- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 42897
- Проверка EDB
-
- Пройдено
- Автор
- INJ3CT0R
- Тип уязвимости
- PAPERS
- Платформа
- EZINE
- CVE
- N/A
- Дата публикации
- 2012-12-11
Inj3ct0r Team has hacked ExploitHub.com
Код:
###
# Title : Inj3ct0r Team has hacked ExploitHub.com
# Inj3ct0r-zine : http://priv8.1337day.com/exploitHUB.txt
# Proof: http://priv8.1337day.com/proof_exploit_list.sql
# Home : 1337Day Exploits Market
# Web : 1337day.com .net .org
# Fb : http://fb.me/inj3ct0rs
# Tw : https://twitter.com/inj3ct0r
# <3 <3 Greetings t0 Inj3ct0r Members <3 <3
# Greetings To r4dc0re, Kingcope, CrosS, SeeMe, KedAns-Dz, DaOne, NuxbieCyber, Tibit, Sammy FORGIT, D4NB4R, neutr0n, D4RK CR1PT3R, Mark (Mko)! Angel Injection you chicken :P
# F-ck HaCking ExploitHub, Lov3 Explo8ting!
.-"``"-.
/______; \
{_______}\|
(/ a a \)(_)
(.-.).-.)
_______ooo__( ^ )____________
/ '-.___.-' \
| Inj3ct0r Team hacked ExploitHub.com |
| 1337Day w0rms member the best |
| 1337day.com / inj3ct0rs.com |
| 1337day.net \ 1337day.org |
\________________________ooo________/
|_ | _|
\___|___/
{___|___}
|_ | _|
/-'Y'-\
(__/ \__)
What's new ?
*-...________________...-*
Today (December 11th), the Inj3ct0r Team has hacked http://exploithub.com and we like to add a small line here " This is for Educational Purpose Only "
Inj3ct0r Team stole private exploits worth $242333 (i ll calculate) from Exploithub
Z Where to sell my 0day exploits..
Z
.,., z
((((()) z
((('_ _`) '
_______________________ ((G \ |) ___________________
(((` " ,
.((\.:~: .--------------.
Do you want to buy __.| `"'.__ | \ |
.'' `---' `. | . :
or sell / ` | `-.__________)
| ~ | : :
exploits? | | : |
| _ | | [ ##
1337day.com \ `--. ____| , oo_______.'
`_ ( \) _____/ `--___
is | `--) ) `-. `--- ( - a:f -
| '///` | `-.
a good solution | | | | `-.
| | | | `-.
| | |\ |
| | | \|
`-. | | |
`-| '
-----------------------Reason-------------------------------------------
We hacked http://exploithub.com because the people who publish private exploits on http://exploithub.com
need know that the ExploitHub Admins are lamers and can not provide them with adequate security.
Where _ ,,,,
Proof? \ / '
/.. /
( c D
\- '\_
`-'\)\
|_ \
|U \\
(__,//
|. \/
LL__I
|||
|||
,,-``'\
I show a piece of the database:
"product_name", "product_price", "created_date", "author_id", "author_username"
CA Total Defense Suite deleteReportFilter Stored Procedure SQL Injection,100.0000,2012-01-02 14:45:13,"60",Mario
Novell iPrint Client ActiveX Control debug Buffer Overflow,50.0000,2012-01-02 14:45:43,"60",Mario
Trend Micro Internet Security Pro 2010 ActiveX Control Buffer Overflow,50.0000,2012-01-02 14:46:06,"60",Mario
Oracle ABORT_TABLE_INSTANTIATION Buffer Overflow,1000.0000,2011-03-18 16:30:27,"60",Mario
Oracle CREATE_DATABASE_LINK Buffer Overflow,1100.0000,2011-03-18 16:32:00,"60",Mario
Oracle DELETE_REFRESH_OPERATIONS Buffer Overflow,1000.0000,2011-03-18 16:32:48,"60",Mario
Oracle DIFFERENCES Buffer Overflow,1000.0000,2011-03-18 16:33:52,"60",Mario
Oracle DISABLE_RECEIVER_TRACE Buffer Overflow,1000.0000,2011-03-18 16:35:10,"60",Mario
Oracle FROM_TZ() Buffer Overflow,1000.0000,2011-03-18 16:36:02,"60",Mario
Oracle GENERATESCHEMA Buffer Overflow.,1500.0000,2011-03-22 21:01:02,"60",Mario
Oracle GET_FULL_FILENAME Buffer Overflow.,1000.0000,2011-03-22 20:57:40,"60",Mario
Oracle9i INSTANTIATE_OFFLINE Buffer Overflow,1000.0000,2011-03-18 16:39:18,"60",Mario
Oracle9i KSDWRT Buffer Overflow,1000.0000,2011-03-18 16:39:57,"60",Mario
Oracle NUMTODSINTERVAL() Buffer Overflow.,1500.0000,2011-03-22 21:03:58,"60",Mario
Oracle NUMTOYMINTERVAL() Buffer Overflow,1000.0000,2011-03-18 16:41:57,"60",Mario
Oracle PARALLEL_PUSH_RECOVERY Buffer Overflow,1000.0000,2011-03-18 16:42:39,"60",Mario
Oracle10g PITRIG_DROP Buffer Overflow,1000.0000,2011-03-18 16:43:36,"60",Mario
Oracle10g PITRIG_DROPMETADATA Buffer Overflow,1200.0000,2011-03-18 16:44:16,"60",Mario
Oracle10g PITRIG_TRUNCATE Buffer Overflow,1000.0000,2011-03-18 16:44:58,"60",Mario
Oracle SYS.LTUTIL Buffer Overflow,1200.0000,2011-03-18 16:45:55,"60",Mario
Oracle9i REGISTER_USER_REPGROUP Buffer Overflow,1000.0000,2011-03-18 16:47:21,"60",Mario
Oracle SDO_CODE_SIZE Buffer Overflow,1000.0000,2011-03-18 16:48:09,"60",Mario
Oracle SET TIME_ZONE Buffer Overflow,1000.0000,2011-03-18 16:48:54,"60",Mario
Oracle CTX_OUTPUT() Buffer Overflow,1000.0000,2011-03-18 16:49:51,"60",Mario
Oracle TO_TIMESTAMP_TZ() Buffer Overflow,1000.0000,2011-03-18 16:50:28,"60",Mario
Oracle TZ_OFFSET() Buffer Overflow,1000.0000,2011-03-18 16:51:11,"60",Mario
Oracle DBMS_AQADM Buffer Overflow,1000.0000,2011-03-18 16:52:03,"60",Mario
DBMS_JVM_EXP_PERMS Escalation,500.0000,2011-03-18 16:53:19,"60",Mario
Oracle extjob.exe Command Execution Vulnerability,200.0000,2011-10-06 10:42:28,"60",Mario
CTXSYS.DRILOAD SQL Injection,125.0000,2011-01-26 15:37:30,"60",Mario
SET_OUTPUT_TO_JAVA SQL Injection,1000.0000,2011-03-18 16:55:44,"60",Mario
Symantec Alert Management System ModemString Buffer Overflow,200.0000,2012-06-14 11:39:16,"60",Mario
Symantec Alert Management System PinNumber Buffer Overflow,200.0000,2011-11-27 14:41:35,"60",Mario
KingView 6.53 SCADA HMI HistorySvr Heap Overflow,250.0000,2011-03-23 13:31:14,"84",Ian
IGSS IGSSdataServer.exe opcode 0xd overflow,500.0000,2011-06-15 10:55:12,"89",hal
Opera Browser 10.62 border-radius (SVG handler) Memory Corruption,100.0000,2011-06-17 08:51:49,"184",Ss3c
FactoryLink vrn.exe opcode 9 overflow,500.0000,2011-06-15 10:55:23,"89",hal
Lotus Domino iCalendar Stack Overflow,1500.0000,2011-06-14 15:43:49,"209",jgrusko
IBM Lotus Domino 8.5.2 WebAdmin.nsf Cross-Site Scripting Vulnerability,0.0000,2011-07-10 05:59:42,"126",r0i
Site License,0.0000,2011-07-20 02:29:53,"",
Adobe Flash Player newfunction rop 2,200.0000,2011-07-30 15:43:45,"62",NSSLabs
Adobe Flash Player newfunction rop 3,200.0000,2011-07-30 15:43:23,"62",NSSLabs
Adobe Flash Player newfunction rop 4,200.0000,2011-07-30 15:44:57,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_1,250.0000,2011-07-30 15:59:44,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_2,250.0000,2011-07-30 16:00:52,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_3,250.0000,2011-07-30 16:03:21,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_4,250.0000,2011-07-30 16:02:59,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_5,250.0000,2011-07-30 16:04:04,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_6,250.0000,2011-07-30 16:04:50,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_7,250.0000,2011-07-30 16:06:55,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_8,250.0000,2011-07-30 16:08:37,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_9,250.0000,2011-07-30 16:09:20,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_10,250.0000,2011-07-30 16:10:06,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_11,250.0000,2011-07-30 16:10:54,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_12,250.0000,2011-07-30 16:11:44,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_13,250.0000,2011-07-30 16:12:31,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_14,250.0000,2011-07-30 16:13:22,"62",NSSLabs
ms11_003_ie_css_import_stackpivot_rop_15,250.0000,2011-07-30 16:14:04,"62",NSSLabs
Adobe Flash Player newfunction rop 1,200.0000,2011-08-01 15:24:09,"62",NSSLabs
Adobe CoolType SING Table winxp rop 1,250.0000,2011-08-01 18:13:29,"62",NSSLabs
Adobe CoolType SING Table win7 rop 1,250.0000,2011-08-01 18:16:19,"62",NSSLabs
Citrix Systems Provisioning Services 5.6 Buffer Overflow Module,300.0000,2011-08-01 18:18:19,"62",NSSLabs
Avaya WinPMD UniteHostRouter Buffer Overflow,200.0000,2011-08-07 09:42:10,"60",Mario
Oracle TO_CHAR() Buffer Overflow.,1000.0000,2011-08-08 14:55:39,"60",Mario
Oracle DBMS_JAVA_TEST Buffer Overflow.,1000.0000,2011-08-08 15:08:45,"60",Mario
Oracle Database and Enterprise Manager Grid Control Remote Code Execution,500.0000,2011-08-14 16:26:04,"60",Mario
Oracle Outside In CDR Buffer Overflow,200.0000,2011-08-13 18:27:08,"60",Mario
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability,500.0000,2011-08-14 16:29:35,"60",Mario
Firefox sensor.dll Insecure Library Loading,100.0000,2011-12-10 13:50:42,"60",Mario
IBM Lotus Forms Viewer Insecure Library Loading,100.0000,2012-07-20 21:15:05,"60",Mario
Wireshark Insecure Script Loading,50.0000,2012-01-02 14:51:16,"60",Mario
PcVue v5.52 (SVUIGrd.ocx) ActiveX Control Remote Code Execution,500.0000,2011-10-04 00:45:50,"288",^rwX
DATAC RealWin SCADA Server On_FC_BINFILE_FCS_FILE (0a) Buffer Overflow,100.0000,2011-10-06 00:57:57,"60",Mario
DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_GETTELEMETRY Buffer Overflow,100.0000,2011-10-06 14:42:46,"60",Mario
DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_SETTELEMETRY Buffer Overflow,100.0000,2011-10-06 14:45:22,"60",Mario
DATAC RealWin SCADA Server On_FC_SCRIPT_FCS_STARTPROG Buffer Overflow,100.0000,2011-10-06 14:46:42,"60",Mario
DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY Buffer Overflow,100.0000,2011-10-06 14:55:38,"60",Mario
DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY Buffer Overflow,100.0000,2011-10-06 15:03:19,"60",Mario
Tunnelblick (Mac OS X third-party software) Privilege Escalation,300.0000,2011-10-06 16:35:13,"238",subreption
OpenVPN Trusted Path Privilege Escalation,50.0000,2011-10-07 16:52:01,"60",Mario
ACDSee FotoSlate Int Buffer Overflow,100.0000,2011-10-10 16:57:47,"60",Mario
Safari SVGPathSegList Use-After-Free,500.0000,2012-08-10 14:57:52,"200",dput
IBM Lotus Domino Web Server If-Modified-Since Remote Buffer Overflow,100.0000,2011-10-11 01:14:32,"60",Mario
DATAC RealWin FCS_ADDTAGMS Buffer Overflow,100.0000,2011-10-12 20:02:43,"280",James
DATAC RealWin FCS_CADDTAG Buffer Overflow,100.0000,2011-10-12 20:04:53,"280",James
DATAC RealWin FCS_CDELTAG Buffer Overflow,100.0000,2011-10-12 20:06:31,"280",James
DATAC RealWin On_FC_BINFILE_FCS_FILE_D Buffer Overflow DEP Bypass,150.0000,2011-10-12 20:08:35,"280",James
DATAC RealWin On_FC_BINFILE_FCS_FILE_B Buffer Overflow,100.0000,2011-10-12 20:10:58,"280",James
DATAC RealWin On_FC_BINFILE_FCS_FILE_C Buffer Overflow,100.0000,2011-10-12 20:12:16,"280",James
DATAC RealWin On_FC_BINFILE_FCS_FILE_E Buffer Overflow,100.0000,2011-10-12 20:13:47,"280",James
DATAC RealWin On_FC_BINFILE_FCS_FILE_F Buffer Overflow,100.0000,2011-10-12 20:15:00,"280",James
HP iNode Management Center iNodeMngChecker Buffer Overflow,100.0000,2011-10-17 11:59:20,"60",Mario
Microsoft Office Uninitialized Object Pointer Vulnerability,250.0000,2012-11-01 04:03:46,"354",xBoy
ACDSee XBM Variable Name Buffer Overflow,50.0000,2012-04-14 11:31:11,"60",Mario
Cytel Studio LogXact USE Buffer Overflow,50.0000,2011-11-03 20:49:38,"60",Mario
EMC Autostart Domain Name Logging Buffer Overflow,100.0000,2011-12-05 07:11:26,"60",Mario
Oracle SDO_CS.TRANSFORM_LAYER Buffer Overflow,500.0000,2011-12-13 19:29:17,"60",Mario
Oracle DBLINK_INFO Buffer Overflow.,400.0000,2011-12-13 20:25:48,"60",Mario
Oracle DBMS_AQJMS_INTERNAL.AQ$_REGISTER Buffer Overflow,300.0000,2011-12-13 23:12:53,"60",Mario
Oracle DBMS_AQJMS_INTERNAL.AQ$_UNREGISTER Buffer Overflow,300.0000,2011-12-13 23:15:24,"60",Mario
DameWare Mini Remote Control NTLMSSP Buffer Overflow,100.0000,2011-12-14 23:33:58,"60",Mario
DameWare Mini Remote Control USERNAME Buffer Overflow,100.0000,2011-12-14 23:35:49,"60",Mario
eSignal WinSig.exe long StyleTemplate Buffer Overflow,100.0000,2011-12-19 23:11:21,"60",Mario
NetDecision TFTP Server Directory Traversal,50.0000,2011-12-21 23:52:31,"60",Mario
CA Total Defense Suite UNC Management Console deleteReportTemplate Store d Procedure SQL Injection,100.0000,2011-12-22 00:57:42,"60",Mario
Sunway Force Control <= 6.1 httpsvr.exe,100.0000,2011-12-24 02:11:26,"280",James
HP Managed Printing Admistration jobAcct Arbitrary File Creation,25.0000,2011-12-24 16:31:21,"60",Mario
HP Managed Printing Admistration jobDelivery Arbitrary File Creation,25.0000,2011-12-24 16:33:05,"60",Mario
FreeBSD telnetd Buffer Overflow,75.0000,2011-12-28 00:37:45,"60",Mario
ESTsoft ALZip MIM File Buffer Overflow,100.0000,2011-12-28 21:49:06,"280",James
Novell iPrint Client ActiveX Control GetDriverFile Buffer Overflow,100.0000,2011-12-29 00:12:11,"60",Mario
Novell iPrint Client ActiveX Control GetDriverSettings Buffer Overflow,100.0000,2011-12-29 23:08:59,"60",Mario
HastyMail rsargs[] Arbitrary Command Injection,100.0000,2012-01-02 18:01:39,"60",Mario
Trend Micro InterScan Web Security Suite Local Privilege Escalation,50.0000,2012-01-06 15:09:35,"60",Mario
Citrix Provisioning Services streamprocess.exe 0x40020000 Buffer Overflow,100.0000,2012-03-27 20:39:42,"60",Mario
Citrix Provisioning Services streamprocess.exe 0x40020002 Buffer Overflow,100.0000,2012-03-27 20:40:18,"60",Mario
Citrix Provisioning Services streamprocess.exe 0x40020004 Buffer Overflow,100.0000,2012-03-27 20:40:43,"60",Mario
Citrix Provisioning Services streamprocess.exe 0x40020006 Buffer Overflow,100.0000,2012-03-27 20:41:01,"60",Mario
SolarWinds Storage Manager Server SQL Injection Authentication Bypass And Command Execution,100.0000,2012-03-27 20:41:25,"60",Mario
Sunway Forcecontrol <= 6.1 sp3 SNMP NetDBServer.exe,100.0000,2012-01-30 17:04:26,"280",James
Motorola Netopia netOctopus SDCS Buffer Overflow,100.0000,2012-03-27 20:41:46,"60",Mario
CA Total Defense Suite deleteReportFilter Stored Procedure SQL Injection,100.0000,2012-04-17 17:30:46,"60",Mario
Exploit-builder for CVE-2011-0611,500.0000,2012-03-15 15:11:07,"417",Excoriot
Cisco VPN Client Arbitrary Command Injection,50.0000,2012-02-29 20:24:56,"60",Mario
TheGreenBow IPSec VPN Client Arbitrary Command Injection,50.0000,2012-03-01 15:12:26,"60",Mario
Trend Micro ServerProtect 5.58 CMON_ActiveRollback Buffer Overflow,100.0000,2012-03-06 15:47:47,"60",Mario
Trend Micro ServerProtect 5.58 CMON_ActiveUpdate Buffer Overflow,100.0000,2012-03-06 15:48:59,"60",Mario
Trend Micro ServerProtect 5.58 SetSvcImpersonateUser Buffer Overflow,100.0000,2012-03-06 16:17:54,"60",Mario
Trend Micro ServerProtect 5.58 RPCFN_ENG_AddTaskExportLogItem Buffer Overflow,100.0000,2012-03-06 19:46:03,"60",Mario
Trend Micro ServerProtect 5.58 SetPagerNotifyConfig Buffer Overflow,100.0000,2012-03-06 19:45:29,"60",Mario
Trend Micro ServerProtect 5.58 ENG_SENDMAIL Buffer Overflow,100.0000,2012-03-06 20:52:24,"60",Mario
Trend Micro ServerProtect 5.58 CMON_NetTestConnection Buffer Overflow,100.0000,2012-03-07 14:01:24,"60",Mario
Computer Associates Alert Notification 0x15 Buffer Overflow,100.0000,2012-03-08 16:57:25,"60",Mario
Computer Associates Alert Notification 0x17 Buffer Overflow,100.0000,2012-03-08 16:58:50,"60",Mario
NETGEAR SafeNet SoftRemote IKE Service Buffer Overflow,100.0000,2012-03-10 14:57:36,"60",Mario
freeSSHD 1.2.1 FXP_OPENDIR Buffer Overflow,100.0000,2012-03-12 14:13:19,"60",Mario
freeSSHD 1.2.1 FXP_RENAME Buffer Overflow,100.0000,2012-03-12 14:14:32,"60",Mario
GoodTech SSH FXP_OPEN Buffer Overflow,100.0000,2012-03-12 15:00:07,"60",Mario
MPlayer SAMI Subtitle File Buffer Overflow,100.0000,2012-03-16 17:09:27,"60",Mario
Internet Explorer 8 Insecure Library Loading Client-Side Remote Code Execution,300.0000,2012-03-22 18:17:19,"422",41.w4r10r
Novell ZENworks CM Preboot Service Opcode 6 Buffer Overflow,100.0000,2012-03-26 21:26:02,"60",Mario
Elastix PBX 2.2.0 callme_page.php Remote Command Execution with Local Privilege Escalation,1100.0000,2012-04-22 22:02:07,"423",aisg-001
Novell ZENworks CM Preboot Service Opcode 21 Buffer Overflow,100.0000,2012-03-27 01:57:07,"60",Mario
CA Total Defense Suite exportReport Stored Procedu re SQL Injection,100.0000,2012-03-28 12:19:24,"60",Mario
PEiD PE Import Directory Buffer Overflow,100.0000,2012-03-30 18:52:33,"60",Mario
Novell ZENworks CM Preboot Service Opcode 4C Buffer Overflow,100.0000,2012-04-04 11:47:52,"60",Mario
LANDesk Lenovo ThinkManagement Console ServerSetup Command Execution,100.0000,2012-04-04 13:12:02,"60",Mario
Disk Pulse Server GetServerInfo Buffer Overflow,100.0000,2012-04-10 14:39:53,"60",Mario
Rabox WinLPD Buffer Overflow,100.0000,2012-04-11 22:18:00,"60",Mario
Quest Big Brother Remote File Creation,100.0000,2012-04-12 16:28:25,"60",Mario
SGI Infosrch.cgi fname Command Execution,50.0000,2012-06-13 11:32:36,"60",Mario
Nucleus Kernel Recovery for Novell Buffer Overflow,100.0000,2012-04-15 14:15:04,"60",Mario
HP OmniInet.exe Opcode 17 Buffer Overflow,100.0000,2012-04-20 15:17:42,"60",Mario
HP OmniInet.exe Opcode 35 Buffer Overflow,100.0000,2012-04-21 11:45:56,"60",Mario
HP OmniInet.exe Opcode 46 Buffer Overflow,100.0000,2012-04-22 12:08:27,"60",Mario
magicdoc.py,200.0000,2012-12-09 18:10:40,"471",n0ne
CVE-2011-3402 (MS11-087),1000.0000,2012-07-30 01:12:47,"483",Ling Chuan Lee
Safari SVGPointList Use-After-Free,500.0000,2012-08-10 14:56:46,"200",dput
CVE-2005-0750 - Linux Kernel bluetooth integer underflow,500.0000,2012-06-13 08:24:26,"200",dput
CA BrightStor ARCserve Backup caloggerd Arbitrary File Writing Exploit,500.0000,2012-06-13 08:33:40,"200",dput
CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Exploit,500.0000,2012-06-13 08:37:13,"200",dput
ZABBIX Server node_process_command() Command Execution,50.0000,2012-06-13 12:55:29,"60",Mario
GlobalSCAPE CuteZIP Buffer Overflow,50.0000,2012-06-13 12:55:29,"60",Mario
Blue Coat Reporter Directory Traversal Scanner,100.0000,2012-06-16 18:25:44,"114",bannedit
VMware Workstation VMNC Codec Parsing Remote Code Execution Vulnerability,300.0000,2012-06-24 18:47:21,"490",exodusintel
WordPress plugin Asset manager upload.php Arbitrary Code Execution,25.0000,2012-06-27 12:37:03,"491",Sooraj
WordPress plugin WP-Property uploadify.php Arbitrary Code Execution,25.0000,2012-06-27 12:44:25,"491",Sooraj
GoodTech SSH Server 6.5 Stack Buffer Overflow,100.0000,2012-07-13 14:00:02,"280",James
PEiD <= 0.92 Stack Buffer Overflow,100.0000,2012-07-13 14:02:52,"280",James
Cisco Linksys PlayerPT SetSource() ActiveX Buffer Overflow,25.0000,2012-07-20 14:47:20,"60",Mario
IBM Cognos tm1admsd.exe Buffer Overflow,50.0000,2012-07-23 15:50:37,"60",Mario
IBM Cognos tm1admsd.exe Buffer Overflow,50.0000,2012-07-23 15:53:19,"60",Mario
Novell ZENworks Asset Management Remote Code Execution,100.0000,2012-07-27 21:13:03,"60",Mario
ACDSee Photo Editor 2008 XBM Variable Name Buffer Overflow,100.0000,2012-07-29 19:31:30,"280",James
Cytel Studio 9.0 (CYB File) Stack Buffer Overflow,100.0000,2012-07-29 19:33:49,"280",James
Disk Pulse Server 'GetServerInfo' Buffer Overflow,100.0000,2012-07-29 19:36:04,"280",James
eSignal Pro <= 10.6.2425.1208 (QUO File) Buffer Overflow,100.0000,2012-07-30 02:34:47,"280",James
FreeSSHD <= 1.2.1 FXP_OPENDIR,100.0000,2012-07-29 19:39:39,"280",James
FreeSSHD <= 1.2.1 FXP_RENAME,100.0000,2012-07-29 19:41:32,"280",James
R4 winamp plugin ,100.0000,2012-09-05 14:49:43,"280",James
Solarwinds <= 5.1.2 LoginServlet Auth Bypass SQLi,100.0000,2012-07-29 19:48:49,"280",James
Winamp 5.55 (MAKI script) Stack Buffer Overflow,50.0000,2012-07-29 19:50:30,"280",James
Internet Explorer <=9 Remote Code Execution,700.0000,2012-08-03 15:47:02,"422",41.w4r10r
IBM Lotus Quickr QP2 ActiveX Import_Times Buffer Overflow,25.0000,2012-08-04 15:52:19,"60",Mario
IBM Lotus Quickr QP2 ActiveX Attachment_Times Buffer Overflow,25.0000,2012-08-04 15:54:25,"60",Mario
Oracle Jinitiator beans.ocx ActiveX Control Stack Overflow,150.0000,2012-08-23 08:49:42,"495",aushack
Oracle Business Transaction Management FlashTunnelService WriteToFile Code Execution,50.0000,2012-08-28 11:34:34,"60",Mario
HP SiteScope SOAP getFileInternal Arbitrary File Read,25.0000,2012-09-05 17:25:12,"60",Mario
HP SiteScope SOAP loadFileContent Arbitrary File Read,25.0000,2012-09-05 17:27:32,"60",Mario
Oracle Outside In XPM Buffer Overflow,25.0000,2012-09-14 17:19:19,"60",Mario
Oracle Solaris Privilege Escalation,100.0000,2012-10-24 00:00:09,"517",unSecurityResearch
Novell GroupWise Client 8.0.0 - 2012 - LWP Attachment Buffer Overflow,270.0000,2012-11-04 12:57:57,"79",alino
IBM Informix Dynamic Server Password Buffer Overflow,50.0000,2012-10-19 22:31:49,"60",Mario
MySQL on Windows Remote system Exploit post-auth,1500.0000,2012-11-30 19:59:49,"58",Kingcope
Webmin Status Remote Perl Command/Library Execution,500.0000,2012-11-01 03:32:45,"423",aisg-001
Webmin Show CGI Remote Command Execution,500.0000,2012-11-01 03:47:37,"423",aisg-001
Cisco Prime Data Center Network Manager Remote Command Execution,25.0000,2012-11-05 17:24:01,"60",Mario
McAfee Web Reporter File Upload and Execute,25.0000,2012-11-06 19:47:19,"60",Mario
SGI infosrch.cgi fname Command Execution,0.0000,2012-11-16 19:28:32,"528",test
Secure Computing SmartFilter File Upload and Execute,25.0000,2012-11-12 14:21:23,"60",Mario
supplementary,0.0000,2012-11-17 14:35:35,"528",test
Site License Plus,0.0000,2012-11-19 13:33:35,"",
TEST_LIVE,0.0000,2012-11-19 20:20:39,"528",test
Test Product Live #999,150.0000,2012-11-21 21:59:16,"528",test
XAMPP mssql_connect() Buffer Overflow,25.0000,2012-11-26 15:37:20,"60",Mario
Test Product Live #888,80.0000,2012-11-25 21:11:43,"528",test
Test Product Live #887,70.0000,2012-11-25 17:27:00,"528",test
Test Product Live #885,69.0000,2012-11-25 18:29:47,"528",test
jose_test,0.0000,2012-12-07 20:01:08,"528",test
Mobile Rifatron DVR web version Authentication-free hack,0.0000,2012-12-09 22:16:28,"593",Renard
MsOfficeWord2010,200.0000,2012-12-09 18:27:37,"471",n0ne
.-'''/.\
How to hack?? (_.--' |
| == |
o-._ .--..--. _.-o [+] System Linux web 2.6.35-22-server #33-Ubuntu SMP Sun Sep 19 20:48:58 UTC 2010 x86_64
| || | [+] MYSQL Client API library version 5.1.49
;--|`--: [+] Apache Version Apache/2.2.16 (Ubuntu)
|. | | [+] Hostname:Port web.lab.nsslabs.com:443
| ;_ .| [+] Host www.exploithub.com
|_____ | [+] X-Powered-By PHP/5.3.3-1ubuntu9.3
/| '|\
//`----'\\
////| | \\
/ | | \
/| |\
/ \ / \
/ \/ \
/ \
| |
|| /\ ||
|| , . ||
-----------------------------------------------------------
I am very much surprised when he learned of Magento eCommerce Software and search /install/
1) We scan server and site
2) We reinstall Magento CMS https://www.exploithub.com/install/ <= We reinstall Magento CMS
3) Upload shell and phpinfo https://www.exploithub.com/phpinfo.php
4) backup all files and database.
5) Upload piece of the database https://www.exploithub.com/export/
6) Increased privileges and use root
We have exploithub.com private database and FTP files)
\'/
-= * =-
{.}
{.-'}
{`_.-'}
{-` _.-'}
`":=:"`
`---`
--------------------------------------------------------------------------------------
Be safe, / r0073r
Who is involved in a conspiracy against liberty, must be destroyed.
_==_ _
_,(",)|_|
\/. \-|
__( : )|___
-------Th3 END----------------------Merry Christmas-------------------------------------
- Источник
- www.exploit-db.com