Just an update, some interesting stuff, fuzzing, SQL injection, twitter clients, …

18 10 2009

Hi again all,

This is a post about SQL injection, and a twitter client I like to use for those that like twitter.

I’ve been delving deeper into twitter, using it a bit more often, and found myself in the need of a good twitter client. Currently I am using “twhirl”, which is in my opinion awesome. It has lots of feautures the others would only dream of. With support for fast retweets, replies, and viewing your replies, …. :  Get it here

For more alternatives, here’s a top 10 list of best twitter clients: Top 10 twitter clients

Now on another note: I have done a little study for myself, since there has been a lot of fuzz about the weakness of phpBB, and sadly i must confirm that, using the right tools, almost every phpBB version is SQL injectable, even the newer ones.

For this study, i randomly selected and tested different forums, different version, and i have found atleast 1 or more entry points in about 80% of all versions. I used the tools mini mySQLat0r and SQLmap, along with a handy tool I like to refer to as my brains (cough cough).

Anyone who would be determined to get in phpBB, gets in.

Follow me on twitter: (Raykoid666)

some links:
mini mySQLat0r download: link
SQLmap: link




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: