Sebelum anda memulakan tutorial ini, sila dapatkan MyCERT-Training Virtual Machine terlebih dahulu. Anda boleh gunakan VMWare Server / VMWare Workstation untuk load VM ini.
File: MyCERT-Training.7z.001
Download Link: http://www.usaupload.net/d/dp06moc8r9e
File: MyCERT-Training.7z.002
Download Link: http://www.usaupload.net/d/k6dmpzymbcd
File: MyCERT-Training.7z.003
Download Link: http://www.usaupload.net/d/fy06bqfe5h1
File: MyCERT-Training.7z.004
Download Link: http://www.usaupload.net/d/tysno7knh40
md5 hash:
14e48737997597a3752ab1004771cb97 MyCERT-Training.7z.001
7b69585f8a098a78714d26c06a1c88de MyCERT-Training.7z.002
7a2e3472963eb36c6ded0b84cd5cdbb1 MyCERT-Training.7z.003
b393ee2c9415c35816966d2a661714a3 MyCERT-Training.7z.004
pass log masuk VM
username: training
password: analystanalyst
pass archive:
Analysis1 : Analysis1
Analysis2 : Analysis202
Bonus: Bonus303
==================================================================
1. Log masuk ke MyCERT Training VM.
pass log masuk VM
username: training
password: analystanalyst
2. Buka Firefox dan layari, http://localhost/training/sql/demo/index.php
3. Klik login, dan masukkan kata sql ' or 1=1 -- seperti dalam gambar.
4. Hasilnya. Hmmmm......
5. Cuba yang ini pula. 'or'1'='1
6. Hasilnya
Tiada ulasan:
Catat Ulasan