man i really want to do this and get some $$$ maybe split half-half with shogun
(because shogun never wins (just kidding))
hmm...
u know, today i found a vulnerability in STC's website, potentially allowing people to access their whole database, and mess around with it. sh*t. that could destroy the whole country's economy, everyone uses STC. it was scary. should i have asked for $$ like ransom to tell them what the vulnerability was? or should i have done what i reely did, ie, tell them like a little goody two shoes, and say "oh it would be nice if you gave me about $10 on my liberty reserve account, because here's a vuln i found"
lolz, this is no joke.
i did find a vulnerability. imagine. the guy who had the power to crash a whole country's economy is talking to you right now...
i feel so important now
lol, astar will have something smart to say about this...
if you really want to know what the vulnerability is, its an SQL injection vulnerability in their login form. IMAGINE THAT! but no, not a simple one, very deceptive... whatever... dont make me get into the mechanics... it looks like they use sanitized input... but in fact, it uses some other function to sanitize the inputted data, and this can be terminated with a syntax terminator like a semi colon (
. and it did get terminated by that, and this whole wierd string of charcters came out...