{"id":21680781,"url":"https://github.com/revanmalang/baf","last_synced_at":"2025-09-05T12:41:59.706Z","repository":{"id":184359156,"uuid":"571367274","full_name":"revanmalang/BAF","owner":"revanmalang","description":null,"archived":false,"fork":false,"pushed_at":"2022-11-28T00:48:11.000Z","size":37,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-25T11:09:12.691Z","etag":null,"topics":["admin","brute-force","bruteforce","bypass","sql"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/revanmalang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-11-28T00:47:32.000Z","updated_at":"2022-12-16T12:56:44.000Z","dependencies_parsed_at":null,"dependency_job_id":"feb1083d-9dc9-44cb-8bc7-c00814a303ed","html_url":"https://github.com/revanmalang/BAF","commit_stats":null,"previous_names":["revanmalang/baf"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revanmalang%2FBAF","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revanmalang%2FBAF/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revanmalang%2FBAF/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/revanmalang%2FBAF/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/revanmalang","download_url":"https://codeload.github.com/revanmalang/BAF/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244594567,"owners_count":20478313,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["admin","brute-force","bruteforce","bypass","sql"],"created_at":"2024-11-25T15:20:50.362Z","updated_at":"2025-03-20T10:29:55.985Z","avatar_url":"https://github.com/revanmalang.png","language":"PHP","readme":"# Bypass Admin Brute Force\n\nAuthor: _Revan AR_ from ***IndoSec***\n\n_Proof of Concept_ tentang Bypass Admin Bruteforce, sebenarnya ini lebih mengarah ke kelemahan SQL dan ini hanya sebagai pengajaran saja.\n\n### Kebutuhan\n\n- Pehaman tentang HTML atau JS\n- Pemahaman tentang HTTP POST Request\n- Pemahaman tentang SQL\n\n### Cara Kerja\n\nBanyak sekali kelemahan pada program berbasis SQL ini yang terkadang abai dengan keamanan mereka.\n\n#### Contoh Query Sederhana\n\n```sql\nSELECT * FROM `table_name` WHERE `username` = \"usr\" AND `password` = \"key\"\n```\n\nDari query tersebut biasanya kita dapat menyelipkan query yang berbahaya, misalnya di bagian `usr` yang seharusnya berbentuk string ini ditambahi seperti `usr\" OR \"\" = \"\" --` dimana hanya perlu memasukan `usr` kemudian menambahkan kondisi dimana kedua string sama dan di kasus ini menggunakan string kosong lalu langsung mengakhiri query dengan menambahkan `--` untuk menjadikan query berikutnya menjadi comment.\n\n### Panduan\n\nCari tahu bagaimana alur program mengirimkan Kredensialnya, Misal Gateway Program berada di `example.com/admin/login` berisikan laman seperti dibawah ini\n\n```html\n\u003c!-- Admin Login --\u003e\n\n\u003cform action=\"/admin/login/validate\" method=\"POST\"\u003e\n\t\u003cinput type=\"text\" name=\"username\" placeholder=\"User\"\u003e\n\t\u003cinput type=\"password\" name=\"password\" placeholder=\"Password\"\u003e\n\t\u003cinput type=\"submit\" name=\"submit\" value=\"Sign in\"\u003e\n\u003c/form\u003e\n```\n\nyang bisa kita amati secara langsung, misalnya saja hasil pengamatan kita mendapati kalau program mengirimkan kredensial langsung ke `example.com/admin/login/validate`\n\nsekarang kita coba menjalankan alat ini\n\n```bash\nphp baf.php\n```\n\n![Demonstrasi Penggunaan PoC baf.php](baf.gif)\n\nDemonstrasi di atas bisa saja berbeda tergantung komputer dan sistem yang anda gunakan\n\n#### Contoh Kasus Pengamatan\nMungkin anda menemukan sebuah form dengan atribut `action` yang kosong seperti ini\n```html\n\u003cform action=\"\" method=\"POST\"\u003e\n\t...\n\u003c/form\u003e\n```\nAnda hanya perlu menggunakan URL yang sama dengan laman tersebut, namun hal ini bisa tergantung juga dengan program yang anda analisa.\n\nTerima kasih pada _Yogi Rahmat_ dari ***Error Violence*** atas ide yang diberikan untuk membahas konsep ini\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frevanmalang%2Fbaf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frevanmalang%2Fbaf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frevanmalang%2Fbaf/lists"}