This is a different and more practical approach to get a reverse shell
or code execution in SQL Injections (particularly in MSSQL). The idea
is simple. Getting a reverse shell from an SQL Injection with one HTTP
request without using an extra channel such as TFTP, FTP to upload the
initial
Hi.
Disclosing out of boredom and for the crawlers to archive.
Keywords: phpmyadmin, web, exploit, zavod, devitalia, mwstudio, szervernet,
infotel, oodrive, iceman, romania, scriptkiddie.
An example of the phpmyadmin exploit used in masses without thinking.
IRC server: irc10.iceman.ro has
/*
* cve-2008-3531.c -- Patroklos Argyroudis, argp at domain census-labs.com
*
* Privilege escalation exploit for the FreeBSD-SA-08:08.nmount
* (CVE-2008-3531) vulnerability:
*
* http://security.freebsd.org/advisories/FreeBSD-SA-08:08.nmount.asc
*
A friend recently demonstrated on his blog a simple race condition he
encountered. He also challenged folks to solve the problem.
http://www.algorithm.co.il/blogs/index.php/programming/a-simple-race-condition/
There's an interesting discussion in the comments which is worth a quick
read.
Dear Shaked Vax,
Are you sure Radware Team have analysed reflected attack via user's
browser (AppWall administrator visits malcrafted page, page redirects
his request to AppWall) before excluding remote vector?
--Thursday, July 2, 2009, 3:23:16 PM, you wrote to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-1825-1secur...@debian.org
http://www.debian.org/security/ Nico Golde
July 3rd, 2009
18:13 -!- IceMan` [...@iceman.ro] has joined #root
18:13 pink_panther Hello, friend
18:13 IceMan` uh :)
18:13 pink_panther We were just talking about you
18:13 L hi there
18:13 IceMan` eh i must close this ircd 2
18:13 IceMan` uf uf uf
18:13 pink_panther a
18:13 IceMan` brb closing
