Home
Friday, November 24, 2017
4:37:35 PM
Users online: 0   You are here >> Home > Security

Forums | Security Forums search
Forum FAQ
   
  1 | 2 | 3 Next Page 
SQL Injection discussion...the who's the what's the how's
twinair 
14/6/08 2:39:11 PM
Banned

I don't want to get Mac Dude's knickers ina knot.
So I have taken his personal advice and started another thread on the subject.


So...

Who's computer is broken and what is it doing?

Mine's talking to me...in tongues.

Has anyone ever suffered form another form of injection before?
Perhaps a hot beef injection?

Anyway...feel free to post anything in here that may be misconstrued as off topic in the other thread...that way we'll keep the other thread clean and all our problems will go away.


-----
I've been accused of being a crude, cock sucking arsehole.
That's OK, I can take constructive criticism.
But if my grandmother ever says that again I'll kick her fucking head in.

-80 
14/6/08 2:40:30 PM
Banned

It's cold today.
A hot beef injection sounds pretty good.

-----
Mercury - you've got my number

Shikimaru 
14/6/08 2:40:48 PM
Guru

don't think mine is broken... but then, i have it built up fairly strong... :P

-----
Intel E6600 3.0ghz | 2gb Crucial Ballistix 1066mhz 5,5,5,15 | DFI X48 LT | ATi HD3870 512 | Auzentech Prelude | 160gb Samsung | 500gb Samsung | Asus SATA DVD | 24"Dell Widescreen | Z5500 THX |

Myra`Jai 
14/6/08 2:41:53 PM
Titan

huh? linkage?

-----
Quote by Ben Mansill

Myra has so much serenity and bliss I just plain forgot to pin her



Life is not measured by the number of breaths we take
but by the moments that take our breath away

I Love Lamp 
14/6/08 2:42:03 PM
Banned

My computer is playing all sorts of random music, browsing Atomic and has MSN, Outlook and Nero open.

What. The. Fuck.

It's also got a shitload of dust in the window fan entry gauze.

I blame this SQL Injection and demand someone come around here and fix it right now.

Haymarket, I am looking at you!

-----
I cunt spell

Caelum 
14/6/08 2:42:31 PM
Banned

Quote by Myra`Jai
huh? linkage?




Get sticky.

-----
I am he that liveth, and was dead; and, behold, I am alive for evermore, Amen; and have the keys of hell and of death.
Revelation, 1. 18

twinair 
14/6/08 2:42:48 PM
Banned

Quote by Myra`Jai
huh? linkage?



It's sticky'd.

Perhaps if it was a locked sticky it would be more visible.
http://www.atomicmpc.com.au/forums.asp?s=1&c=1&t=127694

-----
I've been accused of being a crude, cock sucking arsehole.
That's OK, I can take constructive criticism.
But if my grandmother ever says that again I'll kick her fucking head in.

Caelum 
14/6/08 2:44:26 PM
Banned

So, following on from what chrisg said in the sticky - has ANYONE seen any SMF forums falling victim to this attack?

-----
I am he that liveth, and was dead; and, behold, I am alive for evermore, Amen; and have the keys of hell and of death.
Revelation, 1. 18

-80 
14/6/08 2:45:11 PM
Banned

Quote by Myra`Jai
huh? linkage?


You should know by now that people tend to get crankier as they get older.
They can be quite gruff, on occasions.

-----
Mercury - you've got my number

I Love Lamp 
14/6/08 2:45:33 PM
Banned

No-one goes there to even bother finding out!

;)

-----
I cunt spell

-80 
14/6/08 2:46:14 PM
Banned

Quote by Caelum
So, following on from what chrisg said in the sticky - has ANYONE seen any SMF forums falling victim to this attack?


I'm not seeing much trouble here, except it's a bit slow to load.

-----
Mercury - you've got my number

Caelum 
14/6/08 2:47:13 PM
Banned

Quote by -80
Quote by Caelum
So, following on from what chrisg said in the sticky - has ANYONE seen any SMF forums falling victim to this attack?


I'm not seeing much trouble here, except it's a bit slow to load.




Yeah, except for the javascript..

-----
I am he that liveth, and was dead; and, behold, I am alive for evermore, Amen; and have the keys of hell and of death.
Revelation, 1. 18

plebsmacker 
14/6/08 2:48:12 PM
Hero
Immortal


I did notice a chunk of a post I wrote yesterday is missing.

That's weird.

-----
Give me ambiguity or give me something else

orcone 
14/6/08 2:49:43 PM
Guru

Quote by Caelum
So, following on from what chrisg said in the sticky - has ANYONE seen any SMF forums falling victim to this attack?



No, simply because I couldn't be fucked to look.

This "attack" has only inconvenienced me to a point where there's extra characters after a user's name. And yet, we have people demanding that this free to use site has this travesty fixed and protected against.

I may not know the details of the worst symptoms that this recent event causes, but from the responses so far it hasn't been critical at all. Why some people are going nuts about this, I don't know.

But what I do know, is that you have a choice to use this site. And it's a simple choice, if you don't like it or feel vulnerable somehow using it - GTFO.

-----
I love Isa. She rawkz my cawkz. =o)

-80 
14/6/08 2:49:59 PM
Banned

Quote by Caelum
Quote by -80
Quote by Caelum
So, following on from what chrisg said in the sticky - has ANYONE seen any SMF forums falling victim to this attack?


I'm not seeing much trouble here, except it's a bit slow to load.




Yeah, except for the javascript..


Well, you sort of get used to it after a while.....

-----
Mercury - you've got my number

I Love Lamp 
14/6/08 2:51:29 PM
Banned

You'll change your opinion when those pictures on F: of you and your ex lover (the horse) emerge on HotorNot with the username registered being your entire credit card number, and the photo comment your home phone number and address.

-----
I cunt spell

chrisg 
14/6/08 2:56:48 PM
SuperHero
Immortal


:-)

The attack itself is just annoying, but, easy to slip a trojan through the hole it creates.

Cheers

-----
You can always tell a guy who has been troubleshooting too long - he has a shotgun in his toolkit.

twinair 
14/6/08 3:03:33 PM
Banned

I went onto another machine of mine and starting frantically clicking the bad links...
NAV picked up this...

http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2006-061017-0150-99&

"Downloader.Bancos!gen is a generic detection for a suspicious file that downloads an Infostealer.Bancos.
It typically downloads an Infostealer.Bancos from a predefined URL and executes it."


Edited by twinair: 14/6/2008 3:04:04 PM

-----
I've been accused of being a crude, cock sucking arsehole.
That's OK, I can take constructive criticism.
But if my grandmother ever says that again I'll kick her fucking head in.

Apoptosis 
14/6/08 3:05:28 PM
Champion

So this isn't delivering a malicious payload yet?

Well, I would assume it isn't because 50% of atomics users haven't dropped off the net yet :P

I'm going to try this in my WinXP virtual machine.

-----

twinair 
14/6/08 3:06:04 PM
Banned

Quote by Apoptosis
So this isn't delivering a malicious payload yet?

Well, I would assume it isn't because 50% of atomics users haven't dropped off the net yet :P

I'm going to try this in my WinXP virtual machine.



Look at my post above yours.

-----
I've been accused of being a crude, cock sucking arsehole.
That's OK, I can take constructive criticism.
But if my grandmother ever says that again I'll kick her fucking head in.

  1 | 2 | 3  | Next Page 
Forums | Security