Full Disclosure mailing list archives

Getting even with a SPAMer

From: <auto69366 () hushmail com>
Date: Thu, 16 Oct 2003 02:01:58 -0700

Hi,

As I got bored with receiving these:
"... a g3n3ric vers1on of V1agra 1s ava1labl3 wh1ch g1v3s you ... w1ll
arr1v3 at y0ur d00r ... http://www.onmarclass.com/host/default.asp?id=yr1";

I decided to test their site for a SQL injection, and what do you know:
http://www.onmarclass.com/host/default.asp?id=yr1&apos;

Causes a:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query
expression 'affil_ID='yr1'''.

/host/utilities.asp, line 13

Go get him :)



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Getting even with a SPAMer auto69366 (Oct 16)