Loading....
- Apocalipsa dupa Nemessis
- Cand dorinta de afirmare depaseste granitele bunului simt – PaxNwo un leecher ordinar
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac?
- Experiment social II – andimoisescu.ro
- Pentru posteritate
- In curand…
- “Hot” de id-uri messenger
- Chiar ca sunteti retardati
- Ce nu se invata la scoala – Vendetta (6)
Loading....
- Apocalipsa dupa Nemessis in (104 Visits)
- Ce servicii de mail folositi? in (43 Visits)
- Hackersblog.org is now blog.rstcenter.com in (29 Visits)
- This is the end in (28 Visits)
- Short news in (23 Visits)
- La multi ani România, la multi ani românilor in (23 Visits)
- Azi este ziua userilor hackersblog.org in (16 Visits)
- Raportare vulnerabilitati in (15 Visits)
- Inca o pierdere de timp in (15 Visits)
- Update in (12 Visits)
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac? in (317 Visits)
- Hi5.com coders read this in (38 Visits)
- SMS scam (1) in (29 Visits)
- Phishing Bancpost in (13 Visits)
- Dezinformare sau proasta informare? in (12 Visits)
- Si tentativele de phishing pot fi amuzante in (11 Visits)
- Phishing Raiffeisen cu atasament html in (7 Visits)
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta in (98 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (56 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (50 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (43 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (35 Visits)
- Virusi in clipuri video [how to] in (34 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (30 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (25 Visits)
- Yahoo! redirects - a big issue (with video) in (16 Visits)
- Ca musca in... in (13 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (174 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (115 Visits)
- Yahoo! epic fail - permanent xss unleashed in (91 Visits)
- Telegraph.co.uk hacked, sql injection in (67 Visits)
- RedTube.com ... The Free Sex Video Community in (61 Visits)
- Kaspersky Thailand hacked by TinKode in (49 Visits)
- Conquiztador Hacked Again in (49 Visits)
- Telegraph.co.uk hacked - when will they learn? in (44 Visits)
- Simona Sensual si profilul ei de hi5 in (40 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (39 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (33 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (30 Visits)
- Digital Photocopiers Loaded With Secrets in (27 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (18 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (11 Visits)
- Christopher "moot" Poole: The case for anonymity online in (10 Visits)
- [Video] The History Of Hacking in (9 Visits)
- OWASP Phishing demo in (9 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (8 Visits)
- Owasp5005 Part1 - New zero-day browser exploits - ClickJacking in (8 Visits)
- Se poate sparge parola de Yahoo? in (348 Visits)
- phpBB.ro hacked in (105 Visits)
- Experiment social in (71 Visits)
- Cand dorinta de afirmare depaseste granitele bunului simt - PaxNwo un leecher ordinar in (61 Visits)
- Oare cum e pana la urma? in (57 Visits)
- "Hot" de id-uri messenger in (53 Visits)
- Concurs fara premii in (52 Visits)
- Forumul Andreei Balan spart in (48 Visits)
- Ce nu se invata la scoala – Vendetta (6) in (45 Visits)
- Experiment social II - andimoisescu.ro in (44 Visits)
Posted on October 31st, 2008
Am intrat deunazi pe siteul facultatii de matematica pentru a lua niste cursuri. Ochiul meu format vede in address bar un link foarte dubios care mirosea a vulnerabilitati asa ca il iau la purecat. Dupa vreo 5 secunde de cautari cat mi’a luat sa imi introduc maleficul cod in link descopar ca websiteul este vulnerabil celei mai temute si USOR DE EVITAT vulnerabilitati de pe web – RFI (remote file inclusion). Daca nu stii cu ce se mananca nu prea ai ce cauta aici si poti parasi acest blog. Pentru siguranta serverului si pentru ca nu ar fi etic din partea mea(yeah right) prefer sa nu dau mai multe detalii despre vulnerabilitate. Administratorul siteului a fost anuntat, daca sunteti foarte curiosi puteti gasi si voi destul de usor cu manutele voastre problema 
.
Cu mult respect,
H.S.
October 31st, 2008 at 11:42 pm
a fost fixata problema ? am incercat si eu ceva dar no luck
November 1st, 2008 at 12:07 pm
nici vorba. ca de obicei romanu e lenes, probabil o va fixa cand ii va busi cineva serverul.
March 13th, 2009 at 1:29 pm
simt miros de PaxnWo pe aici ,,,,nu stiu de ce
June 15th, 2009 at 1:17 pm
am mai vazut cazuri asemanatoare, bag mana in foc ca nu isi protejeaza nici baza de date
)