API tools faq
paste
Advertisement
biarjadihacker

aaa

biarjadihacker
Jul 1st, 2018
81
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.01 KB | None | 0 0
raw download clone embed print report
  1. jangan ngetik ya liatin gue oce
  2.  
  3.  
  4.  
  5. 1, dalam kasus ini http://www.birchwoodproperties.ca/blog.php?id=-16 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11 -- -
  6. kita udah nemu inject point nya (2)
  7. C:\xampp\htdocs\birchwoodProperties\public_html\i\
  8. ini adalah directorynya, nah akan kita coba into outfile
  9.  
  10.  
  11.  
  12. 'pnjp3_webpn'@'localhost' -> NO gak bisa into ourfile
  13. nah bang pertama tma harus user() terus @@datadir? lalu di gituin?
  14. enggak user()>>> buat cek usernya seandaunya root@localhost
  15. bisa saja di web dan di phpmyadmin sma user dan pw nya (root)
  16. maka bisa di into outfile kal @@datadir buat ngeliat data directorynya
  17. seandainya /var/lib/mysql >> berarti linux
  18. kalo c:/xampp/htdocs windows ini
  19. kalo /opt/lampp/ windows
  20. kalo D:/
  21. e: atau apapun datadirnya di awalin dengan satu huruf berarti
  22. winows oke
  23. oalah thank bang jd ngerti dah sekarangmah :)
  24. dan w mau copy dulu ini di pastebin buat jaga2 :V
  25. oke
  26. oke thank y :* oh iya cara lihat diretorynya gmn? kaalo bukan xamp?
  27. bisa pake load_file('/etc/passwd') wait
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!