JOIN BREACHFORUMS TELEGRAM
Finding SQL creds in a 404
by viceCoolMan - Friday January 3, 2025 at 08:14 AM
I Did It My Way

Posts: 240
Threads: 65
Joined: Aug 2024
Reputation: 467
#1
Jan 03, 2025, 08:14 AM
I'll start off by saying this has never happened consistently. After my DNS recon, I began gathering URLs to test, this was done with gospider and waybackurls. (does anyone remember when the spider option was available on the Burp Community edition?) Once the URLs were collected, I will start manually testing parameters for anomalies. On one page I remember seeing the 404 page come up but noticed the wheel spinning on the top of the browser.  This was an interesting find so I viewed the page source and noticed a bunch of what looked like config data. Next, I searched for "pass" and found SQL login creds along with SMTP creds. The code didn't handle the parameter properly and leaked a configuration file multiple times.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Reply
Pandemonic HyperPoster
God
Posts: 11,479
Threads: 226
Joined: Jun 2023
Reputation: 2,078

ActiveGOD
#2
Jan 03, 2025, 11:03 AM
Nice, you managed to get access when the site wasn't even online? :O
"Universal appeal is poison masquerading as medicine. Horror is not meant to be universal. It's meant to be personal, private, animal"
Reply
Ruler

Posts: 186
Threads: 7
Joined: Aug 2024
Reputation: 1,535
#3
Jan 20, 2025, 09:04 PM
I need a more in-depth explanation. SMTP and database credentials? In the 404 page source!?

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Reply
I Did It My Way

Posts: 240
Threads: 65
Joined: Aug 2024
Reputation: 467
#4
Jan 21, 2025, 04:48 AM
(Jan 20, 2025, 09:04 PM)Zix Wrote: I need a more in-depth explanation. SMTP and database credentials? In the 404 page source!?

Fair enough, this was pretty interesting and this explanation was shit.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Reply
Breached
Member
Posts: 49
Threads: 3
Joined: Oct 2024
Reputation: 0
#5
Jan 24, 2025, 12:50 PM
I've seen bad things. Like coredump files dumped into web pages after a BOF in a CGI, but this? Never. I wonder how it can even happen.
Reply
I Did It My Way

Posts: 240
Threads: 65
Joined: Aug 2024
Reputation: 467
#6
Jan 24, 2025, 03:08 PM
(Jan 24, 2025, 12:50 PM)hationes4553 Wrote: I've seen bad things. Like coredump files dumped into web pages after a BOF in a CGI, but this? Never. I wonder how it can even happen.

Yeah crazy, I got lucky because they fixed it shortly after but I'd already dumped the DB.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  1.5k Credits Sythe 7 974 Feb 10, 2026, 09:08 AM
Last Post: flen201
  i now understand linux ApplePie777 13 802 Feb 09, 2026, 07:32 PM
Last Post: Muhahahaha
  Finally got username effect adjective 12 2,335 Jan 24, 2026, 03:17 AM
Last Post: Cypriot
  I have completed 2086 episodes of anime. Unknown_Boy 3 109 Jan 22, 2026, 05:18 PM
Last Post: HorseHead
  I got an article written about me Truth-chan 8 731 Jan 19, 2026, 02:16 PM
Last Post: En3ronthegreat

Forum Jump:


 Users browsing this forum: 1 Guest(s)