Full Disclosure mailing list archives
Getting even with a SPAMer
From: <auto69366 () hushmail com>
Date: Thu, 16 Oct 2003 02:01:58 -0700
Hi, As I got bored with receiving these: "... a g3n3ric vers1on of V1agra 1s ava1labl3 wh1ch g1v3s you ... w1ll arr1v3 at y0ur d00r ... http://www.onmarclass.com/host/default.asp?id=yr1" I decided to test their site for a SQL injection, and what do you know: http://www.onmarclass.com/host/default.asp?id=yr1' Causes a: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression 'affil_ID='yr1'''. /host/utilities.asp, line 13 Go get him :) Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Getting even with a SPAMer auto69366 (Oct 16)