lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <AANLkTikNZDq6AjFcc0w1AmMwzXn3n6-Hjqt_6ELdBHXj@mail.gmail.com>
Date: Sun, 27 Mar 2011 18:41:55 -0300
From: Guilherme Scombatti <guiscombatti@...il.com>
To: Cal Leeming <cal@...whisper.co.uk>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>,
	Jack haxor <jackh4xor@...ky0u.org>
Subject: Re: MySQL.com Vulnerable To Blind SQL Injection
	Vulnerability

pangolin or havij?

lol

On Sun, Mar 27, 2011 at 8:54 AM, Cal Leeming <cal@...whisper.co.uk> wrote:

> lmao.
>
> Was this accomplished using standard pattern from sqlmap, or did you make
> your own?
>
> On Sun, Mar 27, 2011 at 6:46 AM, Jack haxor <jackh4xor@...ky0u.org> wrote:
>
>>
>>
>> ---------------------------------------------------------------------------------------
>> [+] MySQL.com Vulnerable To Blind SQL Injection vulnerability
>> [+] Author: Jackh4xor @ w4ck1ng
>> [+] Site: http://www.jackh4xor.com
>>
>> ---------------------------------------------------------------------------------------
>>
>> About MySQL.com :
>>
>> --------------------------------------------------------------------------------------------------------------------
>>
>> The Mysql website offers database software, services and support for your
>> business, including the Enterprise server, the Network monitoring and
>> advisory services and the production support. The wide range of products
>> include: Mysql clusters, embedded database, drivers for JDBC, ODBC and Net,
>> visual database tools (query browser, migration toolkit) and last but not
>> least the MaxDB- the open source database certified for SAP/R3. The Mysql
>> services are also made available for you. Choose among the Mysql training
>> for database solutions, Mysql certification for the Developers and DBAs,
>> Mysql consulting and support. It makes no difference if you are new in the
>> database technology or a skilled developer of DBA, Mysql proposes services
>> of all sorts for their customers.
>>
>> --------------------------------------------------------------------------------------------------------------------
>>
>>
>>
>> Vulnerable Target  :   http://mysql.com/customers/view/index.html?id=1170
>> Host IP                  :   213.136.52.29
>> Web Server           :   Apache/2.2.15 (Fedora)
>> Powered-by           :   PHP/5.2.13
>> Injection Type        :   MySQL Blind
>> Current DB             :   web
>>
>> Data Bases:
>>
>> information_schema
>> bk
>> certification
>> c?ashme
>> cust_sync_interim
>> customer
>> dbasavings
>> downloads
>> feedback
>> glassfish_interface
>> intranet
>> kaj
>> license_customers
>> manual
>> manual_search
>> mem
>> mysql
>> mysqlforge
>> mysqlweb
>> news_events
>> partner_t?aining
>> partners
>> partners_bak
>> phorum5
>> planetmysql
>> qa_contribution
>> quickpoll
>> robin
>> rp
>> sampo
>> sampo_interface
>> sessions
>> softrax
>> softrax_interim
>> solutions
>> tco
>> test
>> track
>> track_refer
>> wb
>> web
>> web_control
>> web_projects
>> web_training
>> webwiki
>> wordpress
>> zack
>>
>> Current DB: web
>>
>> Tables
>>
>> xing_validation
>> v_web_submissions
>> userbk
>> user_extra
>>
>> user  Columns: cwpid version lead_quality sfid industry address2 created
>> last_modified lang notify newsletter gid title fax cell phone country
>> zipcode state city address business company position lastname firstname
>> passwd verified bounces email user_id
>>
>> us_zip_state
>> us_area_state
>> unsub_log
>> trials
>> trial_external_log
>> trial_data
>> trial_alias
>> training_redirect
>> tag_blacklist
>> tag_applied
>> tag
>> support_feeds_DROP
>> support_entries_DROP
>> states
>> snapshots_builds
>> snapshots
>> sakilapoints
>> regions
>> quote_customer
>> quote
>> quicklinks
>> promo
>> product_releases
>> position
>> partner
>> paper_lead
>> paper_details_options
>> paper_details_old
>> paper_details
>> paper
>> newsletter_unsub
>> nav_sites
>> nav_items
>> mysql_history
>> mirror_status
>> mirror_country
>> mirror_continent
>> mirror
>> mailing_list_member
>> mailing_list
>> locks
>> lead_validity_rules
>> lead_source_xref
>> lead_source_external
>> lead_source
>> lead_routing_rule
>> lead_rep
>> lead_old
>> lead_note
>> lead_extra_old
>> lead_extra_new
>> lead_extra
>> lead_companies
>> lead_campaign_member
>> lead
>> language_strings
>> language_modules
>> imagecache
>> hall_of_fame
>> g_search_term
>> g_search_data
>> g_blog_data
>> forum_comment
>> forms
>> field_xref
>> field_options
>> field_match
>> email_blacklist
>> email_a_friend
>> drpl_manual_review
>> drpl_denied
>> drpl_check_log
>> drpl_cache
>> customer_meta_sets
>> customer_meta_set
>> customer_meta
>> customer
>> coupon_product
>> coupon_campaign_attribute
>> coupon_campaign
>> coupon
>> country
>> countries
>> campaign_type
>> campaign_topic
>> campaign_score
>> campaign_listdata
>> campaign_detail
>> business
>> bounces
>>
>> Database : mysql
>> Table:
>>
>> user_info
>>
>> user     Column: Update_pri Insert_priv Select_priv Password User Host
>>
>> time_zone_transition_type
>> time_zone_transition
>> time_zone_name
>> time_zone_leap_second
>> time_zone
>> tables_priv
>> slow_log
>> ?ervers
>> procs_priv
>> proc
>> plugin
>> ndb_binlog_index
>> inventory
>> host
>> help_topic
>> help_relation
>> help_keyword
>> help_category
>> general_log
>> func
>> event
>> db
>> columns_priv
>>
>>
>> # mysql.user Data
>>
>> Password                                      User            Host
>>                                                 wembaster     %
>>                                             monitor     10.%
>>                                             sys             %
>>                                             sys             localhost
>> *06581D0A5474DFF4D5DA3CE0CD7702FA52601412     forumread     %
>> *0702AEBF8E92A002E95D40247776E1A67CD2CA3F     wb             %
>> *2A57F767D29295B3CB8D01C760D9939649483F85     flipper     10.%
>> *32F623705BFFFE682E7BD18D5357B38EF8A5BAA9     wordpress     %
>> *66A905D4110DF14B41D585FDBCE0666AD13DD8C1     nagios             %
>> *704EB56151317F27573BB4DDA98EDF00FFABAAF8     root             localhost
>> *ED1BDC19B08FD41017EE180169E5CEB2C77F941A     mysqlforge     %
>> *FD75B177FFEC3590FE5D7E8459B3DDC60AE8147B     webleads     10.%
>> 00680dd718880337                             olof             %
>> 077f61a849269b62     qa_r     %
>> 077f61a849269b62     qa_rw     %
>> 077f61a849269b62     qa_adm     %
>> 0c2f46ba6b87d4ea     trials_admin     10.%
>> 1856b9b03b5a6f47     cacti     %
>> 19519e95545509b5     certification     %
>> 1a39dcad63bbc7a6     gf_mschiff     %
>> 2277fd7d562ec459     webslave     localhost
>> 2277fd7d562ec459     webslave     %
>> 304404b114b5516c     planetmysql_rw     %
>> 35e376451a87adb0     planetmysql_ro     %
>> 4e203d581b756a93     webmaster     localhost
>> 4e203d581b756a93     webmaster     %
>> 4e93479179a8ec93     sysadm     %
>> 575ec47e16c7e20e     phorum5     %
>> 575ec47e16c7e20e     lenz     %
>> 5f340ec40a706f64     robin     %
>> 61113da02d2c97a5     regdata     %
>> 616075f256f111ba     myadmin     10.100.6.44
>> 61711eea3de509ac     merlin     127.0.0.1
>> 6302de0909a369a1     ebraswell     %
>> 6b72b2824cc7f6fe     mysqlweb     %
>> 6ffd2b17498cdd44     zack     %
>> 70599cf351c6f591     repl     %
>> 740284817e3ed5a8     webwiki     %
>> 74c5529b41a97cc2     web_projects
>>
>> Databsae: web_control
>>
>> Table:
>> system
>> system_command
>> service_request
>> run_control
>> request_daemon
>> rebuild_server
>> rebuild_queue
>> rebuild_control
>> quarterly_lead_report
>> newsletter_log
>> newsletter_control
>> ips
>> hosts  Columns:notes description name
>> dns_servers Columns: name internal ip
>>
>>
>> Database: certification
>>
>> Tables:
>> signup
>> corpcustomers
>> certexamdata
>> certcandidatedata
>> certaccess
>>
>>
>> Database: wordpress
>>
>> Tables:
>>
>> wp_4_term_taxonom
>> wp_4_term_relationships
>> wp_4_posts
>> wp_4_postmeta
>> wp_4_options
>> wp_4_links
>> wp_4_comments
>> wp_3_terms
>> wp_3_term_taxonomy
>> wp_3_term_relationships
>> wp_3_posts
>> wp_3_postmeta
>> wp_3_options
>> wp_3_links
>> wp_3_comments
>> wp_2_terms
>> wp_2_term_taxonomy
>> wp_2_term_relationships
>> wp_2_posts
>> wp_2_postmeta
>> wp_2_options
>> wp_2_links
>> wp_2_comments
>> wp_1_terms
>> wp_1_term_taxonomy
>> wp_1_term_relationships
>> wp_1_posts
>> wp_1_postmeta
>> wp_1_options
>> wp_1_links
>> wp_1_comments
>> wp_11_terms
>> wp_11_term_taxonomy
>> wp_11_term_relationships
>> wp_11_posts
>> wp_11_postmeta
>> wp_11_options
>> wp_11_links
>> wp_11_comments
>> wp_10_terms
>> wp_10_term_taxonomy
>> wp_10_term_relationships
>> wp_10_posts
>> wp_10_postmeta
>> wp_10_options
>> wp_10_links
>> wp_10_comments
>> remove_queries
>>
>>
>>
>> Database: bk
>>
>> Table:
>> wp_backupterm_taxonomy
>> wp_backupterm_relationships
>> wp_backupposts
>> wp_backuppostmeta
>> wp_backupoptions
>> wp_backuplinks
>> wp_backupcomments
>>
>>
>>
>> -----------------------------------------------------------------------------------
>> Signed : Jackh4xor ! [image: Smile]
>>
>> Greetz : rooto, Mr.52, zone-hacker, w4ck1ng
>>
>> (In)Security
>>
>> -------------------------------------------------------------------------------------
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ