# Exploit Title: MySQL Squid Access Report 2.1.4 / HTML Injection# Date: 23/07/2012 # Author: Daniel Godoy # Author Mail:DanielGodoy[at]GobiernoFederal[dot]com # Author Web: www.delincuentedigital.com.ar # Software web: http://sourceforge.net/projects/mysar/ # Tested on: Linux# Dork: MySQL Squid Access Report 2.1.4 # www.chap.cl # Este Advisory fue reportado por Daniel Godoy, integrante deProject CHAP Security # be secured /stay secure # contacto@chap.cl [Comment]Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,InyeXion, ksha, zerial,LinuxFer,Scorp her0, r0dr1 y demas user de RemoteExecution www.remoteexecution.info www.remoteexcution.com.ar #RemoteExecution Hacking Group [PoC] find Squid's access.log file path and insert "> Example: ">PWNED! http://server/mysar/www/?a=administration ------------------------- Correo enviado por medio de MailMonstruo - www.mailmonstruo.com
L'articolo MySQL Squid Access Report 2.1.4 HTML Injection sembra essere il primo su MondoUnix.
...Leggi il seguito »
- Articolo precedente: L’AppStore di iOS 6 Beta 3 è Offline da giorni
- Articolo successivo: Browser games made in Italy: Astro n.z.o. (Blue Vessel Games)
SEGNALA / INVIA QUESTO POST:
Hai trovato questo articolo interessante? Iscriviti GRATIS ai nostri feeds!
