| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: t5con at hotmail.com (joseph blater) Subject: Sql Injection big5 consultancy Hello list, While updating my resume at a regional HR site of a top5 consultancy, I faced a programming bug (terribly written asp dissapeared with my session id), which returned an OLE Error. I decided to make a little test, so I started playing with sql injection. Surprisingly, it worked. Every Sql Server attack I attempted worked, no stripping or customized exceptions. So far, I counted over 50 fields in the same table... damned be their dba. This table has all candidate resumes and, deducing by the names of the fields, all employees resumes with current classification inside the corp (Potential,Supervisor,Inscription and so on). I guess it would be kinda simple to move on to Stored Procedure and Activex attacks, but I have not the least intention of getting unprivledge access or confidential information from the db. What should I do? Tell them their whole HR system is vulnerable and face the risks of being charged for something? Although owning certs from most vendors, I never got to work for a top5. Shall I take the risk and use this vuln to help me getting a job? They probably could trace my real ip used in the early requests,when I was updating the resume using no proxies. So it wouldnt be a good idea sending an anonymous advice. _________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Powered by blists - more mailing lists