PlanetCreator has reported Critical XSS vulnerability on Official Portal of Kuala Lumpur, Malaysia Web Site,

http://www.planetcreator.net/2009/09/criti…aysia-web-site/

and

http://www.xssed.com/mirror/64058/

but nobody takes action ~~~ How come?

Hello, DBKL’s Staffs! Are you just looking for your license fees? (Yeah- I paid 300RM for my company and 100RM for your Teh Tarik (Coffe` Fees), cos if you don’t pay money to DBKL, you won’t get license as well…

tongue.gif

) …

Don’t just going to around and finding some funds for urself, come up and check out ur web! Many Hackers are watching .Gov websites!….

This is second time!

Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 1/30/2010 11:01:56 PM
Microsoft SQL Server 2000 – 8.00.2050 (Intel X86) Mar 7 2008 21:29:56 Copyright © 1988-2003 Microsoft Corporation
Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

Databases: master
————tempdb
————model
————msdb
————pubs
————Northwind
————DBKL
————penjaja
————dbkl_test
————dbkl_datakeyin
————lesendmg

This is your Tables & Columns

Download Tables & Columns ! http://www.planetcreator.net/images/mmso/dbkl.txt

We hope that their security staff will look into this issue and fix it as soon as possible.

Explore More

Hack Tools, Utilities and Exploits

Packetstorm Last 10 Files glsa-200901-13.txt – Gentoo Linux Security Advisory GLSA 200901-13 – Multiple vulnerabilities have been discovered in Pidgin, allowing for remote arbitrary code execution, denial of service and

Read More

LFI/RFI testing and exploiting with fimap

fimap is currently under development but still usable. Feel free to test it! This document and tool is not recommend for people who doesn’t know what LFI/RFI is. If you

Read More

fimap v.0.9 released

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like

Read More