Home
Help Documents
Memberlist
Contact
Register
Login
NEW CONTENT
RANDOM THREAD
Unread Post
BackBox Indonesia
Attacking
Web Attack
«
1
«
Penetration Testing website mining.gov.mm dengan DVWA brute force / Bypass SQL Login
Penetration Testing website mining.gov.mm dengan DVWA brute force / Bypass SQL Login
by bajigur - 03-09-2016 at 07:13 AM
bajigur
Junior Member
Posts:
1
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#1
OP
Posted: 03-09-2016, 07:13 AM
Assalamualaikum
, Kali ini saya akan membagikan cara meretas website
Pertambangan Myanmar
. Lansung saja ke
TKP
:
Vulnerable type: MS SQL injection
Step ke satu , saya menemukan halaman admin website dengan menggunakan
Havij
.
Step ke dua , kita gunakan cara
DVWA brute force authentication Attack dengan Burp Suite
.
[video=dailymotion]https://www.youtube.com/watch?v=80B3l9TgrNY[/video]
atau saya menggunakan pencarian google untuk mencari Exploit kepada web tsb ..
lihat
url
paling bawah , saya menggunakan
url
tsb ..
saya mencoba memasukan =
username : administrator') or ('1'='1
password : administrator') or ('1'='1
wow , dan ternyata saya berhasil memasuki kedalam admin panel website tsb ..
saya mencoba menupload shell asp, ...
dan ternyata berhasil :D
Sekian dan terimakasih ...
Message
Reply
Find Posts
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Register
Login
Log into an existing account.
Login
View a Printable Version
1 Guest(s)
Linear Mode
Threaded Mode
![[Image: 1.png]](https://1.bp.blogspot.com/-f6z1ApVZ_gk/VW0TydZrUOI/AAAAAAAAACc/pZS9yx-JQTQ/s1600/1.png)
![[Image: 1.png]](https://4.bp.blogspot.com/-msBlYbjzY84/VW0Vimr6CJI/AAAAAAAAACo/UPfSW5dxpsg/s1600/1.png)
![[Image: 1.png]](https://2.bp.blogspot.com/--bGXx8Oklvs/VW0WIjbePlI/AAAAAAAAACw/NOFBAl4W4ig/s1600/1.png)
![[Image: 1.png]](https://3.bp.blogspot.com/-wwt4mHotDF4/VW0WjGLJ3bI/AAAAAAAAAC4/zRP_KE4tXbE/s1600/1.png)
![[Image: 1.png]](https://3.bp.blogspot.com/-1dT-mOo5-Uw/VW0YbqSYWBI/AAAAAAAAADE/HXy88HOcnwY/s1600/1.png)