Exploit

关注公众号 jb51net

关闭

网络安全 > Exploit >

终端技巧 终端机常见绕过沙盘方法

昨晚跟@Sunshine 请教了下终端机的玩法,顺便翻了翻资料。总结了以下的几种方法

File Store PRO 3.2 Multiple Blind SQL Injection Vulnerabilities

| File Store PRO 3.2 Blind SQL Injection | |________________________________________| Download from: http://upoint.info/cgi/demo/fs/filestore.zip - Need admin rights: /confirm.php: [code] if(isset($_GET["folder&

Wysi Wiki Wyg 1.0 (index.php c) Local File Inclusion Vulnerability

--== ========================================================= ==-- --== Wizi Wiki Wig Local File Inclusion Vulnerability ==-- --== ========================================================= ==-- [*] Discovered By: StAkeR ~ StAkeR@

Facebook Newsroom CMS 0.5.0 Beta 1 Remote File Inclusion Vulnerability

##################################################################### # # Facebook Newsroom Application Remote File Inclusion Vulnerability # ##################################################################### # # Discovered by :

DreamNews Manager (id) Remote SQL Injection Vulnerability

######################################################### # # dreamnews ( rss) Remote SQL Injection Vulnerability #======================================================== # Author: Hussin X = #

phpDatingClub (website.php page) Local File Inclusion Vulnerability

######################################################### # # phpDatingClub Local File Include Vulnerability #======================================================== # = # Author: Big Ben

gapicms 9.0.2 (dirDepth) Remote File Inclusion Vulnerability

###################################################################################################### gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability ###############################################################################

Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BOF Exploit

<html> <body> <object classid=clsid:32E26FD9-F435-4A20-A561-35D4B987CFDC id=target /> </object> <script language=javascript> // k`sOSe 08/08/2008 // tested in IE6, XP SP1 var shellcode = unescape("

Quicksilver Forums 1.4.1 forums[] Remote SQL Injection Exploit

<?php /* . vuln.: Quicksilver Forums 1.4.1 (forums[]) Remote SQL Injection Exploit . download: http://www.quicksilverforums.com/ . . author: irk4z[at]yahoo.pl . homepage: http://irk4z.wordpress.com/ . . greets: all friends ;) .

IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit

/********************************************************************/ /* [Crpt] IntelliTamper v2.07/2.08 Beta 4 sploit by kralor [Crpt] */ /********************************************************************/ /*

IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit

/** ** ** IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit. ** ** Based on exploit by Koshi (written in Perl). This one should be more ** stable. Just for fun and to learn more about win32 exploitation. ** ** by Wo

Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoC

var body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC" width="10"><PARAM NAME="Mask" VALUE="'; var body1='"></OBJECT>'; var buf='';

#!/usr/bin/python # FlashGet 1.9 (FTP PWD Response) 0day Remote Buffer Overflow PoC Exploit # Bug discovered by Krystian Kloskowski (h07) <h07@interia.pl> # Testen on: FlashGet 1.9 / XP SP2 Polish # Product URL: http://www.flashget.com/

MojoJobs (mojoJobs.cgi mojo) Blind SQL Injection Exploit

#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############

MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit

#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############
共10页:1/10上一页下一页