SIPS created by one of IS2C staff. This is a vulnerable Web Application and he asks me to find the bugs.
Lets begin..
1. I will try to register into SIPS.
But, while I am registering, lets try to capture the data and use it to test SQL injection using SQLMAP.
- URL : http://localhost/sips/perpustakaan/proses/anggota_insert1.php
- DATA : username=damn&pwd=code&nama_anggota=damn&alamat=asdsaf&telpon=384525252&simpan=Simpan
Yes, its vulnerable..
Lets start digging..
Lets start digging..
I found column anggota and pegawai, but pegawai has higher level than anggota. Lets dump those data.
Next, checking the userDB if its a DBA.
Yes, its a DBA. lets try to upload web shell.
ahh.. its failed, maybe i got no perms to write on the dir.
SKIP!! Lets try another page.
I found this URL :
http://localhost/sips/perpustakaan/read/?book=owasp.html&view=ReadIts interesting.. maybe it got LFI vulns. Lets try..
Yep, Its Vulnerable..
=============== EOF ===============
Tidak ada komentar:
Posting Komentar