[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Getting even with a SPAMer

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Getting even with a SPAMer
From: <auto69366@hushmail.com>
Date: Thu, 16 Oct 2003 02:01:58 -0700

Hi,

As I got bored with receiving these:
"... a g3n3ric vers1on of V1agra 1s ava1labl3 wh1ch g1v3s you ... w1ll
arr1v3 at y0ur d00r ... http://www.onmarclass.com/host/default.asp?id=yr1";

I decided to test their site for a SQL injection, and what do you know:
http://www.onmarclass.com/host/default.asp?id=yr1'

Causes a:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query
expression 'affil_ID='yr1'''.

/host/utilities.asp, line 13

Go get him :)



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] 3 Copies of messages?
Next by Date: [Full-Disclosure] Microsoft Local Troubleshooter ActiveX control buffer overflow
Previous by thread: [Full-Disclosure] Data Retention Legislation in Violation of EU Human Rights Laws
Next by thread: [Full-Disclosure] Microsoft Local Troubleshooter ActiveX control buffer overflow
Index(es):
- Date
- Thread