European Space Agency SQL vulnerability exploited

cd511 European Space Agency SQL vulnerability exploited



Incapsula Protection



Printer Backdoor



Hardware malware



Nuclear Plant hacked



Java zero-day exploit



RedHack hacker

Sign up for Updates



European Space Agency SQL vulnerability exploited

Author : Mohit Kumar

on

12/01/2012 06:29:00 AM

The European Space Agency (ESA) is an intergovernmental organisation dedicated to the exploration of space. Hacker going by name “SlixMe” find and exploit SQL Injection vulnerability on a sub domain of website.

Hacker upload

dump

on his website, where he disclose the SQLi vulnerable link and Database tables also. Hacker also mention that other 5 domains are also hosted on same server, that can be exploited if he will be successful to exploit one site completely.

Exploited Domain : http://television.esa.int/

Method mentioned as “PostgreSQL AND error-based – WHERE or HAVING clause”. In further discluse the PayLoad of injection also published.

Site is vulnerable at time of publishing this article.

About Author:


Mohit Kumar
aka ‘Unix Root’ is Founder and Editor-in-chief of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. His editorials always get people thinking and participating in the new and exciting world of cyber security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. His all efforts are to make internet more Secure. Follow him @ Twitter | LinkedIn | |

Tags:

,

,

,

,

2000

,

,

,

The content of – European Space Agency SQL vulnerability exploited and other Information in this article is only for Educational Purpose, provided by various legit sources and deep analysis of our Security Research Team. Please feel free to Contact us. Thank You !
Older Post

Home

‘; var pageArea = document.getElementsByName(“pageArea”);
var blogPager = document.getElementById(“blog-pager”); if(postNum 0)
html =”;
if(blogPager)
blogPager.innerHTML = html;
} function showpageCount2(json) var thisUrl = home_page_url;
var htmlMap = new Array();
var isLablePage = thisUrl.indexOf(“/search/label/”)!=-1;
var thisLable = isLablePage ? thisUrl.substr(thisUrl.indexOf(“/search/label/”)+14,thisUrl.length) : “”;
thisLable = thisLable.indexOf(“?”)!=-1 ? thisLable.substr(0,thisLable.indexOf(“?”)) : thisLable;
var thisNum = 1;
var postNum=1;
var itemCount = 0;
var fFlag = 0;
var eFlag = 0;
var html= ”;
var upPageHtml =”;
var downPageHtml =”; var labelHtml = ‘

‘;
var thisUrl = home_page_url; htmlMap[htmlMap.length]=labelHtml;
postNum++; for(var i=pageCount-1, post; post = json.feed.entry[i]; i=i+pageCount)
var timestamp1 = post.published.$t.substring(0,19)+post.published.$t.substring(23,29);
timestamp = encodeURIComponent(timestamp1); var title = post.title.$t; if(thisUrl.indexOf(timestamp)!=-1 )
thisNum = postNum;
if(title!=”) postNum++;
htmlMap[htmlMap.length] = ‘/search/label/’+thisLable+’?updated-max=’+timestamp+’&max-results=’+pageCount; itemCount++;
} var banyaknomer = htmlMap.length;
if (json.feed.entry.length % pageCount == 0)
var banyaknomer = htmlMap.length -1 ;
postNum=postNum-1;
; for(var p =0;p=(thisNum-displayPageNum-1) && p

‘;
}else
upPageHtml = ‘

‘+ upPageWord +’

‘;
fFlag++;
} if(p==(thisNum-1))
html += ‘

‘+thisNum+’

‘;
else
if(p==0)
html = labelHtml+’1′;
else
html += ‘

‘+ (p+1) +’

‘;

} if(eFlag ==0 && p == thisNum)
downPageHtml = ‘

‘+ downPageWord +’

‘;
eFlag++;

}
} if(thisNum>1)
if(!isLablePage)
html = ”+upPageHtml+’ ‘+html +’ ‘;
else
html = ”+upPageHtml+’ ‘+html +’ ‘;

} html = ‘

Pages (‘+(postNum-1)+’)’+html; if(thisNum’; var pageArea = document.getElementsByName(“pageArea”);
var blogPager = document.getElementById(“blog-pager”); if(postNum 0)
html =”;
if(blogPager)
blogPager.innerHTML = html;
}

Loading

;

Read this article - 

European Space Agency SQL vulnerability exploited


Tags: , , , , , , , , , , , , ,

Leave a Reply

Loading

Recent Posts

Buy VPN

Archives

netload.in
%d bloggers like this: