[+] - TheWikiBoatBR PwneD
2 participantes
Página 1 de 1
[+] - TheWikiBoatBR PwneD
A alguns dias percebi eu que o site www.thewikiboatbrazil.com.br não estava mais no ar, então resolvi pesquisar e encontrei isso ↓
- Spoiler:
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
_ _ _ _ _ _ _
| | | | (_) | (_) | | |
| |_| |__ _____ ___| | ___| |__ ___ __ _| |_
| __| '_ \ / _ \ \ /\ / / | |/ / | '_ \ / _ \ / _` | __|
| |_| | | | __/\ V V /| | <| | |_) | (_) | (_| | |_
\__|_| |_|\___| \_/\_/ |_|_|\_\_|_.__/ \___/ \__,_|\__|
www.twitter.com/0x3a0x3a
TheWikiBoat [www.thewikiboatbrazil.com.br]
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Since you guys were penetrating a lot of UK Websites....
I decided to penetrate your website....
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
> thewikiboatbrazil.com.br
Server: NS2-VIP.VPLS.NET
Address: 209.11.240.36
Non-authoritative answer:
Name: server40.000webhost.com
Address: 31.170.160.104
Aliases: thewikiboatbrazil.com.br
>
HTTP/1.1 200 OK
Connection: close
Content-Length: 1537
Content-Type: text/html
Date: Mon, 27 Aug 2012 07:36:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Path : /www/www.thewikiboatbrazil.com.br/index.php
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
$ cat index.php
<html>
<head>
<title>#TheWikiBoatBrazil</title>
<link rel="stylesheet" href="stylesheet.css" type="text/css" />
<script type="text/javascript"></script><link rel='stylesheet' type='text/css' href='/B1D671CF-E532-4481-99AA-19F420D90332/netdefender/hui/ndhui.css' /></head>
<body bgcolor="#000000"><script type='text/javascript' language='javascript' src='/B1D671CF-E532-4481-99AA-19F420D90332/netdefender/hui/ndhui.js?0=0&0=0&0=0'></script>
<style type="text/css">
a:link {text-decoration: none}
a:visited {text-decoration: none}
a:hover {text-decoration: underline;
color: #FF0000;
}
a:active {text-decoration: none}
</style>
<center>
<img src="hack-the-planet.jpg" /><br></br>
<nav id="menu">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="release.html">Releases</a></li>
<li><a href="membros.html">Membros</a></li>
<li><a href="email.html">Contatos</a></li>
</ul>
</nav>
<br></br>
<font color="white">#TheWikiBoatBrazil, WEBSITE em desenvolvimento</font></center>
<object width="0" height="0"><param name="movie" value="http://youtube.googleapis.com/v/7YoDt-MxhHg&rel=1&autoplay=1"></param><param name="wmode" value="transparent"></param><embed src="http://youtube.googleapis.com/v/7YoDt-MxhHg&rel=1&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" width="0" height="0"></embed></object>
</body>
</html>
<!-- Hosting24 Analytics Code -->
<script type="text/javascript" src="http://stats.hosting24.com/count.php"></script>
<!-- End Of Analytics Code -->
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
We all know there are a lot of 0day exploits for PHP 5.2.17
X-Powered-By: PHP/5.2.17
PHP 5.2.x Remote Code Execution Vulnerability
If PHP bails out in startup stage before setting PG(modules_activated)
to 1, the filter_globals struct is not cleaned up on shutdown stage.
The subsequence request will use uncleaned value in filter_globals
struct. With special crafted request, this problem can lead to
information disclosure and remote code execution.
Only apache modules SAPI are found to vulnerable to this problem.
While other SAPIs are safe because a PHP process exits when PHP bails
out before setting PG(modules_activated) to 1.
I have exploited the website using that 0day and executed a php bufferoverflow code
//get addresses and links
for($x=(int)0; $x<=$limit; $x++){
$input = get_link_contents($link_list[0]);
array_shift($link_list);
$link_list = ($x%100==0 || $x==5)?filter_urls($link_list,$blacklist):$link_list;
//add the links to the link list and remove duplicates
if(count($link_list) <= 1000) {
preg_match_all($link_reg, $input, $new_links);
$link_list = array_merge($link_list, $new_links);
$link_list = array_unique(array_flatten($link_list));
}
//check the addresses against the blacklist before adding to a a file in JSON
$res = preg_match_all($regex, $input, $matches);
if ($res) {
foreach(array_unique($matches[0]) as $address) {
if(!strpos_arr($address,$blacklist)){
$enum++;
json_file($results_file,$link_list[0],$enum,$x);
write_addresses_to_file($address, $address_file);
}
}
}
unset($input, $res, $efile);
}
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Tango Down www.thewikiboatbrazil.com.br
And NO i didn't DDOS !
This show that its fucking easy to pwn a hackers website ...
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
_ _ _ _ _ _ _
| | | | (_) | (_) | | |
| |_| |__ _____ ___| | ___| |__ ___ __ _| |_
| __| '_ \ / _ \ \ /\ / / | |/ / | '_ \ / _ \ / _` | __|
| |_| | | | __/\ V V /| | <| | |_) | (_) | (_| | |_
\__|_| |_|\___| \_/\_/ |_|_|\_\_|_.__/ \___/ \__,_|\__|
www.twitter.com/0x3a0x3a
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Click
FailSecurityBR-
Mensagens : 49
Pontos de Participação : 134
Reputação : 39
Localização : /bin/bash
Data de inscrição : 09/08/2012
Respeito as regras :
Re: [+] - TheWikiBoatBR PwneD
Na verdade a host cortou o site por ser hacking,scam etc... inclusive quem entrou, amou meu auto-infect -z
D4RKCR1PT3R-
Mensagens : 89
Pontos de Participação : 214
Reputação : 69
Data de inscrição : 04/04/2012
Respeito as regras :
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|