Burmese Classic

PlanetCreator has reported another critical Blind SQL Injection (vulnerability) on http://www.burmeseclassic.com/

This vulnerability has been alerted to :- Webmaster of BurmeseClassic

Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———— (UTC+08:00) Yangoon, Myanmar , 07/08/2010 02:28:46 AM

Database :————- burmesec_pawtin

Tables :—————-

youth_qna
youth_news
youth_corner
video_review
video
users
thuta
tayar
sports
song
servers
sayadaw
news
mtv_thingyan
mtv
movies
movie_rate
message
left_menu
health
files
ebook_writer
ebook
dhamma_qus
dhamma_ans
comment
cartoon
buddhawin
baydin_qus
baydin_ans
banned_users
active_users
active_guests

Columns of users table

userip
timestamp
email
userlevel
userid
password
username

username    — password

bcadmin    —–  (just for vip members)

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Joomla Administrator Login BruteForcer for v1.0 and v1.5

#!/usr/bin/python# Joomla Administrator Login BruteForcer for v1.0 and v1.5 # Feel free to do whatever you want with this code!# Share the c0de! # Darkc0de Team # www.darkc0de.com # rsauron[at]gmail[dot]com

Dangerous IP’s – Do not scan

All the below are FBI controlled Linux servers & IPs/IP-Ranges 207.60.0.0 – 207.60.255.0 The Internet Access Company207.60.2.128 – 207.60.2.255 Abacus Technology207.60.3.0 – 207.60.3.127 Mass Electric Construction Co.207.60.3.128 – 207.60.3.255 Peabody

SpiderLabs Defacetool

DefaceTool is an open-source Java Server Faces(JSF)testing tool for decoding view state and creating view state attack vectors. The tool can be used to create XSS attacks and session and