[39185] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Sql injection in jPortal version 2.3.1 (module banner)

daemon@ATHENA.MIT.EDU (exon)
Wed Jun 15 14:07:34 2005

Message-ID: <42ADF5DC.3060703@home.se>
Date: Mon, 13 Jun 2005 23:08:44 +0200
From: exon <exon@home.se>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
In-Reply-To: <20050612212245.32752.qmail@securityfocus.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

anonymous@wp.pl wrote:
> "After that, You gain login and password of administrator."
> 
> Bull shit.
> In 2.3.1 version an admin password is "hashed". You gain "f95aead0f1f7481cf4d4acfe61c10fce" instaed password. 
> 
> 

It's still a Bad Thing(tm). See http://www.openwall.com/john for details.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[39185] in bugtraq

Re: Sql injection in jPortal version 2.3.1 (module banner)

daemon@ATHENA.MIT.EDU (exon)Wed Jun 15 14:07:34 2005

daemon@ATHENA.MIT.EDU (exon)
Wed Jun 15 14:07:34 2005