API tools faq
paste
Advertisement
SystemX

Italian Government - SQLI Errors - Cyber Hats

SystemX
Apr 27th, 2013
207
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.55 KB | None | 0 0
raw download clone embed print report
  1. During testing for local file inclusion vulnerabilities,
  2. SQL errors were noticed, suggesting that the scripts / parameters
  3. listed below may also be vulnerable to SQL Injection (SQLi).
  4.  
  5. -------- request --------
  6. GET /Presidente/Interventi/index.asp?txtTesto=index.asp&pg=10&a=&m=12 HTTP/1.1
  7. Host: www.governo.it
  8. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  9. Accept-Language: en
  10. Connection: Keep-Alive
  11. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  12. Pragma: no-cache
  13. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  14. ------------------------
  15.  
  16. -------- output --------
  17. <table id="tblCentrale" width="100%" cellspacing="0" cellpadding="0">
  18. <font face="Arial" size=2>
  19. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  20. nt>
  21. <p>
  22. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  23. ------------------------
  24.  
  25. -------- request --------
  26. GET /Presidenza/Comunicati/index.asp?txtTesto=index.asp&pg=6&a=&m=12 HTTP/1.1
  27. Host: www.governo.it
  28. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  29. Accept-Language: en
  30. Connection: Keep-Alive
  31. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  32. Pragma: no-cache
  33. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  34. ------------------------
  35.  
  36. -------- output --------
  37.  
  38. <font face="Arial" size=2>
  39. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  40. nt>
  41. <p>
  42. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  43. ------------------------
  44.  
  45. -------- request --------
  46. GET /Presidente/Comunicati/index.asp?txtTesto=index.asp&pg=16&a=&m=12 HTTP/1.1
  47. Host: www.governo.it
  48. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  49. Accept-Language: en
  50. Connection: Keep-Alive
  51. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  52. Pragma: no-cache
  53. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  54. ------------------------
  55.  
  56. -------- output --------
  57. <table id="tblCentrale" width="100%" cellspacing="0" cellpadding="0">
  58. <font face="Arial" size=2>
  59. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  60. nt>
  61. <p>
  62. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  63. ------------------------
  64.  
  65. -------- request --------
  66. GET /Governo/ConsiglioMinistri/index.asp?txtTesto=index.asp&pg=1&a=&m=12 HTTP/1.1
  67. Host: www.governo.it
  68. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  69. Accept-Language: en
  70. Connection: Keep-Alive
  71. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  72. Pragma: no-cache
  73. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  74. ------------------------
  75.  
  76. -------- output --------
  77. </tr>
  78. <font face="Arial" size=2>
  79. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  80. nt>
  81. <p>
  82. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  83. ------------------------
  84.  
  85. -------- request --------
  86. GET /GovernoInforma/Multimedia/index.asp?txtTesto=index.asp&pg=16&a=&m=12 HTTP/1.1
  87. Host: www.governo.it
  88. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  89. Accept-Language: en
  90. Connection: Keep-Alive
  91. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  92. Pragma: no-cache
  93. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  94. ------------------------
  95.  
  96. -------- output --------
  97. </tr>
  98. <font face="Arial" size=2>
  99. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  100. nt>
  101. <p>
  102. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  103. ------------------------
  104.  
  105. -------- request --------
  106. GET /Notizie/Palazzo%20Chigi/index.asp?txtTesto=index.asp&pg=16&a=&m=12 HTTP/1.1
  107. Host: www.governo.it
  108. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  109. Accept-Language: en
  110. Connection: Keep-Alive
  111. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  112. Pragma: no-cache
  113. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  114. ------------------------
  115.  
  116. -------- output --------
  117.  
  118. <font face="Arial" size=2>
  119. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  120. nt>
  121. <p>
  122. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  123. ------------------------
  124.  
  125. -------- request --------
  126. GET /Notizie/Presidenza/index.asp?txtTesto=index.asp&pg=16&a=&m=12 HTTP/1.1
  127. Host: www.governo.it
  128. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  129. Accept-Language: en
  130. Connection: Keep-Alive
  131. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  132. Pragma: no-cache
  133. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  134. ------------------------
  135.  
  136. -------- output --------
  137.  
  138. <font face="Arial" size=2>
  139. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  140. nt>
  141. <p>
  142. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  143. ------------------------
  144.  
  145. -------- request --------
  146. GET /Notizie/Ministeri/index.asp?txtTesto=index.asp&pg=16&a=&m=12 HTTP/1.1
  147. Host: www.governo.it
  148. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  149. Accept-Language: en
  150. Connection: Keep-Alive
  151. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  152. Pragma: no-cache
  153. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  154. ------------------------
  155.  
  156. -------- output --------
  157.  
  158. <font face="Arial" size=2>
  159. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  160. nt>
  161. <p>
  162. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  163. ------------------------
  164.  
  165. -------- request --------
  166. GET /Governo/Provvedimenti/index.asp?txtTesto=index.asp&pg=16&a=&m=11 HTTP/1.1
  167. Host: www.governo.it
  168. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  169. Accept-Language: en
  170. Connection: Keep-Alive
  171. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  172. Pragma: no-cache
  173. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  174. ------------------------
  175.  
  176. -------- output --------
  177. </tr>
  178. <font face="Arial" size=2>
  179. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  180. nt>
  181. <p>
  182. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  183. ------------------------
  184.  
  185. -------- request --------
  186. GET /GovernoInforma/Comunicati/index.asp?txtTesto=index.asp&pg=16&m=&a= HTTP/1.1
  187. Host: www.governo.it
  188. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  189. Accept-Language: en
  190. Connection: Keep-Alive
  191. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  192. Pragma: no-cache
  193. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  194. ------------------------
  195.  
  196. -------- output --------
  197.  
  198. <font face="Arial" size=2>
  199. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  200. nt>
  201. <p>
  202. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  203. ------------------------
  204.  
  205. -------- request --------
  206. GET /GovernoInforma/Dossier/index.asp?txtTesto=index.asp&pg=1&a=&m=12 HTTP/1.1
  207. Host: www.governo.it
  208. Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
  209. Accept-Language: en
  210. Connection: Keep-Alive
  211. User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
  212. Pragma: no-cache
  213. Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
  214. ------------------------
  215.  
  216. -------- output --------
  217. <table id="tblCentrale" width="100%" cellpadding="0" cellspacing="0">
  218. <font face="Arial" size=2>
  219. <p>ADODB.Recordset</font> <font face="Arial" size=2>error '800a0bcd'</fo
  220. nt>
  221. <p>
  222. <font face="Arial" size=2>Either BOF or EOF is True, or the curren [...]
  223. ------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!