iExploit
Recent
Activity
Sign up
Have an account?
Sign in
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Sign In
Apply for Membership
About
Username
CrashOverron
Joined
August 2011
Visits
0
Last Active
August 2012
Roles
Member
Posts
13
Top Posters
Xin
3251
Sh3llc0d3
1910
chroniccommand
1389
undead
822
George
707
GameOver
675
Bursihido
406
m0rph
332
Mr. P-teo
269
D0WNGRADE
220
Who's Online (0)
Powered by
Vanilla.
Made with
Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
CrashOverron
Activity
Discussions
2
Comments
11
Environment variables
if you figured it out why dont you post the answer in case someone else has a similar problem?
Comment by
CrashOverron
September 2011
permalink
Some questions on Remote file inclusion attacks?
4) no, not exactly, there are different forms of the vuln but they all basically do the same thing 5) no because the functions that are used to create RFI vulns read the contents of the given file into the source of the vuln page so if you create a…
Comment by
CrashOverron
September 2011
permalink
Found something interesting Take a look
this site is using a WAF system to block certain queries try searching for articles for bypassing WAF's off the top there is one by nullbyt3 that was pretty decent @m0rph: blind sql injection would be when your query doesnt directly output to …
Comment by
CrashOverron
August 2011
permalink
What does this error mean when injectng?
the site may have multiple queries and one may have 5 columns and another may have a different amount
Comment by
CrashOverron
August 2011
permalink
the ultimate in annonymity?
@OP i assume you're talking about GRE over IPsec tunnels; because GRE sends the key, if one is present, in the header plain text. im still working on researching how well it all works out though seems like a good source for VPN
Comment by
CrashOverron
August 2011
permalink
SQL Injection Tutorial For Beginners
nice a couple of things to note though: 1)as i stated in another thread, verifying sqli vulns with "'" does not always give accurate results its easier to use "and 1=1--" "and 1=0--" or some variation of that 2)usi…
Comment by
CrashOverron
August 2011
permalink
Hiding web-shells from the casual browser.
the password protecting is good against fellow hackers as well changing the default title if you're using a premade shell from someone else so someone cant just d0rk you but if keeping from the sysadmin then base64 or something similar will typ…
Comment by
CrashOverron
August 2011
permalink
SQLi Vuln Types Question
these are just the first functions that the variable you're injecting hits that is throwing an error. each of those functions actually uses the content returned from the MySQL server and because the query you injected(appending ') is not v…
Comment by
CrashOverron
August 2011
permalink
the ultimate in annonymity?
i know this is an old post but this sparked my interest since i have access to a few cisco devices im looking into it now and will update this if i get it done
Comment by
CrashOverron
August 2011
permalink