Posts

aLFI Scanner – An0th3r LFI sC4Nn3r v1.0

[claudio@localhost ~]$ ./aLFIscanner.py -u 10.0.0.67 -t lfi.php?ID= $$\ $$$$$$$$\ $$$$$$\ $$ | $$ _____|\_$$ _| $$$$$$\ $$ | $$ | $$ | \____$$\ $$ | $$$$$\ $$ | $$$$$$$ |$$ | $$ __| $$ | $$ __$$ |$$ | $$ | $$ | \$$$$$$$ |$$$$$$$$\ $$ | $$$$$$\ \_______|\________|\__| \______| $$$$$$\ $$ __$$\ $$ / \__| $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$$\ $$$$$$\ $$$$$$\ \$$$$$$\ $$ _____|\____$$\ $$ __$$\ $$ __$$\ $$ __$$\ $$ __$$\ \____$$\ $$ / $$$$$$$ |$$ | $$ |$$ | $$ |$$$$$$$$ |$$ | \__| $$\ $$ |$$ | $$ __$$ |$$ | $$ |$$ | $$ |$$ ____|$$ | \$$$$$$ |\$$$$$$$\$$$$$$$ |$$ | $$ |$$ | $$ |\$$$$$$$\ $$ | \______/ \_______|\_______|\__| \__|\__| \__| \_______|\__| An0th3r LFI sC4Nn3r v1....

Joomla Spider video player 2.8.3 SQL Injection

###################### # Exploit Title : Joomla Spider video player 2.8.3 SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://extensions.joomla.org/extensions/multimedia/multimedia-players/video-players-a-gallery/22321 # Dork Google: inurl:/component/spidervideoplayer inurl:option=com_spidervideoplayer # Date : 2014-08-26 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ###################### # PoC Exploit: http://localhost/component/spidervideoplayer/?view=settings&format=row&typeselect=0&playlist=1,&theme=1' "theme" variable is not sanitized. ##################### Discovered By : Claudio Viviani http://www.homelab.it [email protected] [email protected] https://www....

WordPress GB Gallery Slideshow 1.5 Authenticated SQL Injection

###################### # Exploit Title : WordPress GB Gallery Slideshow 1.5 Authenticated SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://gb-plugins.com/ # Software Link : http://downloads.wordpress.org/plugin/gb-gallery-slideshow.1.5.zip # Date : 2014-08-09 # Tested on : Linux / sqlmap 1.0-dev-5b2ded0 Linux / Mozilla Firefox ###################### # Location : http://localhost/wp-content/plugins/gb-gallery-slideshow/GBgallery.php ###################### # Vulnerable code : if(isset($_POST['selected_group'])){ global $gb_post_type, $gb_group_table, $wpdb; $my_group_id = $_POST['selected_group']; $my_group = $wpdb->get_results( "SELECT groups FROM $gb_group_table WHERE id = "....

XenServer Avvio automatico macchine virtuali

Volete permettere a XenServer di avviare le macchina virtuali al momento del boot? Nella versione 6.x di XenServer è stata tolta la possibilità di abilitare tramite GUI l’avvio automatico delle macchine virtuali. Per ovviare a questa mancanza basta eseguire due semplici operazioni collegandosi tramite client ssh verso l’hypervisor. Configurazione XenServer per l’avvio automatico Per abilitare XenServer all’avvio automatico delle macchine virtuali si deve prima individuare il numero UUID del pool:...

IPFire e VMware tools

Nei repository IPFire è presente un paccheto dal nome: openvmtools. Per installare il pacchetto si possono seguire due procedimenti: 1) Installazione tramite interfaccia web di managment 2) installazione tramite client ssh: Conclusa l’installazione è possibile verificare la corretta installazione tramite vSphere Client: