Anonymous School Indonesia

1K Likers,Thanks all of you.. Anyone Wanna Ask? Go on! we will try to help :)

Wow! It's almost 1K Likers, well, if u like this fanspage please share! so we can still update.. :)

intitle:"=[ 1n73ct10n privat shell ]="

the dork is used to find uploaded 1n73ct10n Shell on website.
found by Anon?M ID

ID? Indonesian huh? :v haha!

Google search: "Password=" inurl:web.config -intext:web.config ext:config

This Dork show Passwords of web.config files.
Enjoy them!.
Dork by Rootkit Pentester.

wut? :v

"ext:php intitle:"b374k"

https://www.exploit-db.com/ghdb/4171/

WP Symposium Pro Social Network plugin!


EDB-ID: 39202
CVE: N/A OSVDB-ID: N/A
EDB Verified:
Author: Rahul Pratap Singh
Published: 2016-01-08
Download Exploit: Source Raw
Download Vulnerable App: https://www.exploit-db.com/apps/b8dee12e23f4154804de8e777dc3b09e-wp-symposium-pro.15.12.zip

: WP Symposium Pro Social Network plugin
Author : Rahul Pratap Singh
page Link : https://wordpress.org/plugins/wp-symposium-pro
: 15.12
: 0x62626262.wordpress.com
:
: https://in.linkedin.com/in/rahulpratapsingh94
: 8/Jan/2016

1) XSS Vulnerability:

Vulnerable Code:

file: wps_usermeta_shortcodes.php

"wpspro_country" parameter is not sanitized, that leads to persistent xss.

Video Demonstration:
https://www.youtube.com/watch?v=Xglc3rNZPXs

2) CSRF Vulnerability:

Description:

Edit profile page is vulnerable to CSRF, that allows to change password
which in turn leads to full account takeover.

Exploit:


















Video Demonstration:
https://www.youtube.com/watch?v=sN65HlCRe9c


Fix:

Update to version 16.1


Disclosure Timeline:

reported to vendor : 6/1/2016
vendor response : 6/1/2016
vendor acknowledged : 6/1/2016
vendor scheduled a patch: 7/1/2016
CVE Number : Not assigned yet

https://www.exploit-db.com/exploits/39202/ !

WP Symposium Pro Social Network plugin Create your own social network in WordPress! Activity wall, friends, forums, private mail - and more!

Wanna Learn about something? Ask Here!

-Joomla JCE Exploit Remote File Upload-

inurl:/index.php?option=com_jce
inurl:/index.php?option=com_virtuemart
inurl:/images/stories/3xp.php
inurl:/images/stories/0day.php
inurl:/images/stories/
inurl:/images/stories/ php

-SQL Injection Web Shop-

inurl:buy.php?id=
inurl:item.php?shopcd=
inurl:shop.php?id=
inurl:additem.php?id=
inurl:"shop-cart.php?id="inurl:"addtocart.php?id="

-SQL Injection Dork

inurl:about.php?ID=
inurl:article.php?id=
by modulobox.eu inurl:"lang"
inurl:show_news.php?news_id=
inurl:page_main.php?id_stdpg=