lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <fce05b5e050624115521b1efe4@mail.gmail.com>
Date: Fri, 24 Jun 2005 21:55:24 +0300
From: Pablo Escobar <slackware77@...il.com>
To: Dave Korn <davek_throwaway@...mail.com>
Cc: bugtraq@...urityfocus.com, pen-test@...urityfocus.com,
	nessus@...t.nessus.org
Subject: Re: how to exploit SQL INJECTION?


Maybe ill be busted , me, but not all, If in Israel I cant Write an
article against the army, why should I take as my limit a stupid law
that allow to killers make difussion of their sickness religious and
nationalists?...
Why I should shut my mouth in country under "democracy"?...Im not
hacker, and is not something important for me to be, I want learn
about security because I like computers, and I want learn to hack
because is the one method some people have to express their ideas, if
I say in the street "israel is killing arabians like beatles" the
people will kill me legally, continue searching in google about other
people that dont think like u...u see like police...good luck,bye.


On 6/22/05, Dave Korn <davek_throwaway@...mail.com> wrote:
> ----Original Message----
> >From: Pablo Escobar
> >Message-Id: fce05b5e0506211406bd92508@...l.gmail.com
> 
> > Hello people, I made in my network website server with SQL with
> > vulnerabilities to learn how to exploit it, I searched in google and i
> > tried but dont work, the report of the nessus is:
> >
> >
> > The following URLs seem to be vulnerable to various SQL injection
> > techniques :
> >
> > /resources/expand_subject.asp?id='UNION'
> > /resources/expand_subject.asp?id='
> 
>  [...snip!...]
> 
> > /resources/expand_subject.asp?id=') or ('a'='a
> >
> > now,how can I exploit it?,somebody can guide me plz?,thank u very
> > much,good luck.
> 
>   Fascinating.  This appears to be a *very* precisely-targeted request:
> according to google, there are only three websites on the entire web that
> use the software you're trying to exploit.
> 
>   As if by an astonishing coincidence, they're all zionist-related sites, so
> I suppose must be considered politically controversial.
> 
>   And you did make a post to the hackresi list back at the start of May
> claiming to be an Israeli libertarian-communist with anarcho-Kropotkinist
> leanings and wanting to make contact with other hacktivists.
> 
>   Are you planning a skiddie-style defacement spree?  Can we all watch as
> you get busted because you've left your fingerprints all over it before you
> even get started?
> 
>     cheers,
>       DaveK
> --
> Can't think of a witty .sigline today....
> 
> 
> 
> _______________________________________________
> Nessus mailing list
> Nessus@...t.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus@...t.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ