[share]find vulnerable with xsser on bt 5 r2

**fake666** · 03-23-2012, 12:36 AM

halo teman2 IBTeam semua apa kabar nih hari ini ??
mudah-mudahan dalam keadaan sehat jasmani dan rohani Big Grin

kali ini saya akan mencoba berbagi kepada teman2 semua tentang tools Xsser di backtrack ok langsung saja

open Xsser

Code:
cd /pentest/web/xsser

lalu mulai scanning vulner nya

Code:
root@bt:/pentest/web/xsser# xsser -d article.php?ID=

oh iya kita download dulu dorknya
disini yo dork.txt Big Grin

tunggu deh hasilnya Big Grin

kurang lebih hasilnya kaya gini Big Grin

Code:
root@bt:/pentest/web/xsser# xsser -d article.php?ID=

===========================================================================

XSSer v1.6 (beta): "Grey Swarm!" - 2011/2012 - (GPLv3.0) -> by psy

===========================================================================

Testing [XSS from Dork] injections...good luck ;)

===========================================================================

HEAD alive check for the target: (http://www.adventistworld.org/article/920/resources/english/issue-2011-1001/revival-and-reformation-resources) is OK(200) [AIMED]

HEAD alive check for the target: (http://michaelpollan.com/articles-archive/unhappy-meals/) is OK(200) [AIMED]

===========================================================================

Target: http://www.adventistworld.org/article/920/resources/english/issue-2011-1001/revival-and-reformation-resources --> 2012-03-22 23:32:33.901203

===========================================================================

ket :
-d = dork
silahkan di explore lagi Big Grin

Code:
xsser --help

lebih mudah kalo mau cari target yang mau di inject pake sqlmap ato tool sql injection lainnya kan??
sekian dari saya
kalo repost mohon maaf banget ya Big Grin

aduh om admin / moderator kalo ane salah room jangan di kasi - ya Sad

soalnya bingung mau di taro dimana thread nya apakah di bt tools ato di bt tutorial
maaf ya om Sad

**Junior Riau** · 03-23-2012, 12:48 AM

waa disini ente om -___-" main tinggal lari ane > Smile

wkkw
betul ini di sini rasa ane yah Tongue

sip dah tutornya,,

**fake666** · 03-23-2012, 12:51 AM

kyakakaka
tinggal lari kaya lagi maen kejar-kejaran aje hehehe Smile

**Oyek** · 03-23-2012, 01:40 AM

nice share kaka Big Grin

**Junior Riau** · 03-23-2012, 02:05 AM

wkwkwk,,
@fake666 mau tanya itu [AIMED] apaan??

@ oyek dicoba atuh kakak

**Oyek** · 03-23-2012, 02:34 AM

(03-23-2012, 02:05 AM)junior.riau18 Wrote: wkwkwk,,
@fake666 mau tanya itu [AIMED] apaan??

@ oyek dicoba atuh kakak

ntar kaka

koneksi lemott -_____-

**ekawithoutyou** · 03-23-2012, 07:29 AM

nice share Tongue

**fake666** · 03-23-2012, 09:25 PM

@junior.riau18 : ga tau juga om hahaha ,:hamster

**Junior Riau** · 03-23-2012, 09:42 PM

beugh ahahaaha okelah

**fake666** · 03-23-2012, 09:47 PM

ke thread sql injection yok om,,bahas2 sqli kita Big Grin