L2:BeyondC3 exploit | http://www.l2.dbit.com.ar/ exploit

[arielsat]

warcry : include_path . insert remview and you have root accses to server

[arielsat]

lineage2.com , header.jpg exploit

 

 

 

 

 

bind.jpg

 

 

 

netcat :-)lol :-))

 

have accses to deface web page

 

 

 

p.s. /temp/bind.jpg look here :-)) on lineage2 official for port

[Maxtor]

warcry : include_path . insert remview and you have root accses to server

 

 

 

 

 

http://php.spb.ru/remview/

[asdasd1]

crazy hackers :)

[Hazard]

arliel sat can u PM me with some full commands working on beyondc3 server, maybe we can share our knowlage , also where are you from ?

[extatik]

Why pm :roll: speak in here, becouse everyone want to know :) :)

[arielsat]

sql injection on site is a simple sql query , like ' SELECT account_name FROM user_data WHERE account_id=1928347--

 

 

 

this is for off servers, for l2j server's tables on database is a with other names, download database from developers site and you know all names of tables and values

 

many scripts on websites comunicate with database , that allow to show values in db , also can modify if script have accses .Most of them have .conf file , in this file is a user and pass for mssql mysql scripts , like admins accounts:-)

 

 

 

for ppls : http://www.1keydata.com/sql/sql.html sql tutorial

[Hazard]

i dont understand about sql i just need full command .

 

if you can please PM me with full command i will share my knowlage with you :)

 

exatik if we will speak here server admin can see everything ant it will be fixed , i wont tell anything to you because i cant believe you :(

[RapGame]

if you realy wanna learn to inject .. you should read this too http://www.securiteam.com/securityreviews/5DP0N1P76E.html

[Auleon]

And how can we use this remview? (Yeah, i'm a noob but i must start from somewhere:P)

[arielsat]

remview is a web shell , most powerfull tool

[S.T.A.L.K.E.R.]

http://84.240.23.10/www.beyond.lt/stat/index.php?cmd=showsiege&castle=

 

 

 

http://www.l2.dbit.com.ar/sieges/AttackDefend.php?cid=

 

 

 

 

 

Sybase magik quotes :-)

 

 

 

Old... Old old old hack...

 

 

 

Я так себя ГМом делал когдато на явах...как тока появилась такая возможность =))

[arielsat]

now working lomat idrakon3d , potamu chto sauron ne uspel :-)idrakon asp script vulne , vozmozna imeet bagi

 

 

 

sry for latin kbd , but not have cirilic font

 

 

 

B.R.

[gliner]

is this server up or dead?