Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 

Current Page: 1 of 1
Results 1 - 25 of 25
6 months ago
Anarchy Angel
Hello, I have been trying to figure out how to modify the smb_relay.rb metasploit module to use the same session that is created for uploading a payload to a share, and use it to download all files in the share to /tmp/loot has anyone done this before? any help would be much appreciated. Thank you.
Forum: Networking
1 year ago
Anarchy Angel
there used to be a thread here somewhere that gave lots of good one liners and such for opening bind and reverse shells but i cant find it. would anyone happen to have it as a favorite or something? :D thanx
Forum: OMG Ponies
2 years ago
Anarchy Angel
so i been on a snmp kick and found a handful of modems and routers that have the rw string set to private. walks and stuff are fine, but has anyone had any luck forwarding ports or turning a modem into a proxy via snmp? i have looked all over google about it but either no one has ever attempted or it cant be done. thoughts?
Forum: Networking
3 years ago
Anarchy Angel
i been trying to upload a shell to a few servers via the /proc/self/environ LFI method and just can not get it done. I have used temper data and other home brewed scripts with nothing. has anyone else had this issue with a known vector just stopped working out of the blue? ideas?
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
x1x1x: i fear thats not the issue im having, i cant write to /var/www/ at all. i cant even get something like this to work: http://tar/sql.php?id=-3 union select 0,1,'kkk',3,4,5,6,7,8,9 into outfile '/var/www/tom/test5.php'--
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
ok checked it and secure-file-priv dose not seem to be set. I looked in all the config files and the process it self which ps aux|grep mysql gives: /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=root --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306 so yeah i dont know yet, how about you?
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
will do, but given how hard this is proving to set up its crazy this actually happens in the wild lol
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
toby57: well no there is currently no test5.php file on /var/www/ Reiners: great idea thanx "and nice sqlfoo i might add as well", i ran it on /var/www/ and it seems i have read access to everything. is there a nice little way to do that with into outfile?
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
Im trying to make a little test server for uploading shells via SQLi i have everything set up and working but when i try to write to a web dir i get this evil error: Can't create/write to file '/var/www/test5.php' i have chmoded -R 777 /var/www/ and chmod -R 777 /var/www/* and chown mysql:mysql /var/www/ and * i can also write to tmp and the mysql dir so i know i have file privs
Forum: SQL and Code Injection
5 years ago
Anarchy Angel
XaDoS Wrote: ------------------------------------------------------- > @ anarchy angel: > > RonPaul say: "i tried the proc/self/environ, blank > page " lol so he did :P sry
Forum: SQL and Code Injection
5 years ago
Anarchy Angel
try proc/self/environ
Forum: SQL and Code Injection
5 years ago
Anarchy Angel
http://twitter.com/anarchyang31
Forum: News and Links
5 years ago
Anarchy Angel
can anyone make the magic happen "buffer overflow" on a unbuntu 8.x box?? no matter wat i do i cant overwrite eip
Forum: News and Links
5 years ago
Anarchy Angel
my guess would be that the user your running commands as dont have rights to view the log files.
Forum: SQL and Code Injection
5 years ago
Anarchy Angel
great work so far man, thanx a lot. i never really wanted to learn asm but now i might as well, you made it so easy.
Forum: News and Links
5 years ago
Anarchy Angel
will do tyvm rvdh
Forum: News and Links
5 years ago
Anarchy Angel
tybvm
Forum: News and Links
5 years ago
Anarchy Angel
ok lol that seemed to have been an issue, thanx y0, but im not done just yet. I now get a 500 internal server error when i goto a dir with my .htaccess file in it which tells me mod_rewrite isnt running. but this line is in my httpd.conf file > LoadModule rewrite_module lib/apache/mod_rewrite.so now when i do find mod_rewrite.so or .c i get nothing so maybe i dont have it in installed? crazy
Forum: News and Links
5 years ago
Anarchy Angel
page.php?var=<script>hi</script> no errors
Forum: News and Links
5 years ago
Anarchy Angel
nothing, im using this on a ubuntu 8.04 LAMP with another "teh main one" site. i know mod_rewrite is installed and enabled but i just cant seem to work the magic right
Forum: News and Links
5 years ago
Anarchy Angel
nope still no love. heres the full .htaccess file: Options +FollowSymLinks RewriteEngine On ServerSignature Off RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* RewriteCond %{HTTP_REFERER} ^(.*)(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* RewriteC
Forum: News and Links
5 years ago
Anarchy Angel
thanx for the reply well im trying to send <I>hello "which matches this rule > RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* right?" and it works fine, by fine i mean it renders my <I> tag and nothing in the log.
Forum: News and Links
5 years ago
Anarchy Angel
so i know this is a old thread but i was trying to deploy this on my server and to test it i made a little php script thats open to xss and tried to send it a few xss payloads, all of which worked. so the "app firewall" isnt working right? any ideas?
Forum: News and Links
5 years ago
Anarchy Angel
well if nothing its a great data mining technique of sorts.
Forum: Bugs
5 years ago
Anarchy Angel
well i could be wrong but just because there is an error doesnt mean its open to SQLi. If anything it just shows how lazy the coder was.
Forum: SQL and Code Injection
Current Page: 1 of 1