HackAPT-打造中国最专业的黑客入侵技术 - 承接一切黑客渗透测试业务

对Orlando University的渗透测试

HackAPT - 打造中国最专业的黑客入侵技术长期承接国内外网站入侵,网络渗透,外挂开发,成绩修改等相关黑客业务. 本团队拥有多位资深老牌黑客,技术实力雄厚有着长期的职业黑客经验并且长期持有CEH,CCIE黑客认证,且长期活跃于Hackone排行榜并帮助过Facebook, Microsoft, Uber, Yahoo日本发现过重大漏洞. 我们的承诺和信心来自于多年入侵经验的成功案例,我们用实力来得到您的认可客服QQ:10172680 邮箱[email protected]

本站所有内容均属于本站原创,部分内容经原创作者授权后转载.

这次直入喉咙:http://www.orlandouniversity.com/

声明:以下文章仅限技术研究和学习参考,因为本站内容导致一切法律责任均于本站无关!

强烈鄙视抄袭文章的那群拷贝党…..

检测到的两个table[2]:

漏洞非常明显直接sql注入 拿下了学校%90上的账户及学生资料,关于后面的内网上渗透本文就不会详细涉及.
[*] information_schema
[*] orlandoedu

Database: orlandoedu
[195 tables]
+————————–+
| cdb_access               |
| cdb_activities           |
| cdb_activityapplies      |
| cdb_adminactions         |
| cdb_admincustom          |
| cdb_admingroups          |
| cdb_adminnotes           |
| cdb_adminsessions        |
| cdb_advcaches            |
| cdb_advertisements       |
| cdb_announcements        |
| cdb_attachments          |
| cdb_attachpaymentlog     |
| cdb_attachtypes          |
| cdb_banned               |
| cdb_bbcodes              |
| cdb_caches               |
| cdb_campaigns            |
| cdb_creditslog           |
| cdb_crons                |
| cdb_debateposts          |
| cdb_debates              |
| cdb_failedlogins         |
| cdb_faqs                 |
| cdb_favorites            |
| cdb_forumfields          |
| cdb_forumlinks           |
| cdb_forumrecommend       |
| cdb_forums               |
| cdb_imagetypes           |
| cdb_invites              |
| cdb_itempool             |
| cdb_magiclog             |
| cdb_magicmarket          |
| cdb_magics               |
| cdb_medallog             |
| cdb_medals               |
| cdb_memberfields         |
| cdb_membermagics         |
| cdb_members              |
| cdb_memberspaces         |
| cdb_moderators           |
| cdb_modworks             |
| cdb_myposts              |
| cdb_mytasks              |
| cdb_mythreads            |
| cdb_navs                 |
| cdb_onlinelist           |
| cdb_onlinetime           |
| cdb_orders               |
| cdb_paymentlog           |
| cdb_pluginhooks          |
| cdb_plugins              |
| cdb_pluginvars           |
| cdb_polloptions          |
| cdb_polls                |
| cdb_posts                |
| cdb_profilefields        |
| cdb_projects             |
| cdb_promotions           |
| cdb_ranks                |
| cdb_ratelog              |
| cdb_regips               |
| cdb_relatedthreads       |
| cdb_reportlog            |
| cdb_request              |
| cdb_rewardlog            |
| cdb_rsscaches            |
| cdb_searchindex          |
| cdb_sessions             |
| cdb_settings             |
| cdb_smilies              |
| cdb_spacecaches          |
| cdb_stats                |
| cdb_statvars             |
| cdb_styles               |
| cdb_stylevars            |
| cdb_subscriptions        |
| cdb_tags                 |
| cdb_tasks                |
| cdb_taskvars             |
| cdb_templates            |
| cdb_threads              |
| cdb_threadsmod           |
| cdb_threadtags           |
| cdb_threadtypes          |
| cdb_tradecomments        |
| cdb_tradelog             |
| cdb_tradeoptionvars      |
| cdb_trades               |
| cdb_typemodels           |
| cdb_typeoptions          |
| cdb_typeoptionvars       |
| cdb_typevars             |
| cdb_usergroups           |
| cdb_validating           |
| cdb_videos               |
| cdb_videotags            |
| cdb_virtualforums        |
| cdb_warnings             |
| cdb_words                |
| mp_about                 |
| mp_about_include         |
| mp_about_setup           |
| mp_ad                    |
| mp_article               |
| mp_article_dir           |
| mp_article_dir_include   |
| mp_article_include       |
| mp_blog_comm             |
| mp_blog_logs             |
| mp_blog_logs_dir         |
| mp_blog_logs_dir_include |
| mp_blog_logs_include     |
| mp_blog_photo_dir        |
| mp_blog_setup            |
| mp_case                  |
| mp_case_dir              |
| mp_case_dir_include      |
| mp_case_include          |
| mp_comment               |
| mp_comment_list          |
| mp_contact               |
| mp_contact_include       |
| mp_down                  |
| mp_down_dir              |
| mp_down_dir_include      |
| mp_down_include          |
| mp_feedback              |
| mp_groups                |
| mp_guest                 |
| mp_link                  |
| mp_link_include          |
| mp_members               |
| mp_menu                  |
| mp_mpb                   |
| mp_mpb_dir               |
| mp_mpb_dir_include       |
| mp_mpb_include           |
| mp_news                  |
| mp_news_dir              |
| mp_news_dir_include      |
| mp_news_include          |
| mp_person                |
| mp_person3               |
| mp_person_include        |
| mp_photo                 |
| mp_photo_dir             |
| mp_photo_dir_include     |
| mp_photo_include         |
| mp_plugins               |
| mp_product               |
| mp_product_dir           |
| mp_product_dir_include   |
| mp_product_include       |
| mp_product_orders        |
| mp_resource              |
| mp_resource_dir          |
| mp_resource_dir_include  |
| mp_resource_include      |
| mp_service               |
| mp_service_include       |
| mp_service_online        |
| mp_setup                 |
| mp_smtpmail              |
| mp_stat                  |
| mp_stat_acc              |
| mp_stat_ipk              |
| mp_stat_ser              |
| mp_stat_serkey           |
| mp_stat_site             |
| mp_statd                 |
| mp_stath                 |
| mp_statip                |
| mp_statt                 |
| mp_vote                  |
| uc_admins                |
| uc_applications          |
| uc_badwords              |
| uc_domains               |
| uc_failedlogins          |
| uc_feeds                 |
| uc_friends               |
| uc_mailqueue             |
| uc_memberfields          |
| uc_members               |
| uc_mergemembers          |
| uc_newpm                 |
| uc_notelist              |
| uc_pms                   |
| uc_protectedmembers      |
| uc_settings              |
| uc_sqlcache              |
| uc_tags                  |
| uc_vars                  |
+————————–+

Database: orlandoedu
Table: uc_members
[12 columns]
+—————+———————–+
| Column        | Type                  |
+—————+———————–+
| email         | char(32)              |
| lastloginip   | int(10)               |
| lastlogintime | int(10) unsigned      |
| myid          | char(30)              |
| myidkey       | char(16)              |
| password      | char(32)              |
| regdate       | int(10) unsigned      |
| regip         | char(15)              |
| salt          | char(6)               |
| secques       | char(8)               |
| uid           | mediumint(8) unsigned |
| username      | char(15)              |
+—————+———————–+

Database: orlandoedu
Table: uc_members
[2 entries]
+—————–+———-+———————————-+
| email           | username | password                         |
+—————–+———-+———————————-+
| [email protected] | admin    | b4fce3aeabfadbeee3775d5548200385 |
| [email protected]  | users    | 905600c2d3f11141d12ce9344629a71e |
+—————–+———-+———————————-+

Database: orlandoedu
Table: cdb_access
[9 columns]
+—————–+———————–+
| Column          | Type                  |
+—————–+———————–+
| adminuser       | mediumint(8) unsigned |
| allowgetattach  | tinyint(1)            |
| allowpost       | tinyint(1)            |
| allowpostattach | tinyint(1)            |
| allowreply      | tinyint(1)            |
| allowview       | tinyint(1)            |
| dateline        | int(10) unsigned      |
| fid             | smallint(6) unsigned  |
| uid             | mediumint(8) unsigned |
+—————–+———————–+

Database: orlandoedu
Table: cdb_members
[23 columns]
+————–+———————–+
| Column       | Type                  |
+————–+———————–+
| adminid      | tinyint(1)            |
| credits      | int(10)               |
| digestposts  | smallint(6) unsigned  |
| extcredits1  | int(10)               |
| extcredits2  | int(10)               |
| extcredits3  | int(10)               |
| extgroupids  | char(20)              |
| gender       | tinyint(1)            |
| groupexpiry  | int(10) unsigned      |
| groupid      | smallint(6) unsigned  |
| lastactivity | int(10) unsigned      |
| lastip       | char(15)              |
| lastpost     | int(10) unsigned      |
| lastvisit    | int(10) unsigned      |
| oltime       | smallint(6) unsigned  |
| pageviews    | mediumint(8) unsigned |
| password     | char(32)              |
| posts        | mediumint(8) unsigned |
| regdate      | int(10) unsigned      |
| regip        | char(15)              |
| secques      | char(8)               |
| uid          | mediumint(8) unsigned |
| username     | char(15)              |
+————–+———————–+

Database: orlandoedu
Table: cdb_members
[2 entries]
+———-+———————————————+
| username | password                                    |
+———-+———————————————+
| admin    | 7fef6171469e80d32c0559f88b377245 (admin888) |
| users    | 8488f6f00cbbdafae346289fde96801e            |
+———-+———————————————+

Database: orlandoedu
Table: uc_admins
[14 columns]
+——————-+———————–+
| Column            | Type                  |
+——————-+———————–+
| allowadminapp     | tinyint(1)            |
| allowadminbadword | tinyint(1)            |
| allowadmincache   | tinyint(1)            |
| allowadmincredits | tinyint(1)            |
| allowadmindb      | tinyint(1)            |
| allowadmindomain  | tinyint(1)            |
| allowadminlog     | tinyint(1)            |
| allowadminnote    | tinyint(1)            |
| allowadminpm      | tinyint(1)            |
| allowadminsetting | tinyint(1)            |
| allowadmintag     | tinyint(1)            |
| allowadminuser    | tinyint(1)            |
| uid               | mediumint(8) unsigned |
| username          | char(15)              |
+——————-+———————–+

Database: orlandoedu
Table: mp_members
[38 columns]
+————–+———————–+
| Column       | Type                  |
+————–+———————–+
| address      | varchar(150)          |
| adminid      | tinyint(1)            |
| alipay       | varchar(80)           |
| available    | tinyint(2)            |
| avatar       | varchar(150)          |
| bday         | varchar(10)           |
| bmonth       | varchar(10)           |
| byear        | varchar(10)           |
| city         | varchar(50)           |
| content      | text                  |
| credits      | int(10)               |
| edulevel     | varchar(30)           |
| email        | char(50)              |
| gender       | tinyint(1)            |
| groupid      | smallint(6) unsigned  |
| homepage     | varchar(100)          |
| idcard       | varchar(80)           |
| idtype       | varchar(30)           |
| income       | varchar(30)           |
| industry     | varchar(30)           |
| invisible    | tinyint(1)            |
| lastactivity | int(10) unsigned      |
| lastpost     | int(10) unsigned      |
| mobile       | varchar(50)           |
| msn          | varchar(80)           |
| occupation   | varchar(30)           |
| oltime       | smallint(6) unsigned  |
| pageviews    | mediumint(8) unsigned |
| password     | char(32)              |
| postid       | varchar(20)           |
| posts        | mediumint(8) unsigned |
| qq           | varchar(15)           |
| regdate      | int(10) unsigned      |
| regip        | char(15)              |
| telephone    | varchar(50)           |
| truename     | varchar(100)          |
| uid          | mediumint(8) unsigned |
| username     | char(15)              |
+————–+———————–+
www.hackerfor.com
Database: orlandoedu
Table: mp_members
[9 entries]
+—————–+———————-+———-+———————————————-+
| regip           | email                | username | password                                     |
+—————–+———————-+———-+———————————————-+
| <blank>         | [email protected]      | admin    | a03b2b846be1ba7243c2d6a4dee462c3 (admin2009) |
| 127.0.0.1       | [email protected]       | users    | d351331735b1980b6dee831c10abbc0b             |
| 127.0.0.1       | [email protected]      | aaaaaa   | 0b4e7a0e5fe84ad35fb5f95b9ceeac79 (aaaaaa)    |
| 219.136.215.61  | [email protected]          | admin123 | 0192023a7bbd73250516f069df18b500 (admin123)  |
| 219.136.130.111 | [email protected]          | 000000   | 670b14728ad9902aecba32e22fa4f6bd (000000)    |
| 74.235.206.100  | [email protected]     | zhao     | 81dc9bdb52d04dc20036dbd8313ed055 (1234)      |
| 71.41.252.66    | [email protected]    | LIRN     | d6dde9c419627e42dc652074541343b7             |
| 74.235.222.113  | [email protected] | lfernald | 344c8024766ac77d11d5346b85cab6ad (lloyd)     |
| 121.33.147.107  | [email protected]   | easyhoo  | 344f4ea8738d7805b9dff23bcf5ed224 (easyhoo)   |、

管理员的账户密码这里都已经解好了,希望大家别干坏事.

详细渗透教程已经录为视频,如有技术交流请联系QQ.

本文系作者个人观点,转载请注明出处!
喜欢 1

相关文章

更多

本站已经正式停止QQ联系方式,如有任何正在合作的客户或有意合作的客户可以通过  [email protected] 跟我们联系!

邮件24小时在线,通常1-2小时会回复!

error: