网站综合信息 www.80vul.com
- 标题:
- <?php $head = "80vul"; |
- 关键字:
- 描述:
- Multiple Exploiting IE8/IE7 XSS Vulnerability . Author: www.80vul.com [Email:5up3rh3i#gmail.com] Rel
- 域名信息
- 域名年龄:16年6个月27天 注册日期:2008年10月20日 到期时间:2016年10月20日
邮箱:abuse 电话:+86.5922577888
注册商:BIZCN.COM, INC.
- 服务器空间
- IP:42.62.56.176
地址:北京市海淀区 森华易腾IDC机房
- 备案信息
- 备案号:
域名流量Alexa排名
域名注册Whois信息
80vul.com
域名年龄: 16年6个月27天注册时间: 2008-10-20
到期时间: 2016-10-20
注 册 商: BIZCN.COM, INC.
注册邮箱: abuse
联系电话: +86.5922577888
获取时间: 2015年01月30日 03:18:24
Domain Name: 80VUL.COM
Registrar: BIZCN.COM, INC.
Sponsoring Registrar IANA ID: 471
Whois Server: whois.bizcn.com
Referral URL: http://www.bizcn.com
Name Server: NS1.EZDNSCENTER.COM
Name Server: NS2.EZDNSCENTER.COM
Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Updated Date: 2014-01-24
Creation Date: 2008-10-20
Expiration Date: 2016-10-20
>>> Last update of whois database: Thu, 2015-Jan-29 19:21:06 GMT <<<
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
Domain name: 80vul.com
Registry Domain ID: 1524980694_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.bizcn.com
Registrar URL: http://www.bizcn.com
Updated Date: 2013-10-22T04:57:15Z
Creation Date: 2008-10-20T12:16:41Z
Registrar Registration Expiration Date: 2016-10-20T12:16:41Z
Registrar: Bizcn.com,Inc.
Registrar IANA ID: 471
Registrar Abuse Contact Email: abuse
Registrar Abuse Contact Phone: +86.5922577888
Reseller:
Domain Status: clientDeleteProhibited (http://www.icann.org/epp#clientDeleteProhibited)
Domain Status: clientTransferProhibited (http://www.icann.org/epp#clientTransferProhibited)
Registry Registrant ID:
Registrant Name: hei xiao
Registrant Organization: xiao hei
Registrant Street: hunanshengzhangshashi
Registrant City: hunanzhangsha
Registrant State/Province: hunan
Registrant Postal Code: 410000
Registrant Country: cn
Registrant Phone: +86.02151697771
Registrant Phone Ext:
Registrant Fax: +86.02151697771
Registrant Fax Ext:
Registrant Email: 5up3rh3i
Registry Admin ID:
Admin Name: hei xiao
Admin Organization: xiao hei
Admin Street: hunanshengzhangshashi
Admin City: hunanzhangsha
Admin State/Province: hunan
Admin Postal Code: 410000
Admin Country: cn
Admin Phone: +86.02151697771
Admin Phone Ext:
Admin Fax: +86.02151697771
Admin Fax Ext:
Admin Email: 5up3rh3i
Registry Tech ID:
Tech Name: hei xiao
Tech Organization: xiao hei
Tech Street: hunanshengzhangshashi
Tech City: hunanzhangsha
Tech State/Province: hunan
Tech Postal Code: 410000
Tech Country: cn
Tech Phone: +86.02151697771
Tech Phone Ext:
Tech Fax: +86.02151697771
Tech Fax Ext:
Tech Email: 5up3rh3i
Name Server: ns1.ezdnscenter.com
Name Server: ns2.ezdnscenter.com
DNSSEC: unsignedDelegation
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2015-01-29T19:21:11Z
For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about or
related to a domain name registration record. We make this information
available "as is," and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful
purposes and that, under no circumstances will you use this data to: (1)
enable high volume, automated, electronic processes that stress or load
this whois database system providing you this information; or (2) allow,
enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via direct mail, electronic
mail, or by telephone. The compilation, repackaging, dissemination or
other use of this data is expressly prohibited without prior written
consent from us. We res
网站头文件(HTTP Header)
HTTP/1.1 200 OK 访问时间:2012年09月17日 00:51:07 服务器:Apache/2.2.15 (CentOS) 语言环境:PHP/5.3.3 X-Pingback: http://www.80vul.com/xmlrpc.php MS-Author-Via: DAV 连接:关闭 Transfer-Encoding: chunked 类型:text/html; charset=UTF-8 网站编码:UTF-8
同IP网站(同服务器)
网站首页快照(纯文字版)
抓取时间:2016年01月19日 20:18:11
网址:http://www.80vul.com/
标题:<?php $head = "80vul"; | /*///*/alert(1);
关键字:
描述:Multiple Exploiting IE8/IE7 XSS Vulnerability . Author: www.80vul.com [Email:5up3rh3i#gmail.com] Release Date: 2009/06/22. References: …
主体:
网址:http://www.80vul.com/
标题:<?php $head = "80vul"; | /*///*/alert(1);
关键字:
描述:Multiple Exploiting IE8/IE7 XSS Vulnerability . Author: www.80vul.com [Email:5up3rh3i#gmail.com] Release Date: 2009/06/22. References: …
主体:
<?php $head = "80vul";
/*///*/alert(1);
跳至正文
Home
PST WebZine
Webzine_0x01
Webzine_0x02
Webzine_0x03
Webzine_0x04
Webzine_0x05
Webzine_0x06
Static Pages
Old Version
About US
← 早期文章
Ph4nt0m Webzine 0×07 再次征稿
发表于 2012 年 7 月 24 日 由 +superman+
真不希望这期又难产!!!!!!!!!
Ph4nt0m Webzine 0×07 Call for Papers
“最后感谢那些一直在坚持,一直在分享的好人们。希望我们还有下一期!!” 这是上一期的webzine 0×06首篇《Introduction》里最后一句话,希望别人“坚持”的同时,首先要展示我们自己的“坚持” 。于是有了今天的CFP ……
关于 webzine:
Ph4nt0m Webzine的主题将关注于于漏洞分析、加密解密、协议安全分析、后门与rootkit技术、web应用安全、系统底层分析、操作系统安全性、企业安全防护方案等等。要求文章的内容新颖或者有创意。
目前webzine已经成功发行了6期。现在新的一期开始面向公众征稿。任何有兴趣的朋友,都可以将你的稿件投递到
mail:5up3rh3i@gmail.com
当然有我qq的朋友,可以直接通过qq联系。我们将对您的稿件进行审阅,并发送反馈。您有任何问题,也可以来信咨询。
另外本期我们将与 腾讯安全应急响应中心(TSRC)合作,并得他们的大力赞助,稿件一旦采用将获得又腾讯公司提供的 小Q机器人一个 。
这里再次感谢 腾讯安全应急响应中心(TSRC)的朋友们,尤其是lake2同学,支持“坚持分享”的公司及团队是值得我们尊敬的!
发表在 News
|
2 条评论
Spring framework(cve-2010-1622)漏洞利用指南
发表于 2012 年 7 月 24 日 由 +superman+
http://www.80vul.com/java/Spring%20framework%EF%BC%88cve-2010-1622%EF%BC%89%E6%BC%8F%E6%B4%9E%E5%88%A9%E7%94%A8%E6%8C%87%E5%8D%97%20.docx
发表在 Web
|
留下评论
PHPCMS V9 sys_auth() 设计缺陷导致多个SQL注入漏洞
发表于 2012 年 7 月 24 日 由 +superman+
一、描叙:
phpcms 使用sys_auth函数加解密cookie信息,系统中多个文件直接从cookie中获取变量进入程序流程。 由于sys_auth函数在设计和使用过程中存在缺陷,导致注册用户可以伪造cookie数据,触发SQL注入等多个二次攻击。
二、分析 :
看sys_auth函数代码
//libs/functions/global.func.php
function sys_auth($txt, $operation = 'ENCODE', $key = '') {
$key = $key ? $key : pc_base::load_config('system', 'auth_key');
$txt = $operation == 'ENCODE' ? (string)$txt : base64_decode($txt);
$len = strlen($key);
$code = '';
for($i=0; $i<strlen($txt); $i++){
$k = $i % $len;
$code .= $txt[$i] ^ $key[$k];
}
$code = $operation == 'DECODE' ? $code : base64_encode($code);
return $code;
}
通过于$auth_key进行^运算达到加密的目的,$auth_key是系统安装时随机生成的一个长度为20的字符串。 要伪造cookie变量需要知道$auth_key,我们看看如何来获取。
注册用户登录过程
//phpcms/modules/member/index.php
public function login() {
……
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
……
//phpcms/libs/classes/param.class.php
public static function set_cookie($var, $value = '', $time = 0) {
$time = $time > 0 ? $time : ($value == '' ? SYS_TIME - 3600 : 0);
$s = $_SERVER['SERVER_PORT'] == '443' ? 1 : 0;
$var = pc_base::load_config('system','cookie_pre').$var;
$_COOKIE[$var] = $value;
if (is_array($value)) {
foreach($value as $k=>$v) {
setcookie($var.'['.$k.']', sys_auth($v, 'ENCODE'), $time, pc_base::load_config('system','cookie_path'), pc_base::load_config('system','cookie_domain'), $s);
}
} else {
setcookie($var, sys_auth($value, 'ENCODE'), $time, pc_base::load_config('system','cookie_path'), pc_base::load_config('system','cookie_domain'), $s);
}
}
明显可以看出,登陆的时候 $username通过sys_auth函数处理后赋值到了cookie。 好了,下面去注册一个用户名长度为19字符的(
最近查询网站