Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 28, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 786
Members: 0
Total: 786
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> What next ... please help with this
Post new topic  Reply to topic View previous topic :: View next topic 
What next ... please help with this
PostPosted: Fri Sep 11, 2009 6:26 pm Reply with quote
shyspy
Advanced user
Advanced user
 
Joined: Jun 08, 2009
Posts: 60




I had access to this website using sql injection. But soon the website ownder came to know about it and blocked my access.

Now I have following information to try and get access again.

1)
http://domain.domain-code/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

the result is

Code:


PHP Credits

PHP Group
Thies C. Arntzen, Stig Bakken, Shane Caraveo, Andi Gutmans, Rasmus Lerdorf, Sam Ruby, Sascha Schumann, Zeev Suraski, Jim Winstead, Andrei Zmievski

Language Design & Concept
Andi Gutmans, Rasmus Lerdorf, Zeev Suraski

PHP 5 Authors
Contribution   Authors
Zend Scripting Language Engine   Andi Gutmans, Zeev Suraski
Extension Module API   Andi Gutmans, Zeev Suraski, Andrei Zmievski
UNIX Build and Modularization   Stig Bakken, Sascha Schumann
Win32 Port   Shane Caraveo, Zeev Suraski, Wez Furlong
Server API (SAPI) Abstraction Layer   Andi Gutmans, Shane Caraveo, Zeev Suraski
Streams Abstraction Layer   Wez Furlong, Sara Golemon
PHP Data Objects Layer   Wez Furlong, Marcus Boerger, Sterling Hughes, George Schlossnagle, Ilia Alshanetsky

SAPI Modules
Contribution   Authors
AOLserver   Sascha Schumann
Apache 1.3 (apache_hooks)   Rasmus Lerdorf, Zeev Suraski, Stig Bakken, David Sklar, George Schlossnagle, Lukas Schroeder
Apache 1.3   Rasmus Lerdorf, Zeev Suraski, Stig Bakken, David Sklar
Apache 2.0 Filter   Sascha Schumann, Aaron Bannert
Apache 2.0 Handler   Ian Holsman, Justin Erenkrantz (based on Apache 2.0 Filter code)
Caudium / Roxen   David Hedbor
CGI / FastCGI   Rasmus Lerdorf, Stig Bakken, Shane Caraveo
CLI   Edin Kadribasic, Marcus Boerger, Johannes Schlueter
Continuity   Alex Leigh (based on nsapi code)
Embed   Edin Kadribasic
ISAPI   Andi Gutmans, Zeev Suraski
NSAPI   Jayakumar Muthukumarasamy, Uwe Schindler
phttpd   Thies C. Arntzen
pi3web   Holger Zimmermann
Sendmail Milter   Harald Radi
thttpd   Sascha Schumann
tux   Sascha Schumann
WebJames   Alex Waugh

Module Authors
Module   Authors
Assert   Thies C. Arntzen
BC Math   Andi Gutmans
Bzip2   Sterling Hughes
Calendar   Shane Caraveo, Colin Viebrock, Hartmut Holzgraefe, Wez Furlong
COM and .Net   Wez Furlong
ctype   Hartmut Holzgraefe
cURL   Sterling Hughes
Date/Time Support   Derick Rethans
DB-LIB (MS SQL, Sybase)   Wez Furlong, Frank M. Kromann
DBA   Sascha Schumann, Marcus Boerger
dBase   Jim Winstead
DOM   Christian Stocker, Rob Richards, Marcus Boerger
EXIF   Rasmus Lerdorf, Marcus Boerger
FBSQL   Frank M. Kromann
FDF   Uwe Steinmann
FilePro   Chad Robinson
Firebird/InterBase driver for PDO   Ard Biesheuvel
FTP   Stefan Esser, Andrew Skalski
GD imaging   Rasmus Lerdorf, Stig Bakken, Jim Winstead, Jouni Ahto, Ilia Alshanetsky, Pierre-Alain Joye, Marcus Boerger
GetText   Alex Plotnick
GNU GMP support   Stanislav Malyshev
HwAPI   Uwe Steinmann
Iconv   Rui Hirokawa, Stig Bakken, Moriyoshi Koizumi
IMAP   Rex Logan, Mark Musone, Brian Wang, Kaj-Michael Lang, Antoni Pamies Olive, Rasmus Lerdorf, Andrew Skalski, Chuck Hagenbuch, Daniel R Kalowsky
Informix   Danny Heijl, Christian Cartus, Corne' Cornelius
InterBase   Jouni Ahto, Andrew Avdeev, Ard Biesheuvel
LDAP   Amitay Isaacs, Eric Warnke, Rasmus Lerdorf, Gerrit Thomson, Stig Venaas
LIBXML   Christian Stocker, Rob Richards, Marcus Boerger, Wez Furlong, Shane Caraveo
mcrypt   Sascha Schumann, Derick Rethans
mhash   Sascha Schumann
mime_magic   Hartmut Holzgraefe
MING   Dave Hayden, Frank M. Kromann
MS SQL   Frank M. Kromann
mSQL   Zeev Suraski
Multibyte String Functions   Tsukada Takuya, Rui Hirokawa
mySQL driver for PDO   George Schlossnagle, Wez Furlong, Ilia Alshanetsky
MySQL   Zeev Suraski, Zak Greant, Georg Richter
MySQLi   Zak Greant, Georg Richter
ncurses   Ilia Alshanetsky, Wez Furlong, Hartmut Holzgraefe, Georg Richter
OCI8   Stig Bakken, Thies C. Arntzen, Andy Sautins, David Benson, Maxim Maletsky, Harald Radi, Antony Dovgal, Andi Gutmans, Wez Furlong
ODBC driver for PDO   Wez Furlong
ODBC   Stig Bakken, Andreas Karajannis, Frank M. Kromann, Daniel R. Kalowsky
OpenSSL   Stig Venaas, Wez Furlong, Sascha Kettler
Oracle (OCI) driver for PDO   Wez Furlong
pcntl   Jason Greene
Perl Compatible Regexps   Andrei Zmievski
PHP Data Objects   Wez Furlong, Marcus Boerger, Sterling Hughes, George Schlossnagle, Ilia Alshanetsky
PHP hash   Sara Golemon, Rasmus Lerdorf, Stefan Esser, Michael Wallner
Posix   Kristian Koehntopp
PostgreSQL driver for PDO   Edin Kadribasic, Ilia Alshanetsky
PostgreSQL   Jouni Ahto, Zeev Suraski, Yasuo Ohgaki, Chris Kings-Lynne
Pspell   Vlad Krupin
Readline   Thies C. Arntzen
Recode   Kristian Köhntopp
Reflection   Marcus Boerger, Timm Friebe, George Schlossnagle, Andrei Zmievski, Johannes Schlueter
Sessions   Sascha Schumann, Andrei Zmievski
Shared Memory Operations   Slava Poliakov, Ilia Alshanetsky
SimpleXML   Sterling Hughes, Marcus Boerger, Rob Richards
SNMP   Rasmus Lerdorf, Harrie Hazewinkel, Mike Jackson, Steven Lawrance, Johann Hanne
SOAP   Brad Lafountain, Shane Caraveo, Dmitry Stogov
Sockets   Chris Vandomelen, Sterling Hughes, Daniel Beulshausen, Jason Greene
SPL   Marcus Boerger
SQLite 3.x driver for PDO   Wez Furlong
SQLite   Wez Furlong, Tal Peer, Marcus Boerger, Ilia Alshanetsky
Sybase-CT   Zeev Suraski, Tom May, Timm Friebe
Sybase-DB   Zeev Suraski
System V Message based IPC   Wez Furlong
System V Semaphores   Tom May
System V Shared Memory   Christian Cartus
tidy   John Coggeshall, Ilia Alshanetsky
tokenizer   Andrei Zmievski
WDDX   Andrei Zmievski
XML   Stig Bakken, Thies C. Arntzen, Sterling Hughes
XMLReader   Rob Richards
xmlrpc   Dan Libby
XMLWriter   Rob Richards, Pierre-Alain Joye
XSL   Christian Stocker, Rob Richards
Zlib   Rasmus Lerdorf, Stefan Roehrich, Zeev Suraski, Jade Nicoletti

PHP Documentation
Authors   Mehdi Achour, Friedhelm Betz, Antony Dovgal, Nuno Lopes, Philip Olson, Georg Richter, Damien Seguy, Jakub Vrana
Editor   Gabor Hojtsy
User Note Maintainers   Mehdi Achour, Friedhelm Betz, Vincent Gevers, Aidan Lister, Nuno Lopes, Tom Sommer
Other Contributors   Previously active authors, editors and other contributors are listed in the manual.

PHP 5.1 Quality Assurance Team
Ilia Alshanetsky, Joerg Behrens, Antony Dovgal, Stefan Esser, Moriyoshi Koizumi, Magnus Maatta, Sebastian Nohn, Derick Rethans, Melvyn Sopacua, Jani Taskinen

PHP Website Team
Gabor Hojtsy, Colin Viebrock, Jim Winstead




2) http://domain.domain-code/server-status

the output is

Code:


Apache Server Status for domain

Server Version: Apache/2.2.3 (CentOS)
Server Built: Jan 15 2008 20:33:30
Current Time: Friday, 11-Sep-2009 23:37:08 IST
Restart Time: Friday, 11-Sep-2009 06:58:04 IST
Parent Server Generation: 0
Server uptime: 16 hours 39 minutes 3 seconds
Total accesses: 829187 - Total Traffic: 9.1 GB
CPU Usage: u69.19 s31.82 cu3.5 cs0 - .174% CPU load
13.8 requests/sec - 158.8 kB/second - 11.5 kB/request
8 requests currently being processed, 26 idle workers
W_____CW_C____..______W.__C_.__._.__W__.........................
..................C.............................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
Scoreboard Key:
"_" Waiting for Connection, "S" Starting up, "R" Reading Request,
"W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup,
"C" Closing connection, "L" Logging, "G" Gracefully finishing,
"I" Idle cleanup of worker, "." Open slot with no current process

Srv   PID   Acc   M   CPU   SS   Req   Conn   Child   Slot   Client   VHost   Request



3) http://domain.domain-code/test.cgi

the output is

#!/usr/bin/perl -w
use CGI;

print "Content-type: text/html\n\n";
print "Perl seems to be installed and working!<br />";
print "<b>Settings</b><br />";

4) http://domain-domain-code/phpinfo.php



i am sorry for the post to be too big. But please can i use any of this information to get into the site.
View user's profile Send private message
PostPosted: Mon Dec 07, 2009 6:43 am Reply with quote
jilliansgarner
Beginner
Beginner
 
Joined: Dec 07, 2009
Posts: 3




Sounds like you need to go into the control panal and create a admin acct. Quite simple to do. Just follow the instructions abve and it will prompt you through the process. Also make sure you set up a password.

#1 Machine = PowerSpec E360, Intel Quad 2 Core Q6600 Processor, 4g Corsair 667Mhz DDR2 Ram, nVidia 8500GT Vidio Card, Samsung SH-S183L, SH-S203N, BenQ 1620, 1640 & 1650 DVD Burners
, 1 TB Hardrive = 2 WD 500g HD's set up in Raid 0, Epson CX9400 printer, Running XP Pro. #2 Machine Hp Pavilion a367c,P4 2.8, Internal 320G WD HDD,2 160G Seagate & 1 120G Seagate Ext. HDD. 1G PC3200 Ram
, Win XP Home SP2,(2)- NEC 3500a with LD_V2_Beta_8 & LD_V1_4_Final FW,BenQ 1620 vB7V9 F/W for now, BenQ 1650 vBCHC, Liteon SOHW-1633-S DVD RW BS41 FW, Ext. Stock HP DVD-Rom, Samsung 24'' LCD Monitor, Epson R300 Photo Printer, Epson Stylus C84, Epson CX5800F.

_____________________
Ms. Meta Scrub
View user's profile Send private message
What next ... please help with this
  www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.199 Seconds