lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJttGjk=BmGvVkZO7LUtAO2nKDEOejL2Rs2viiqovLugdoe1Hg@mail.gmail.com>
Date: Sat, 16 Jul 2011 02:07:00 +0700
From: cyber netron <cybernetron@...il.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk, 
	websec10@...-sec.org, websecurity@...ts.webappsec.org
Subject: Interactive World SQL Injection Vulnerability [
 Multiple Vulnerabilities ]

Interactive World (index.php) Sql Injection Vulnerability [ Multiple
Vulnerabilities ]
==============================================================

####################################################################
.:. Exploit Title : Interactive World SQL Injection Vulnerability [ Multiple
Vulnerabilities ]
.:. Author : Netrondoank aka netron
.:. My Web : www.indonesiansecurity.info ,indotek.or.id and Ilmuhacker.org
.:. Platform/Tested on: Linux
.:. Version : none
.:. Software Link: : http://www.interactive-world.com
.:. Dork : "Powered By Interactive World"

####################################################################

.:.  Exploit

===[ SQL Injenction ]===
http://www.site.com//news_desc.php?Id=[Sqli]


Xss
===[ XSS/HTML Injection ]===
http://site/path/latest_news_next.php?id=89&news_type=[XSS ATTACK HERE]


####################################################################

[+] Spesial thanks to all friend @ site : IndonesianSecurity.info +
codenesia.com
+palembangHackerlink.org + Blitar hackerlink dot org + hacker newbie dot org
+ binus hacker dot org +
+indonesianblogger.org + kimmonosz (kimmonosz.tk) + jos ali joe (
exploit-id.com) + dewancc (dawnc0de.com)
+pokeng  + budi anja (biohazzard) +klicak + dymaz spyro (gaya rambutmu leh
ditiru)
+doni mustofa anak2 uin jakarta + crashblack here + hmei7 + junbad (
indonesiancoder.com) + skutengboy (maapin gua bro)
+ almh viroes banditc0de + ares blue screen (jgn maen mulu loh skripsi
urusin) + budi_spielberg (met nikah yee) + om leman (indonesiancyber.org)

[+] Lamer juga manusia punya otak
[+] ku cinta padamu susi  tapi dirimu tak cinta padaku .wkwkwkwkw
[+] jos ali joe , thx to notice for submit my poc to exploit-id.com

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ