Wednesday, 12 July 2017

youtube channel rss feed 2017 | youtube channel videos json

To get the rss feed of your youtube channel you can use


https://www.youtube.com/feeds/videos.xml?channel_id=[yourchanneid]


sample: https://www.youtube.com/feeds/videos.xml?channel_id=UCjASs0Tbiv-mBhINBtT9mUg


Youtube channell videos
 Json data (api key is needed)
 https://www.googleapis.com/youtube/v3/search?part=snippet&channelId=UCjASs0Tbiv-mBhINBtT9mUg&maxResults=10&order=date&type=video&key=[API KEY]

Friday, 23 June 2017

html5 input date with validation (simple pattern)







<input type="date" name="mydate" oninvalid="this.setCustomValidity('My personal validation message')" placeholder="gg-mm-aaaa" pattern="\d{1,2}-\d{1,2}-\d{4}"  value="" id="mydate" required="required" />

Friday, 5 May 2017

Asmedia USB 3 Drivers - USB\ASMEDIAROOT_HUB\5&338E9AF1

Download the driver!

Hardware ID:
USB\ASMEDIAROOT_HUB\5&338E9AF1&0&0
USB\ASMEDIAROOT_HUB\5&338E9AF1


Tested on:
ASUS P8H61-MX USB3



Please, comment with the specific name of your motherboard if the driver works for you.

Tuesday, 11 April 2017

http://www.gurufocus.com/ | data leaks and errors

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/gurufocu/public_html/holdings_ind.php

errors  can be raised by simply manipulating parameters in the queries

chiarelettere.it | XSS and errors


XSS
http://www.chiarelettere.it/php/catalogo.php?cat=assda%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3C%22



Notice: Undefined index: collana in /home/httpd/html/casaleggio/chiarelettere.it/php/avvisamico.php on line 896

Monday, 10 April 2017

https://www.buddybank.com/ | wordpress content injection




https://www.buddybank.com/buddyrunners/wp-json/

You can test it with the most common (python) PoC.

Tuesday, 4 April 2017

eptbenevento.it | file listing - data leak

/var/www/vhosts/eptbenevento.it/httpdocs/

Saturday, 25 March 2017

List of mime types - config_file_mime_allowed for opencart


config_file_mime_allowed - useful when they are missing in your opencart installation/upgrade!



text/plain
image/png
image/jpeg
image/gif
image/bmp
image/tiff
image/svg+xml
application/zip
"application/zip"
application/x-zip
"application/x-zip"
application/x-zip-compressed
"application/x-zip-compressed"
application/rar
"application/rar"
application/x-rar
"application/x-rar"
application/x-rar-compressed
"application/x-rar-compressed"
application/octet-stream
"application/octet-stream"
audio/mpeg
video/quicktime
application/pdf






List of the robots and crawlers for opencart - config_robots


config_robots - useful when they are missing in your installation or upgrade.




abot
dbot
ebot
hbot
kbot
lbot
mbot
nbot
obot
pbot
rbot
sbot
tbot
vbot
ybot
zbot
bot.
bot/
_bot
.bot
/bot
-bot
:bot
(bot
crawl
slurp
spider
seek
accoona
acoon
adressendeutschland
ah-ha.com
ahoy
altavista
ananzi
anthill
appie
arachnophilia
arale
araneo
aranha
architext
aretha
arks
asterias
atlocal
atn
atomz
augurfind
backrub
bannana_bot
baypup
bdfetch
big brother
biglotron
bjaaland
blackwidow
blaiz
blog
blo.
bloodhound
boitho
booch
bradley
butterfly
calif
cassandra
ccubee
cfetch
charlotte
churl
cienciaficcion
cmc
collective
comagent
combine
computingsite
csci
curl
cusco
daumoa
deepindex
delorie
depspid
deweb
die blinde kuh
digger
ditto
dmoz
docomo
download express
dtaagent
dwcp
ebiness
ebingbong
e-collector
ejupiter
emacs-w3 search engine
esther
evliya celebi
ezresult
falcon
felix ide
ferret
fetchrover
fido
findlinks
fireball
fish search
fouineur
funnelweb
gazz
gcreep
genieknows
getterroboplus
geturl
glx
goforit
golem
grabber
grapnel
gralon
griffon
gromit
grub
gulliver
hamahakki
harvest
havindex
helix
heritrix
hku www octopus
homerweb
htdig
html index
html_analyzer
htmlgobble
hubater
hyper-decontextualizer
ia_archiver
ibm_planetwide
ichiro
iconsurf
iltrovatore
image.kapsi.net
imagelock
incywincy
indexer
infobee
informant
ingrid
inktomisearch.com
inspector web
intelliagent
internet shinchakubin
ip3000
iron33
israeli-search
ivia
jack
jakarta
javabee
jetbot
jumpstation
katipo
kdd-explorer
kilroy
knowledge
kototoi
kretrieve
labelgrabber
lachesis
larbin
legs
libwww
linkalarm
link validator
linkscan
lockon
lwp
lycos
magpie
mantraagent
mapoftheinternet
marvin/
mattie
mediafox
mediapartners
mercator
merzscope
microsoft url control
minirank
miva
mj12
mnogosearch
moget
monster
moose
motor
multitext
muncher
muscatferret
mwd.search
myweb
najdi
nameprotect
nationaldirectory
nazilla
ncsa beta
nec-meshexplorer
nederland.zoek
netcarta webmap engine
netmechanic
netresearchserver
netscoop
newscan-online
nhse
nokia6682/
nomad
noyona
nutch
nzexplorer
objectssearch
occam
omni
open text
openfind
openintelligencedata
orb search
osis-project
pack rat
pageboy
pagebull
page_verifier
panscient
parasite
partnersite
patric
pear.
pegasus
peregrinator
pgp key agent
phantom
phpdig
picosearch
piltdownman
pimptrain
pinpoint
pioneer
piranha
plumtreewebaccessor
pogodak
poirot
pompos
poppelsdorf
poppi
popular iconoclast
psycheclone
publisher
python
rambler
raven search
roach
road runner
roadhouse
robbie
robofox
robozilla
rules
salty
sbider
scooter
scoutjet
scrubby
search.
searchprocess
semanticdiscovery
senrigan
sg-scout
shai'hulud
shark
shopwiki
sidewinder
sift
silk
simmany
site searcher
site valet
sitetech-rover
skymob.com
sleek
smartwit
sna-
snappy
snooper
sohu
speedfind
sphere
sphider
spinner
spyder
steeler/
suke
suntek
supersnooper
surfnomore
sven
sygol
szukacz
tach black widow
tarantula
templeton
/teoma
t-h-u-n-d-e-r-s-t-o-n-e
theophrastus
titan
titin
tkwww
toutatis
t-rex
tutorgig
twiceler
twisted
ucsd
udmsearch
url check
updated
vagabondo
valkyrie
verticrawl
victoria
vision-search
volcano
voyager/
voyager-hc
w3c_validator
w3m2
w3mir
walker
wallpaper
wanderer
wauuu
wavefire
web core
web hopper
web wombat
webbandit
webcatcher
webcopy
webfoot
weblayers
weblinker
weblog monitor
webmirror
webmonkey
webquest
webreaper
websitepulse
websnarf
webstolperer
webvac
webwalk
webwatch
webwombat
webzinger
whizbang
whowhere
wild ferret
worldlight
wwwc
wwwster
xenu
xget
xift
xirq
yandex
yanga
yeti
yodao
zao
zippp
zyborg





Thursday, 23 March 2017

enable/disable php errors via htaccess


How to enable the php display error via htaccess

 Add in your htaccess:

php_flag display_errors on
php_flag html_errors on



How to show php errors without notices via htaccess

Add in your htaccess:

php_value error_reporting 2039




Monday, 20 March 2017

simple batch script to import sql file in mysql










 
@echo off
SET mysqldir=C:\mysql\bin
SET mysqlhost=localhost
SET mysqldatabase=dbname
SET mysqluser=user
SET mysqlpassword=password

if [%1]==[] goto usage

IF NOT EXIST %1 GOTO nosuchfile

@REM Change to mysqldir
REM CD %mysqldir%

@REM importing db
"%mysqldir%\mysql.exe" -u %mysqluser% -h%mysqlhost% -p%mysqlpassword% %mysqldatabase% < %1


pause
goto end


:usage
echo -How to use-
echo EXAMPLE:
echo %0 sqlfile.sql
goto end
:nosuchfile
echo --ERROR--
echo no such file %1

:end

Saturday, 18 March 2017

[SOLUTION] Opencart 1.5.6.4 - from mysql to mysqli

Just edit your
"config.php" and "admin/config.php"

and redefine the DB_DRIVER as follows:

define('DB_DRIVER', 'mysqli');

[FIX] opencart - Add the previously deleted english language

If you have previously deleted (in general not suggested) the English language supposing to solve the problem to have just one language in the backend you can try to add it again.

Run this sql query to add with ID 1.

INSERT INTO `oc_language` (`language_id`, `name`, `code`, `locale`, `image`, `directory`, `sort_order`, `status`) VALUES
(1, 'English', 'en', 'en_US.UTF-8,en_US,en-gb,english', 'gb.png', 'english', 1, 1);





Thursday, 16 March 2017

[solution] multiple collapse dropdown menu nav

Sometimes, with bootstrap, you need multiple collapsable Menus.


change the data-taget to an ID
example (mainmenu):
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#mainmenu">

use and ID for your navbar
example (mainmenu):
<div class="collapse navbar-collapse" id="mainmenu">


and do the same with all the other menus that you have with a different ID or a custom/different class.


Saturday, 11 March 2017

Delete rows where id does not have a match from another table.

 This simple sql query deletes the all the records that don't have a corresponding ID in another table.



#delete orphaned descriptions of the products
DELETE b FROM `oc_product_description` b LEFT JOIN `oc_product` a ON b.product_id = a.product_id WHERE a.product_id IS NULL



You can use it to delete orphaned product descriptions in opencart

Monday, 6 March 2017

Check for duplicate entries in the url aliases of opencart. Fix Subquery returns more than 1 row (products)

Check for duplicate entries  in the url aliases of opencart:


(same query keyword)
SELECT  `query`,`keyword`, COUNT(*) FROM  `oc_url_alias` GROUP BY  `query`, `keyword` HAVING COUNT(*) > 1


(same query) - Usually you can have errors related to the same queries
SELECT `query`, COUNT(*) FROM `oc_url_alias` GROUP BY `query` HAVING COUNT(*) > 1


(same keyword)
SELECT `keyword`, COUNT(*) FROM `oc_url_alias` GROUP BY `keyword` HAVING COUNT(*) > 1




Tip:
In most cases I fixed this error
Warning: mysqli::query(): (21000/1242): Subquery returns more than 1 row in system/library/db/mysqli.php on line 18Notice: Error: Subquery returns more than 1 row

by removing the orphaned entries/urlaliases (ex. the demo data).
Do a backup before removing anything.

Saturday, 4 March 2017

How to fix date(): It is not safe to rely on the system's timezone settings - php



When you use the date function sometimes, if there's no specific configuration, you will see this error:

date(): It is not safe to rely on the system's timezone settings

 

How to fix date(): It is not safe to rely on the system's timezone settings

Solution #1
configure date.timezone in your php.ini configuration file. If you have no access to php.ini check the 2nd Solution.

Solution #2
Use date_default_timezone_set() or ini_set() inside your <?php  code

Example:
date_default_timezone_set('Europe/Rome');


The complete list of the supported time zones can be found on http://php.net/manual/en/timezones.php

[FIX] InsecurePlatformWarning - You can upgrade to a newer version of Python to solve this



Sample error that can occurr:
_vendor\requests\packages\urllib3\util\ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning


To solve without wasting time just run:
pip install requests[security]


 

Friday, 3 March 2017

allowed extensions list - useful for opencart config_file_ext_allowed extensions

Useful list of allowed extensions for opencart config_file_ext_allowed extensions



zip
txt
png
jpe
jpeg
jpg
gif
bmp
ico
tiff
tif
svg
svgz
zip
rar
7z
msi
cab
mp3
mp4
vid
qt
mov
pdf
psd
ai
eps
ps
doc
xls
ppt
ods
odt

Monday, 27 February 2017

http://www.mercatinomusicale.com | system compromise, XSS, sql injection.

http://www.mercatinomusicale.com | system compromise, XSS, sql injection, data dump. XSS http://www.mercatinomusicale.com/ann/search.asp?rp=&ct=&ch=&mc=&p1=&p2=&rg=&pv=&kw=%22%3E%3Cscript%3Ealert(%27xss%27);%3C/script%3E%3C%22%20627%20r

Thursday, 23 February 2017

overlay with youtube video - simple

It's very simple but I didn't spent too much time.

you just need to add your image with x.png



paste the js or include it in an external .js file.


JS


<script>
$(document).ready(function(){


var overlay = jQuery('<div id="overlay"></div><div id="box" class="videoWrapper"><iframe src="https://www.youtube.com/embed/B-HCMfaOkL0?autoplay=1&rel=0&enable_js=1" frameborder="0" allowfullscreen></iframe></div><div id="closebox"><img src="images/x.png" /></div>');
overlay.appendTo(document.body).fadeIn('fast');

    $("#box").width($(window).width());
    $("#box").height($(window).height());
    $("#box").css('width','90%');
    $("#box").css('margin-left','5%');
    $("#box").css('margin-right','5%');
   
     $("#closebox").click(
     function(){
         $('#overlay').fadeOut('fast');
         $('.videoWrapper iframe').attr('src', '');
         $('#box').hide();
         $('#closebox').hide();
     });

     //chiusura emergenza
     $('#overlay').click(
     function(){
        $(this).fadeOut('fast');
        $('.videoWrapper iframe').attr('src', '');
        $('#box').hide();
        $('#closebox').hide();
     });
   
     $(document).on('keyup',function(evt) {
        if (evt.keyCode == 27) {
             $('#overlay').fadeOut('fast');
             $('#box').hide();
        }
    });
});

$(window).resize(function(){
    $("#box").width($(window).width());
    $("#box").height($(window).height());
    $("#box").css('width','90%');
    $("#box").css('margin-left','5%');
    $("#box").css('margin-right','5%');
});

</script>



and add a bit of css

CSS

#overlay {position: fixed;top: 0;left: 0;width: 100%;height: 100%;background-color: #000;opacity: .7; filter: alpha(opacity=70);-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=70)";z-index: 10000;}
#box{ width:90%; height:90%; display:none;position:absolute; left:0%; top:0%;z-index: 10001;}
#box iframe{width:100%;height:100%}
#closebox{ position: fixed; top: 0px;right: 0px;z-index: 10001;padding:4px;}

Thursday, 16 February 2017

webx1009.aruba.it 89.46.104.19

123prova.net
ageendawifi.com
albergovenezia.net
altremedicine.com
amid.net
angolodellesoluzioni.it
canaledisecchia.it
checcozalone.it
clpsrl.com
cospat.com
deltawear.it
elgusto.it
espisrl.com
euronomade.info
forexometro.com
fotocolizzi.com
gianmarcoventuri.net
gizia.it
globalsecurity.it
hotelquadrifoglio.com
ilnuovopicchio.org
iswatlab.eu
jollybeach.it
lacasanettarina.it
lacortedilucia.com
lemlaboratorio.com
loomenstudio.com
maestranzeartistiche.it
marchotel.it
mauriziogreco.it
mestieridarte.net
monteferrario.com
mpdistribuzione.com
reccometeo.it
rinofior.com
sanbernardoabate.it
ski-nordik.it
stefaniasperandio.com
studiograssi.it
studiosoluzioni.it
studiotravaglin.it
suonarealondra.com
taffo.com
taranta.it
ufficialidigaranisseni.it
violamassimo.com
webx1009.aruba.it

Wednesday, 15 February 2017

https://servizistudenti.unisannio.it/ - XSS





https://servizistudenti.unisannio.it/pls/self/ssiiolk0.form2



http://www.lavoraconnoi.rai.it/ | stored xss and sql injections

http://www.lavoraconnoi.rai.it/lavoraconnoi/application/initiativeList?initiativeType=all

after registering you can add stored XSS in quite any field.


Other info will be added after that they fix the problems.


Set the placeholder in the input of the Google GCSE custom search engine.

When you play with the google CSE by removing various things via CSS happens that the placeholder could be "undefined".
The timewait or onload are not working correctly and just a workaround.

After your usual script part to include GCSE
gcse.src = (document.location.protocol == 'https:' ? 'https:' : 'http:') + '//cse.google.com/cse.js?cx=' + cx;

put this part


gcse.onload = gcse.onreadystatechange = function() { $(function() { // hack to set a placeholder in google's custom search input var pollInput = window.setInterval(function() { var $input = $('.gsc-input input.gsc-input'), $div = $('.search-db'); if ($input.length) { $input.on('focus', function(e) { $div.addClass('wide').removeClass('narrow'); }); $input.on('blur', function(e) { if (!$input.val().length) { $div.addClass('narrow').removeClass('wide'); } }); $input.attr('placeholder', ""); window.clearInterval(pollInput); } }, 10); }); };


I found the script part on github.
https://github.com/mongodb/docs-tools/blob/master/themes/mms-onprem/page.html

Thank you to mongodb!

Sunday, 12 February 2017

Webcam easynote - Windows 10 - Windows 7 - Windows Vista

USB2.0 350K WebCam
USB\VID_0402&PID_5602&REV_0100
easynote_webcam_v
Download

Cardbus Texas Instruments PCI-8x12/7x12/6x12 - Windows 10

Controller Cardbus Texas Instruments PCI-8x12/7x12/6x12
Windows 10 x32
PCI\VEN_104C&DEV_8039&SUBSYS_22001558&REV_00

Download

Yuan MPC718 TV Tuner Card Drivers - Windows 10

windows 10, windows 7, windows vista - 32 bit drivers
Yuan MPC718 TV Tuner Card 2.13.10.1016
PCI\VEN_14F1&DEV_5B7A&SUBSYS_071812AB&REV_00

Download

Sunday, 1 January 2017

center the bootstrap navbar nav




.navbar-default{
      float:none;margin: 0 auto;display: table;
}

Twitter Delicious Facebook Digg Stumbleupon Favorites More