In this video clip, our Hacker had a goal to execute a deface on a site using a famous
vulnerability in an also very famous Guest book, Advanced Guestbook 2.2.
In an instance he opens a browser and Google vomits out a few thousands
of potentially vulnerable victims.
Not on all servers will there be a permission to write anything we want
onto files, but to our Hero, this specific situation is most interesting.
Without any effort having found the needed server and not going out of
frames of courtesy, our Hacker injects instead of a lawful admins password,
a few simple magical combinations:
) OR (1=1
and finds himself inside an Administrators Panel.
Not delaying a single minute, having edited a Template and input a simple script
if(!empty($_GET['c'])) {
echo '
