hal pertama yang harus kita lakukan adalah siapkan sebungkus rokok, segelas kopi, musik yang akan kita putar agar gk boring heheheee.... bercanda kawan itu hanya lah sebuah saran saja biar kegiatan hacking kita lebih menyenangkan... persiapan pertama adalah menentukan target kita terlebih dahulu, untuk mencari target kita bisa menggunakan dork berikut :
about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=
checkout.php?UserID=
checkout_confirmed.php?order_id=
checkout1.php?cartid=
comersus_listCategoriesAndProducts.php?idCategory=
comersus_optEmailToFriendForm.php?idProduct=
comersus_optReviewReadExec.php?idProduct=
comersus_viewItem.php?idProduct=
comments_form.php?ID=
contact.php?cartId=
content.php?id=
customerService.php?****ID1=
default.php?catID=
description.php?bookid=
details.php?BookID=
details.php?Press_Release_ID=
details.php?Product_ID=
details.php?Service_ID=
display_item.php?id=
displayproducts.php
downloadTrial.php?intProdID=
emailproduct.php?itemid=
emailToFriend.php?idProduct=
events.php?ID=
faq.php?cartID=
faq_list.php?id=
faqs.php?id=
feedback.php?title=
freedownload.php?bookid=
fullDisplay.php?item=
getbook.php?bookid=
GetItems.php?itemid=
giftDetail.php?id=
help.php?CartId=
home.php?id=
index.php?cart=
index.php?cartID=
index.php?ID=
info.php?ID=
item.php?eid=
item.php?item_id=
item.php?itemid=
item.php?model=
item.php?prodtype=
item.php?shopcd=
item_details.php?catid=
item_list.php?maingroup
item_show.php?code_no=
itemDesc.php?CartId=
itemdetail.php?item=
itemdetails.php?catalogid=
learnmore.php?cartID=
links.php?catid=
list.php?bookid=
List.php?CatID=
listcategoriesandproducts.php?idCategory=
modline.php?id=
myaccount.php?catid=
news.php?id=
order.php?BookID=
order.php?id=
order.php?item_ID=
OrderForm.php?Cart=
page.php?PartID=
payment.php?CartID=
pdetail.php?item_id=
powersearch.php?CartId=
price.php
privacy.php?cartID=
prodbycat.php?intCatalogID=
prodetails.php?prodid=
prodlist.php?catid=
product.php?bookID=
product.php?intProdID=
product_info.php?item_id=
productDetails.php?idProduct=
productDisplay.php
productinfo.php?item=
productlist.php?ViewType=Category&CategoryID=
productpage.php
products.php?ID=
products.php?keyword=
products_category.php?CategoryID=
products_detail.php?CategoryID=
productsByCategory.php?intCatalogID=
prodView.php?idProduct=
promo.php?id=
promotion.php?catid=
pview.php?Item=
resellers.php?idCategory=
results.php?cat=
savecart.php?CartId=
search.php?CartID=
searchcat.php?search_id=
Select_Item.php?id=
Services.php?ID=
shippinginfo.php?CartId=
shop.php?a=
shop.php?action=
shop.php?bookid=
shop.php?cartID=
shop_details.php?prodid=
shopaddtocart.php
shopaddtocart.php?catalogid=
shopbasket.php?bookid=
shopbycategory.php?catid=
shopcart.php?title=
shopcreatorder.php
shopcurrency.php?cid=
shopdc.php?bookid=
shopdisplaycategories.php
shopdisplayproduct.php?catalogid=
shopdisplayproducts.php
shopexd.php
shopexd.php?catalogid=
shopping_basket.php?cartID=
shopprojectlogin.php
shopquery.php?catalogid=
shopremoveitem.php?cartid=
shopreviewadd.php?id=
shopreviewlist.php?id=
ShopSearch.php?CategoryID=
shoptellafriend.php?id=
shopthanks.php
shopwelcome.php?title=
show_item.php?id=
show_item_details.php?item_id=
showbook.php?bookid=
showStore.php?catID=
shprodde.php?SKU=
specials.php?id=
store.php?id=
store_bycat.php?id=
store_listing.php?id=
Store_ViewProducts.php?Cat=
store-details.php?id=
storefront.php?id=
storefronts.php?title=
storeitem.php?item=
StoreRedirect.php?ID=
subcategories.php?id=
tek9.php?
template.php?Action=Item&pid=
topic.php?ID=
tuangou.php?bookid=
type.php?iType=
updatebasket.php?bookid=
updates.php?ID=
view.php?cid=
view_cart.php?title=
view_detail.php?ID=
viewcart.php?CartId=
viewCart.php?userID=
viewCat_h.php?idCategory=
viewevent.php?EventID=
viewitem.php?recor=
viewPrd.php?idcategory=
ViewProduct.php?misc=
voteList.php?item_ID=
whatsnew.php?idCategory=
WsAncillary.php?ID=
WsPages.php?ID=noticiasDetalle.php?xid=
sitio/item.php?idcd=
index.php?site=
de/content.php?page_id=
gallerysort.php?iid=
products.php?type=
event.php?id=
showfeature.php?id=
home.php?ID=
tas/event.php?id=
profile.php?id=
details.php?id=
past-event.php?id=
index.php?action=
site/products.php?prodid=
page.php?pId=
resources/vulnerabilities_list.php?id=
site.php?id=
products/index.php?rangeid=
global_projects.php?cid=
publications/view.php?id=
display_page.php?id=
pages.php?ID=
lmsrecords_cd.php?cdid=
product.php?prd=
cat/?catid=
products/product-list.php?id=
debate-detail.php?id=
cbmer/congres/page.php?LAN=
content.php?id=
news.php?ID=
photogallery.php?id=
index.php?id=
product/product.php?product_no=
nyheder.htm?show=
book.php?ID=
print.php?id=
detail.php?id=
book.php?id=
content.php?PID=
more_detail.php?id=
content.php?id=
view_items.php?id=
view_author.php?id=
main.php?id=
english/fonction/print.php?id=
magazines/adult_magazine_single_page.php?magid=
product_details.php?prodid=
magazines/adult_magazine_full_year.php?magid=
products/card.php?prodID=
catalog/product.php?cat_id=
e_board/modifyform.html?code=
community/calendar-event-fr.php?id=
products.php?p=
news.php?id=
view/7/9628/1.html?reply=
product_details.php?prodid=
catalog/product.php?pid=
rating.php?id=
?page=
catalog/main.php?cat_id=
index.php?page=
detail.php?prodid=
products/product.php?pid=
news.php?id=
book_detail.php?BookID=
catalog/main.php?cat_id=
catalog/main.php?cat_id=
default.php?cPath=
catalog/main.php?cat_id=
catalog/main.php?cat_id=
category.php?catid=
categories.php?cat=
categories.php?cat=
detail.php?prodID=
detail.php?id=
category.php?id=
hm/inside.php?id=
index.php?area_id=
gallery.php?id=
products.php?cat=
products.php?cat=
media/pr.php?id=
books/book.php?proj_nr=
products/card.php?prodID=
general.php?id=
news.php?t=
usb/devices/showdev.php?id=
content/detail.php?id=
templet.php?acticle_id=
news/news/title_show.php?id=
product.php?id=
index.php?url=
cryolab/content.php?cid=
ls.php?id=
s.php?w=
abroad/page.php?cid=
bayer/dtnews.php?id=
news/temp.php?id=
index.php?url=
book/bookcover.php?bookid=
index.php/en/component/pvm/?view=
product/list.php?pid=
cats.php?cat=
software_categories.php?cat_id=
print.php?sid=
docDetail.aspx?chnum=
index.php?section=
index.php?page=
index.php?page=
en/publications.php?id=
events/detail.php?ID=
forum/profile.php?id=
media/pr.php?id=
content.php?ID=
cloudbank/detail.php?ID=
pages.php?id=
news.php?id=
beitrag_D.php?id=
content/index.php?id=
index.php?i=
?action=
index.php?page=
beitrag_F.php?id=
index.php?pageid=
page.php?modul=
detail.php?id=
index.php?w=
index.php?modus=
news.php?id=
news.php?id=
aktuelles/meldungen-detail.php?id=
item.php?id=
obio/detail.php?id=
page/de/produkte/produkte.php?prodID=
packages_display.php?ref=
shop/index.php?cPath=
modules.php?bookid=
product-range.php?rangeID=
en/news/fullnews.php?newsid=
deal_coupon.php?cat_id=
show.php?id=
blog/index.php?idBlog=
redaktion/whiteteeth/detail.php?nr=
HistoryStore/pages/item.php?itemID=
aktuelles/veranstaltungen/detail.php?id=
tecdaten/showdetail.php?prodid=
?id=
rating/stat.php?id=
content.php?id=
viewapp.php?id=
item.php?id=
news/newsitem.php?newsID=
FernandFaerie/index.php?c=
show.php?id=
?cat=
categories.php?cat=
category.php?c=
product_info.php?id=
prod.php?cat=
store/product.php?productid=
browsepr.php?pr=
product-list.php?cid=
products.php?cat_id=
product.php?ItemID=
category.php?c=
main.php?id=
article.php?id=
showproduct.php?productId=
view_item.php?item=
skunkworks/content.php?id=
index.php?id=
item_show.php?id=
publications.php?Id=
index.php?t=
view_items.php?id=
portafolio/portafolio.php?id=
YZboard/view.php?id=
index_en.php?ref=
index_en.php?ref=
category.php?id_category=
main.php?id=
main.php?id=
calendar/event.php?id=
default.php?cPath=
pages/print.php?id=
index.php?pg_t=
_news/news.php?id=
forum/showProfile.php?id=
fr/commande-liste-categorie.php?panier=
downloads/shambler.php?id=
sinformer/n/imprimer.php?id=
More_Details.php?id=
directory/contenu.php?id_cat=
properties.php?id_cat=
forum/showProfile.php?id=
downloads/category.php?c=
index.php?cat=
product_info.php?products_id=
product_info.php?products_id=
product-list.php?category_id=
detail.php?siteid=
projects/event.php?id=
view_items.php?id=
more_details.php?id=
melbourne_details.php?id=
more_details.php?id=
detail.php?id=
more_details.php?id=
home.php?cat=
idlechat/message.php?id=
detail.php?id=
print.php?sid=
more_details.php?id=
default.php?cPath=
events/event.php?id=
brand.php?id=
toynbeestudios/content.php?id=
show-book.php?id=
more_details.php?id=
store/default.php?cPath=
property.php?id=
product_details.php?id=
more_details.php?id=
view-event.php?id=
content.php?id=
book.php?id=
page/venue.php?id=
print.php?sid=
colourpointeducational/more_details.php?id=
print.php?sid=
browse/book.php?journalID=
section.php?section=
bookDetails.php?id=
profiles/profile.php?profileid=
event.php?id=
gallery.php?id=
category.php?CID=
corporate/newsreleases_more.php?id=
print.php?id=
view_items.php?id=
more_details.php?id=
county-facts/diary/vcsgen.php?id=
idlechat/message.php?id=
podcast/item.php?pid=
products.php?act=
details.php?prodId=
socsci/events/full_details.php?id=
ourblog.php?categoryid=
mall/more.php?ProdID=
archive/get.php?message_id=
review/review_form.php?item_id=
english/publicproducts.php?groupid=
news_and_notices.php?news_id=
rounds-detail.php?id=
gig.php?id=
board/view.php?no=
index.php?modus=
news_item.php?id=
rss.php?cat=
products/product.php?id=
details.php?ProdID=
els_/product/product.php?id=
store/description.php?iddesc=
socsci/news_items/full_story.php?id=
modules/forum/index.php?topic_id=
feature.php?id=
products/Blitzball.htm?id=
profile_print.php?id=
questions.php?questionid=
html/scoutnew.php?prodid=
main/index.php?action=
********.php?cid=
********.php?cid=
news.php?type=
index.php?page=
viewthread.php?tid=
summary.php?PID=
news/latest_news.php?cat_id=
index.php?cPath=
category.php?CID=
index.php?pid=
more_details.php?id=
specials.php?osCsid=
search/display.php?BookID=
articles.php?id=
print.php?sid=
page.php?id=
more_details.php?id=
newsite/pdf_show.php?id=
shop/category.php?cat_id=
shopcafe-shop-product.php?bookId=
shop/books_detail.php?bookID=
index.php?cPath=
more_details.php?id=
news.php?id=
more_details.php?id=
shop/books_detail.php?bookID=
more_details.php?id=
blog.php?blog=
index.php?pid=
prodotti.php?id_cat=
category.php?CID=
more_details.php?id=
poem_list.php?bookID=
more_details.php?id=
content.php?categoryId=
authorDetails.php?bookID=
press_release.php?id=
item_list.php?cat_id=
colourpointeducational/more_details.php?id=
index.php?pid=
download.php?id=
shop/category.php?cat_id=
i-know/content.php?page=
store/index.php?cat_id=
product.php?pid=
showproduct.php?prodid=
product.php?productid=
productlist.php?id=
index.php?pageId=
productlist.php?tid=
product-list.php?id=
onlinesales/product.php?product_id=
garden_equipment/Fruit-Cage/product.php?pr=
product.php?shopprodid=
product_info.php?products_id=
productlist.php?tid=
showsub.php?id=
productlist.php?fid=
products.php?cat=
products.php?cat=
product-list.php?id=
product.php?sku=
store/product.php?productid=
products.php?cat=
productList.php?cat=
product_detail.php?product_id=
product.php?pid=
wiki/pmwiki.php?page****=
summary.php?PID=
productlist.php?grpid=
cart/product.php?productid=
db/CART/product_details.php?product_id=
ProductList.php?id=
products/product.php?id=
product.php?shopprodid=
product_info.php?products_id=
product_ranges_view.php?ID=
cei/cedb/projdetail.php?projID=
products.php?DepartmentID=
product.php?shopprodid=
product.php?shopprodid=
product_info.php?products_id=
index.php?news=
education/content.php?page=
Interior/productlist.php?id=
products.php?categoryID=
modules.php?****=
message/comment_threads.php?postID=
artist_art.php?id=
products.php?cat=
index.php?option=
ov_tv.php?item=
index.php?lang=
showproduct.php?cat=
index.php?lang=
product.php?bid=
product.php?bid=
cps/rde/xchg/tm/hs.xsl/liens_detail.html?lnkId=
item_show.php?lid=
?pagerequested=
downloads.php?id=
print.php?sid=
print.php?sid=
product.php?intProductID=
productList.php?id=
product.php?intProductID=
more_details.php?id=
more_details.php?id=
books.php?id=
index.php?offs=
mboard/replies.php?parent_id=
Computer Science.php?id=
news.php?id=
pdf_post.php?ID=
reviews.php?id=
art.php?id=
prod.php?cat=
event_info.php?p=
view_items.php?id=
home.php?cat=
item_book.php?CAT=
www/index.php?page=
schule/termine.php?view=
goods_detail.php?data=
storemanager/contents/item.php?page_code=
view_items.php?id=
customer/board.htm?mode=
help/com_view.html?code=
n_replyboard.php?typeboard=
eng_board/view.php?T****=
prev_results.php?prodID=
bbs/view.php?no=
gnu/?doc=
zb/view.php?uid=
global/product/product.php?gubun=
m_view.php?ps_db=
naboard/memo.php?bd=
bookmark/mybook/bookmark.php?bookPageNo=
board/board.html?table=
kboard/kboard.php?board=
order.asp?lotid=
english/board/view****.php?code=
goboard/front/board_view.php?code=
bbs/bbsView.php?id=
boardView.php?bbs=
eng/rgboard/view.php?&bbs_id=
product/product.php?cate=
content.php?p=
page.php?module=
?pid=
Kemudian jika kita sudah mendapatkan targetnya jangan lupa kita cek terlebih dahulu apakah target yang kita dapat itu vulnab tidaknya untuk kita injec caranya dengan menambahkan " (petik dua) di belakang angka atau ' (petik satu ) di depan angka atau juga dengan tanda - (minus) di depan atau di belakang angka (contoh : http://www.dittberner.com/reports/about.php?id=5") jika target yang kita miliki itu terdapat error setelah kita lakukan hal tersebut itu tandanya target yang kita miliki bisa kita injec lihat gambar di bawah ini.
setelah selesai maka kita pilih DB dan kemudian klik Get Table seperti pada gambar di bawah ini tunggu samapi proses selesai.
seteah proses selesai kita harus mencari kira kira dimana username dan password pada DB tersebut di simpan setelah ketemu kita ceklist filename tersebut dan klik get column dan tunggu kembali hingga proses selesai.
setelah selesai nah kelihatan bukan file login dan usernamenya, kemudian kita ceklis kembali file tersebut untuk kita ambil dengan mengklik get data tunggu kembali hingga proses selesai...
Semoga artikel ini bisa menjadi bahan pembelajaran kita semua dan juga bisa bermanfaat, Penulis tidak bertanggung jawab atas resiko yang terjadi dari penyalahgunaan informasi ini, resiko di tanggung oleh pribadi masing masing yang mensalah gunakan informasi ini, sekali lagi artikel ini hanya sebagai pembelajaran saja.
0 Response to "Hacking Wabsite dengan havij"
Posting Komentar