Sallam All :)
Some days ago i find a bug in php script named ( ExtCalendar2 )
bug is Auth Bypass/Cookie (SQL Injection)
i write a exploit as Remote Command Execution :d
Exploit on Security Sites :
there a video to :))
Script Plane with bugs
SQL injection (GET) : http://1337day.com/exploits/15295 (By me :> )
SQL injection (POST) : http://www.exploit-db.com/exploits/17321/ ( By High-Tech Bridge SA )
Sallam :))
8 commentaires:
Its amizing thing and advance thing that you do ..
keep it up bro ... my Best wishes
راك
Fort
ولد بلادي
malgri
مافهمت و الو (انخليزية ) ههههههههههههه
mais
فهمت بلي راك اكتشفت تغرة كبيرة و خدمتلها استغلال ديالها
وهدا هو المهم ههههههههههههه
ربي يوفقك نشالله حبيبي و متنساش بلي رانا وراك
10'x you :))
@Anonymous
to run the exploit you need cURL extension in your server local , check this http://www.google.com/search?q=install+curl
Hello Lagripe,
I'm w4lly, congrats for your blog and for your tools, both are very nice!
Based on your LFI Server Scan, I modified a Googler that I coded in java to get the IP's of the sites and I would like to share it to you.
I hope you enjoy it, you can download it at:
http://cab8.net/w4lly/Googler1.2.rar
Maybe you wanna publish it in your blog, I would appreciate it. Any suggestion you can mail me!
Regards,
w4lly
@w4lly
Wellcome bro :) , and thanks ..
me too i'm congrats for your visit :)
& i'll try your tool ;)
Any tutorials on how to set this up and use it?
khoya video privi
momkin diro public
merci
Post a Comment