Active Members akkiliON Posted September 14, 2013 Active Members Report Posted September 14, 2013 Exploit: . .Yahoo.net - Blind SQL Injection Author: akkiliONURL Link: https://yahoo.netPoC: MySQL Version 5 ---> TRUE MySQL Version 4 ---> FALSE Quote
Active Members dancezar Posted September 14, 2013 Active Members Report Posted September 14, 2013 MARFA:))Ai scos ceva de acolo?Bravo Quote
Active Members akkiliON Posted September 14, 2013 Author Active Members Report Posted September 14, 2013 MARFA:))Ai scos ceva de acolo?Bravo Nu am scos nimic. Quote
Active Members akkiliON Posted September 14, 2013 Author Active Members Report Posted September 14, 2013 Nu raporta degeaba.Dup? faza cu acel XSS raportat ... Cupon 10 $ ... No thank you Quote
nacks Posted September 15, 2013 Report Posted September 15, 2013 Eu astept de mai bine de o luna sa mi trimita "some new gear" asa cum mi au spus, iar acum imi trimit ceva de genul:*****,Please allow some more time for your package to reach you. Regards,Yahoo! Security Contact... deci nici macar de atat nu sunt in stare, dat fiind ca am raportat 3 XSS si inca o eroare intr o aplicatie ... Quote
eusimplu Posted September 15, 2013 Report Posted September 15, 2013 Bravo ca nu raportezi, la banii lor si-ar permite si ei un program de bug bounty, dar no ca mai bine ca cumpara start up-uri. Quote
Active Members akkiliON Posted September 15, 2013 Author Active Members Report Posted September 15, 2013 Bravo ca nu raportezi, la banii lor si-ar permite si ei un program de bug bounty, dar no ca mai bine ca cumpara start up-uri.Dac? ar începe un program bug bounty pr?p?d ar fi )De aia nici nu încep. Quote
eusimplu Posted September 15, 2013 Report Posted September 15, 2013 Dac? ar începe un program bug bounty pr?p?d ar fi )De aia nici nu încep.Nu chiar, multi cunosc fix aceleasi vurnerabilitati. Si la un site ca yahoo cateva zeci de mii nu-i omoara cand ofera siguranta utilizatorilor, cand vad unde au ajuns si ca n-au program de bug bounty ma intreb daca la conducerea lor nu sunt romani, sau cine stie indieni. Quote
Active Members akkiliON Posted September 17, 2013 Author Active Members Report Posted September 17, 2013 Acest SQLi e un honeypot mai mult ca sigur. )Le-am raportat vulnerabilitatea pt c? nu aveam ce face cu ea. Nu m? intereseaz? nimic ce au + mai bine evit s? am probleme cu ei.Thank you for sending this in. However, the same vulnerability has already been reported. Please continue to send in any future vulnerabilities that you discover.Se pare c? aceast? vulnerabilitate a fost "g?sit?" de altcineva. Pun pariu dac? era deja g?sit? de cineva aceast? vulnerabilitate era reparat? acum. Cum am spus, vulnerabilitatea înc? func?ioneaz?.Dac? cumva se pun s? o repare am s? public un V.P.o.C. Quote
Nytro Posted September 17, 2013 Report Posted September 17, 2013 Vezi ce se poate scoate.Scoate CURRENT_USER sa vezi hostname-ul. Quote
eusimplu Posted September 17, 2013 Report Posted September 17, 2013 Acest SQLi e un honeypot mai mult ca sigur. )Le-am raportat vulnerabilitatea pt c? nu aveam ce face cu ea. Nu m? intereseaz? nimic ce au + mai bine evit s? am probleme cu ei.Se pare c? aceast? vulnerabilitate a fost "g?sit?" de altcineva. Pun pariu dac? era deja g?sit? de cineva aceast? vulnerabilitate era reparat? acum. Cum am spus, vulnerabilitatea înc? func?ioneaz?.Dac? cumva se pun s? o repare am s? public un V.P.o.C.Bataie de joc din partea yahoo, cum credeam Hai cu datu-n ziare pentru publicitate! Quote
Active Members akkiliON Posted September 17, 2013 Author Active Members Report Posted September 17, 2013 (edited) Se pare c? aceast? vulnerabilitate a fost "g?sit?" de altcineva. Pun pariu dac? era deja g?sit? de cineva aceast? vulnerabilitate era reparat? acumM-am exprimat gre?it aici. Am vrut s? zic dac? tot o g?sit altcineva vulnerabilitatea nu cred c? l?sa a?a. (nefixat?)Dac? era în .com sigur reparau vulnerabilitatea. Edited September 17, 2013 by akkiliON Quote
Active Members dancezar Posted September 17, 2013 Active Members Report Posted September 17, 2013 Dupa ce mi-a dat akkilion niste detalii minore despre domeniul unde se afla vurnerabilitatea,am gasit pana la urma si am facut ceva teste si nu e numai blind este UNION BASEDhttp://s14.postimg.org/6mc3xtlwg/sqli_yahoo.jpgin ordinea urm: hostname , versiune ,userAm mers si mai departe sa vad ce mai are are 3 baze de date information_schema test si una inadvt1ultima contine urmatoarele tabele contact_us,news,newsletter,specials nimic important deci prin urmare dupa cum a spus si akkilion este un honeypot 100% Quote
Active Members akkiliON Posted September 17, 2013 Author Active Members Report Posted September 17, 2013 Dupa ce mi-a dat akkilion niste detalii minore despre domeniul unde se afla vurnerabilitatea,am gasit pana la urma si am facut ceva teste si nu e numai blind este UNION BASEDhttp://s14.postimg.org/6mc3xtlwg/sqli_yahoo.jpgin ordinea urm: hostname , versiune ,userAm mers si mai departe sa vad ce mai are are 3 baze de date information_schema test si una inadvt1ultima contine urmatoarele tabele contact_us,news,newsletter,specials nimic important deci prin urmare dupa cum a spus si akkilion este un honeypot 100%Eu am încercat blind. Nu le am cu SQLi. Quote
