OpFuckMohammad - iraniangas.ir

1. OpFuckMohammad
2.  
3. Greetings from th3inf1d3l - a small leak from the english site of the National Irainian Gas Company, www.iraniangas.ir at 217.218.111.11. Download is too slow for me and as I have only some few weeks left, here is what I got: 9 breached accounts with plaintext passwords. I have also listed some login pages that I have not looked into so Enjoy
4.  
5. The farsi site is www.nigc.ir, their mail login site is http://mail.nigc.ir/ and another login site is at 130.185.75.3.
6.  
7. c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\85218f38\d581d4df\App_Web_login.aspx.cdcab7d2.d4ns8zxs.0.cs
8. [ViewStateException: Invalid viewstate.
9. Client IP: 10.1.1.1
10. Port: 53275
11. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10
12. ViewState: /wEPDwUKLTIzMjQwMTUzMw9kFgJmD2QWAgIBD2QWAgIBD2QWAgIBDw8WBB4EVGV4dAVNQ29udmVyc2lvbiBmYWlsZWQgd2hlbiBjb252ZXJ0aW5nIHRoZSBudmFyY2hhciB2YWx1ZSAna2FmaScgdG8gZGF0YSB0eXBlIGludC4eB1Zpc2libGVnZGQYAQUgY3RsMDAkQ29udGVudFBsYWNlSG9sZGVyMSRjY0pvaW4PBSQxNDVjMmQwMS1lYTdkLTQyZDMtOGM5NS03Yzk0MzdmZTU3N2NkMZZ2LkT5vsyq7Jq4N7xCbPq9aJc=
13. Referer:
14. Path: /Login.aspx]
15.  
16. web server operating system: Windows 2003
17. web application technology: ASP.NET, Microsoft IIS 6.0, ASP
18. back-end DBMS: Microsoft SQL Server 2005
19.  
20. database management system users:
21. personal_user
22. sa
23.  
24. Table: GasPersonal_OPR
25. "OPR_UID","OPR_PWD","OPR_NAME_E"
26. "kafi",";hhhtd","Ahmad Reza Kafi"
27. "samadi",13351206,"Naser Samadi Oskui"
28. "punch1",159987,"Panchist No.1"
29. "razavi",5174290,"Seyed Hosein Razavi"
30. "shahreza",6858,"Mehdi Shahreza"
31. "dalaei","azad","Azadeh Dalaei"
32. "bahman","behnam70","Bahman Taheri Khameneh"
33. "lashgari","qermezete60","Mohammad Reza Lashgari"
34. "ahadi","sara","Sara Ahadi"
35.  
36. Table: MAIL8704_3
37. PID,UID,EMa,EDo
38. 054878,ahmad.assadi,<blank>,<blank>
39. 054944,saeidifar,<blank>,<blank>
40. 055188,talebi,<blank>,<blank>
41. 055208,ma_mohammadi,<blank>,<blank>
42. 055247,abdollahi_n,<blank>,<blank>
43. 055391,TAVALLAEE_MH,<blank>,<blank>
44. 055536,m.zakersafaee,<blank>,<blank>
45. 055577,ramazanali.rezaei,<blank>,<blank>
46. 055705,salahshoor,<blank>,<blank>
47. 055709,pourahmadi,<blank>,<blank>
48. 055755,MOGHADDASI_MO,<blank>,<blank>
49. 055760,SHAMSHIRIMILANI,<blank>,<blank>
50. 055982,MOHAMADIAN_M,<blank>,<blank>
51. 056216,mirzamohammadi,<blank>,<blank>
52. 056259,ma_saadatmand,<blank>,<blank>
53. 056266,seyfoori,<blank>,<blank>
54. 056267,M_FOROUZESH,<blank>,<blank>
55. 056313,meshksar_mh,<blank>,<blank>
56. 056530,MOSLEMI_GHH,<blank>,<blank>
57. 056583,ZARGHAM,<blank>,<blank>
58. 056941,sabzevari,<blank>,<blank>
59. 057051,D_MEHDIZADEH,<blank>,<blank>
60. 057075,HASAN.SAMIEZADEH,<blank>,<blank>
61. 057091,satari,<blank>,<blank>
62. 057096,A_MALEKIZADEH,<blank>,<blank>
63. 057100,a.zarrabi,<blank>,<blank>
64. 057251,abbass.allafimarand,<blank>,<blank>
65. 057368,jalayer,<blank>,<blank>
66. 057475,hosseinimand,<blank>,<blank>
67. 057508,J_HASHEMI,<blank>,<blank>
68. 057509,KH_SAMIEI,<blank>,<blank>
69. 057600,karimi,<blank>,<blank>
70. 057707,A-MOTAMEDI,<blank>,<blank>
71. 057786,h_moghim,<blank>,<blank>
72. 057876,m.rassasian,<blank>,<blank>
73. 057967,s.mehdi.abedian,<blank>,<blank>
74. 057992,zojaji,<blank>,<blank>
75. 058016,torof,<blank>,<blank>
76. 058246,m.ahmadipourdavani,<blank>,<blank>
77. 058377,M_LATIFI,<blank>,<blank>
78. 058406,feizpour,<blank>,<blank>
79.  
80. Databases: 101 but most had no tables
81. NIGCPersonal, msdb, master, PazhoheshMgrDatabase
82.  
83. Database: NIGCPersonal
84. [14 tables]
85. +---------------------------------------------------------+
86. | dbo.GasDic05 |
87. | dbo.GasPersonal |
88. | dbo.GasPersonalM |
89. | dbo.GasPersonal_DEDU |
90. | dbo.GasPersonal_EDU |
91. | dbo.GasPersonal_OPR |
92. | dbo.MAIL8704 |
93. | dbo.MAIL8704_3 |
94. | dbo.OnlyEMailStatement8703 |
95. | dbo.PID899_8703 |
96. | dbo.S8703 |
97. | dbo.TBLNEW |
98. | dbo.VIW_GasPersonal |
99. | dbo.dtproperties |
100. +---------------------------------------------------------+
101.  
102. Database: msdb
103. [9 tables]
104. +---------------------------------------------------------+
105. | dbo.backupfile |
106. | dbo.backupmediafamily |
107. | dbo.backupmediaset |
108. | dbo.backupset |
109. | dbo.logmarkhistory |
110. | dbo.restorefile |
111. | dbo.restorefilegroup |
112. | dbo.restorehistory |
113. | dbo.suspect_pages |
114. +---------------------------------------------------------+
115.  
116. Database: master
117. [289 tables]
118. +---------------------------------------------------------+
119. | dbo.[INFORMATION_SCHEMA.CHECK_CONSTRAINTS] |
120. | dbo.[INFORMATION_SCHEMA.COLUMNS] |
121. | dbo.[INFORMATION_SCHEMA.COLUMN_DOMAIN_USAGE] |
122. | dbo.[INFORMATION_SCHEMA.COLUMN_PRIVILEGES] |
123. | dbo.[INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE] |
124. | dbo.[INFORMATION_SCHEMA.CONSTRAINT_TABLE_USAGE] |
125. | dbo.[INFORMATION_SCHEMA.DOMAINS] |
126. | dbo.[INFORMATION_SCHEMA.DOMAIN_CONSTRAINTS] |
127. | dbo.[INFORMATION_SCHEMA.KEY_COLUMN_USAGE] |
128. | dbo.[INFORMATION_SCHEMA.PARAMETERS] |
129. | dbo.[INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS] |
130. | dbo.[INFORMATION_SCHEMA.ROUTINES] |
131. | dbo.[INFORMATION_SCHEMA.ROUTINE_COLUMNS] |
132. | dbo.[INFORMATION_SCHEMA.SCHEMATA] |
133. | dbo.[INFORMATION_SCHEMA.TABLES] |
134. | dbo.[INFORMATION_SCHEMA.TABLE_CONSTRAINTS] |
135. | dbo.[INFORMATION_SCHEMA.TABLE_PRIVILEGES] |
136. | dbo.[INFORMATION_SCHEMA.VIEWS] |
137. | dbo.[INFORMATION_SCHEMA.VIEW_COLUMN_USAGE] |
138. | dbo.[INFORMATION_SCHEMA.VIEW_TABLE_USAGE] |
139. | dbo.[sys.all_columns] |
140. | dbo.[sys.all_objects] |
141. | dbo.[sys.all_parameters] |
142. | dbo.[sys.all_sql_modules] |
143. | dbo.[sys.all_views] |
144. | dbo.[sys.allocation_units] |
145. | dbo.[sys.assemblies] |
146. | dbo.[sys.assembly_files] |
147. | dbo.[sys.assembly_modules] |
148. | dbo.[sys.assembly_references] |
149. | dbo.[sys.assembly_types] |
150. | dbo.[sys.asymmetric_keys] |
151. | dbo.[sys.backup_devices] |
152. | dbo.[sys.certificates] |
153. | dbo.[sys.check_constraints] |
154. | dbo.[sys.column_type_usages] |
155. | dbo.[sys.column_xml_schema_collection_usages] |
156. | dbo.[sys.columns] |
157. | dbo.[sys.computed_columns] |
158. | dbo.[sys.configurations] |
159. | dbo.[sys.conversation_endpoints] |
160. | dbo.[sys.conversation_groups] |
161. | dbo.[sys.credentials] |
162. | dbo.[sys.crypt_properties] |
163. | dbo.[sys.data_spaces] |
164. | dbo.[sys.database_files] |
165. | dbo.[sys.database_mirroring] |
166. | dbo.[sys.database_mirroring_endpoints] |
167. | dbo.[sys.database_mirroring_witnesses] |
168. | dbo.[sys.database_permissions] |
169. | dbo.[sys.database_principal_aliases] |
170. | dbo.[sys.database_principals] |
171. | dbo.[sys.database_recovery_status] |
172. | dbo.[sys.database_role_members] |
173. | dbo.[sys.databases] |
174. | dbo.[sys.default_constraints] |
175. | dbo.[sys.destination_data_spaces] |
176. | dbo.[sys.dm_broker_activated_tasks] |
177. | dbo.[sys.dm_broker_connections] |
178. | dbo.[sys.dm_broker_forwarded_messages] |
179. | dbo.[sys.dm_broker_queue_monitors] |
180. | dbo.[sys.dm_clr_appdomains] |
181. | dbo.[sys.dm_clr_loaded_assemblies] |
182. | dbo.[sys.dm_clr_properties] |
183. | dbo.[sys.dm_clr_tasks] |
184. | dbo.[sys.dm_db_file_space_usage] |
185. | dbo.[sys.dm_db_index_usage_stats] |
186. | dbo.[sys.dm_db_mirroring_connections] |
187. | dbo.[sys.dm_db_missing_index_details] |
188. | dbo.[sys.dm_db_missing_index_group_stats] |
189. | dbo.[sys.dm_db_missing_index_groups] |
190. | dbo.[sys.dm_db_partition_stats] |
191. | dbo.[sys.dm_db_session_space_usage] |
192. | dbo.[sys.dm_db_task_space_usage] |
193. | dbo.[sys.dm_exec_background_job_queue] |
194. | dbo.[sys.dm_exec_background_job_queue_stats] |
195. | dbo.[sys.dm_exec_cached_plans] |
196. | dbo.[sys.dm_exec_connections] |
197. | dbo.[sys.dm_exec_query_optimizer_info] |
198. | dbo.[sys.dm_exec_query_stats] |
199. | dbo.[sys.dm_exec_query_transformation_stats] |
200. | dbo.[sys.dm_exec_requests] |
201. | dbo.[sys.dm_exec_sessions] |
202. | dbo.[sys.dm_fts_active_catalogs] |
203. | dbo.[sys.dm_fts_index_population] |
204. | dbo.[sys.dm_fts_memory_buffers] |
205. | dbo.[sys.dm_fts_memory_pools] |
206. | dbo.[sys.dm_fts_population_ranges] |
207. | dbo.[sys.dm_io_backup_tapes] |
208. | dbo.[sys.dm_io_cluster_shared_drives] |
209. | dbo.[sys.dm_io_pending_io_requests] |
210. | dbo.[sys.dm_os_buffer_descriptors] |
211. | dbo.[sys.dm_os_child_instances] |
212. | dbo.[sys.dm_os_cluster_nodes] |
213. | dbo.[sys.dm_os_hosts] |
214. | dbo.[sys.dm_os_latch_stats] |
215. | dbo.[sys.dm_os_loaded_modules] |
216. | dbo.[sys.dm_os_memory_allocations] |
217. | dbo.[sys.dm_os_memory_cache_clock_hands] |
218. | dbo.[sys.dm_os_memory_cache_counters] |
219. | dbo.[sys.dm_os_memory_cache_entries] |
220. | dbo.[sys.dm_os_memory_cache_hash_tables] |
221. | dbo.[sys.dm_os_memory_clerks] |
222. | dbo.[sys.dm_os_memory_objects] |
223. | dbo.[sys.dm_os_memory_pools] |
224. | dbo.[sys.dm_os_performance_counters] |
225. | dbo.[sys.dm_os_ring_buffers] |
226. | dbo.[sys.dm_os_schedulers] |
227. | dbo.[sys.dm_os_stacks] |
228. | dbo.[sys.dm_os_sublatches] |
229. | dbo.[sys.dm_os_sys_info] |
230. | dbo.[sys.dm_os_tasks] |
231. | dbo.[sys.dm_os_threads] |
232. | dbo.[sys.dm_os_virtual_address_dump] |
233. | dbo.[sys.dm_os_wait_stats] |
234. | dbo.[sys.dm_os_waiting_tasks] |
235. | dbo.[sys.dm_os_worker_local_storage] |
236. | dbo.[sys.dm_os_workers] |
237. | dbo.[sys.dm_qn_subscriptions] |
238. | dbo.[sys.dm_repl_articles] |
239. | dbo.[sys.dm_repl_schemas] |
240. | dbo.[sys.dm_repl_tranhash] |
241. | dbo.[sys.dm_repl_traninfo] |
242. | dbo.[sys.dm_tran_active_snapshot_database_transactions] |
243. | dbo.[sys.dm_tran_active_transactions] |
244. | dbo.[sys.dm_tran_current_snapshot] |
245. | dbo.[sys.dm_tran_current_transaction] |
246. | dbo.[sys.dm_tran_database_transactions] |
247. | dbo.[sys.dm_tran_locks] |
248. | dbo.[sys.dm_tran_session_transactions] |
249. | dbo.[sys.dm_tran_top_version_generators] |
250. | dbo.[sys.dm_tran_transactions_snapshot] |
251. | dbo.[sys.dm_tran_version_store] |
252. | dbo.[sys.endpoint_webmethods] |
253. | dbo.[sys.endpoints] |
254. | dbo.[sys.event_notification_event_types] |
255. | dbo.[sys.event_notifications] |
256. | dbo.[sys.events] |
257. | dbo.[sys.extended_procedures] |
258. | dbo.[sys.extended_properties] |
259. | dbo.[sys.filegroups] |
260. | dbo.[sys.foreign_key_columns] |
261. | dbo.[sys.foreign_keys] |
262. | dbo.[sys.fulltext_catalogs] |
263. | dbo.[sys.fulltext_document_types] |
264. | dbo.[sys.fulltext_index_catalog_usages] |
265. | dbo.[sys.fulltext_index_columns] |
266. | dbo.[sys.fulltext_indexes] |
267. | dbo.[sys.fulltext_languages] |
268. | dbo.[sys.http_endpoints] |
269. | dbo.[sys.identity_columns] |
270. | dbo.[sys.index_columns] |
271. | dbo.[sys.indexes] |
272. | dbo.[sys.internal_tables] |
273. | dbo.[sys.key_constraints] |
274. | dbo.[sys.key_encryptions] |
275. | dbo.[sys.linked_logins] |
276. | dbo.[sys.login_token] |
277. | dbo.[sys.master_files] |
278. | dbo.[sys.master_key_passwords] |
279. | dbo.[sys.message_type_xml_schema_collection_usages] |
280. | dbo.[sys.messages] |
281. | dbo.[sys.module_assembly_usages] |
282. | dbo.[sys.numbered_procedure_parameters] |
283. | dbo.[sys.numbered_procedures] |
284. | dbo.[sys.objects] |
285. | dbo.[sys.openkeys] |
286. | dbo.[sys.parameter_type_usages] |
287. | dbo.[sys.parameter_xml_schema_collection_usages] |
288. | dbo.[sys.parameters] |
289. | dbo.[sys.partition_functions] |
290. | dbo.[sys.partition_parameters] |
291. | dbo.[sys.partition_range_values] |
292. | dbo.[sys.partition_schemes] |
293. | dbo.[sys.partitions] |
294. | dbo.[sys.plan_guides] |
295. | dbo.[sys.procedures] |
296. | dbo.[sys.remote_logins] |
297. | dbo.[sys.remote_service_bindings] |
298. | dbo.[sys.routes] |
299. | dbo.[sys.schemas] |
300. | dbo.[sys.securable_classes] |
301. | dbo.[sys.server_assembly_modules] |
302. | dbo.[sys.server_event_notifications] |
303. | dbo.[sys.server_events] |
304. | dbo.[sys.server_permissions] |
305. | dbo.[sys.server_principals] |
306. | dbo.[sys.server_role_members] |
307. | dbo.[sys.server_sql_modules] |
308. | dbo.[sys.server_trigger_events] |
309. | dbo.[sys.server_triggers] |
310. | dbo.[sys.servers] |
311. | dbo.[sys.service_broker_endpoints] |
312. | dbo.[sys.service_contract_message_usages] |
313. | dbo.[sys.service_contract_usages] |
314. | dbo.[sys.service_contracts] |
315. | dbo.[sys.service_message_types] |
316. | dbo.[sys.service_queue_usages] |
317. | dbo.[sys.service_queues] |
318. | dbo.[sys.services] |
319. | dbo.[sys.soap_endpoints] |
320. | dbo.[sys.sql_dependencies] |
321. | dbo.[sys.sql_logins] |
322. | dbo.[sys.sql_modules] |
323. | dbo.[sys.stats] |
324. | dbo.[sys.stats_columns] |
325. | dbo.[sys.symmetric_keys] |
326. | dbo.[sys.synonyms] |
327. | dbo.[sys.sysaltfiles] |
328. | dbo.[sys.syscacheobjects] |
329. | dbo.[sys.syscharsets] |
330. | dbo.[sys.syscolumns] |
331. | dbo.[sys.syscomments] |
332. | dbo.[sys.sysconfigures] |
333. | dbo.[sys.sysconstraints] |
334. | dbo.[sys.syscurconfigs] |
335. | dbo.[sys.syscursorcolumns] |
336. | dbo.[sys.syscursorrefs] |
337. | dbo.[sys.syscursors] |
338. | dbo.[sys.syscursortables] |
339. | dbo.[sys.sysdatabases] |
340. | dbo.[sys.sysdepends] |
341. | dbo.[sys.sysdevices] |
342. | dbo.[sys.sysfilegroups] |
343. | dbo.[sys.sysfiles] |
344. | dbo.[sys.sysforeignkeys] |
345. | dbo.[sys.sysfulltextcatalogs] |
346. | dbo.[sys.sysindexes] |
347. | dbo.[sys.sysindexkeys] |
348. | dbo.[sys.syslanguages] |
349. | dbo.[sys.syslockinfo] |
350. | dbo.[sys.syslogins] |
351. | dbo.[sys.sysmembers] |
352. | dbo.[sys.sysmessages] |
353. | dbo.[sys.sysobjects] |
354. | dbo.[sys.sysoledbusers] |
355. | dbo.[sys.sysopentapes] |
356. | dbo.[sys.sysperfinfo] |
357. | dbo.[sys.syspermissions] |
358. | dbo.[sys.sysprocesses] |
359. | dbo.[sys.sysprotects] |
360. | dbo.[sys.sysreferences] |
361. | dbo.[sys.sysremotelogins] |
362. | dbo.[sys.syssegments] |
363. | dbo.[sys.sysservers] |
364. | dbo.[sys.system_columns] |
365. | dbo.[sys.system_components_surface_area_configuration] |
366. | dbo.[sys.system_internals_allocation_units] |
367. | dbo.[sys.system_internals_partition_columns] |
368. | dbo.[sys.system_internals_partitions] |
369. | dbo.[sys.system_objects] |
370. | dbo.[sys.system_parameters] |
371. | dbo.[sys.system_sql_modules] |
372. | dbo.[sys.system_views] |
373. | dbo.[sys.systypes] |
374. | dbo.[sys.sysusers] |
375. | dbo.[sys.tables] |
376. | dbo.[sys.tcp_endpoints] |
377. | dbo.[sys.trace_categories] |
378. | dbo.[sys.trace_columns] |
379. | dbo.[sys.trace_event_bindings] |
380. | dbo.[sys.trace_events] |
381. | dbo.[sys.trace_subclass_values] |
382. | dbo.[sys.traces] |
383. | dbo.[sys.transmission_queue] |
384. | dbo.[sys.trigger_events] |
385. | dbo.[sys.triggers] |
386. | dbo.[sys.type_assembly_usages] |
387. | dbo.[sys.types] |
388. | dbo.[sys.user_token] |
389. | dbo.[sys.via_endpoints] |
390. | dbo.[sys.views] |
391. | dbo.[sys.xml_indexes] |
392. | dbo.[sys.xml_schema_attributes] |
393. | dbo.[sys.xml_schema_collections] |
394. | dbo.[sys.xml_schema_component_placements] |
395. | dbo.[sys.xml_schema_components] |
396. | dbo.[sys.xml_schema_elements] |
397. | dbo.[sys.xml_schema_facets] |
398. | dbo.[sys.xml_schema_model_groups] |
399. | dbo.[sys.xml_schema_namespaces] |
400. | dbo.[sys.xml_schema_types] |
401. | dbo.[sys.xml_schema_wildcard_namespaces] |
402. | dbo.[sys.xml_schema_wildcards] |
403. | dbo.spt_fallback_db |
404. | dbo.spt_fallback_dev |
405. | dbo.spt_fallback_usg |
406. | dbo.spt_monitor |
407. | dbo.spt_values |
408. +---------------------------------------------------------+
409.  
410. Database: PazhoheshMgrDatabase
411. [4 tables]
412. +---------------------------------------------------------+
413. | dbo.Territories |
414. | dbo.[] |
415. | dbo.[] |
416. | dbo.[\x11] |
417. +---------------------------------------------------------+
418.  
419. @th3inf1d3l