![[ t ]](/images/structural/icon_twitter.gif){kind=icon}
Don't click it, that would be wrong...
This link runs a slooow SQL query on the RIAA’s server. Don’t click it; that would be wrong.
Found on reddit.com. I clicked it, just out of curiosity. It pulled a press-releases index page. I don’t know how someone knows it’s slow.
Follow Gadgetopia on Twitter
Comments
Looks like SQL injection if you look at the URL. The "news year filter" parameter is presumably just supposed to have a year but someone must think that it will execute the SQL at the end:
"2007%20UNION%20ALL%20SELECT%20BENCHMARK(100000000,MD5('asdf')),NULL,NULL,NULL,NULL%20--"
It was a very long running query before someone used the same vulnerability to delete their CMS's entire database. Read the comments on the reddit thread.
Oh, great. So I unwittingly tried to hack the RIAA? The link was a TinyUrl -- I should have known better. Nice.
Men in dark suits and sunglasses should be showing up anytime now...
Add Comment
- Are Contextual URLs Worth the Trouble on an Intranet? by 1, 8 hours, 34 minutes ago
- Halo 2 vs. Tribes 2 by TV forever, 13 hours, 19 minutes ago
- Human-readable URLs by -1', 13 hours, 40 minutes ago
- Human-readable URLs by 1, 13 hours, 41 minutes ago
- Monster App by 1, 1 day, 3 hours ago
- Show 5 more »
- MousePath by Deane in 2010
- Google’ Fiber Network by Deane in 2010
- How to Comment Code by Deane in 2009
- Do Not Shut Off the Internet by Deane in 2008
- Media-Themed Fonts by Deane in 2006
- Show 4 more »
