We just upload our first video about SQL injection with Havij.
Step by step we are planing to upload more videos if we find time for that.
You can find us here
https://www.youtube.com/user/websecuty
Thursday 31 May 2012
Dubstep.net
http://www.dubstep.net/ is vulnerable to SQLi.
Even after it was posted information about his vulns and his DB was dumped the problem is still there.
The web site have many users so change you'r password of you'r other accounts like email and facebook if you are member of this site
websecury(at)gmail.com
Even after it was posted information about his vulns and his DB was dumped the problem is still there.
The web site have many users so change you'r password of you'r other accounts like email and facebook if you are member of this site
websecury(at)gmail.com
For the users
I just want to say few words.
You can never be shure about you safety in internet. You can't know what you are downloading, what site you are looking, or is the site safe.
1) The site where you are making registration maybe is vulnarable to SQL injection. A malicious user can inject a simple commands and get all the DB from the site. All the email, names, usernames, passwords and more. If you are using the same password for every site he can use this information to login to you'r email, facebook and even paypal.
2) When you are downloading something and you'r antivirus say it's safe don't be shure about that. They are many way to make a keylogger or a rat FUD ( fully undetectable ).
3) Don't keep personal information in you'r email. Many times I found credit card information, pesonal information or passwords for other site stored in email accounts. Don't do that.
We will update this soon!
Ourkids.net - The trusted sourse
Actualy not very strusted. It is vulnerable and we already have the data base.
Here is the list of the schools we have the password for login to this site.
We have and the admin password.
Mostly have addresses, phone numbers and names
Here is the list of the schools we have the password for login to this site.
We have and the admin password.
Mostly have addresses, phone numbers and names
HondaShowOff.com
I don't believe we have to explain what is this web site.
We have the data base of this web site. If you are user of it please change you password and contact us.
We will inform the admins as soon as posible for the vulns on the site
websecury(at)gmail.com
We have the data base of this web site. If you are user of it please change you password and contact us.
We will inform the admins as soon as posible for the vulns on the site
websecury(at)gmail.com
Writeclique.net
http://writeclique.net/ is a web site for writers. It have 1500+ some of them famous.
It is vulnarable to SQL injection. We already have the DB , but we don't know who else can have it.
If you are the owner of some of this emails fell free to conctats us at websecury(at)gmail.com
List of emails here
It is vulnarable to SQL injection. We already have the DB , but we don't know who else can have it.
If you are the owner of some of this emails fell free to conctats us at websecury(at)gmail.com
List of emails here
Muzi4ka.org
This is a bulgarian web site about music. It is vulnarable to SQLi.
If you are user of this site be careful. It can reveal you email, username and password.
We already try to contact the admin, but nothing happens.
This vuln is a public and 2 days after we found it we understood that we are not the first ones. Many people know about it from very long time.
Contact admins about it
websecury(at)gmail.com
If you are user of this site be careful. It can reveal you email, username and password.
We already try to contact the admin, but nothing happens.
This vuln is a public and 2 days after we found it we understood that we are not the first ones. Many people know about it from very long time.
Contact admins about it
websecury(at)gmail.com
Inspiremetoday.com
If you have registration in http://www.inspiremetoday.com/ you must know that this web site is vulnarable to SQL injection.
This meens that by very simple method all the Data base can be dumped. We already did than, but we don't know who else did it. So change you password and ask the admins to remove this problem.
websecury(at)gmail.com
This meens that by very simple method all the Data base can be dumped. We already did than, but we don't know who else did it. So change you password and ask the admins to remove this problem.
websecury(at)gmail.com
Teniski.eu XSS
Teniski.eu is a bulgarian web site for ordering t-shirts, puzzles, pins and many other stuffs by you'r design.
It is vulnarable to XSS ( Cross site scripting )
Here is more information about XSS from wikipedia here
And here is the site.
websecury(at)gmail.com
It is vulnarable to XSS ( Cross site scripting )
Here is more information about XSS from wikipedia here
And here is the site.
websecury(at)gmail.com
Sladur.com Dump
Sladur.com is I believe the first bulgarian web site for datings. It's like a social network.
It have hundreds of thousands users. Some time ago I was inform that their Data base was dumped. I'm not shure when this exactly happens, but I have part of it and its true.
So if you are user of this site you password is public. Change it. It can be the same like you'r email, paypal or facebook account. Change it for you'r security.
websecury(at)gmail.com
It have hundreds of thousands users. Some time ago I was inform that their Data base was dumped. I'm not shure when this exactly happens, but I have part of it and its true.
So if you are user of this site you password is public. Change it. It can be the same like you'r email, paypal or facebook account. Change it for you'r security.
websecury(at)gmail.com
What is this blog?
If you are reading this blog maybe you want to know for what we made it.
Many people don't know , but big % of the web sites vulnerable to different attack. There are many ways to deface, take access to the site or just to download his Data base.
Here we are going to inform you about the ways to do that and which sites are vulnerable or already " hacked " .
So keep reading us. If you find here some web site where you have registration change you'r password and contact us.
You can all the time send us a email with you'r usernames and emails so we can check if we already have them.
And we have a lot.
websecury(at)gmail.com
Subscribe to:
Posts (Atom)