Full Disclosure mailing list archives
Sql Injection big5 consultancy
From: "joseph blater" <t5con () hotmail com>
Date: Mon, 23 Jun 2003 06:48:34 +0000
Hello list,While updating my resume at a regional HR site of a top5 consultancy, I faced a programming bug (terribly written asp dissapeared with my session id), which returned an OLE Error. I decided to make a little test, so I started playing with sql injection. Surprisingly, it worked. Every Sql Server attack I attempted worked, no stripping or customized exceptions. So far, I counted over 50 fields in the same table... damned be their dba. This table has all candidate resumes and, deducing by the names of the fields, all employees resumes with current classification inside the corp (Potential,Supervisor,Inscription and so on).
I guess it would be kinda simple to move on to Stored Procedure and Activex attacks, but I have not the least intention of getting unprivledge access or confidential information from the db.
What should I do? Tell them their whole HR system is vulnerable and face the risks of being charged for something? Although owning certs from most vendors, I never got to work for a top5. Shall I take the risk and use this vuln to help me getting a job?
They probably could trace my real ip used in the early requests,when I was updating the resume using no proxies. So it wouldnt be a good idea sending an anonymous advice.
_________________________________________________________________Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Sql Injection big5 consultancy joseph blater (Jun 23)
- Re: Sql Injection big5 consultancy Blue Boar (Jun 23)
- Re: Sql Injection big5 consultancy Justin (Jun 23)
- <Possible follow-ups>
- RE: Sql Injection big5 consultancy Schmehl, Paul L (Jun 23)
- Re: Sql Injection big5 consultancy joseph blater (Jun 24)
- Re: Sql Injection big5 consultancy Shawn McMahon (Jun 24)
- Re: Sql Injection big5 consultancy M. Osten (Jun 24)
- Re: Sql Injection big5 consultancy Blue Boar (Jun 23)