### # Title : Inj3ct0r Team has hacked ExploitHub.com # Inj3ct0r-zine : http://priv8.1337day.com/exploitHUB.txt # Proof: http://priv8.1337day.com/proof_exploit_list.sql # Home : 1337Day Exploits Market # Web : 1337day.com .net .org # Fb : http://fb.me/inj3ct0rs # Tw : https://twitter.com/inj3ct0r # <3 <3 Greetings t0 Inj3ct0r Members <3 <3 # Greetings To r4dc0re, Kingcope, CrosS, SeeMe, KedAns-Dz, DaOne, NuxbieCyber, Tibit, Sammy FORGIT, D4NB4R, neutr0n, D4RK CR1PT3R, Mark (Mko)! Angel Injection you chicken :P # F-ck HaCking ExploitHub, Lov3 Explo8ting! .-"``"-. /______; \ {_______}\| (/ a a \)(_) (.-.).-.) _______ooo__( ^ )____________ / '-.___.-' \ | Inj3ct0r Team hacked ExploitHub.com | | 1337Day w0rms member the best | | 1337day.com / inj3ct0rs.com | | 1337day.net \ 1337day.org | \________________________ooo________/ |_ | _| \___|___/ {___|___} |_ | _| /-'Y'-\ (__/ \__) What's new ? *-...________________...-* Today (December 11th), the Inj3ct0r Team has hacked http://exploithub.com and we like to add a small line here " This is for Educational Purpose Only " Inj3ct0r Team stole private exploits worth $242333 (i ll calculate) from Exploithub Z Where to sell my 0day exploits.. Z .,., z ((((()) z ((('_ _`) ' _______________________ ((G \ |) ___________________ (((` " , .((\.:~: .--------------. Do you want to buy __.| `"'.__ | \ | .'' `---' `. | . : or sell / ` | `-.__________) | ~ | : : exploits? | | : | | _ | | [ ## 1337day.com \ `--. ____| , oo_______.' `_ ( \) _____/ `--___ is | `--) ) `-. `--- ( - a:f - | '///` | `-. a good solution | | | | `-. | | | | `-. | | |\ | | | | \| `-. | | | `-| ' -----------------------Reason------------------------------------------- We hacked http://exploithub.com because the people who publish private exploits on http://exploithub.com need know that the ExploitHub Admins are lamers and can not provide them with adequate security. Where _ ,,,, Proof? \ / ' /.. / ( c D \- '\_ `-'\)\ |_ \ |U \\ (__,// |. \/ LL__I ||| ||| ,,-``'\ I show a piece of the database: "product_name", "product_price", "created_date", "author_id", "author_username" CA Total Defense Suite deleteReportFilter Stored Procedure SQL Injection,100.0000,2012-01-02 14:45:13,"60",Mario Novell iPrint Client ActiveX Control debug Buffer Overflow,50.0000,2012-01-02 14:45:43,"60",Mario Trend Micro Internet Security Pro 2010 ActiveX Control Buffer Overflow,50.0000,2012-01-02 14:46:06,"60",Mario Oracle ABORT_TABLE_INSTANTIATION Buffer Overflow,1000.0000,2011-03-18 16:30:27,"60",Mario Oracle CREATE_DATABASE_LINK Buffer Overflow,1100.0000,2011-03-18 16:32:00,"60",Mario Oracle DELETE_REFRESH_OPERATIONS Buffer Overflow,1000.0000,2011-03-18 16:32:48,"60",Mario Oracle DIFFERENCES Buffer Overflow,1000.0000,2011-03-18 16:33:52,"60",Mario Oracle DISABLE_RECEIVER_TRACE Buffer Overflow,1000.0000,2011-03-18 16:35:10,"60",Mario Oracle FROM_TZ() Buffer Overflow,1000.0000,2011-03-18 16:36:02,"60",Mario Oracle GENERATESCHEMA Buffer Overflow.,1500.0000,2011-03-22 21:01:02,"60",Mario Oracle GET_FULL_FILENAME Buffer Overflow.,1000.0000,2011-03-22 20:57:40,"60",Mario Oracle9i INSTANTIATE_OFFLINE Buffer Overflow,1000.0000,2011-03-18 16:39:18,"60",Mario Oracle9i KSDWRT Buffer Overflow,1000.0000,2011-03-18 16:39:57,"60",Mario Oracle NUMTODSINTERVAL() Buffer Overflow.,1500.0000,2011-03-22 21:03:58,"60",Mario Oracle NUMTOYMINTERVAL() Buffer Overflow,1000.0000,2011-03-18 16:41:57,"60",Mario Oracle PARALLEL_PUSH_RECOVERY Buffer Overflow,1000.0000,2011-03-18 16:42:39,"60",Mario Oracle10g PITRIG_DROP Buffer Overflow,1000.0000,2011-03-18 16:43:36,"60",Mario Oracle10g PITRIG_DROPMETADATA Buffer Overflow,1200.0000,2011-03-18 16:44:16,"60",Mario Oracle10g PITRIG_TRUNCATE Buffer Overflow,1000.0000,2011-03-18 16:44:58,"60",Mario Oracle SYS.LTUTIL Buffer Overflow,1200.0000,2011-03-18 16:45:55,"60",Mario Oracle9i REGISTER_USER_REPGROUP Buffer Overflow,1000.0000,2011-03-18 16:47:21,"60",Mario Oracle SDO_CODE_SIZE Buffer Overflow,1000.0000,2011-03-18 16:48:09,"60",Mario Oracle SET TIME_ZONE Buffer Overflow,1000.0000,2011-03-18 16:48:54,"60",Mario Oracle CTX_OUTPUT() Buffer Overflow,1000.0000,2011-03-18 16:49:51,"60",Mario Oracle TO_TIMESTAMP_TZ() Buffer Overflow,1000.0000,2011-03-18 16:50:28,"60",Mario Oracle TZ_OFFSET() Buffer Overflow,1000.0000,2011-03-18 16:51:11,"60",Mario Oracle DBMS_AQADM Buffer Overflow,1000.0000,2011-03-18 16:52:03,"60",Mario DBMS_JVM_EXP_PERMS Escalation,500.0000,2011-03-18 16:53:19,"60",Mario Oracle extjob.exe Command Execution Vulnerability,200.0000,2011-10-06 10:42:28,"60",Mario CTXSYS.DRILOAD SQL Injection,125.0000,2011-01-26 15:37:30,"60",Mario SET_OUTPUT_TO_JAVA SQL Injection,1000.0000,2011-03-18 16:55:44,"60",Mario Symantec Alert Management System ModemString Buffer Overflow,200.0000,2012-06-14 11:39:16,"60",Mario Symantec Alert Management System PinNumber Buffer Overflow,200.0000,2011-11-27 14:41:35,"60",Mario KingView 6.53 SCADA HMI HistorySvr Heap Overflow,250.0000,2011-03-23 13:31:14,"84",Ian IGSS IGSSdataServer.exe opcode 0xd overflow,500.0000,2011-06-15 10:55:12,"89",hal Opera Browser 10.62 border-radius (SVG handler) Memory Corruption,100.0000,2011-06-17 08:51:49,"184",Ss3c FactoryLink vrn.exe opcode 9 overflow,500.0000,2011-06-15 10:55:23,"89",hal Lotus Domino iCalendar Stack Overflow,1500.0000,2011-06-14 15:43:49,"209",jgrusko IBM Lotus Domino 8.5.2 WebAdmin.nsf Cross-Site Scripting Vulnerability,0.0000,2011-07-10 05:59:42,"126",r0i Site License,0.0000,2011-07-20 02:29:53,"", Adobe Flash Player newfunction rop 2,200.0000,2011-07-30 15:43:45,"62",NSSLabs Adobe Flash Player newfunction rop 3,200.0000,2011-07-30 15:43:23,"62",NSSLabs Adobe Flash Player newfunction rop 4,200.0000,2011-07-30 15:44:57,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_1,250.0000,2011-07-30 15:59:44,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_2,250.0000,2011-07-30 16:00:52,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_3,250.0000,2011-07-30 16:03:21,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_4,250.0000,2011-07-30 16:02:59,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_5,250.0000,2011-07-30 16:04:04,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_6,250.0000,2011-07-30 16:04:50,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_7,250.0000,2011-07-30 16:06:55,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_8,250.0000,2011-07-30 16:08:37,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_9,250.0000,2011-07-30 16:09:20,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_10,250.0000,2011-07-30 16:10:06,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_11,250.0000,2011-07-30 16:10:54,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_12,250.0000,2011-07-30 16:11:44,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_13,250.0000,2011-07-30 16:12:31,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_14,250.0000,2011-07-30 16:13:22,"62",NSSLabs ms11_003_ie_css_import_stackpivot_rop_15,250.0000,2011-07-30 16:14:04,"62",NSSLabs Adobe Flash Player newfunction rop 1,200.0000,2011-08-01 15:24:09,"62",NSSLabs Adobe CoolType SING Table winxp rop 1,250.0000,2011-08-01 18:13:29,"62",NSSLabs Adobe CoolType SING Table win7 rop 1,250.0000,2011-08-01 18:16:19,"62",NSSLabs Citrix Systems Provisioning Services 5.6 Buffer Overflow Module,300.0000,2011-08-01 18:18:19,"62",NSSLabs Avaya WinPMD UniteHostRouter Buffer Overflow,200.0000,2011-08-07 09:42:10,"60",Mario Oracle TO_CHAR() Buffer Overflow.,1000.0000,2011-08-08 14:55:39,"60",Mario Oracle DBMS_JAVA_TEST Buffer Overflow.,1000.0000,2011-08-08 15:08:45,"60",Mario Oracle Database and Enterprise Manager Grid Control Remote Code Execution,500.0000,2011-08-14 16:26:04,"60",Mario Oracle Outside In CDR Buffer Overflow,200.0000,2011-08-13 18:27:08,"60",Mario Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability,500.0000,2011-08-14 16:29:35,"60",Mario Firefox sensor.dll Insecure Library Loading,100.0000,2011-12-10 13:50:42,"60",Mario IBM Lotus Forms Viewer Insecure Library Loading,100.0000,2012-07-20 21:15:05,"60",Mario Wireshark Insecure Script Loading,50.0000,2012-01-02 14:51:16,"60",Mario PcVue v5.52 (SVUIGrd.ocx) ActiveX Control Remote Code Execution,500.0000,2011-10-04 00:45:50,"288",^rwX DATAC RealWin SCADA Server On_FC_BINFILE_FCS_FILE (0a) Buffer Overflow,100.0000,2011-10-06 00:57:57,"60",Mario DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_GETTELEMETRY Buffer Overflow,100.0000,2011-10-06 14:42:46,"60",Mario DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_SETTELEMETRY Buffer Overflow,100.0000,2011-10-06 14:45:22,"60",Mario DATAC RealWin SCADA Server On_FC_SCRIPT_FCS_STARTPROG Buffer Overflow,100.0000,2011-10-06 14:46:42,"60",Mario DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY Buffer Overflow,100.0000,2011-10-06 14:55:38,"60",Mario DATAC RealWin SCADA Server On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY Buffer Overflow,100.0000,2011-10-06 15:03:19,"60",Mario Tunnelblick (Mac OS X third-party software) Privilege Escalation,300.0000,2011-10-06 16:35:13,"238",subreption OpenVPN Trusted Path Privilege Escalation,50.0000,2011-10-07 16:52:01,"60",Mario ACDSee FotoSlate Int Buffer Overflow,100.0000,2011-10-10 16:57:47,"60",Mario Safari SVGPathSegList Use-After-Free,500.0000,2012-08-10 14:57:52,"200",dput IBM Lotus Domino Web Server If-Modified-Since Remote Buffer Overflow,100.0000,2011-10-11 01:14:32,"60",Mario DATAC RealWin FCS_ADDTAGMS Buffer Overflow,100.0000,2011-10-12 20:02:43,"280",James DATAC RealWin FCS_CADDTAG Buffer Overflow,100.0000,2011-10-12 20:04:53,"280",James DATAC RealWin FCS_CDELTAG Buffer Overflow,100.0000,2011-10-12 20:06:31,"280",James DATAC RealWin On_FC_BINFILE_FCS_FILE_D Buffer Overflow DEP Bypass,150.0000,2011-10-12 20:08:35,"280",James DATAC RealWin On_FC_BINFILE_FCS_FILE_B Buffer Overflow,100.0000,2011-10-12 20:10:58,"280",James DATAC RealWin On_FC_BINFILE_FCS_FILE_C Buffer Overflow,100.0000,2011-10-12 20:12:16,"280",James DATAC RealWin On_FC_BINFILE_FCS_FILE_E Buffer Overflow,100.0000,2011-10-12 20:13:47,"280",James DATAC RealWin On_FC_BINFILE_FCS_FILE_F Buffer Overflow,100.0000,2011-10-12 20:15:00,"280",James HP iNode Management Center iNodeMngChecker Buffer Overflow,100.0000,2011-10-17 11:59:20,"60",Mario Microsoft Office Uninitialized Object Pointer Vulnerability,250.0000,2012-11-01 04:03:46,"354",xBoy ACDSee XBM Variable Name Buffer Overflow,50.0000,2012-04-14 11:31:11,"60",Mario Cytel Studio LogXact USE Buffer Overflow,50.0000,2011-11-03 20:49:38,"60",Mario EMC Autostart Domain Name Logging Buffer Overflow,100.0000,2011-12-05 07:11:26,"60",Mario Oracle SDO_CS.TRANSFORM_LAYER Buffer Overflow,500.0000,2011-12-13 19:29:17,"60",Mario Oracle DBLINK_INFO Buffer Overflow.,400.0000,2011-12-13 20:25:48,"60",Mario Oracle DBMS_AQJMS_INTERNAL.AQ$_REGISTER Buffer Overflow,300.0000,2011-12-13 23:12:53,"60",Mario Oracle DBMS_AQJMS_INTERNAL.AQ$_UNREGISTER Buffer Overflow,300.0000,2011-12-13 23:15:24,"60",Mario DameWare Mini Remote Control NTLMSSP Buffer Overflow,100.0000,2011-12-14 23:33:58,"60",Mario DameWare Mini Remote Control USERNAME Buffer Overflow,100.0000,2011-12-14 23:35:49,"60",Mario eSignal WinSig.exe long StyleTemplate Buffer Overflow,100.0000,2011-12-19 23:11:21,"60",Mario NetDecision TFTP Server Directory Traversal,50.0000,2011-12-21 23:52:31,"60",Mario CA Total Defense Suite UNC Management Console deleteReportTemplate Store d Procedure SQL Injection,100.0000,2011-12-22 00:57:42,"60",Mario Sunway Force Control <= 6.1 httpsvr.exe,100.0000,2011-12-24 02:11:26,"280",James HP Managed Printing Admistration jobAcct Arbitrary File Creation,25.0000,2011-12-24 16:31:21,"60",Mario HP Managed Printing Admistration jobDelivery Arbitrary File Creation,25.0000,2011-12-24 16:33:05,"60",Mario FreeBSD telnetd Buffer Overflow,75.0000,2011-12-28 00:37:45,"60",Mario ESTsoft ALZip MIM File Buffer Overflow,100.0000,2011-12-28 21:49:06,"280",James Novell iPrint Client ActiveX Control GetDriverFile Buffer Overflow,100.0000,2011-12-29 00:12:11,"60",Mario Novell iPrint Client ActiveX Control GetDriverSettings Buffer Overflow,100.0000,2011-12-29 23:08:59,"60",Mario HastyMail rsargs[] Arbitrary Command Injection,100.0000,2012-01-02 18:01:39,"60",Mario Trend Micro InterScan Web Security Suite Local Privilege Escalation,50.0000,2012-01-06 15:09:35,"60",Mario Citrix Provisioning Services streamprocess.exe 0x40020000 Buffer Overflow,100.0000,2012-03-27 20:39:42,"60",Mario Citrix Provisioning Services streamprocess.exe 0x40020002 Buffer Overflow,100.0000,2012-03-27 20:40:18,"60",Mario Citrix Provisioning Services streamprocess.exe 0x40020004 Buffer Overflow,100.0000,2012-03-27 20:40:43,"60",Mario Citrix Provisioning Services streamprocess.exe 0x40020006 Buffer Overflow,100.0000,2012-03-27 20:41:01,"60",Mario SolarWinds Storage Manager Server SQL Injection Authentication Bypass And Command Execution,100.0000,2012-03-27 20:41:25,"60",Mario Sunway Forcecontrol <= 6.1 sp3 SNMP NetDBServer.exe,100.0000,2012-01-30 17:04:26,"280",James Motorola Netopia netOctopus SDCS Buffer Overflow,100.0000,2012-03-27 20:41:46,"60",Mario CA Total Defense Suite deleteReportFilter Stored Procedure SQL Injection,100.0000,2012-04-17 17:30:46,"60",Mario Exploit-builder for CVE-2011-0611,500.0000,2012-03-15 15:11:07,"417",Excoriot Cisco VPN Client Arbitrary Command Injection,50.0000,2012-02-29 20:24:56,"60",Mario TheGreenBow IPSec VPN Client Arbitrary Command Injection,50.0000,2012-03-01 15:12:26,"60",Mario Trend Micro ServerProtect 5.58 CMON_ActiveRollback Buffer Overflow,100.0000,2012-03-06 15:47:47,"60",Mario Trend Micro ServerProtect 5.58 CMON_ActiveUpdate Buffer Overflow,100.0000,2012-03-06 15:48:59,"60",Mario Trend Micro ServerProtect 5.58 SetSvcImpersonateUser Buffer Overflow,100.0000,2012-03-06 16:17:54,"60",Mario Trend Micro ServerProtect 5.58 RPCFN_ENG_AddTaskExportLogItem Buffer Overflow,100.0000,2012-03-06 19:46:03,"60",Mario Trend Micro ServerProtect 5.58 SetPagerNotifyConfig Buffer Overflow,100.0000,2012-03-06 19:45:29,"60",Mario Trend Micro ServerProtect 5.58 ENG_SENDMAIL Buffer Overflow,100.0000,2012-03-06 20:52:24,"60",Mario Trend Micro ServerProtect 5.58 CMON_NetTestConnection Buffer Overflow,100.0000,2012-03-07 14:01:24,"60",Mario Computer Associates Alert Notification 0x15 Buffer Overflow,100.0000,2012-03-08 16:57:25,"60",Mario Computer Associates Alert Notification 0x17 Buffer Overflow,100.0000,2012-03-08 16:58:50,"60",Mario NETGEAR SafeNet SoftRemote IKE Service Buffer Overflow,100.0000,2012-03-10 14:57:36,"60",Mario freeSSHD 1.2.1 FXP_OPENDIR Buffer Overflow,100.0000,2012-03-12 14:13:19,"60",Mario freeSSHD 1.2.1 FXP_RENAME Buffer Overflow,100.0000,2012-03-12 14:14:32,"60",Mario GoodTech SSH FXP_OPEN Buffer Overflow,100.0000,2012-03-12 15:00:07,"60",Mario MPlayer SAMI Subtitle File Buffer Overflow,100.0000,2012-03-16 17:09:27,"60",Mario Internet Explorer 8 Insecure Library Loading Client-Side Remote Code Execution,300.0000,2012-03-22 18:17:19,"422",41.w4r10r Novell ZENworks CM Preboot Service Opcode 6 Buffer Overflow,100.0000,2012-03-26 21:26:02,"60",Mario Elastix PBX 2.2.0 callme_page.php Remote Command Execution with Local Privilege Escalation,1100.0000,2012-04-22 22:02:07,"423",aisg-001 Novell ZENworks CM Preboot Service Opcode 21 Buffer Overflow,100.0000,2012-03-27 01:57:07,"60",Mario CA Total Defense Suite exportReport Stored Procedu re SQL Injection,100.0000,2012-03-28 12:19:24,"60",Mario PEiD PE Import Directory Buffer Overflow,100.0000,2012-03-30 18:52:33,"60",Mario Novell ZENworks CM Preboot Service Opcode 4C Buffer Overflow,100.0000,2012-04-04 11:47:52,"60",Mario LANDesk Lenovo ThinkManagement Console ServerSetup Command Execution,100.0000,2012-04-04 13:12:02,"60",Mario Disk Pulse Server GetServerInfo Buffer Overflow,100.0000,2012-04-10 14:39:53,"60",Mario Rabox WinLPD Buffer Overflow,100.0000,2012-04-11 22:18:00,"60",Mario Quest Big Brother Remote File Creation,100.0000,2012-04-12 16:28:25,"60",Mario SGI Infosrch.cgi fname Command Execution,50.0000,2012-06-13 11:32:36,"60",Mario Nucleus Kernel Recovery for Novell Buffer Overflow,100.0000,2012-04-15 14:15:04,"60",Mario HP OmniInet.exe Opcode 17 Buffer Overflow,100.0000,2012-04-20 15:17:42,"60",Mario HP OmniInet.exe Opcode 35 Buffer Overflow,100.0000,2012-04-21 11:45:56,"60",Mario HP OmniInet.exe Opcode 46 Buffer Overflow,100.0000,2012-04-22 12:08:27,"60",Mario magicdoc.py,200.0000,2012-12-09 18:10:40,"471",n0ne CVE-2011-3402 (MS11-087),1000.0000,2012-07-30 01:12:47,"483",Ling Chuan Lee Safari SVGPointList Use-After-Free,500.0000,2012-08-10 14:56:46,"200",dput CVE-2005-0750 - Linux Kernel bluetooth integer underflow,500.0000,2012-06-13 08:24:26,"200",dput CA BrightStor ARCserve Backup caloggerd Arbitrary File Writing Exploit,500.0000,2012-06-13 08:33:40,"200",dput CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Exploit,500.0000,2012-06-13 08:37:13,"200",dput ZABBIX Server node_process_command() Command Execution,50.0000,2012-06-13 12:55:29,"60",Mario GlobalSCAPE CuteZIP Buffer Overflow,50.0000,2012-06-13 12:55:29,"60",Mario Blue Coat Reporter Directory Traversal Scanner,100.0000,2012-06-16 18:25:44,"114",bannedit VMware Workstation VMNC Codec Parsing Remote Code Execution Vulnerability,300.0000,2012-06-24 18:47:21,"490",exodusintel WordPress plugin Asset manager upload.php Arbitrary Code Execution,25.0000,2012-06-27 12:37:03,"491",Sooraj WordPress plugin WP-Property uploadify.php Arbitrary Code Execution,25.0000,2012-06-27 12:44:25,"491",Sooraj GoodTech SSH Server 6.5 Stack Buffer Overflow,100.0000,2012-07-13 14:00:02,"280",James PEiD <= 0.92 Stack Buffer Overflow,100.0000,2012-07-13 14:02:52,"280",James Cisco Linksys PlayerPT SetSource() ActiveX Buffer Overflow,25.0000,2012-07-20 14:47:20,"60",Mario IBM Cognos tm1admsd.exe Buffer Overflow,50.0000,2012-07-23 15:50:37,"60",Mario IBM Cognos tm1admsd.exe Buffer Overflow,50.0000,2012-07-23 15:53:19,"60",Mario Novell ZENworks Asset Management Remote Code Execution,100.0000,2012-07-27 21:13:03,"60",Mario ACDSee Photo Editor 2008 XBM Variable Name Buffer Overflow,100.0000,2012-07-29 19:31:30,"280",James Cytel Studio 9.0 (CYB File) Stack Buffer Overflow,100.0000,2012-07-29 19:33:49,"280",James Disk Pulse Server 'GetServerInfo' Buffer Overflow,100.0000,2012-07-29 19:36:04,"280",James eSignal Pro <= 10.6.2425.1208 (QUO File) Buffer Overflow,100.0000,2012-07-30 02:34:47,"280",James FreeSSHD <= 1.2.1 FXP_OPENDIR,100.0000,2012-07-29 19:39:39,"280",James FreeSSHD <= 1.2.1 FXP_RENAME,100.0000,2012-07-29 19:41:32,"280",James R4 winamp plugin ,100.0000,2012-09-05 14:49:43,"280",James Solarwinds <= 5.1.2 LoginServlet Auth Bypass SQLi,100.0000,2012-07-29 19:48:49,"280",James Winamp 5.55 (MAKI script) Stack Buffer Overflow,50.0000,2012-07-29 19:50:30,"280",James Internet Explorer <=9 Remote Code Execution,700.0000,2012-08-03 15:47:02,"422",41.w4r10r IBM Lotus Quickr QP2 ActiveX Import_Times Buffer Overflow,25.0000,2012-08-04 15:52:19,"60",Mario IBM Lotus Quickr QP2 ActiveX Attachment_Times Buffer Overflow,25.0000,2012-08-04 15:54:25,"60",Mario Oracle Jinitiator beans.ocx ActiveX Control Stack Overflow,150.0000,2012-08-23 08:49:42,"495",aushack Oracle Business Transaction Management FlashTunnelService WriteToFile Code Execution,50.0000,2012-08-28 11:34:34,"60",Mario HP SiteScope SOAP getFileInternal Arbitrary File Read,25.0000,2012-09-05 17:25:12,"60",Mario HP SiteScope SOAP loadFileContent Arbitrary File Read,25.0000,2012-09-05 17:27:32,"60",Mario Oracle Outside In XPM Buffer Overflow,25.0000,2012-09-14 17:19:19,"60",Mario Oracle Solaris Privilege Escalation,100.0000,2012-10-24 00:00:09,"517",unSecurityResearch Novell GroupWise Client 8.0.0 - 2012 - LWP Attachment Buffer Overflow,270.0000,2012-11-04 12:57:57,"79",alino IBM Informix Dynamic Server Password Buffer Overflow,50.0000,2012-10-19 22:31:49,"60",Mario MySQL on Windows Remote system Exploit post-auth,1500.0000,2012-11-30 19:59:49,"58",Kingcope Webmin Status Remote Perl Command/Library Execution,500.0000,2012-11-01 03:32:45,"423",aisg-001 Webmin Show CGI Remote Command Execution,500.0000,2012-11-01 03:47:37,"423",aisg-001 Cisco Prime Data Center Network Manager Remote Command Execution,25.0000,2012-11-05 17:24:01,"60",Mario McAfee Web Reporter File Upload and Execute,25.0000,2012-11-06 19:47:19,"60",Mario SGI infosrch.cgi fname Command Execution,0.0000,2012-11-16 19:28:32,"528",test Secure Computing SmartFilter File Upload and Execute,25.0000,2012-11-12 14:21:23,"60",Mario supplementary,0.0000,2012-11-17 14:35:35,"528",test Site License Plus,0.0000,2012-11-19 13:33:35,"", TEST_LIVE,0.0000,2012-11-19 20:20:39,"528",test Test Product Live #999,150.0000,2012-11-21 21:59:16,"528",test XAMPP mssql_connect() Buffer Overflow,25.0000,2012-11-26 15:37:20,"60",Mario Test Product Live #888,80.0000,2012-11-25 21:11:43,"528",test Test Product Live #887,70.0000,2012-11-25 17:27:00,"528",test Test Product Live #885,69.0000,2012-11-25 18:29:47,"528",test jose_test,0.0000,2012-12-07 20:01:08,"528",test Mobile Rifatron DVR web version Authentication-free hack,0.0000,2012-12-09 22:16:28,"593",Renard MsOfficeWord2010,200.0000,2012-12-09 18:27:37,"471",n0ne .-'''/.\ How to hack?? (_.--' | | == | o-._ .--..--. _.-o [+] System Linux web 2.6.35-22-server #33-Ubuntu SMP Sun Sep 19 20:48:58 UTC 2010 x86_64 | || | [+] MYSQL Client API library version 5.1.49 ;--|`--: [+] Apache Version Apache/2.2.16 (Ubuntu) |. | | [+] Hostname:Port web.lab.nsslabs.com:443 | ;_ .| [+] Host www.exploithub.com |_____ | [+] X-Powered-By PHP/5.3.3-1ubuntu9.3 /| '|\ //`----'\\ ////| | \\ / | | \ /| |\ / \ / \ / \/ \ / \ | | || /\ || || , . || ----------------------------------------------------------- I am very much surprised when he learned of Magento eCommerce Software and search /install/ 1) We scan server and site 2) We reinstall Magento CMS https://www.exploithub.com/install/ <= We reinstall Magento CMS 3) Upload shell and phpinfo https://www.exploithub.com/phpinfo.php 4) backup all files and database. 5) Upload piece of the database https://www.exploithub.com/export/ 6) Increased privileges and use root We have exploithub.com private database and FTP files) \'/ -= * =- {.} {.-'} {`_.-'} {-` _.-'} `":=:"` `---` -------------------------------------------------------------------------------------- Be safe, / r0073r Who is involved in a conspiracy against liberty, must be destroyed. _==_ _ _,(",)|_| \/. \-| __( : )|___ -------Th3 END----------------------Merry Christmas-------------------------------------