BASIC SQL INJECTION

In this article I'll explain about the principle how to attack the website via SQL injection and I use mutillidae to try this attack.

 

First try to enter a single quote to confound the sql query logical

Now we found the sql query from the error

Then we can confound the sql query logical to bypass the log in form cause the value of name and password are true

 

Now we loged in as admin

pentest windows xp

Information gathering

I'm using nmap to looking for open port

 then I using exploitdb

but in this step im failed 

Active information gathering using Maltego

I'm using maltego to get some information from 2 domain there are is2c-dojo.com and spentera.com

  

at this domain we get 2 NS but at the other domain we dont get anything

Passive information gathering

I'm using two online services at http://www.intodns.com/ and http://hexillion.com/

what we get ?

for example :

from is2c-dojo.com

Nameserver records returned by the parent servers are:

ns1.partnerit.us.   [] (NO GLUE)   [TTL=172800]
ns2.partnerit.us.   [] (NO GLUE)   [TTL=172800]

Domain Name: IS2C-DOJO.COM
   Registrar: CV. JOGJACAMP
   Whois Server: whois.resellercamp.com
   Referral URL: http://www.resellercamp.com
   Name Server: NS1.PARTNERIT.US
   Name Server: NS2.PARTNERIT.US
   Status: clientTransferProhibited
   Updated Date: 14-jan-2013
   Creation Date: 14-jan-2012
   Expiration Date: 14-jan-2014

from spentera.com

Nameserver records returned by the parent servers are:

dina.ns.cloudflare.com.   ['173.245.58.107']   [TTL=172800]
art.ns.cloudflare.com.   ['173.245.59.102']   [TTL=172800]

Domain Name: SPENTERA.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: ART.NS.CLOUDFLARE.COM
   Name Server: DINA.NS.CLOUDFLARE.COM
   Status: ok
   Updated Date: 24-jul-2013
   Creation Date: 15-feb-2011
   Expiration Date: 15-feb-2016

DNS records
DNS query for 108.117.101.141.in-addr.arpa returned an error from the server: NameError
name  class  type  data  time to live
  spentera.com  IN  A  141.101.117.108  300s  (00:05:00)
  spentera.com  IN  A  141.101.116.108  300s  (00:05:00)
  spentera.com  IN  MX
  preference:  10
  exchange:  aspmx2.googlemail.com
  300s  (00:05:00)
  spentera.com  IN  MX
  preference:  5
  exchange:  alt2.aspmx.l.google.com
  300s  (00:05:00)
  spentera.com  IN  MX
  preference:  1
  exchange:  aspmx.l.google.com
  300s  (00:05:00)
  spentera.com  IN  MX
  preference:  10
  exchange:  aspmx3.googlemail.com
  300s  (00:05:00)
  spentera.com  IN  MX
  preference:  5
  exchange:  alt1.aspmx.l.google.com
  300s  (00:05:00)
  spentera.com  IN  NS  art.ns.cloudflare.com  86400s  (1.00:00:00)
  spentera.com  IN  NS  dina.ns.cloudflare.com  86400s  (1.00:00:00)
  spentera.com  IN  SOA
  server:  art.ns.cloudflare.com
  email:  dns@cloudflare.com
  serial:  2013080702
  refresh:  10000
  retry:  2400
  expire:  604800
  minimum ttl:  3600

Using Zenmap

when firewall is activated

  

when firewall is disabled

we can know ports,OS,etc

Using nmap

scan a single ip address

  

scan a range of ip address

add -A to enable OS detection, version detection, script scanning, and traceroute

is a host protected by firewall?

not protected by firewall

protected by firewall

the example of cyber crime case in indonesia

A student in STMIK AMIKOM Jogjakarta has change the interface of website that the link is polri.go.id , that technique as known as defacing .
That guy just change the website picture with JIHAD statement.
And because of his activities he had jailed for a long time.

In indonesia he breaking the rules of information technology (UU ITE) and KUHP
there are:
pasal 167 ayat (1) KUHP, pasal 50 ,Pasal 22 huruf b UU RI Nomor 36 Tahun 1999 tentang Telekomunikasi.
pasal 46 ayat (1), ayat (2), dan ayat (3) ,Pasal 30 ayat (1), ayat (2), dan (3) UU RI Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik (ITE).