lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun Nov 13 03:27:55 2005
From: se_cur_ity at hotmail.com (Morning Wood)
Subject: FAO Mark Murtagh from Websense

>First you missed the comment where I fixed my typo on the thread,
>second, I thought someone of your "hacking" experience, you would have
>been able to translate that message by yourself. In any case, I made

umm, no I doubt I missed anything except your contentless dribble.
but I did notice the "error" of the web application... not only is it
vulnerable to SQL injection, it is also vuln to XSS. Possibly
you would like to enroll in a Zone-H Hands on Hacking Seminar
so you too might be able to understand them too, instead of filling this
list with your paranoid, meglomanic rants.

http://www.biosmagazine.co.uk/op.php?id=314;ok<br>omg<br><b>n3td3v</b>%20rox<br>%20<br>

http://www.nccgroup.com/events/index.aspx


>On 11/13/05, Morning Wood <se_cur_ity@...mail.com> wrote:
> Content Query has failed - SELECT
> opinion.body,opinion.author,opinion.auth_title,opinion.auth_comp,
>
opinion.ptime,opinion.headline,opinion.category,opinion.active,opinion.forum
> , prod_type.name as prod_type, prod_type.id as prod_type_id FROM opinion,
> prod_type WHERE opinion.id = 314\\ AND opinion.active = 1 AND
opinion.ptime
> < 1131846681 AND opinion.category = prod_type.id
>
> sweet!
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ