Sunday, 29 November 2009 SQLi Vulnerability is just pretty insecure and more pwnage could have been carried out. Thanks to Cyb3r Lord for allowing me to post the thing he found... F1 Soft is one of the top IT company in Nepal but when it comes to coding, they suck...
This one is another disclosure of one of the big sites from Nepal. So lets go on...
There are few scripts that forget to validate the inputs and we are not disclosing how the things are vulnerable because we are not for script kiddies. Using MySQL > 5 means we can extract tables and columns easily.
Some tables are:
And some tables are:
under admin table.
Now on extracting pass, I saw it was base64 encoded(FUCK). Use other hashing like md5() to encrypt. You are PHP guys and you should have known base64_decode($hash) is gonna give us the pass...
Anyway below is the screenshot of the pwnage:


1 comment:

  1. oye laamo, samar gadhaa k jpt post garera bas6as... bholi electrical ko assignment bujaune vanne vulis kya ho... gar homework...