cum vrei tu sa exploatezi lfi in scripturi cgi ? Probabil ca da .Era doar un LFD ... Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted February 27, 2008 Report Share Posted February 27, 2008 exact Quote Link to comment Share on other sites More sharing options...
termopanu Posted February 28, 2008 Report Share Posted February 28, 2008 Sa mor in baie , au ajuns romanii sa faca dalea. Quote Link to comment Share on other sites More sharing options...
Guest Kenpachi Posted February 28, 2008 Report Share Posted February 28, 2008 ce intelegi tu prin 'dalea' Quote Link to comment Share on other sites More sharing options...
termopanu Posted February 28, 2008 Report Share Posted February 28, 2008 ce intelegi tu prin 'dalea'*&^*#$%#)_&*^~@%#&)%^&)@#!!@#@!^$@^$@@$&^%*%! Quote Link to comment Share on other sites More sharing options...
oXyGeN Posted March 6, 2008 Report Share Posted March 6, 2008 nu mai merge Quote Link to comment Share on other sites More sharing options...
mozi Posted March 17, 2008 Report Share Posted March 17, 2008 mai mergeti ma sa sugeti pola ) Quote Link to comment Share on other sites More sharing options...
brainiac Posted April 8, 2008 Report Share Posted April 8, 2008 testat si pe opera si nu merge Quote Link to comment Share on other sites More sharing options...