TATUS:
==
Vendor was contacted but no response received till date.
CREDITS:
This vulnerability was discovered and researched by
matrix_killer of h4cky0u Security Forums.
mail : matrix_k at abv.bg
web : http://www.h4cky0u.org
Search function sql injection wa
till date.
CREDITS:====
This vulnerability was discovered and researched by matrix_killer of h4cky0u Security Forums.
mail : matrix_k at abv.bg
web : http://www.h4cky0u.org
Co-Researcher:
h4cky0u of h4cky0u Security Forums.
mail : h4cky0u at gmail.com
web : http://www.h4cky0u.org
Greets t
==
- This vulnerability was discovered and researched by matrix_killer of h4cky0u Security Forums -
mail : matrix_k at abv.bg
web : http://www.h4cky0u.org
- Co-Researcher -
h4cky0u of h4cky0u Security Forums.
mail : h4cky0u at gmail.com
web : http://www.h4cky0u.org
Greets to all omega-team members +
=
Snort had extended no explanation regarding this problem indentified.
=
Contact
=
h4cky0u [EMAIL PROTECTED]
1-888-565-9428
CISSP GSAE CSFA SSP-CNSA SSP-MPA GIPS GWAS CAP SSCP
+ h4cky0u[h4cky0u.org], lessMX6 and all dudes from #DevilDev ;)#The exploit was tested on 10 machines but not all got flooded.Only 6/10 got crashed
use Socket;
if (@ARGV < 2) { &usage; }
$rand=rand(10); $host = $ARGV[0];$dir = $ARGV[1];
$host =~ s/(http:\/\/)//eg; #no http://for ($
===
No fix available as of date.
CREDITS:
- This vulnerability was discovered and researched by -
TiX of h4cky0u Security Forums.
Mail : Rahigley dot 1989 at gmail dot com
Web : http://www.h4cky0u.org
- Co Researcher -
h4cky0u of h4cky0u Security Forums.
Mail : h4cky0u at gmail dot com
licking 'Configuration' and viewing the pages source:
(It's hidden by *)
Password
VENDOR STATUS=
Vendor was contacted repeatedly but no response received till date.
FIX:
No fix available as of date.
CREDITS:
- This vulnerability was discovered and researched
[EMAIL PROTECTED] - Isn't that one working for you???
On 2/23/06, Xyberpix <[EMAIL PROTECTED]> wrote:
Hi All,Anyone got any contacts at Network Intelligence?I can't find shit on their site at all :-(
I'm going to call them when they wake up later on as a worst case.TIAxyberpix__
Yup i could reproduce that with all the sites i tried it on.
On 2/8/06, Sumit Siddharth <[EMAIL PROTECTED]> wrote:
Hi, could somebody kindly confirm this.When a null username and a null password is provided in the cpanel administration, port 2082, (basic authorization prompt) and then cancelling th
me other page of your menu like "Home" and a windows will pop-up with your text + you will see a sql syntax error[this bug may not work on some machines]PROOF OF CONCEPT CODE:
==#!perl#Phpclanwebsite 1.23.1 SQL injection exploit by matrix_killer#Greets to all omega-team
that the db cannot understand.Proof Of Concept Code:==#!/usr/bin/perl ### ## Recoded by: mix2mix and Elioni of
http://ahg-khf.org## And h4cky0u Security Forums (http://h4cky0u.org) ## Name: phpBBDoSReloaded## Original Author: HaCkZaTaN of
Well this was after i found somebody posing as me on my site --> http://www.h4cky0u.org which was actually quite interesting and dangerous (looking from the social engineering point of view).
Download the following file -
http://www.h4cky0u.org/poc.txt
Make sure you download it and not view
:
===
"Powered by Elite Forum"
CREDITS:
This vulnerability was discovered and researched by Gladiator.KHF (handle/username - gladiator) of h4cky0u Security Forums.
mail : gleden123 at Yahoo dot Com
web : http://www.h4cky0u.org
ORIGINAL ADVISORY:
==
http://www.h
The ORIGINAL ADVISORY to the whole issue could be found at -
http://h4cky0u.org/advisories/HYA-2005-008-alstrasoft-epay-pro.txt
On 9/19/05, h4cky0u <[EMAIL PROTECTED]> wrote:
--
HYA-2005-008 h4cky0u.org Adviso
eS of h4cky0u Security Forums.
mail : GeMeGeMeS at Gmail.Com
web : http://www.h4cky0u.org
-- http://www.h4cky0u.org(In)Security at its best...
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hoste
./etc/passwd%00
VENDOR STATUS:==
Vendor Contact : 13th Sep 2005Vendor Reply : 13th sep 2005 - This Vulnerability has been fixed in the Latest Release : 2.050.01P
FIX:
Upgrade to version 2.050.01P
CREDITS:
This vulnerability was discovered and researched by -
ShoCK FX of h4cky0u Secu
./etc/passwd%00
VENDOR STATUS:==
Vendor Contact : 13th Sep 2005Vendor Reply : 13th sep 2005 - This Vulnerability has been fixed in the Latest Release : 2.050.01P
FIX:
Upgrade to version 2.050.01P
CREDITS:
This vulnerability was discovered and researched by -
ShoCK FX of h4cky0u Secu
Bob,
I suggest you try out the Incinerator tool from the latest iolo's System Mechanic Professional. It erases the data on your disk securely and is quite reliable. Even Encase (one of the best forensics tools out there) couldn't recover data erased by the incinerator. Hope this helps.
Regard
//localhost/ldu/list.php?c=%27&s=title&w=asc&o=1&p=1
VENDOR STATUS:
==
The vendor was contacted using the contacts link on the main page.
No response recieved till date.
CREDITS:
This vulnerability was discovered and researched by -
matrix_killer of h4ck
Hi,
Saw this one on www.waraxe.us (Discovered by Easyex) and i was
thinking if there are some more possibilities using the method
described. The POC below is for phpBB. -
==
make yourself a folder on your host
rename the folder to signature.jpg
this will trick bbcode that its an image f
fixed and the fixes will be included in the
next release of atutor which is scheduled sometime later.
On 8/18/05, h4cky0u <[EMAIL PROTECTED]> wrote:
> ATutor 1.5.1 and prior multiple XSS Vulnerabilities
>
> SEVERITY:
> =
> Medium
>
> SOFTWARE:
> =
:
This vulnerability was discovered and researched by -
matrix_killer of h4cky0u Security Forums.
mail : matrix_k at abv.bg
web : http://www.h4cky0u.org
Greets to all omega-team members + krassswr,EcLiPsE and all who support us !!!
ORIGINAL:
=
http://h4cky0u.org/viewtopic.php?t=2097
alhost/tour/search.php?search=1&words=";>alert('Found
By
matrix_killer');&include=all&find_in=all&display_as=pages&submit=Search
VENDOR STATUS:
==
Vendor was contacted but no response received till date.
CREDITS:
This vulnerability was disco
<-');&NewsMode=1&SearchNews=Search&CatID=0
VENDOR STATUS
=
Vendor contacted on the 17th of August.
Vendor Reply (17th of August) - All the bugs have been fixed and will
be included in the next release.
CREDITS:
This vulnerability was discovered and resea
a more secure release of your script. Thanks.
On 8/17/05, Kevin Wilcox <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> h4cky0u wrote:
>
>
>
> > VENDOR STATUS:
> > ===
> > The vendors were contacted but
s discovered and researched by
matrix_killer of h4cky0u Security Forums.
mail : matrix_k at abv.bg
web : http://www.h4cky0u.org
Greets to all omega-team members + krassswr,EcLiPsE and all who support us !!!
===
http://h4cky0u.org/viewtopic.php?t=1967
26 matches
Mail list logo