Padron Electoral Consultation 2009
Well I watched the website of the pattern of past elections in the province of Corrientes
http://defsep13.corrientes.gov.ar/
, which voted for Governor. And I was testing potential SQL injections but did not have anything like that, well filtered variables. So go to another point, the XSS where I succeed, but leave it there and nothing else interested me. I saw that was available without a prior
Captcha, I started to elbow a script that automates the requests, and download the pattern of Revelation:).
The perl script is encoded in the s0urce
here, what it does is open a socket to port 80, and send headers by the method
HTTP POST, to do so within one to go for changing the starting document number from 1 to a peak that we put. I do so that the query even put a number of ID which does not have the number of digits demanding equal generates. Ie if I send the document 1 with male gender. The consultation document will bring the first male to finish in 1. If I put 2 with male genereo, consultation maculino the first document will end with 2 and so on. Well this extension generates an html file which you guys can change the name from the code (Line 4) also can be changed to look feminine gender, instead of masks. Fem place. (Line 23).
Here is a screenshot.
Obviously in this file below are more data, this captures only get to see one.
Greetings ..
0 comments:
Post a Comment