Search results for query: *

Hi community I am looking to hire a hacker to get admin control and the db of a website with a tech stack known for vulnerabilities. $$ through DNA escrow. Thank you!!

Looks good

Hi -- I would like to know too please! Much appreciated help!

Hi everyone! I haven't found a solution but I know that the best are around here, so I am bumping this thread. I'd be grateful if anyone had a solution!

ty

Hi again everyone! Asking yet another question just in the hope that someone has more clarity than me. In the test env, with a v5.1.41 thinkphp server, http://127.0.0.1:8080/index.php?lang=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/%3C?phpinfo();?%3E+/tmp/hello.php...

Hey, thanks for the answer and for the help Running the thinkphp website locally simpy through php think run does not seem to expose the exploit, but putting it in a container and running it properly with Apache exposes the vulnerability as expected. Thanks, i can experiment now to build the...

Hey, thanks for the help. Yes, I am working my way thru v5.1.41. I start from git clone https://github.com/top-think/think.git think_git; cd think_git; git checkout v5.1.41 Then that's my composer characteristics "require": { "php": ">=5.6.0", "topthink/framework"...

Hi everyone A website I am targeting right now is based on thinkphp v5.1.41 and has a language pack so it's exposed to that vulnerability: Thinkphp 多语言 RCE - 跳跳糖. And that example here shows an execution using the local pearcmd.php. I'm trying locally in a VM with a dummy thinkphp v5.1.41...

Hi Turns out I had missed a critical CVE [CVE-2022-47945] [http] [critical] https://website.com/index.html/?lang=../../thinkphp/base. I tried to inject files, php code ... I can't get it to happen. Anyone has any idea with that one?

Hi I am looking for help & tools to exploit jquery & thinkphp vulnerabilities on a (simple looking) website. So far it has been resisting me. $$