nathancjohnson / The Swan Station / issues / #64 - Exploit : Database access — Bitbucket

Issue #64 invalid

Winston Smith created an issue 2016-04-01

Hello Nathan,

Winston here. I can get access to TSS's DB using a cumulative bug during a reset ... I can't explain here how to fix it, for obvious reasons. It goes so far I can see everything and edit as well, using a bit of a simple SQL injection -_-

As usual ... see you in chat for the details on how to patch this,

Joe

Comments (3)

Nathan Johnson repo owner
Was this an April fools joke? Or real?

Please email me immediately about this if it is real.
- 2016-04-09T06:05:55+00:00
Winston Smith reporter
Hello Nathan, Sorry I should have clarified this, this was part of a diversion I used for the joke, I used it as a way to get the fake Nathan take contact with me in chat so it looked more natural. Of course having an over the top vulnerability description was something of a bonus ;) Cheers, Joe
- 2016-04-10T12:35:11+00:00
Nathan Johnson repo owner
- changed status to invalid
- 2016-04-28T21:48:05+00:00
Log in to comment

Assignee: Nathan Johnson

Type: bug

Priority: critical

Status: invalid

Component: –

Votes: 0

Watchers: 2

Jira: the preferred issue tracker for Bitbucket. Join the team!