|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 40
Members: 0
Total: 40
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Need guidance :) |
|
Posted: Mon Mar 17, 2008 6:39 pm |
|
|
F4r4Zm0In |
Active user |
|
|
Joined: Feb 17, 2008 |
Posts: 30 |
|
|
|
|
|
|
|
Hi,
i have used an sql injection:
BM Classifieds <= 20080409 Multiple SQL Injection Vulnerabilities
the result is shown below:
the sql injection code is:
showad.php?listingid=xCoRpiTx&cat=-99/**/union+select/**/concat(username,0x3a,email),password,2/**/from/**/users/*
as per the sql injection
The output is in the sequence of
password username email
but when i tried the username and passwords which i have got from this
i have got error.
i think the password is encrypted or i dont know what the hell it is
Any help will be appriciated
Thanks |
|
|
|
|
Posted: Tue Mar 18, 2008 5:50 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
b8g2eJmt5mh1Q --> DES hash.Try to decrypt him. |
|
|
|
|
Posted: Tue Mar 18, 2008 10:46 am |
|
|
F4r4Zm0In |
Active user |
|
|
Joined: Feb 17, 2008 |
Posts: 30 |
|
|
|
|
|
|
|
koko wrote: | b8g2eJmt5mh1Q --> DES hash.Try to decrypt him. |
when i try decrypting it using http://www.milw0rm.com/cracker/
i have got this :
Not inserted.
make sure you meet the guidelines:
16 chars lm / 32 chars md5
try again
Now what can i do ? |
|
|
|
|
Posted: Tue Mar 18, 2008 3:41 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|