Question regarding Sqli vuln sites

Discussion in 'General Discussion' started by Tyrant, Sep 30, 2015.

  1. Tyrant

    Tyrant Basic Member

    Messages:
    1,331
    Likes:
    365
    Ratio:
    0.16
    Is it possible for someone who found a sqli vuln site to dump the email:pass from the site and be able to then obtain admin details and change the user db passwords to whatever they want? Like change all the passwords to '123456' or something so no one is able to obtain the original email:pass list as well?

    Thanks
     
  2. Guyam

    Guyam Basic Member

    Messages:
    286
    Likes:
    37
    Ratio:
    0.11
    Of course it's possible as long as you can login to the database, you can easily manipulate the data at your will. Obviously your intention is to prevent others from obtaining the dump, I'm now telling you what attitude you got : Selfish B*tch. The statement is serious. If you're too envious of others dumping "your goldmine", then you don't deserve the dump. Your dorks are pretty obvious or your keywords are :dumb:. Publicly you're showing your true color.

    Note : Please for the sake of respect, don't do this. This is literally the most retard discussion thread I had entered. Have some ethics Man! Be a Man find some dorks and don't fear others getting in it. lol
     
  3. Tyrant

    Tyrant Basic Member

    Messages:
    1,331
    Likes:
    365
    Ratio:
    0.16
    ...I was only asking a simple question. Reason I ask was because I am dumping a list right now and I see a lot of passwords with '123456'. Sometimes I just over think and assume that maybe someone got this first. That's all. I had no intentions of doing this myself.
     

Share This Page