1ndonesian Security Team (1st) - Learning by Doing

---

Login

News

Releases

ForumNEW

Defacements

History

---

No.	Filename	Author	Type	Date	Description
1	bosen-tool.6.txt (3/4644)	Bosen	Tools	17/05/2005	Scan using google for exploitable sql injection
2	aresu-tool.5.txt (5/4153)	AresU	Tools	11/04/2004	DetikNews.COM TCL Script (Indonesian News language)
3	aresu-tool.4.txt (8/2523)	AresU	Tools	25/02/2004	Amazing Brute Basic Authenticate (ABBA)
4	aresu-tool.3.txt (23/3680)	AresU	Tools	24/02/2004	Remote Connect-Back Backdoor Shell v1.0 to avoid Firewall Protection :-)
5	aresu-tool.2.txt (14/3634)	AresU	Tools	12/01/2004	MyGallery Vulnerability Scanner v1.1
6	bosen-tool.5.txt (42/4324)	Bosen	Tools	08/01/2004	DataThief
7	bosen-adv.10.txt (15/7140)	Bosen	Advisory	16/07/2003	eStore SQL Injection Vulnerability & Path Disclosure
8	bosen-adv.9.txt (3/2193)	Bosen	Advisory	15/07/2003	Auction Works XXS Vulnerability
9	bosen-adv.8.txt (7/4820)	Bosen	Advisory	10/07/2003	Q-Shop Administration Security Leak + Exploit
10	aresu-adv.6.txt (8/7386)	AresU	Advisory	04/07/2003	VPASP SQL Injection Vulnerability & Exploit CODE
11	bosen-adv.7.txt (4/5013)	Bosen	Advisory	25/06/2003	ProductCart SQL Injection Vulnerability + Exploit
12	bosen-adv.6.txt (3/2989)	Bosen	Advisory	24/06/2003	Comersus XSS Vulnerability
13	sakitjiwa-how.1.txt (3/1713)	sakitjiwa	HOWTO	19/06/2003	Customizing connectix virtual pc on MacOSX
14	bosen-tool.4.txt (38/6789)	Bosen	Tools	18/06/2003	Comersus Password Cracker provided by ThunderT
15	bosen-adv.5.txt (2/2345)	Bosen	Advisory	15/06/2003	ProductCart XSS Vulnerability
16	bosen-doc.2.txt (6/6163)	Bosen	Paper	10/06/2003	SQL Injection Primbon - The TAO Of SQL Injection
17	aresu-tool.1.txt (1/1968)	AresU	Tools	09/06/2003	Encrypted Talk Script using blowfish algorythms - MIRC Script
18	bosen-adv.4.txt (2/3720)	Bosen	Advisory	08/06/2003	Comersus Shopping Cart Information Disclosure
19	bosen-exp.5.txt (4/3190)	Bosen	Exploit	02/06/2003	WebStore2000 SQL Injection Exploits (in c) by negative
20	bosen-adv.3.txt (1/3258)	Bosen	Advisory	31/05/2003	iisCart2000 Administration Security Leak + Exploit
21	bosen-adv.2.txt (1/3505)	Bosen	Advisory	30/05/2003	WebStore2000 SQL Injection Vulnerability & Exploit
22	aresu-doc.1.txt (2/2818)	AresU	Paper	28/05/2003	Fake Cookies Injection Tutorial
23	aresu-adv.5.txt (1/1375)	AresU	Advisory	27/05/2003	Philboard Vulnerability and Exploit Code
24	bosen-adv.1.txt (12/2006)	Bosen	Advisory	18/05/2003	qShop Session Handling Vulnerability & Exploit
25	bosen-exp.4.txt (5/2579)	Bosen	Exploit	14/05/2003	VP-ASP Exploit w/o LWP. Hi AresU :P
26	bosen-exp.3.txt (0/1840)	Bosen	Exploit	14/05/2003	Album.pl Exploit v2 - Remote Execution
27	aresu-adv.4.txt (9/3547)	AresU	Advisory	14/05/2003	CyberStrong Shopping Cart - Advisory & Exploit Code
28	aresu-exp.1.txt (4/1928)	AresU	Exploit	14/05/2003	VP-ASP Exploit without LIB LWP
29	bosen-exp.2.txt (1/3355)	Bosen	Exploit	14/05/2003	VP-ASP Exploit Create User wif admin access
30	bosen-tool.3.txt (2/1939)	Bosen	Tools	09/05/2003	Perl Bindshell Injection
31	bosen-tool.2.txt (2/2833)	Bosen	Tools	08/05/2003	Openssh-3.6.1p2 Backdoor
32	sakitjiwa-adv.2.txt (0/1522)	sakitjiwa	Advisory	06/05/2003	Weekly Poll Vurnerability
33	sakitjiwa-adv.1.txt (1/1836)	sakitjiwa	Advisory	03/05/2003	One thing that I always forget
34	bosen-exp.1.txt (0/2199)	Bosen	Exploit	02/05/2003	Album.pl Exploit
35	bosen-tool.1.txt (0/1668)	Bosen	Tools	02/05/2003	Bosen botpack (userfile encryption only) v1
36	syzwz-sys.1.txt (1/1520)	syzwz	Analisys	02/05/2003	Taken form many ppl but these came from same ppl
37	sakitjiwa-file.2.txt (1/1837)	sakitjiwa	File	30/04/2003	this is bell.pacific.net.id (202.46.64.36) qmail shadow file
38	sakitjiwa-file.1.txt (0/1373)	sakitjiwa	File	30/04/2003	this is part of ts4-77.techscape.com (202.59.161.7
39	aresu-adv.3.txt (0/1435)	AresU	Advisory	30/04/2003	Album.pl Vulnerability - Remote Command Execution
40	bosen-doc.1.txt (0/2339)	Bosen	Paper	17/11/2002	Menulis exploit dengan perl
41	bosen-sys.5.txt (0/1292)	Bosen	Analisys	13/11/2002	Analisa terhadap Solaris 6 & 8 /bin/login Exploit.
42	bosen-sys.4.txt (1/2039)	Bosen	Analisys	12/11/2002	Analisa /bin/login backdoor
43	bosen-sys.3.txt (0/1142)	Bosen	Analisys	12/11/2002	Analisa modutils exploit di RedHat 7.0
44	bosen-sys.2.txt (0/1383)	Bosen	Analisys	12/11/2002	Analisa OpenSSL KEY_ARG Exploit.
45	aresu-adv.2.txt (0/2454)	AresU	Advisory	11/11/2002	Easy Guestbook Vulnerabilities
46	aresu-adv.1.txt (2/1419)	AresU	Advisory	11/11/2002	Easy Homepage Creator Vulnerability
47	bosen-file.2.txt (1/2743)	Bosen	File	11/11/2002	mailserv.idola.net.id passwd file
48	bosen-file.1.txt (1/5326)	Bosen	File	11/11/2002	Rooted List
49	bosen-sys.1.txt (2/2161)	Bosen	Analisys	11/11/2002	Analisa OpenSSL KEY_ARG Vuln.

---

v4.4/146933

PLEASE NOTE: These informations are provided freely to all interested parties and may be redistributed provided that it is not altered in any way, 1ndonesian Security Team or 1st is appropriately credited and the document retains. The supplied exploit code is not to be used for malicious purpose, but for educational purpose only. The Authors and 1ndonesian Security Team WILL NOT responsible for anything happened by the couse of using all information on these website. !PRIVATE! flag means, we still waiting for vendor confirmation about the vulnerability that we found. We will publish after we got confirmation or until dead line expected confirmation should be received by us.