SQL Injection Fun v.RIAA

What started as a simple DoS against the RIAA through a SQL injection vulnerability, originally posted to Reddit in tinyurl form.

UNION ALL SELECT BENCHMARK(100000000,MD5('asdf')),NULL,NULL,NULL,NULL%20--

led an attacker on to dump their entire database. I sure hope they don't have backups -- part of me thinks they deserve it and wants them to suffer... muwhahaha

Posted by Marcin on Sunday, January 20, 2008 in Hacking and News.