[Tutorial] SQLi for dummies

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
User avatar
Xshadow
Posts: 482
Joined: Thu May 31, 2007 8:01 pm
Location: http://captureflags.com
Contact:

Re: [Tutorial] SQLi for dummies

Post by Xshadow » Mon Jan 18, 2010 10:25 pm

@noval
coba check MySqlConnection.php
disitu ada password... coba passwordnya gak usah di isi :)
[X]perimental [S]ynthetic [H]umanoid [A]ssembled for [D]estruction and [O]nline [W]arfare

noval9
Posts: 24
Joined: Sun Jan 17, 2010 6:05 pm

Re: [Tutorial] SQLi for dummies

Post by noval9 » Tue Jan 19, 2010 4:12 pm

hmm...
di mysqlconnection.php ga q ksh password
:cry:

User avatar
Xshadow
Posts: 482
Joined: Thu May 31, 2007 8:01 pm
Location: http://captureflags.com
Contact:

Re: [Tutorial] SQLi for dummies

Post by Xshadow » Sun Jan 31, 2010 7:57 am

noval9 wrote:hmm...
di mysqlconnection.php ga q ksh password
:cry:
hasilnya?
[X]perimental [S]ynthetic [H]umanoid [A]ssembled for [D]estruction and [O]nline [W]arfare

rk12
Posts: 10
Joined: Wed Oct 15, 2008 5:16 pm

Re: [Tutorial] SQLi for dummies

Post by rk12 » Sun Jan 31, 2010 11:05 am

wes tekan potomu sing dolanan leptop trus pie mas

User avatar
Xshadow
Posts: 482
Joined: Thu May 31, 2007 8:01 pm
Location: http://captureflags.com
Contact:

Re: [Tutorial] SQLi for dummies

Post by Xshadow » Tue Feb 02, 2010 5:45 pm

rk12 wrote:wes tekan potomu sing dolanan leptop trus pie mas
ya coba inject2.... :ngakak:
[X]perimental [S]ynthetic [H]umanoid [A]ssembled for [D]estruction and [O]nline [W]arfare

rk12
Posts: 10
Joined: Wed Oct 15, 2008 5:16 pm

Re: [Tutorial] SQLi for dummies

Post by rk12 » Wed Feb 17, 2010 1:32 am

mentok mas :tapa: :tapa:
inject e gwo script apa sing pake quote (') kae

virtualinsanity
Posts: 3
Joined: Mon Feb 22, 2010 3:12 am

Re: [Tutorial] SQLi for dummies

Post by virtualinsanity » Tue Feb 23, 2010 12:46 am

@xshadow :
premisi, ... nanya
file nya ada yg kudu diedit dlu ga ya?
waktu di klik GO, sama kaya yg diatas penampakannya :

Code: Select all

hostname,$con->username,$con->password); $strSql = "SELECT events_name,events_long_description FROM `ms_events` WHERE events_id=".$_GET["id"]." AND status=1;"; $rs2=$rs->CreateResultSet($strSql,$con->databasename); while($row = $rs2->getRow()) { ?> 
phpmyadmin ga di kasih password
exops wrote: tp dah ketahuan kok masalahnya :mrgreen:

Code: Select all

<?
diganti dengan

Code: Select all

<?php
nyuba diedit yg ini malah syntax error heheh
mohon dicerahin ... thx :)
When life kicks you, let it kick you forward ... :)

Post Reply

Return to “Web Hacking”