Hi, BamarTalk.com’s Webmaster

This is PlanetCreator’s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on Bamar Talk International Calling Cards – Cheap Call to Myanmar’s Website.

Informed to : ‘[email protected]’; ‘[email protected]’; ‘[email protected]’; ‘[email protected]’; ‘[email protected]

Sent Wed 2/24/2010 7:12 AM
Some of your Web’s Data Information are as follow,

Applications: ————PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 2/24/2010 5:56:19 AM
Target:         http://www.bamartalk.com/information.php?info_id=1
Host IP:        67.18.18.10
Web Server:     Microsoft-IIS/6.0
Powered-by:     ASP.NET – PHP/5.2.6
Current User:     root@localhost
Current DB:     voipswitch
System User:     root@localhost
DB User & Pass:     root:*Hidden Pass for Security Reason:localhost

Table Name ———— Columns
users      ———— city, phone, login, email, password
settings   ———— id, name

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

EtterCap – ARP Spoofing And Beyond

When it comes to Network Security, my philosophy is – “You can’t afford to know less than the Hacker.” This means that in order to protect ourselves effectively, we need

Read More

critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net

PlanetCreator.Net’s Security Team member zai22 reported another critical SQL injection (vulnerability) on Dhamma Web http://www.dhammaweb.net SQL injection is a code injection technique that exploits a security vulnerability occurring in the

Read More

What are whois queries?

Whois queries are used to determine the IP address ranges associated with clients. A whois query can be run on most UNIX environments. In a Windows environment, the tools such

Read More