sourceforge looks like a FP, I guess they just used a crappy regex error matching tool :>.
On Fri, Sep 30, 2011 at 10:38 PM, Dave Aitel <[email protected]> wrote: > This came out last night - http://pastebin.com/LaKrWgXT. Lots of > respectable sites in that (sourceforge/mysql/etc). I don't know if any of it > is true, of course. > > """ > > 1. > > > http://sourceforge.net/apps/trac/gallery/timeline?from=2009-09-24T22%3A19%3A12Z%2B0000&precision=second<http://sourceforge.net/apps/trac/gallery/timeline?from=2009-09-24T22%3A19%3A12Z%2B0000&precision=second>' > : SQLi Vulnerable > 2. > 3. http://www.love-shop.biz/b/166180/read' : SQLi Vulnerable > 4. > 5. > > http://stackoverflow.com/questions/3742239/php-mysql-error-warning-mysql-num-rows-expects-parameter-1-to-be-resource' > : SQLi Vulnerable > 6. (Be funny to change all the answers to every question to "Minimum > viable product". :>) > 7. > > > """ > -dave > > > On 9/29/11 4:24 PM, Dave Aitel wrote: > > The past of web hacking is here, it's just not evenly distributed. And by > that, I mean that you're going to find a lot of SQL Injection bugs if in > Google you do "inurl:.asp site:myclient.com". > > Of course, you would probably say that any site that CAN be hacked by SQLi > is probably already hacked with SQLi and the goal of any good hacker in the > world is to be places no one else can be, right? But, it's likely that Blind > SQLi is still under the radar, since it normally takes SO LONG to exploit > that even the automated worms get bored and give up. :> > > BUT, one thing we're going to teach you in the Web Hacking class at > INFILTRATE <http://infiltratecon.com/training.html> is a new algorithm > that gets twice the performance of SQLMap on Blind SQLi. It's awesome. You > should come. :> > > -dave > > > > _______________________________________________ > Dailydave mailing > [email protected]https://lists.immunityinc.com/mailman/listinfo/dailydave > > > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > >
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
