Pages: [1]

Author Topic: How to exploit that!  (Read 677 times)

0 Members and 4 Guests are viewing this topic.

Offline PilouZ2

  • NULL
  • Posts: 1
  • Cookies: 0
    • View Profile
How to exploit that!
« on: January 28, 2015, 07:15:15 pm »
Hello! I just found some vulnerabilities after scanning a web using w3af, but there's a problem! Mayday!  ;)
I don't know how to exploit these vulnerabilities, wich are:
  • Shared hosting.
  • CSRF vulnerability
  • Path disclosure vulnerability
  • Cookie without HttpOnly
  • SVN user disclosure vulnerability
  • XSS (In a image, WTF)
  • US Social Security Number Disclosure
I need to know which of these vulnerabilities are the easiest to exploit because I'm training, and somehow I want to vulnerate this target, whatever it cost.
(I don't want to deface the site, only need to know how I can vulnerate some vulnerabilities of them)
Thanks people, I'm waiting for your response, it would be helpful for me. (please D:)
Bye
Report to moderator   Logged

Offline madf0x

  • Knight
  • **
  • Posts: 172
  • Cookies: 50
    • View Profile
Re: How to exploit that!
« Reply #1 on: January 28, 2015, 07:25:14 pm »
lol "vulnerate" Thats awesome.

Dude you should just quit while youre ahead before you fuck up(you probably already fucked up), and put yourself in a nasty legal situation. No one likes jail time, and some places have worse jails than others.

Instead you should be using any of the MANY practice VM and practice web apps to study attack vectors and how to "vulnerate" them. Safe, and no consequences if you fuck up. Also do your own homework man.  Don't rely on some scanner, learn the attacks themselves and how to find them manually first. All those scanners make several assumptions, they are for saving time assuming you know what you are doing and don't care about being noisy.
Report to moderator   Logged

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: How to exploit that!
« Reply #2 on: January 28, 2015, 07:42:13 pm »
"Vulnerate" Topkek! +1 to you sir.

And I also second madf0x, you SHOULD not do it, because it's obvious you have no clue where to go and congratulations on leaving massive logs on the server by scanning it with a scanner.
Report to moderator   Logged

Offline d4rkcat

  • Knight
  • **
  • Posts: 287
  • Cookies: 115
  • He who controls the past controls the future. He who controls the present controls the past.
    • View Profile
    • Scripts
Re: How to exploit that!
« Reply #3 on: January 28, 2015, 07:58:45 pm »
This was great.
Really, trust what these two just told you.
You WILL be going to prison if you try to hack anything that isn't on your computer.
It is painfully clear from your question your level of noobosity.

Sign up at SO and do the hacking challenges or download a VM:
http://securityoverride.org/challenges/index.php
https://www.vulnhub.com/
https://information.rapid7.com/metasploitable-download.html
Report to moderator   Logged
Jabber (OTR required): thed4rkcat@einfachjabber.de    Email (PGP required): thed4rkcat@yandex.com    PGP Key: here and here     Blog

<sofldan> not asking for anyone to hold my hand uber space shuttle door gunner guy.

Offline madf0x

  • Knight
  • **
  • Posts: 172
  • Cookies: 50
    • View Profile
Re: How to exploit that!
« Reply #4 on: January 28, 2015, 09:03:49 pm »
Quote from: d4rkcat on January 28, 2015, 07:58:45 pm
This was great.
Really, trust what these two just told you.
You WILL be going to prison if you try to hack anything that isn't on your computer.
It is painfully clear from your question your level of noobosity.

Sign up at SO and do the hacking challenges or download a VM:
http://securityoverride.org/challenges/index.php
https://www.vulnhub.com/
https://information.rapid7.com/metasploitable-download.html

Mm just might want to doubly make sure you use a unique password if you register on SO....
Report to moderator   Logged
Pages: [1]