Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it? 

Current Page: 1 of 1
Results 1 - 25 of 25
4 weeks ago
Anarchy Angel
Hello, I have been trying to figure out how to modify the smb_relay.rb metasploit module to use the same session that is created for uploading a payload to a share, and use it to download all files in the share to /tmp/loot has anyone done this before? any help would be much appreciated. Thank you.
Forum: Networking
1 year ago
Anarchy Angel
there used to be a thread here somewhere that gave lots of good one liners and such for opening bind and reverse shells but i cant find it. would anyone happen to have it as a favorite or something? :D thanx
Forum: OMG Ponies
2 years ago
Anarchy Angel
so i been on a snmp kick and found a handful of modems and routers that have the rw string set to private. walks and stuff are fine, but has anyone had any luck forwarding ports or turning a modem into a proxy via snmp? i have looked all over google about it but either no one has ever attempted or it cant be done. thoughts?
Forum: Networking
2 years ago
Anarchy Angel
i been trying to upload a shell to a few servers via the /proc/self/environ LFI method and just can not get it done. I have used temper data and other home brewed scripts with nothing. has anyone else had this issue with a known vector just stopped working out of the blue? ideas?
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
x1x1x: i fear thats not the issue im having, i cant write to /var/www/ at all. i cant even get something like this to work: http://tar/sql.php?id=-3 union select 0,1,'kkk',3,4,5,6,7,8,9 into outfile '/var/www/tom/test5.php'--
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
ok checked it and secure-file-priv dose not seem to be set. I looked in all the config files and the process it self which ps aux|grep mysql gives: /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=root --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306 so yeah i dont know yet, how about you?
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
will do, but given how hard this is proving to set up its crazy this actually happens in the wild lol
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
toby57: well no there is currently no test5.php file on /var/www/ Reiners: great idea thanx "and nice sqlfoo i might add as well", i ran it on /var/www/ and it seems i have read access to everything. is there a nice little way to do that with into outfile?
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
Im trying to make a little test server for uploading shells via SQLi i have everything set up and working but when i try to write to a web dir i get this evil error: Can't create/write to file '/var/www/test5.php' i have chmoded -R 777 /var/www/ and chmod -R 777 /var/www/* and chown mysql:mysql /var/www/ and * i can also write to tmp and the mysql dir so i know i have file privs
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
XaDoS Wrote: ------------------------------------------------------- > @ anarchy angel: > > RonPaul say: "i tried the proc/self/environ, blank > page " lol so he did :P sry
Forum: SQL and Code Injection
4 years ago
Anarchy Angel
try proc/self/environ
Forum: SQL and Code Injection
5 years ago
Anarchy Angel
http://twitter.com/anarchyang31
Forum: News and Links
5 years ago
Anarchy Angel
can anyone make the magic happen "buffer overflow" on a unbuntu 8.x box?? no matter wat i do i cant overwrite eip
Forum: News and Links
5 years ago
Anarchy Angel
my guess would be that the user your running commands as dont have rights to view the log files.
Forum: SQL and Code Injection
5 years ago
Anarchy Angel
great work so far man, thanx a lot. i never really wanted to learn asm but now i might as well, you made it so easy.
Forum: News and Links
5 years ago
Anarchy Angel
will do tyvm rvdh
Forum: News and Links
5 years ago
Anarchy Angel
tybvm
Forum: News and Links
5 years ago
Anarchy Angel
ok lol that seemed to have been an issue, thanx y0, but im not done just yet. I now get a 500 internal server error when i goto a dir with my .htaccess file in it which tells me mod_rewrite isnt running. but this line is in my httpd.conf file > LoadModule rewrite_module lib/apache/mod_rewrite.so now when i do find mod_rewrite.so or .c i get nothing so maybe i dont have it in installed? crazy
Forum: News and Links
5 years ago
Anarchy Angel
page.php?var=<script>hi</script> no errors
Forum: News and Links
5 years ago
Anarchy Angel
nothing, im using this on a ubuntu 8.04 LAMP with another "teh main one" site. i know mod_rewrite is installed and enabled but i just cant seem to work the magic right
Forum: News and Links
5 years ago
Anarchy Angel
nope still no love. heres the full .htaccess file: Options +FollowSymLinks RewriteEngine On ServerSignature Off RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* RewriteCond %{HTTP_REFERER} ^(.*)(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* RewriteC
Forum: News and Links
5 years ago
Anarchy Angel
thanx for the reply well im trying to send <I>hello "which matches this rule > RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* right?" and it works fine, by fine i mean it renders my <I> tag and nothing in the log.
Forum: News and Links
5 years ago
Anarchy Angel
so i know this is a old thread but i was trying to deploy this on my server and to test it i made a little php script thats open to xss and tried to send it a few xss payloads, all of which worked. so the "app firewall" isnt working right? any ideas?
Forum: News and Links
5 years ago
Anarchy Angel
well if nothing its a great data mining technique of sorts.
Forum: Bugs
5 years ago
Anarchy Angel
well i could be wrong but just because there is an error doesnt mean its open to SQLi. If anything it just shows how lazy the coder was.
Forum: SQL and Code Injection
Current Page: 1 of 1