Follow us on Twitter!
Ideas are far more powerful than guns.
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 22
Guests Online: 22
Members Online: 0

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Reporting Vulnerabilities To A Webmaster


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-04-09 02:01
If you find a vulnerability in a site how exactly do you go about informing them of the problem while letting them know you did NO harm? I found a web site that displays articles like "index.php/v2/news/article.php?article=63", where 63 is the article number. You put:

' OR 1=1--

Where the 63 would be, and it gives you an error message which displays the name of the table and so on. I've gone from there, but have done nothing harmful.

How would I tell them?
Author

RE: Reporting Vulnerabilities To A Webmaster


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-04-09 11:05
Or you could just do the easy thing, and just let it be.


Author

RE: Reporting Vulnerabilities To A Webmaster

Demons Halo
Member



Posts: 261
Location: Sweden
Joined: 26.03.09
Rank:
Apprentice
Posted on 21-04-09 11:08
inferior wrote:
Or you could just do the easy thing, and just let it be.


pussy style? sounds good to me XD


base_dropper@hotmail.com www.demonshalo.com
Author

RE: Reporting Vulnerabilities To A Webmaster


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 21-04-09 11:12
Demons Halo wrote:
inferior wrote:
Or you could just do the easy thing, and just let it be.


pussy style? sounds good to me XD


Well you don't want to get into any trouble.


Author

RE: Reporting Vulnerabilities To A Webmaster

Demons Halo
Member



Posts: 261
Location: Sweden
Joined: 26.03.09
Rank:
Apprentice
Posted on 21-04-09 11:24
inferior wrote:
Demons Halo wrote:
inferior wrote:
Or you could just do the easy thing, and just let it be.


pussy style? sounds good to me XD


Well you don't want to get into any trouble.


actually I like getting into trouble from time to time Pfft but being supervised for suspicious computer activity is not the thing you want to get into at this point of time. BIG BROTHER IS WATCHING YOU! Frown

ooh my... LawlZOr! :xx:


base_dropper@hotmail.com www.demonshalo.com
Author

RE: Reporting Vulnerabilities To A Webmaster

AldarHawk
Member



Posts: 1690
Location: Canada
Joined: 26.01.06
Rank:
Hacker Level 1
Posted on 21-04-09 12:30
It is totally dependent on the type of site. If it is some guys web-forums then just tell him. If it is a corporation, you could make an anonymous email account and send the info as was previously mentioned, however, I would check it again after a few days to see if you have a response. They may ask you if you have any ideas on how to fix it. Another route is to approach the IT department of the company and talk to them about penetration testing. Do not claim that you did anything, just simply ask them if they have ever had it done and get the information from them...From here you could offer your services...but again you would need to have a good portfolio to be able to approach a larger corporation for penetration testing Smile

Hope it all works out for you.


Just ask Yahoo!Taboo! http://www.erikwestlake.com