• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

LOL SFDC 0wned r00twars.org, but not in a bad way ;)

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Tue Nov 26, 2002 12:37 am    Post subject: LOL SFDC 0wned r00twars.org, but not in a bad way ;) Reply with quote

http://www.rootwars.org/forum/viewthread.php?tid=103

Check it out, big shout out to saxo for spotting it and me for owning it heh.

SF Rules, Yes WE DO! Twisted Evil SF Rules, Yes WE DO!
Back to top
View user's profile Send private message Visit poster's website
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Tue Nov 26, 2002 8:03 am    Post subject: Reply with quote

seems like its down....i get nothing Sad
Back to top
View user's profile Send private message Visit poster's website
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Tue Nov 26, 2002 11:50 am    Post subject: Reply with quote

Top bananna..!!!! Twisted Evil

Not doing a write up on the exploit though..??? Question
Back to top
View user's profile Send private message MSN Messenger
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Tue Nov 26, 2002 11:51 am    Post subject: Reply with quote

max_blakk wrote:
Top bananna..!!!! Twisted Evil

Not doing a write up on the exploit though..??? Question


I might do, it's that lame though it's hardly worth it.
Back to top
View user's profile Send private message Visit poster's website
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Tue Nov 26, 2002 9:44 pm    Post subject: Reply with quote

Comon give us all a hint... Very Happy
Back to top
View user's profile Send private message MSN Messenger
m0nk
Just Arrived
Just Arrived


Joined: 26 Nov 2002
Posts: 0


Offline

PostPosted: Tue Nov 26, 2002 11:22 pm    Post subject: XMB vuln. Reply with quote

ShaolinTiger~% wget http://www.site.com/forum/index_log.log

.....this is how he 0wned the forums, not the server...

...mmm tarball of Shaolin Tiger's home dir from darknet.co.uk?...maybe on a later post..........
Back to top
View user's profile Send private message
decypherohm
Just Arrived
Just Arrived


Joined: 16 Nov 2002
Posts: 1
Location: World - Europe - Portugal - Lisbon

Offline

PostPosted: Tue Nov 26, 2002 11:31 pm    Post subject: Reply with quote

that http sintaxe works in almost all forums?!?!?!?!
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Wed Nov 27, 2002 1:33 pm    Post subject: Reply with quote

Thought it was something like that or an open php script or something from the "owned part of the site" bit..

Cheers monk new sec hole to look at..(but where you being a bit bitchy there..???)
Back to top
View user's profile Send private message MSN Messenger
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Wed Nov 27, 2002 7:11 pm    Post subject: Reply with quote

oooppps could not resist it anymore

http://www.mid-citieshonda.com/forum/viewthread.php?tid=10

LOL
Back to top
View user's profile Send private message Visit poster's website
chris
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777201
Location: ~/security-forums

Offline

PostPosted: Wed Nov 27, 2002 7:15 pm    Post subject: Re: XMB vuln. Reply with quote

m0nk wrote:
...mmm tarball of Shaolin Tiger's home dir from darknet.co.uk?...maybe on a later post..........


rofl

anything interesting in there except porn ?
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Wed Nov 27, 2002 7:46 pm    Post subject: Reply with quote

Hey collection of donkey pr0n r0x ok Wink

ComSec LMAO nice one Wink
Back to top
View user's profile Send private message Visit poster's website
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Sat Nov 30, 2002 3:12 pm    Post subject: Reply with quote

This is catching... Very Happy

http://katharinehepburn.net/forum/viewthread.php?tid=48
Twisted Evil
Back to top
View user's profile Send private message MSN Messenger
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Sat Nov 30, 2002 3:21 pm    Post subject: Reply with quote

LOL, max_blakk

just shows you how easy it is to take over some forums....lazy Admins should add a few lines and create a .htaccess file

Open up Notepad and put the following in :


<Files index_log.log>
order allow,deny
deny from all
</Files>

<Files cplogfile.log>
order allow,deny
deny from all
</Files>


When you go to save it, use All Files as the file type, not as a txt file. Save the file as .htaccess and upload it to your XMB main directory and you're set.

good job we mean no harm and are just pointing the fact out

others, well they could wreek havoc Twisted Evil

nice 0ne again Wink

p.s just noticed your post .....cheeky , think he will now Laughing

http://www.mid-citieshonda.com/forum/viewthread.php?tid=10
Back to top
View user's profile Send private message Visit poster's website
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Sat Nov 30, 2002 3:54 pm    Post subject: Reply with quote

Thx Comsec,

Another one is open phpmyadmin, found a few of those that would benfit from .htaccess files too... Wink
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register