Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Save my job
Posted by: jammy99
Date: September 12, 2013 04:17AM

i want help from you experts here :(

my boss told me to hire a man to perform pen testing on a website.

I found one guy from pakistan, He told me that he has performed pen testing on the website and has sql injection report with him, And he sent me some data for proof and asked for the payment first.

I sent him payment, But he did not give me sql injection flaw report and started to ask for more money :(

now i have paid him from company account and i have no words for my boss :(

i dont want to loose my job due to all this.

Anyone please please help me to find a sql injection hole in the website. I will create sql injection flaw report by myself based on your sql injection found. Please just help me to find sql injection.

I can not write website URL here, because it will start coming in search if my boss search for website.

Please help me and reply to this thread i will send you website URL in PM :(



Edited 1 time(s). Last edit at 09/12/2013 04:29AM by jammy99.

Options: ReplyQuote
Re: Save my job
Posted by: jammy99
Date: September 12, 2013 02:18PM

anyone please reply

Options: ReplyQuote
Re: Save my job
Posted by: ajkaro
Date: September 12, 2013 04:53PM

Nice story but I don't believe you. How can you pay from firm's account? Isn't there any control and payment authorisation from somebody?

On the other hand you payed somebody else and now you are expecting other will test site for you for free. Nice logic.

You social ingeneering strategy didn't work for me... Good luck next time :)

Options: ReplyQuote
Re: Save my job
Posted by: jammy99
Date: September 12, 2013 09:14PM

you have site url on pm.

please test it i will pay you too from firm account.

Options: ReplyQuote
Re: Save my job
Posted by: ajkaro
Date: September 13, 2013 06:14AM

I am not interested in your money. I just don't believe in your story...

Options: ReplyQuote
Re: Save my job
Posted by: jammy99
Date: September 13, 2013 09:11AM

i did not ask you to trust, i asked you to help.

i can assume that you can / could not break into the website that i sent you in your PM. thats y you writing such words.

Well none of your business...

Options: ReplyQuote
Re: Save my job
Posted by: id
Date: September 13, 2013 11:02AM

Try hiring a reputable firm to do pentesting, not a random dude.

-id

Options: ReplyQuote
Re: Save my job
Posted by: jammy99
Date: September 13, 2013 01:18PM

i can find skillful peoples here only. you all are real experts.

Options: ReplyQuote
Re: Save my job
Posted by: barbarianbob
Date: September 17, 2013 08:24PM

lol

Options: ReplyQuote
Re: Save my job
Posted by: kn1ghtc
Date: September 26, 2013 05:44AM

give me the site

Options: ReplyQuote
Re: Save my job
Posted by: jammy99
Date: September 28, 2013 09:53PM

kn1ghtc Wrote:
-------------------------------------------------------
> give me the site

thank you very much for raising your hand to help me. :-)

i hacked it myself, i got blind sql injection into it and wrote blind sql dumper in vb6 to dump required data. now im in dumping process

it may finish dumping within next saturday. if they fix the bug then i will suck

Options: ReplyQuote


Sorry, only registered users may post in this forum.