SQLi Sqlmap.py - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Penetration Testing Os (https://www.indonesianbacktrack.or.id/forum/forum-170.html) +--- Forum: Backtrack (https://www.indonesianbacktrack.or.id/forum/forum-171.html) +---- Forum: BackTrack 5 (https://www.indonesianbacktrack.or.id/forum/forum-74.html) +----- Forum: BackTrack 5 tutorial (https://www.indonesianbacktrack.or.id/forum/forum-82.html) +----- Thread: SQLi Sqlmap.py (/thread-713.html) |
RE: SQLi Sqlmap.py - juicided - 03-24-2012 (03-24-2012, 01:56 AM)junior.riau18 Wrote: site nya aja g punya halaman login om owh, pantes wkwk tanya lagi om http://forum.indonesianbacktrack.or.id/images/smilies/penguin-001.gif kalo password "06W02769H1447044V" itu ter enkripsi ya? kalo iya termasuk enkripsi apa? RE: SQLi Sqlmap.py - Junior Riau - 03-24-2012 base64 sepertinya lengkap nya ke sini aja om tetangga http://www.binushacker.net/tipe-tipe-hash-enkripsi.html RE: SQLi Sqlmap.py - juicided - 03-24-2012 oke om. ane baca dulu trimakasih banyak RE: SQLi Sqlmap.py - juicided - 03-25-2012 tanya lagi ah, hehe om, ane kan udah dapet username sama password si admin. trus cara nyari admin page gimana ya?. RE: SQLi Sqlmap.py - Junior Riau - 03-25-2012 iya gpp selagi saya bisa jawab saya akan jawab pass admin nya masih hash apa udah di crack? pakek dirbuster kalo g salah namanya di bt5 ada tapi ini lama karena sistemnya brute direktori, kalo aplikasi lain ada juga,, kalo mau di cariin pm aja site ny RE: SQLi Sqlmap.py - juicided - 03-25-2012 +---------+--------------------------------------------+--------+----------+ | auth | password | status | username | +---------+--------------------------------------------+--------+----------+ | admin | ac43724f16e9241d990427ab7c8f4228 (rahasia) | 1 | bas | | admin | cce1f6630ef6d1acf6494ee8f33b7dae | 1 | hkbp | | redaksi | 0fb04bd6d40bfce7e5ddabc63f7da4aa | 1 | redaksi | | sekjen | 7122b2e28743b35887551c5b0353178d | 1 | sekjen | | admin | 9ab8f8605846e9823fe54a0bd6e45033 | 1 | togu80 | +---------+--------------------------------------------+--------+----------+ tapi itu yang bisa dicrack kok cuma satu ya? =================================================== saya udah coba scan pake havij hasilnya: Page Response http://www.target.or.id/admin/ 200 OK http://www.target.or.id/controlpanel/ 301 Moved Permanently http://www.target.or.id/panel/ 200 OK http://www.target.or.id/cpanel/ 301 Moved Permanently http://www.target.or.id/kpanel/ 301 Moved Permanently kemudian setelah saya coba buka satu2 http://www.target.or.id/admin/ (under construction) http://www.target.or.id/controlpanel/ (login cpanel) Login Attempt Failed! http://www.target.or.id/panel/ (gak ada form login) http://www.target.or.id/cpanel/ (login cpanel) Login Attempt Failed! http://www.target.or.id/kpanel/ (login cpanel) Login Attempt Failed! iya om, ane nyoba pake dirbuster "Time To Finish: 26 days" wkwkwk RE: SQLi Sqlmap.py - Junior Riau - 03-25-2012 wkwkwk masa??coba saya scan boleh? RE: SQLi Sqlmap.py - ekawithoutyou - 03-25-2012 wah RE: SQLi Sqlmap.py - fake666 - 04-04-2012 aduuh om junior.riau18 .. cara dapetin shell nya gimana ya?.. penasaran banget ane... RE: SQLi Sqlmap.py - Junior Riau - 04-04-2012 wkwkw sabar,,ane juga lum dapet wwwkwk |