Hi, BamarTalk.com’s Webmaster

This is PlanetCreator’s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on Bamar Talk International Calling Cards – Cheap Call to Myanmar’s Website.

Informed to : ‘[email protected]’; ‘[email protected]’; ‘[email protected]’; ‘[email protected]’; ‘[email protected]

Sent Wed 2/24/2010 7:12 AM
Some of your Web’s Data Information are as follow,

Applications: ————PlanetCreator’s_Universal_Advanced_Internet_Security_T00L
System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 2/24/2010 5:56:19 AM
Target:         http://www.bamartalk.com/information.php?info_id=1
Host IP:        67.18.18.10
Web Server:     Microsoft-IIS/6.0
Powered-by:     ASP.NET – PHP/5.2.6
Current User:     root@localhost
Current DB:     voipswitch
System User:     root@localhost
DB User & Pass:     root:*Hidden Pass for Security Reason:localhost

Table Name ———— Columns
users      ———— city, phone, login, email, password
settings   ———— id, name

We hope that your security staff will look into this issue and fix it as soon as possible.

Explore More

Myanmar ISP’s National Networking Topology

This is Greater Mekong SubRegion Information Superhighway Links and Network Architecture of Myanmar, thx to SecurityTeam who sent this info.

Read More

Shell via LFI

>>>>>>>>>>>>>>> Shell via LFI – proc/self/environ method <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> Author : SirGod <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.insecurity-ro.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> www.h4cky0u.org <<<<<<<<<<<<<<< >>>>>>>>>>>>>>> [email protected] <<<<<<<<<<<<<<< 1 – Introduction 2 – Finding LFI 3

Read More

Directory Traversal

Directory Traversal Overview Directory Traversal vulnerabilities occur once again when the user supplied input is not validated. You think we would get tired of saying this, but it appears this

Read More