Sql Injection in BT.com – episode 1 |

Recent Comments

Loading....

Loading....

Apocalipsa dupa Nemessis in (82 Visits)
Ce servicii de mail folositi? in (28 Visits)
This is the end in (23 Visits)
Hackersblog.org is now blog.rstcenter.com in (17 Visits)
Short news in (16 Visits)
La multi ani România, la multi ani românilor in (15 Visits)
Inca o pierdere de timp in (11 Visits)
Azi este ziua userilor hackersblog.org in (11 Visits)
Raportare vulnerabilitati in (9 Visits)
Contact si vulns report in (7 Visits)
Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac? in (229 Visits)
Hi5.com coders read this in (28 Visits)
SMS scam (1) in (21 Visits)
Phishing Bancpost in (8 Visits)
Dezinformare sau proasta informare? in (7 Visits)
Phishing Raiffeisen cu atasament html in (5 Visits)
Si tentativele de phishing pot fi amuzante in (5 Visits)
Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta in (76 Visits)
[Utilitare] Suna gratis de pe internet sau de pe iPhone in (41 Visits)
Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (30 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (29 Visits)
Ce nu se invata la scoala - (D)DOS (5) in (25 Visits)
Virusi in clipuri video [how to] in (23 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (21 Visits)
Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (17 Visits)
Yahoo! redirects - a big issue (with video) in (10 Visits)
Ca musca in... in (9 Visits)
usa.kaspersky.com hacked ... full database acces , sql injection in (123 Visits)
Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (72 Visits)
Yahoo! epic fail - permanent xss unleashed in (71 Visits)
Telegraph.co.uk hacked, sql injection in (53 Visits)
RedTube.com ... The Free Sex Video Community in (43 Visits)
Kaspersky Thailand hacked by TinKode in (38 Visits)
Conquiztador Hacked Again in (33 Visits)
Telegraph.co.uk hacked - when will they learn? in (29 Visits)
F-Secure.com - SQL Injection + Cross Site Scripting in (27 Visits)
In atentia BitDefender.com, SQL Injection in (26 Visits)
Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (24 Visits)
Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (20 Visits)
Digital Photocopiers Loaded With Secrets in (15 Visits)
Hacker Uses XSS and Google Street View Data to Determine Physical Location in (12 Visits)
OWASP Phishing demo in (7 Visits)
Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (7 Visits)
Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (6 Visits)
Christopher "moot" Poole: The case for anonymity online in (6 Visits)
Owasp5005 Part1 - New zero-day browser exploits - ClickJacking in (5 Visits)
[Video] The History Of Hacking in (5 Visits)
Se poate sparge parola de Yahoo? in (259 Visits)
phpBB.ro hacked in (82 Visits)
Cand dorinta de afirmare depaseste granitele bunului simt - PaxNwo un leecher ordinar in (47 Visits)
Experiment social in (46 Visits)
"Hot" de id-uri messenger in (39 Visits)
Oare cum e pana la urma? in (39 Visits)
Experiment social II - andimoisescu.ro in (37 Visits)
Ce nu se invata la scoala – Vendetta (6) in (37 Visits)
Concurs fara premii in (36 Visits)
Forumul Andreei Balan spart in (33 Visits)

Loading....

Sql Injection in BT.com – episode 1

Posted by unu in English News

Posted on March 10th, 2009

“BT is one of the world’s leading providers of communications solutions and services operating in 170 countries. Its principal activities include networked IT services, local, national and international telecommunications services, and higher-value broadband and internet products and services. BT consists principally of four lines of business: BT Global Services, Openreach, BT Retail and BT Wholesale.”

“The most complete UK broadband, phone lines and mobile products, digital TV, web hosting, online security and networked IT services for home”

The description says it all. One of the giants in IT, mobile, TV and internet services. A Giant Company with a huge database. You don’t need to be an internet whiz, not even a computer literate to understand the tremendous implications that result from such a database beeing vulnerable.

A faulty parameter, improperly sanitized opens the vault to the pretious databases. One can gain access to such ordinary things as personal data, login data, and the like. In the first syntax I concatenated the table names as well as the version and the user of the database.

Lets see some of the user login data for different data bases (among which, of course, the admins of the respective sections).

As well as the login data and personal data (email, active, lastloggedin, firstname, surname, address, town, postcode, level, randomkey, password) for some of the registered users.

To be continued… but first we need to see reported vulns patched. We don’t want to put BT clients in danger by providing sensitive informations and hints to a potential attacker.

————-

RO version:

O firma mare, cu o baza de date imensa. Alta firma din domeniul IT si comunicatii care nu-si poate securiza propria baza de date. Un parametru prost sanitizat permite acces la date personale, de logare, etc.

In prima sintaxa am concatanat denumirile schemelor, cat si versiunea, userul bazei de date.

Sa vedem o parte din datele de logare a userilor pentru diferite baze de date (printre care desigur si adminii respectivelor sectiuni)

Cat si datele de logare, personale (email, active, lastloggedin, firstname, surname, address, town, postcode, level, randomkey, password) pentru o parte din userii inregistrati.

Va urma…

Related Posts

March 10, 2009 -- Sql Injection in BT.com – episode 2
February 23, 2011 -- Concurs fara premii
August 30, 2010 -- Deface (?!?) pe Cotidianul.ro
April 21, 2010 -- France2.fr – France4.fr – in asteptarea atacului?
December 24, 2009 -- Forumul Andreei Balan spart

8 Responses to “Sql Injection in BT.com – episode 1”

paul Says:
March 10th, 2009 at 9:16 am
de ce faceti disclosure inainte ca problema sa fie remediata?
e usor pe oricine sa faca o cautare de genul:

http://www.google.ro/search?q=bt+broadband+my+offers+terms+site:bt.com+inurl:id%3D&btnG=Căutare&meta=
unu Says:
March 10th, 2009 at 9:23 am
pentru ca i-am anuntat de cel putin 3 ori, cu fff multe zile inainte si nici macar nu ne-au raspuns, da’ sa mai remedieze problema.
Tudor Says:
March 10th, 2009 at 10:44 am
Sa inteleg ca linkul afectat este: http://www.myoffers.bt.com/terms.asp?id=
Brugner Says:
March 10th, 2009 at 11:28 am
Dude this is not nice: “confirming full inband sql injection on parameter” mai trebuia asteptat…
2fingers Says:
March 10th, 2009 at 11:54 am
De cateva zile nimeni nu a catadicsit sa elimine vulnerabilitatea sau sa ne raspunda la mailuri. Nu cred ca cineva care ar vrea sa aiba acces la intreaga baza de date va astepta sa se trezeasca adminul la realitate.
Brugner Says:
March 10th, 2009 at 12:37 pm
…but you also have a point here.. fuck them
hack Says:
March 10th, 2009 at 12:53 pm
Perfect !! a good
Yet another big company with SQL Injection problems (British Telecom) | N-Stalker Web Security Community Says:
March 14th, 2009 at 1:59 am
[...] In last couple of weeks big companies have been attacked and are having big issues with SQL Injection. At this time British Telecom (bt.com) was the target company (see more info at here). [...]

Leave a Reply

Subscribe to our Feed

N/A Subscribers (Feedburner)

Entries RSS

Comments RSS